last executing test programs: 8.197861244s ago: executing program 2 (id=4026): ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000009500"/17], &(0x7f00000000c0)='GPL\x00', 0xfffffff7, 0x0, 0x0, 0x40f00}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='tlb_flush\x00', r0}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1f, 0x0, 0x0, 0x1000, 0x0, 0x1}, 0x48) mmap(&(0x7f0000b02000/0x2000)=nil, 0x2000, 0x1000001, 0x28011, r1, 0x0) mprotect(&(0x7f0000b02000/0x2000)=nil, 0x2000, 0x0) io_uring_setup(0x257c, &(0x7f0000000000)) socket$inet_udplite(0x2, 0x2, 0x88) r2 = socket(0x10, 0x3, 0x0) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0}, &(0x7f0000000180)=0xc) r4 = epoll_create1(0x0) r5 = epoll_create1(0x0) r6 = fcntl$dupfd(r5, 0x0, r5) r7 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r5, &(0x7f0000000080)) epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r6, &(0x7f000086fff4)) r8 = getpid() r9 = getpid() kcmp$KCMP_EPOLL_TFD(r8, r9, 0x7, r4, &(0x7f00000000c0)={r7, r6, 0x7}) sendmsg$nl_generic(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="240000001e00050300000000000000000000000008000000", @ANYBLOB="3fea9f83d6ef67d072c8d28d65953ef408004900", @ANYRES32=r3, @ANYBLOB], 0x24}}, 0x0) timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) timer_create(0x0, &(0x7f0000000200)={0x0, 0x13, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000240)=0x0) timer_settime(r10, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) socket$nl_route(0x10, 0x3, 0x0) pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x3, &(0x7f0000000040)=[{0x1, 0x0, 0x1}, {0x3}, {0x16, 0x0, 0x0, 0x1}]}) 7.182005439s ago: executing program 2 (id=4029): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000005c000000030a01010000000000000000010000000900030073797a300000000028000480080002400000000208000140000000051400030076657468315f746f5f626174616476000900010073797a300000000008000a4000000002"], 0xa4}}, 0x0) (fail_nth: 1) 6.871074866s ago: executing program 2 (id=4030): r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000100)) r1 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0), 0x88602, 0x0) ioctl$SNDCTL_DSP_GETODELAY(r1, 0x80045017, 0x0) r2 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65) openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000005, 0x12, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) ioctl$SNDRV_PCM_IOCTL_WRITEI_FRAMES(r2, 0x400c4150, &(0x7f0000000000)={0x0, 0x0}) 6.830907685s ago: executing program 2 (id=4031): r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000100)) r1 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0), 0x88602, 0x0) ioctl$SNDCTL_DSP_GETODELAY(r1, 0x80045017, 0x0) r2 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65) r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x0, 0x0) dup(r3) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) ioctl$SNDRV_PCM_IOCTL_WRITEI_FRAMES(r2, 0x400c4150, &(0x7f0000000000)={0x0, 0x0}) 6.779551903s ago: executing program 2 (id=4033): bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x9, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x79, 0x10, 0x30, 0x10001}, [@ldst={0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}, &(0x7f0000003ff6)='GPL\x00', 0x80000005, 0xcc, &(0x7f0000000080)=""/204, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x3}, 0x10}, 0x90) keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='new user:syz 000000000000000'], 0x2a, 0xfffffffffffffffc) add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe) 6.610975234s ago: executing program 2 (id=4034): sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xfffffff7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) getsockopt$bt_hci(r1, 0x84, 0x7f, &(0x7f00000011c0)=""/4072, &(0x7f0000001180)=0xfe8) syz_emit_vhci(&(0x7f0000000400)=ANY=[@ANYBLOB="04080400c80002636cb0c0fbf9e3f01938632fe8183d6f1fe2dc38c4b29c9c5723778f94171494ed9d2ac32fc705dfa21d4befc2faad0fabc80e59b8ddc60fbda3da66a2494a09a434814815588cb12e201bd02d5cf24ddfa37d88a82bb37988e018ca752a52a36ff79d89b5c86e582998b9ebcec81e4118cef19dc2feebf407f79935d92f968c28ab991da12fb2762910744624d9299ac78efe9af54410b3777d121e6d05c86dbad4ce2f06b670e0b7b955be7d16e459cb6d2f5cd9023663c1c96627891b240f34ff749ac7355b68111f94c013fd40de946dbedc4d3b55f17e168587ce2609713dd794a4991c35aa9030e0505b1c4ca594d94a8618dc40dc649c6d8d15b617917921f2f1e00a5b5ac8fa44466148d1c1f54bc27807272c1ec0222a7e8dbb"], 0x7) syz_open_dev$cec(&(0x7f0000000540), 0x0, 0x14100) r2 = socket(0x15, 0x5, 0x0) getsockopt(r2, 0x200000000114, 0x2711, 0x0, &(0x7f0000000000)) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000000}, 0x805) ioctl$KVM_XEN_HVM_CONFIG(r4, 0x4038ae7a, &(0x7f0000000000)={0x0, 0x48b, 0x0, 0x0}) ioctl$CEC_ADAP_S_LOG_ADDRS(0xffffffffffffffff, 0xc05c6104, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f00000021c0)={0x1, 0x5, {0x200, @struct={0x1, 0x7fff}, 0x0, 0x6, 0xafc, 0x3, 0x7f, 0x8, 0xa0, @usage=0x100000001, 0x80, 0x7, [0x5, 0x7f, 0xac, 0x8, 0xfffffffffffff801, 0x4d]}, {0xffffffffffffffff, @struct={0x6835e151, 0x2}, 0x0, 0x5, 0xff, 0x4, 0x30f3, 0x80000000, 0x96, @usage=0x101, 0x4, 0xffffffff, [0x1, 0x1, 0x8000000000000001, 0x95, 0x5aa, 0x5]}, {0x0, @struct={0x3, 0x1}, 0x0, 0x3, 0x100000001, 0x7e26, 0x3, 0xa, 0x20, @usage=0x1, 0x1, 0x4, [0xcb04, 0x4, 0x9, 0x2, 0xfffffffffffffffb, 0x9]}, {0x0, 0xc2d, 0xe9}}) socket$inet_icmp(0x2, 0x2, 0x1) syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB="03c800397058abce57033f29eb6dc1f8b128a7537a3409329d374c37fd2f23cfa5a5495ffc36ac891ea6f898ba2a0784b3781c59e6bd91a231a605e31d19f0c095e3d2a0ed41256a3c49aaa6cdaf42c10b9d64818e812f78d7cd6efc1b53e67e02e409e85bad3d3dbd071811aef111d9450013e9ea9fa372dc0d8a04df88c76dc6bf99f6a0e8f1f8e3aa79dcc583276e1703cd87b3a319a5f5ac2b3d885656325ef37c565aaef3c2cd47476599cdeeddcc40c681e661c34773c00a6750652094e27c18f9983ffec86a6ae8cb45a017e14feab38bb011172da3f8b5a2977bf029753930023be4cc0936ee60d3b3c94f387728a4f2235a06ad9dc36a65d84a1ea3660717a03e7107124efd1d5057de26822c9237034a70c51e24e69b531672cb42a1ce304d3a315be3917073b4d366d15d791e08bb32a0a188c0c32467ae0ac80e7c1f296179f4d077ba30eeeca7f0086e827bdad31f5eed0a62489ab67a24bf175d3371219f"], 0x3d) setsockopt$inet6_tcp_TCP_CONGESTION(r6, 0x6, 0xd, &(0x7f0000000040)='nv\x00', 0x3) connect$inet6(r6, &(0x7f0000000180)={0xa, 0x4e20, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c) syz_emit_vhci(&(0x7f0000000300)=ANY=[@ANYBLOB="02c9000b000600050001080200070014fc0b77ed75e43bdb31e83b0fb886cd1462a34a7b3a0300c6483ea9e6e56a209c652d01dc6797d2703c636a1ff5b3198655131bf0938be50000000000000000"], 0xf) syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="02c8704d00490001000608040006000400025d0400028006000d070800060005000100050002040400000004000e060300090005100504"], 0x52) mknod$loop(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) inotify_init() 2.990145942s ago: executing program 3 (id=4058): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) r1 = syz_open_dev$I2C(&(0x7f00000000c0), 0x0, 0x0) ioctl$I2C_SMBUS(r1, 0x720, &(0x7f0000000040)={0x0, 0x0, 0x7, &(0x7f0000000000)={0x22, "14956544c869ef45cda7dd68fe132f1d0259da184039589d199f3db71c15666d95"}}) write$binfmt_script(r0, &(0x7f0000000340)={'#! ', './file0'}, 0xb) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r0, 0x0) openat$6lowpan_control(0xffffff9c, &(0x7f00000002c0), 0x2, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r2}, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_RINGS_SET(r3, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000001c0)={0x2c, r4, 0x1, 0x0, 0x0, {0xf}, [@ETHTOOL_A_RINGS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}]}, 0x2c}}, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x15) syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYBLOB="043e1f"], 0x22) syz_emit_vhci(&(0x7f0000000440)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x4}}}, 0xa) r5 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f0000000140)={0x0, 0xa, 0x2}) syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="0405"], 0x7) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001002009d77235e7ef00001000000000000000000000000000904000000000000000002000000180004e9830001800a0001006c696d6974080000040002800900010073797a30000000000900020073797a3200000000050007409c000000140000001100010000000000000000000000000ae3a19fc3cc86ec6cbeaec1ab2517779271a12b6217e2847342704d570246855968bb26d7672ff721fd2d5288a18c0d1686c2f0492f07186ead7f45a3c8fd27819dec54e0126bb62eb1c7f9adc886f24d284cb8a1efdb7691b971593babc75e5274a3624642"], 0x74}}, 0x40014) socket(0x0, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000300)=ANY=[@ANYBLOB="02c91095553d1812025cd0f94f25c78b0fd6d112000e00050015030a0005002700080008000100"], 0x17) getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f0000000040)={0x0, 0xffff}, &(0x7f00000000c0)=0x8) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_LOOKUP_BATCH(0x18, 0x0, 0x0) r7 = socket$nl_crypto(0x10, 0x3, 0x15) sendmsg$netlink(r7, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f00000004c0)=ANY=[@ANYBLOB="e000000012000307000000000000000014f84d51ceb5a12539e0174dabc8e56e5547ac47e6ab4513d71e75f33cd78b2096d50cb0551255565025750bf1f75e0c564a89a9dbdbacf0c43dd4fd1f242331587b7b3aaffbb0772a880f47ac0c19f18be3973688344a3a2dafec3e8b20be708f84080230909295cb03909ecac3c388b054a8fb798f1f51f2df9c32f4c8e629d2fa3b9590ea9a9f8ae268717e0fa3249737f1c183eaef88b2a3aaedf7455d9d84773fa836ae71f81f5feb7251a1225be8efdab50d96fa9a514272e8d57b6a2baca040b3000000000004000080000000"], 0xe0}], 0x1}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) 2.777362674s ago: executing program 3 (id=4060): r0 = openat$vcsa(0xffffff9c, &(0x7f0000000000), 0x0, 0x0) statx(r0, &(0x7f0000000100)='./file0/file0\x00', 0x1500, 0x1, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) connect$unix(0xffffffffffffffff, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r2) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) pipe2(0x0, 0x80000) write$evdev(0xffffffffffffffff, &(0x7f00000003c0)=[{{0x77359400}, 0x14, 0x9, 0x6}, {{0x0, 0x2710}, 0x0, 0x0, 0x42dbad0d}], 0x30) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ioctl$VHOST_SET_OWNER(r4, 0xaf01, 0x0) syz_open_pts(0xffffffffffffffff, 0x408b03) ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0}) ioctl$VHOST_SET_MEM_TABLE(r4, 0x4008af03, &(0x7f0000001680)={0x2, 0x0, [{0x4, 0x1b, &(0x7f0000000000)=""/27}, {0x115001, 0xa3, &(0x7f0000001500)=""/163}]}) ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000280)={0x0, 0x1, 0x0, &(0x7f0000000340)=""/185, &(0x7f0000000140)=""/92}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000001a80)=ANY=[@ANYBLOB="6c027b7f7a32a8c7d5c590fe472a3f2de07b9a9312499ff3386006a093855f98935d166bf26c8bd4628e2b381832334f625a8dbb95247ad3a2d0cbfc190f7d7a0ba9d62206af24617b7c01034749f7f4fb9e812917e86f995689cf077e78cfbeb0074c25d1103a183688055f891b75d234f1d51e97c5247a4c771c5f73edadf669b740d3e911a48db797c1caaef4752f8ca192321d4c96381019a7135b53f114c7dfbc754522b5047504a9f9c680da9d0821b5", @ANYRESHEX=r1, @ANYBLOB="b76093d934b076", @ANYBLOB="b6ce0ca8fd24731a28d55ace53d7d585df615ce0be5a1e5f901104584a4ab0a9a632ee9a1671f7217892090b1a31a911c02c5fd55d4e2ce7a1a30d86ed24871c23bf2647f2f608c9b95e97063728107b61df37f6d01429db072ce6ff1e29fb6f1037d9a4bb0047adeed508f73b875a6644eca5e737925c1f238eec60c7acc66caab85883f4530fbf706782b3563fe0d15ab930880c0d2f6a7799745b8eef03f8b428316b9b406431852d160b1221afd43fc5bc099f6cd4e69af9811792631daf0989b9aa386f9c240bdbad2e2b5013bd96cc91143bccda3835ae80df570a69da86d6cb2744cf1c96c04cec0847fe638cfc64e673ab03460a8a70c6b03783befd5785a8279335a23c05d59c9f29fc6c79675cd2404fbbd3dcfe076a2f79afb5842beb628d07b5b6f01b1dab503d968bf2a2c1782785e747335d1804ed79d53a506cf193f4f6fbfb7c09e9d1c70eb204ef94c8aebd57fdd4778439a168ae646ebf72d94d6642aaf5f088001d38d82feaa1c3fd8bb10cedfffd524f0574", @ANYRES16=r3, @ANYRES16=r0, @ANYRESHEX, @ANYRESOCT], 0x1c}}, 0x1) ioctl$VHOST_VSOCK_SET_RUNNING(r4, 0x4004af61, &(0x7f00000000c0)=0x1) r5 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r5, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x1}, 0x10) socketpair$unix(0x1, 0x0, 0x0, 0x0) setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, 0x0, 0xfffffd5c) ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)=""/57, 0x0, &(0x7f0000000500)=""/4096}) setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x29, &(0x7f0000000080)=ANY=[], 0x14) ioctl$VHOST_VSOCK_SET_RUNNING(r4, 0x4004af61, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000004c0)={{}, &(0x7f0000000440), 0x0}, 0x20) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000500), 0x4) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, 0x0) sync() ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, 0x0) 2.690225046s ago: executing program 0 (id=4061): socket$netlink(0x10, 0x3, 0xc) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) r0 = socket$inet6(0xa, 0x6, 0xfffffffe) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20}, 0x1c) listen(r0, 0x80080400) r1 = socket$inet_dccp(0x2, 0x6, 0x0) connect$inet(r1, &(0x7f0000e5c000)={0x2, 0x4e1f, @loopback=0x7f000002}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000400000/0xc00000)=nil, &(0x7f0000a2e000/0x4000)=nil, &(0x7f0000905000/0x2000)=nil, &(0x7f0000000000)="66478143a496e385866f054e0cfb5bd8beb9d7a0a038d6f28024d80abdfb1b14fcc295cd892b9271491aa5474cf03f", 0x2f, r0}, 0x68) syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}, {0x0, 0x0, 0x2}}}, 0x7) syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @inquiry_info={{0x2, 0x39}, {0x4, [{@any, 0x0, 0x7, 0x3, "b16530", 0xe}, {@none, 0x9, 0x6, 0x0, "360a8e", 0x8}, {@none, 0x0, 0x0, 0x5, "e77791", 0x7ff}, {@any, 0xfc, 0x0, 0xf2, "5e1308", 0x7ff}]}}}, 0x63) syz_emit_vhci(&(0x7f0000000100)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2) syz_open_dev$usbmon(&(0x7f0000000280), 0x0, 0x404002) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) pidfd_send_signal(0xffffffffffffffff, 0x0, 0x0, 0x0) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0) socket$inet_sctp(0x2, 0x0, 0x84) syz_emit_vhci(&(0x7f0000000300)=@HCI_EVENT_PKT={0x4, @hci_ev_disconn_complete={{0x5, 0x4}, {0x0, 0xc8}}}, 0x7) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) mknod(&(0x7f0000000240)='./file3/file0\x00', 0x0, 0x0) mknodat(0xffffffffffffff9c, &(0x7f00000001c0)='./file3\x00', 0xc1c0, 0x10000000) r3 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x0) ioctl$CEC_S_MODE(r3, 0x40046109, &(0x7f0000000140)=0x11) ioctl$CEC_S_MODE(r3, 0x40046109, &(0x7f0000000040)=0xd0) r4 = landlock_create_ruleset(&(0x7f0000000180)={0x803}, 0x10, 0x0) landlock_restrict_self(r4, 0x0) 2.56903145s ago: executing program 3 (id=4062): openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) r1 = syz_open_dev$I2C(&(0x7f00000000c0), 0x0, 0x0) ioctl$I2C_SMBUS(r1, 0x720, &(0x7f0000000040)={0x0, 0x0, 0x7, &(0x7f0000000000)={0x22, "14956544c869ef45cda7dd68fe132f1d0259da184039589d199f3db71c15666d95"}}) write$binfmt_script(r0, &(0x7f0000000240), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r0, 0x0) openat$6lowpan_control(0xffffff9c, &(0x7f00000002c0), 0x2, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r2}, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_RINGS_SET(r3, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)=ANY=[@ANYBLOB="e60300000e05a5118a1f2963aa", @ANYRES16=r4, @ANYBLOB="010000000000000000000f00000018000180140002006e657464657673696d30000000000000"], 0x2c}}, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x15) syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYBLOB="043e"], 0x22) syz_emit_vhci(0x0, 0x0) r5 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f0000000140)={0x0, 0xa, 0x2}) syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="04"], 0x7) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) socket(0x0, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000300)=ANY=[@ANYBLOB="02c91095553d1812025cd0f94f25c78b0fd6d112000e00050015030a0005002700080008000100"], 0x17) getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, &(0x7f00000000c0)) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_LOOKUP_BATCH(0x18, 0x0, 0x0) r7 = socket$nl_crypto(0x10, 0x3, 0x15) sendmsg$netlink(r7, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f00000004c0)=ANY=[@ANYBLOB="e000000012000307000000000000000014f84d51ceb5a12539e0174dabc8e56e5547ac47e6ab4513d71e75f33cd78b2096d50cb0551255565025750bf1f75e0c564a89a9dbdbacf0c43dd4fd1f242331587b7b3aaffbb0772a880f47ac0c19f18be3973688344a3a2dafec3e8b20be708f84080230909295cb03909ecac3c388b054a8fb798f1f51f2df9c32f4c8e629d2fa3b9590ea9a9f8ae268717e0fa3249737f1c183eaef88b2a3aaedf7455d9d84773fa836ae71f81f5feb7251a1225be8efdab50d96fa9a514272e8d57b6a2baca040b3000000000004000080000000"], 0xe0}], 0x1}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x8000) 2.568791724s ago: executing program 1 (id=4063): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000fe1f702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000007000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0xe, 0x0, &(0x7f0000000180)="0000f61236e17fdc49c98d9c450c", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (fail_nth: 1) 2.490665354s ago: executing program 0 (id=4064): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) getsockopt$bt_hci(r0, 0x84, 0x70, &(0x7f0000003280)=""/4104, &(0x7f0000001080)=0x1008) (fail_nth: 1) 2.180821196s ago: executing program 1 (id=4065): ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000009500"/17], &(0x7f00000000c0)='GPL\x00', 0xfffffff7, 0x0, 0x0, 0x40f00}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='tlb_flush\x00', r0}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1f, 0x0, 0x0, 0x1000, 0x0, 0x1}, 0x48) mmap(&(0x7f0000b02000/0x2000)=nil, 0x2000, 0x1000001, 0x28011, r1, 0x0) 2.180432169s ago: executing program 0 (id=4066): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000400)={&(0x7f00000002c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x2, [@int={0x0, 0x0, 0x0, 0x8e}]}}, 0x0, 0x2a}, 0x20) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='vegas\x00', 0x6) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c) write$binfmt_script(r0, &(0x7f0000000200), 0xfffffd9d) socketpair$nbd(0x1, 0x1, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c00000015000000000400000000000002000000ff00000000000000"], 0x1c}}, 0x0) r1 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, 0x0, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x891c, &(0x7f0000000000)={0x0, {0x2, 0x0, @remote}, {0x2, 0x0, @empty}, {0x2, 0x0, @multicast1}}) syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000009980708b5192100c7980000000109021b00012000ac00090400000107000009090585cf"], 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00'}) socket$netlink(0x10, 0x3, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r5, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r6, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) r7 = socket$inet6_tcp(0xa, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000002100), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000002140)={'wlan0\x00'}) prlimit64(0x0, 0x0, 0x0, 0x0) 2.048333074s ago: executing program 1 (id=4067): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000100)) r5 = socket(0x10, 0x3, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) r7 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) getsockname$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r8, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c}}]}, 0x78}}, 0x0) sendmsg$nl_route_sched(r7, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=@newtfilter={0x44, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {}, {0x7}}, [@filter_kind_options=@f_bpf={{0x8}, {0x18, 0x2, [@TCA_BPF_OPS={{0x6, 0x4, 0x2}, {0x4}}, @TCA_BPF_FLAGS={0x8}]}}]}, 0x44}}, 0x0) 1.714964274s ago: executing program 3 (id=4068): socket$packet(0x11, 0x0, 0x300) r0 = socket$l2tp6(0xa, 0x2, 0x73) setsockopt$inet6_opts(r0, 0x29, 0x22, 0x0, 0x48) r1 = socket$netlink(0x10, 0x3, 0xa) sendmsg$NL80211_CMD_EXTERNAL_AUTH(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=ANY=[], 0x34}}, 0x20005090) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5865}, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0) dup2(r3, r7) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000005, 0x12, 0xffffffffffffffff, 0x0) r8 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) r9 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001780)={&(0x7f0000000500)=ANY=[@ANYBLOB="cc020000210a01"], 0x2cc}}, 0x0) ioctl$KVM_RUN(r8, 0xae80, 0x0) ioctl$KVM_RUN(r8, 0xae80, 0x0) read$msr(r7, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0) recvmsg(r7, &(0x7f0000000380)={&(0x7f0000000140)=@in6, 0x80, 0x0, 0x0, &(0x7f00000002c0)=""/158, 0x9e}, 0x0) r10 = openat$uinput(0xffffff9c, 0x0, 0x802, 0x0) connect$phonet_pipe(r7, 0x0, 0x0) ioctl$UI_SET_EVBIT(r10, 0x40045564, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x3, 0x2) sendmsg$nl_route_sched(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, &(0x7f0000001980)={0x0, 0x0, &(0x7f0000001940)={&(0x7f0000000180)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16, @ANYBLOB="0100800c0007802a0006000004000008000200010000000400632a08000100000000000200000000000000000000000082a12edc"], 0x38}}, 0x0) 579.46522ms ago: executing program 0 (id=4069): openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) r1 = syz_open_dev$I2C(&(0x7f00000000c0), 0x0, 0x0) ioctl$I2C_SMBUS(r1, 0x720, &(0x7f0000000040)={0x0, 0x0, 0x7, &(0x7f0000000000)={0x22, "14956544c869ef45cda7dd68fe132f1d0259da184039589d199f3db71c15666d95"}}) write$binfmt_script(r0, &(0x7f0000000240), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r0, 0x0) openat$6lowpan_control(0xffffff9c, &(0x7f00000002c0), 0x2, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r2}, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_RINGS_SET(r3, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)=ANY=[@ANYBLOB="e60300000e05a5118a1f2963aa", @ANYRES16=r4, @ANYBLOB="010000000000000000000f00000018000180140002006e657464657673696d30000000000000"], 0x2c}}, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x15) syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYBLOB="043e"], 0x22) syz_emit_vhci(0x0, 0x0) r5 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f0000000140)={0x0, 0xa, 0x2}) syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="04"], 0x7) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) socket(0x0, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000300)=ANY=[@ANYBLOB="02c91095553d1812025cd0f94f25c78b0fd6d112000e00050015030a0005002700080008000100"], 0x17) getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f0000000040)={0x0, 0xffff}, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_LOOKUP_BATCH(0x18, 0x0, 0x0) r7 = socket$nl_crypto(0x10, 0x3, 0x15) sendmsg$netlink(r7, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f00000004c0)=ANY=[@ANYBLOB="e000000012000307000000000000000014f84d51ceb5a12539e0174dabc8e56e5547ac47e6ab4513d71e75f33cd78b2096d50cb0551255565025750bf1f75e0c564a89a9dbdbacf0c43dd4fd1f242331587b7b3aaffbb0772a880f47ac0c19f18be3973688344a3a2dafec3e8b20be708f84080230909295cb03909ecac3c388b054a8fb798f1f51f2df9c32f4c8e629d2fa3b9590ea9a9f8ae268717e0fa3249737f1c183eaef88b2a3aaedf7455d9d84773fa836ae71f81f5feb7251a1225be8efdab50d96fa9a514272e8d57b6a2baca040b3000000000004000080000000"], 0xe0}], 0x1}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x8000) 420.868163ms ago: executing program 3 (id=4070): keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=ANY=[], 0x2a, 0xfffffffffffffffc) add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe) 420.548691ms ago: executing program 1 (id=4071): pipe(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r0, 0x0, r0, &(0x7f0000000040), 0x56a9, 0x0) 278.878283ms ago: executing program 3 (id=4072): prctl$PR_SET_DUMPABLE(0x4, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x0, 0xc, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) syz_open_dev$vcsn(0x0, 0x0, 0x0) r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000080)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000000)={r1, r1, r1}, 0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={'crc32c-intel\x00'}}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x0, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB, @ANYBLOB="367abe1bd14c608890f80f5f991cd5828b2340c3e8dc7711d51f00152f52b62b4ebca33c867f3ed5ad2e4863b5f59a0760496f177b9f1d9caa746e7bb6397f41f2951eafa6dcb692b9fe9df56c30b4e0788d4bde129ae91513cbdb3ecbeddb5794d547984e8689146e01"], 0x0}, 0x90) r2 = socket$pppoe(0x18, 0x1, 0x0) ioctl$PPPIOCGCHAN(r2, 0x80047437, &(0x7f0000001f00)) sendmmsg(r2, &(0x7f0000000080), 0x4000000000001f0, 0x0) rt_sigaction(0x19, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0, 0x8, &(0x7f0000000480)) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r3, &(0x7f00000015c0)={0x0, 0x0, &(0x7f0000001580)={&(0x7f0000000540)=ANY=[@ANYBLOB="480000000206010100000000000000000200000011000300686173683a69702c706f72740000000005010100070000000500010007000000050005000a0000000500040000000000f25bff5274e58f1f43768d9fb016da2a28725d12e5f5accfe9c1c3a0761fbe215ac6"], 0x48}}, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00'}, 0x10) r5 = socket$nl_audit(0x10, 0x3, 0x9) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) r6 = syz_open_procfs(0x0, &(0x7f0000000240)='mountinfo\x00') ppoll(&(0x7f0000000280)=[{r6}], 0x1, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0/../file0/../file0\x00', 0x0, 0x26, 0x0) write$binfmt_script(r5, &(0x7f00000025c0)={'#! ', './file0'}, 0xb) sendmsg$IPSET_CMD_LIST(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000280)={0x1c, 0x7, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) syz_genetlink_get_family_id$smc(&(0x7f0000000340), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) 278.665766ms ago: executing program 1 (id=4073): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, 0x0, &(0x7f0000000200)) (fail_nth: 1) 112.073624ms ago: executing program 0 (id=4074): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, 0x0, &(0x7f0000000200)) 489.355µs ago: executing program 1 (id=4075): r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e) ioctl$PPPIOCGCHAN(r0, 0x80047437, &(0x7f0000001f00)) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000f0000150000000000000000180100002020702500000000000f20207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000de000007850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000003c0)='mmap_lock_acquire_returned\x00', r1}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000090000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r3}, 0x10) sendmmsg(r0, &(0x7f0000000dc0)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000780)="0f", 0x1}], 0x1}}], 0x1, 0x0) 0s ago: executing program 0 (id=4076): syz_usb_connect$cdc_ncm(0x4, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000002505a1a440000102030109025c0002010000000904000001a3f45747d649f9a30105240000000d240f8100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d000009058202000000000009050302"], 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{0x1, 0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000080)}, 0x1c) ioctl$DMA_HEAP_IOCTL_ALLOC(0xffffffffffffffff, 0xc0184800, &(0x7f0000000180)={0xfffffffffffffff8, 0xffffffffffffffff, 0x1}) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000240), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r3, 0x0) r4 = userfaultfd(0x801) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_WRITEPROTECT(r4, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000800000/0x800000)=nil, 0x802000}, 0x2}) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10) r6 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', 0x0}) sendmsg$nl_route(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB="4400000010000904004fef08aa3887f7c1000000", @ANYRES32=r8, @ANYBLOB="000000000000000024001280110001006272696467655f736c617665000000000c000580050001"], 0x44}}, 0x0) chdir(0x0) r9 = fcntl$dupfd(r4, 0x0, r4) ioctl$UFFDIO_CONTINUE(r9, 0xc018aa06, &(0x7f00000000c0)={{&(0x7f0000800000/0x800000)=nil, 0x800000}, 0x1}) r10 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_wireguard(r9, 0x8933, &(0x7f00000006c0)={'wg0\x00'}) fdatasync(r10) r11 = openat$sr(0xffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TIOCGISO7816(r9, 0x80285442, &(0x7f0000000300)) ioctl$UI_SET_FFBIT(r11, 0x31e, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x21, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x6}, [@map_idx={0x18, 0x1, 0x5, 0x0, 0x2}, @exit, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x10}}, @tail_call={{0x18, 0x2, 0x1, 0x0, r1}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x611}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @btf_id={0x18, 0x9, 0x3, 0x0, 0x5}, @initr0={0x18, 0x0, 0x0, 0x0, 0xffff6045}]}, &(0x7f0000000380)='syzkaller\x00', 0x400, 0xd3, &(0x7f00000003c0)=""/211, 0x40f00, 0x30, '\x00', 0x0, 0x0, r3, 0x8, &(0x7f00000004c0)={0x9, 0x5}, 0x8, 0x10, &(0x7f0000000500)={0x3, 0x7, 0x101, 0x80000000}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000540)=[r10], &(0x7f0000000580)=[{0x5, 0x1, 0xf, 0x7}, {0x4, 0x5, 0x3, 0x5}, {0x3, 0x5, 0x81, 0x5}, {0x2, 0x2, 0xb, 0x5}, {0x4, 0x5, 0x7, 0x3}, {0x2, 0x3, 0x2, 0x9}, {0x2, 0x4, 0x5, 0xc}], 0x10, 0x7ff}, 0x90) syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904010001faf40d00090582"], 0x0) r12 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) write$char_usb(r12, &(0x7f0000000340)="d7", 0x1) kernel console output (not intermixed with test programs): ce strings: Mfr=0, Product=0, SerialNumber=0 [ 1095.029040][ T7928] hub 6-1:32.0: bad descriptor, ignoring hub [ 1095.031615][ T7928] hub 6-1:32.0: probe with driver hub failed with error -5 [ 1095.093327][ T5228] Bluetooth: hci2: ACL packet for unknown connection handle 201 [ 1095.458906][ T5228] Bluetooth: hci2: Ignoring connect complete event for invalid link type [ 1095.470213][ T5228] Bluetooth: hci1: command 0x0406 tx timeout [ 1095.650810][ T5228] Bluetooth: hci7: Ignoring connect complete event for invalid link type [ 1095.743985][T15055] usb 6-1: USB disconnect, device number 82 [ 1096.100390][ T5228] Bluetooth: hci2: ACL packet for unknown connection handle 201 [ 1096.378291][ T7928] usb 7-1: new high-speed USB device number 87 using dummy_hcd [ 1096.512565][ T5228] Bluetooth: Unexpected continuation frame (len 18) [ 1096.736867][ T7928] usb 7-1: config 0 has no interfaces? [ 1096.740639][ T7928] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1096.744962][ T7928] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1096.751445][ T7928] usb 7-1: config 0 descriptor?? [ 1096.799593][ T5228] Bluetooth: hci2: unexpected event 0x33 length: 14 > 10 [ 1096.813200][ T5228] Bluetooth: hci2: Received unexpected HCI Event 0x00 [ 1096.970289][ T5228] Bluetooth: hci2: ACL packet for unknown connection handle 201 [ 1096.998318][ T5228] Bluetooth: hci5: command tx timeout [ 1097.258173][ T5228] Bluetooth: hci5: Ignoring connect complete event for invalid link type [ 1097.289805][ T7928] usb 7-1: string descriptor 0 read error: -71 [ 1097.326163][ T7928] usb 7-1: USB disconnect, device number 87 [ 1097.481511][ T5228] Bluetooth: hci2: ACL packet for unknown connection handle 201 [ 1097.901232][ T5228] Bluetooth: hci1: SCO packet for unknown connection handle 200 [ 1098.132856][ T5228] Bluetooth: Unexpected continuation frame (len 18) [ 1098.147896][ T5228] Bluetooth: hci1: ACL packet for unknown connection handle 201 [ 1098.180116][ T5228] Bluetooth: hci1: ACL packet for unknown connection handle 200 [ 1098.308251][T15055] usb 8-1: new high-speed USB device number 99 using dummy_hcd [ 1098.528436][T15055] usb 8-1: Using ep0 maxpacket: 8 [ 1098.555679][T15055] usb 8-1: config 32 has an invalid descriptor of length 0, skipping remainder of the config [ 1098.569164][T15055] usb 8-1: config 32 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 1098.574318][T15055] usb 8-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7 [ 1098.578946][T15055] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1098.590428][T15055] hub 8-1:32.0: bad descriptor, ignoring hub [ 1098.595774][T15055] hub 8-1:32.0: probe with driver hub failed with error -5 [ 1099.008518][T15055] usb 8-1: USB disconnect, device number 99 [ 1099.308356][T14999] usb 5-1: new high-speed USB device number 111 using dummy_hcd [ 1099.401737][ T5228] Bluetooth: hci2: command 0x0406 tx timeout [ 1099.510333][T14999] usb 5-1: config 0 has no interfaces? [ 1099.513086][T14999] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1099.517186][T14999] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1099.524807][T14999] usb 5-1: config 0 descriptor?? [ 1099.912480][T14999] usb 5-1: string descriptor 0 read error: -71 [ 1099.920350][T14999] usb 5-1: USB disconnect, device number 111 [ 1100.096400][ T5228] Bluetooth: hci2: Ignoring connect complete event for invalid link type [ 1100.108307][ T5228] Bluetooth: hci7: ACL packet for unknown connection handle 200 [ 1100.117051][T19252] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3628'. [ 1100.119436][ T5228] Bluetooth: hci5: command tx timeout [ 1100.408279][T15137] usb 7-1: new high-speed USB device number 88 using dummy_hcd [ 1100.619187][T15137] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1100.648210][T15137] usb 7-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18 [ 1100.658806][T15137] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 1.40 [ 1100.662854][T15137] usb 7-1: New USB device strings: Mfr=1, Product=0, SerialNumber=0 [ 1100.666971][T15137] usb 7-1: Manufacturer: syz [ 1101.073814][T15137] usb 7-1: USB disconnect, device number 88 [ 1101.479102][ T5228] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1101.585712][ T5228] Bluetooth: Unexpected continuation frame (len 18) [ 1101.611779][T19269] blktrace: Concurrent blktraces are not allowed on sg0 [ 1102.190162][ T5228] Bluetooth: hci7: Ignoring connect complete event for invalid link type [ 1102.599706][ T57] usb 5-1: new high-speed USB device number 112 using dummy_hcd [ 1102.808278][ T57] usb 5-1: Using ep0 maxpacket: 8 [ 1102.814238][ T57] usb 5-1: config 32 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 1102.866713][ T57] usb 5-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7 [ 1102.915326][ T57] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1103.661492][ T57] usb 5-1: string descriptor 0 read error: -71 [ 1103.667695][ T57] hub 5-1:32.0: bad descriptor, ignoring hub [ 1103.671445][ T57] hub 5-1:32.0: probe with driver hub failed with error -5 [ 1103.758680][ T57] usb 5-1: USB disconnect, device number 112 [ 1103.988912][T15139] udevd[15139]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb5/5-1/5-1:32.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1104.182555][ T5258] usb 7-1: new high-speed USB device number 89 using dummy_hcd [ 1104.402711][ T5258] usb 7-1: config 0 has no interfaces? [ 1104.405472][ T5258] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1104.471069][ T5258] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1104.493668][ T5258] usb 7-1: config 0 descriptor?? [ 1104.854186][ T5228] Bluetooth: hci5: link tx timeout [ 1104.856696][ T5228] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa [ 1104.929247][ T30] usb 7-1: USB disconnect, device number 89 [ 1105.179058][ T57] usb 5-1: new high-speed USB device number 113 using dummy_hcd [ 1105.368218][T15055] usb 8-1: new high-speed USB device number 100 using dummy_hcd [ 1105.420632][ T57] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1105.425759][ T57] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18 [ 1105.433961][ T57] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 1.40 [ 1105.437774][ T57] usb 5-1: New USB device strings: Mfr=1, Product=0, SerialNumber=0 [ 1105.441398][ T57] usb 5-1: Manufacturer: syz [ 1105.548613][T15055] usb 8-1: Using ep0 maxpacket: 8 [ 1105.553141][T15055] usb 8-1: config 32 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 1105.557914][T15055] usb 8-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7 [ 1105.568022][T15055] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1105.678863][T19310] blktrace: Concurrent blktraces are not allowed on sg0 [ 1105.711797][ T57] usb 5-1: USB disconnect, device number 113 [ 1105.962882][T15055] usb 8-1: string descriptor 0 read error: -71 [ 1105.965961][T15055] hub 8-1:32.0: USB hub found [ 1105.969979][T15055] hub 8-1:32.0: config failed, can't read hub descriptor (err -22) [ 1106.028657][T15055] usb 8-1: USB disconnect, device number 100 [ 1106.249714][T15139] udevd[15139]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb8/8-1/8-1:32.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1106.317774][ T9899] Bluetooth: hci7: unexpected event 0x33 length: 14 > 10 [ 1106.358206][ T9899] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 1106.517670][ T9899] Bluetooth: hci7: ACL packet for unknown connection handle 201 [ 1106.605032][ T9899] Bluetooth: hci2: Ignoring connect complete event for invalid link type [ 1106.804437][T19324] blktrace: Concurrent blktraces are not allowed on sg0 [ 1106.888452][ T9899] Bluetooth: hci1: Ignoring connect complete event for invalid link type [ 1106.918222][ T9899] Bluetooth: hci5: command 0x0406 tx timeout [ 1107.559126][ T5228] Bluetooth: hci5: ACL packet for unknown connection handle 201 [ 1107.778308][T15055] usb 7-1: new high-speed USB device number 90 using dummy_hcd [ 1108.001360][T15055] usb 7-1: config 0 has no interfaces? [ 1108.004265][T15055] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1108.018278][T15055] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1108.038749][T15055] usb 7-1: config 0 descriptor?? [ 1108.434984][ T5228] Bluetooth: hci5: ACL packet for unknown connection handle 201 [ 1108.458234][ T35] usb 8-1: new high-speed USB device number 101 using dummy_hcd [ 1108.548881][ T7928] usb 7-1: USB disconnect, device number 90 [ 1108.659981][ T35] usb 8-1: config 0 has no interfaces? [ 1108.662501][ T35] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1108.714471][T19360] blktrace: Concurrent blktraces are not allowed on sg0 [ 1108.763067][ T35] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1108.789149][ T35] usb 8-1: config 0 descriptor?? [ 1109.229422][ T35] usb 8-1: string descriptor 0 read error: -71 [ 1109.268985][ T35] usb 8-1: USB disconnect, device number 101 [ 1110.048263][ T57] usb 6-1: new high-speed USB device number 83 using dummy_hcd [ 1110.248242][ T57] usb 6-1: Using ep0 maxpacket: 8 [ 1110.254332][ T57] usb 6-1: config 32 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 1110.260120][ T57] usb 6-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7 [ 1110.265008][ T57] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1110.795392][ T57] usb 6-1: string descriptor 0 read error: -71 [ 1110.798855][ T57] hub 6-1:32.0: USB hub found [ 1110.815110][ T57] hub 6-1:32.0: config failed, can't read hub descriptor (err -22) [ 1110.898788][ T57] usb 6-1: USB disconnect, device number 83 [ 1110.928677][T15139] udevd[15139]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb6/6-1/6-1:32.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1111.488324][ T5228] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1111.576089][ T5228] Bluetooth: hci5: ACL packet for unknown connection handle 201 [ 1111.716305][ T5228] Bluetooth: hci2: Ignoring connect complete event for invalid link type [ 1112.147561][ T5228] Bluetooth: hci7: ACL packet for unknown connection handle 200 [ 1112.418403][ T5261] usb 7-1: new high-speed USB device number 91 using dummy_hcd [ 1112.598260][ T35] usb 5-1: new high-speed USB device number 114 using dummy_hcd [ 1112.603349][ T5261] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1112.607871][ T5261] usb 7-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18 [ 1112.629082][ T5228] Bluetooth: hci1: ACL packet for unknown connection handle 201 [ 1112.630618][ T5261] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 1.40 [ 1112.636476][ T5261] usb 7-1: New USB device strings: Mfr=1, Product=0, SerialNumber=0 [ 1112.639779][ T5261] usb 7-1: Manufacturer: syz [ 1112.805009][ T5228] Bluetooth: hci2: Received unexpected HCI Event 0x00 [ 1112.818233][ T35] usb 5-1: Using ep0 maxpacket: 8 [ 1112.839551][ T35] usb 5-1: config 32 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 1112.845811][ T35] usb 5-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7 [ 1112.858186][ T35] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1112.867982][ T5228] Bluetooth: hci2: ACL packet for unknown connection handle 201 [ 1112.920815][ T57] usb 7-1: USB disconnect, device number 91 [ 1113.180466][T15055] usb 6-1: new high-speed USB device number 84 using dummy_hcd [ 1113.339056][ T35] usb 5-1: string descriptor 0 read error: -71 [ 1113.341917][ T35] hub 5-1:32.0: USB hub found [ 1113.379958][T15055] usb 6-1: config 0 has no interfaces? [ 1113.382381][T15055] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1113.388839][ T35] hub 5-1:32.0: config failed, can't read hub descriptor (err -22) [ 1113.395559][T15055] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1113.403844][T15055] usb 6-1: config 0 descriptor?? [ 1113.458652][ T35] usb 5-1: USB disconnect, device number 114 [ 1113.567586][T19419] blktrace: Concurrent blktraces are not allowed on sg0 [ 1113.710970][T15139] udevd[15139]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb5/5-1/5-1:32.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1113.719265][T15055] usb 6-1: USB disconnect, device number 84 [ 1114.247684][T19426] blktrace: Concurrent blktraces are not allowed on sg0 [ 1114.279066][ T57] usb 5-1: new high-speed USB device number 115 using dummy_hcd [ 1114.458223][ T57] usb 5-1: Using ep0 maxpacket: 8 [ 1114.462911][ T57] usb 5-1: config 32 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 1114.468000][ T57] usb 5-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7 [ 1114.472056][ T57] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1114.892971][ T57] usb 5-1: string descriptor 0 read error: -71 [ 1114.896842][ T57] hub 5-1:32.0: USB hub found [ 1114.911030][ T57] hub 5-1:32.0: config failed, can't read hub descriptor (err -22) [ 1115.001317][ T5228] Bluetooth: hci2: ACL packet for unknown connection handle 201 [ 1115.023434][ T57] usb 5-1: USB disconnect, device number 115 [ 1115.250919][T15139] udevd[15139]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb5/5-1/5-1:32.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1115.503184][ T5228] Bluetooth: hci7: SCO packet for unknown connection handle 200 [ 1115.574688][ T5228] Bluetooth: hci7: ACL packet for unknown connection handle 201 [ 1115.591958][ T5228] Bluetooth: hci7: ACL packet for unknown connection handle 200 [ 1115.640760][T19449] blktrace: Concurrent blktraces are not allowed on sg0 [ 1115.674686][ T5228] Bluetooth: hci1: ACL packet for unknown connection handle 201 [ 1115.800418][ T1354] ieee802154 phy0 wpan0: encryption failed: -22 [ 1115.803060][ T1354] ieee802154 phy1 wpan1: encryption failed: -22 [ 1116.653754][ T5228] Bluetooth: hci2: Ignoring connect complete event for invalid link type [ 1116.808288][ T5223] usb 5-1: new high-speed USB device number 116 using dummy_hcd [ 1116.906361][ T5228] Bluetooth: hci1: ACL packet for unknown connection handle 200 [ 1116.908538][ T9899] Bluetooth: hci2: command 0x0406 tx timeout [ 1117.028380][ T5223] usb 5-1: Using ep0 maxpacket: 8 [ 1117.045291][ T5223] usb 5-1: config 32 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 1117.052408][ T5223] usb 5-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7 [ 1117.057246][ T5223] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1117.208514][T15055] usb 6-1: new high-speed USB device number 85 using dummy_hcd [ 1117.373464][ T5228] Bluetooth: hci2: ACL packet for unknown connection handle 201 [ 1117.462297][T15055] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1117.466711][T15055] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18 [ 1117.521032][T15055] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 1.40 [ 1117.525323][T15055] usb 6-1: New USB device strings: Mfr=1, Product=0, SerialNumber=0 [ 1117.530036][ T5223] usb 5-1: string descriptor 0 read error: -71 [ 1117.533043][ T5223] hub 5-1:32.0: USB hub found [ 1117.536015][ T5223] hub 5-1:32.0: config failed, can't read hub descriptor (err -22) [ 1117.541044][T15055] usb 6-1: Manufacturer: syz [ 1117.651155][ T5223] usb 5-1: USB disconnect, device number 116 [ 1117.799096][T15055] usb 6-1: USB disconnect, device number 85 [ 1117.905195][T15139] udevd[15139]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb5/5-1/5-1:32.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1118.187248][T19483] netlink: 1752 bytes leftover after parsing attributes in process `syz.3.3684'. [ 1118.852071][ T5228] Bluetooth: hci5: ACL packet for unknown connection handle 201 [ 1118.913738][ T5228] Bluetooth: hci1: ACL packet for unknown connection handle 201 [ 1119.431260][ T5228] Bluetooth: hci7: Ignoring connect complete event for invalid link type [ 1119.473154][ T5228] Bluetooth: hci2: ACL packet for unknown connection handle 201 [ 1119.608224][T15055] usb 6-1: new high-speed USB device number 86 using dummy_hcd [ 1119.890325][T15055] usb 6-1: config 0 has no interfaces? [ 1119.892701][T15055] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1119.958149][T15055] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1119.974028][T15055] usb 6-1: config 0 descriptor?? [ 1120.329200][ T5228] Bluetooth: hci7: Ignoring connect complete event for invalid link type [ 1120.351514][T15055] usb 6-1: string descriptor 0 read error: -71 [ 1120.357004][T15055] usb 6-1: USB disconnect, device number 86 [ 1120.823279][T19512] blktrace: Concurrent blktraces are not allowed on sg0 [ 1121.346833][ T5228] Bluetooth: hci1: Received unexpected HCI Event 0x00 [ 1121.464185][ T5228] Bluetooth: hci1: ACL packet for unknown connection handle 201 [ 1122.168261][ T30] usb 5-1: new high-speed USB device number 117 using dummy_hcd [ 1122.348273][ T30] usb 5-1: Using ep0 maxpacket: 8 [ 1122.353156][ T30] usb 5-1: config 32 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 1122.358269][ T30] usb 5-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7 [ 1122.361980][ T30] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1122.418430][ T5228] Bluetooth: hci7: ACL packet for unknown connection handle 201 [ 1122.685769][ T30] usb 5-1: string descriptor 0 read error: -71 [ 1122.694782][ T30] hub 5-1:32.0: USB hub found [ 1122.705172][ T30] hub 5-1:32.0: config failed, can't read hub descriptor (err -22) [ 1122.715314][ T5228] Bluetooth: hci7: Ignoring connect complete event for invalid link type [ 1122.788661][ T30] usb 5-1: USB disconnect, device number 117 [ 1122.870659][ T5228] Bluetooth: hci2: Received unexpected HCI Event 0x00 [ 1122.889929][ T5228] Bluetooth: hci2: Received unexpected HCI Event 0x00 [ 1122.901666][ T5228] Bluetooth: hci1: Ignoring connect complete event for invalid link type [ 1123.005721][ T5228] Bluetooth: hci2: ACL packet for unknown connection handle 201 [ 1123.030014][T15139] udevd[15139]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb5/5-1/5-1:32.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1123.466572][ T5228] Bluetooth: hci2: Ignoring connect complete event for invalid link type [ 1124.367252][ T5228] Bluetooth: hci2: ACL packet for unknown connection handle 201 [ 1124.615866][ T5228] Bluetooth: hci1: SCO packet for unknown connection handle 200 [ 1124.719362][ T5228] Bluetooth: hci1: ACL packet for unknown connection handle 200 [ 1125.134019][ T5228] Bluetooth: hci2: Ignoring connect complete event for invalid link type [ 1125.346948][ T35] usb 5-1: new high-speed USB device number 118 using dummy_hcd [ 1125.550703][ T35] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1125.555493][ T35] usb 5-1: config 1 has 0 interfaces, different from the descriptor's value: 1 [ 1125.602442][ T35] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 1.40 [ 1125.606185][ T35] usb 5-1: New USB device strings: Mfr=1, Product=0, SerialNumber=0 [ 1125.618442][ T35] usb 5-1: Manufacturer: syz [ 1125.684784][ T5228] Bluetooth: hci7: SCO packet for unknown connection handle 200 [ 1125.754016][ T5228] Bluetooth: hci7: ACL packet for unknown connection handle 200 [ 1125.939737][ T35] usb 5-1: USB disconnect, device number 118 [ 1127.106512][ T5228] Bluetooth: hci2: ACL packet for unknown connection handle 201 [ 1127.189315][T10364] usb 5-1: new high-speed USB device number 119 using dummy_hcd [ 1127.408576][T10364] usb 5-1: Using ep0 maxpacket: 8 [ 1127.434338][T10364] usb 5-1: config 32 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 1127.445718][T10364] usb 5-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7 [ 1127.456428][T10364] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1127.987177][T10364] usb 5-1: string descriptor 0 read error: -71 [ 1127.997036][T10364] hub 5-1:32.0: USB hub found [ 1128.003328][T10364] hub 5-1:32.0: config failed, can't read hub descriptor (err -22) [ 1128.108989][T10364] usb 5-1: USB disconnect, device number 119 [ 1128.138700][T15139] udevd[15139]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb5/5-1/5-1:32.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1128.774521][ T5228] Bluetooth: hci5: Ignoring connect complete event for invalid link type [ 1130.502237][ T5228] Bluetooth: hci1: ACL packet for unknown connection handle 201 [ 1130.941429][ T5228] Bluetooth: hci7: Ignoring connect complete event for invalid link type [ 1131.186834][ T5228] Bluetooth: hci1: ACL packet for unknown connection handle 201 [ 1131.870226][ T30] usb 8-1: new high-speed USB device number 102 using dummy_hcd [ 1132.098508][ T30] usb 8-1: Using ep0 maxpacket: 8 [ 1132.108312][ T30] usb 8-1: config 32 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 1132.112958][ T30] usb 8-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7 [ 1132.122193][ T30] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1132.268315][ T5228] Bluetooth: hci1: command 0x0406 tx timeout [ 1132.649981][ T30] usb 8-1: string descriptor 0 read error: -71 [ 1132.658489][ T5228] Bluetooth: hci1: SCO packet for unknown connection handle 200 [ 1132.662386][ T30] hub 8-1:32.0: USB hub found [ 1132.683624][ T30] hub 8-1:32.0: config failed, can't read hub descriptor (err -22) [ 1132.686504][ T5228] Bluetooth: hci7: SCO packet for unknown connection handle 200 [ 1132.687018][ T5228] Bluetooth: hci7: ACL packet for unknown connection handle 201 [ 1132.690180][ T9899] Bluetooth: hci1: ACL packet for unknown connection handle 201 [ 1132.698179][ T5228] Bluetooth: hci7: ACL packet for unknown connection handle 200 [ 1132.716948][ T5228] Bluetooth: hci1: ACL packet for unknown connection handle 200 [ 1132.815043][ T30] usb 8-1: USB disconnect, device number 102 [ 1133.131678][T15139] udevd[15139]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb8/8-1/8-1:32.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1133.559030][T10364] usb 5-1: new high-speed USB device number 120 using dummy_hcd [ 1133.760425][T10364] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1133.764316][T10364] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18 [ 1133.773800][T10364] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 1.40 [ 1133.781962][T10364] usb 5-1: New USB device strings: Mfr=1, Product=0, SerialNumber=0 [ 1133.786181][T10364] usb 5-1: Manufacturer: syz [ 1134.130184][ T35] usb 5-1: USB disconnect, device number 120 [ 1134.385496][ T5228] Bluetooth: hci2: ACL packet for unknown connection handle 201 [ 1135.217897][T19680] blktrace: Concurrent blktraces are not allowed on sg0 [ 1135.481509][ T5228] Bluetooth: hci1: Ignoring connect complete event for invalid link type [ 1135.570059][T19686] blktrace: Concurrent blktraces are not allowed on sg0 [ 1136.148738][ T5228] Bluetooth: hci7: SCO packet for unknown connection handle 200 [ 1136.174401][ T5228] Bluetooth: hci7: ACL packet for unknown connection handle 200 [ 1136.537101][ T5228] Bluetooth: hci2: ACL packet for unknown connection handle 201 [ 1137.059066][ T30] usb 8-1: new high-speed USB device number 103 using dummy_hcd [ 1137.068843][ T5228] Bluetooth: hci5: ACL packet for unknown connection handle 201 [ 1137.258183][ T30] usb 8-1: Using ep0 maxpacket: 8 [ 1137.264888][ T30] usb 8-1: config 32 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 1137.272404][ T30] usb 8-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7 [ 1137.276950][ T30] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1137.588800][ T30] usb 8-1: string descriptor 0 read error: -71 [ 1137.618994][ T30] hub 8-1:32.0: USB hub found [ 1137.645183][ T30] hub 8-1:32.0: config failed, can't read hub descriptor (err -22) [ 1137.683631][ T5228] Bluetooth: hci1: SCO packet for unknown connection handle 200 [ 1137.701711][ T5228] Bluetooth: hci1: ACL packet for unknown connection handle 200 [ 1137.769122][ T30] usb 8-1: USB disconnect, device number 103 [ 1138.030655][T15139] udevd[15139]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb8/8-1/8-1:32.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1138.668296][ T5261] usb 8-1: new high-speed USB device number 104 using dummy_hcd [ 1138.910525][ T5261] usb 8-1: config 0 has no interfaces? [ 1138.912925][ T5261] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1138.926114][ T5261] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1138.935153][ T5261] usb 8-1: config 0 descriptor?? [ 1138.988362][ T968] usb 7-1: new high-speed USB device number 92 using dummy_hcd [ 1139.168279][ T968] usb 7-1: Using ep0 maxpacket: 8 [ 1139.173546][ T968] usb 7-1: config 32 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 1139.181365][ T968] usb 7-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7 [ 1139.185159][ T968] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1139.295816][ T5261] usb 8-1: USB disconnect, device number 104 [ 1139.669220][T12628] usb 5-1: new high-speed USB device number 121 using dummy_hcd [ 1139.682395][ T968] usb 7-1: string descriptor 0 read error: -71 [ 1139.688532][ T968] hub 7-1:32.0: USB hub found [ 1139.708309][ T968] hub 7-1:32.0: config failed, can't read hub descriptor (err -22) [ 1139.819327][ T968] usb 7-1: USB disconnect, device number 92 [ 1139.870994][T12628] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1139.875700][T12628] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18 [ 1139.918403][T12628] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 1.40 [ 1139.928218][T12628] usb 5-1: New USB device strings: Mfr=1, Product=0, SerialNumber=0 [ 1139.931735][T12628] usb 5-1: Manufacturer: syz [ 1140.099417][T15139] udevd[15139]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb7/7-1/7-1:32.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1140.279261][T12628] usb 5-1: USB disconnect, device number 121 [ 1140.733009][T19749] blktrace: Concurrent blktraces are not allowed on sg0 [ 1140.888201][ T5228] Bluetooth: hci1: ACL packet for unknown connection handle 201 [ 1141.218533][T15055] usb 8-1: new high-speed USB device number 105 using dummy_hcd [ 1141.430979][T15055] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1141.435540][T15055] usb 8-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18 [ 1141.453272][T15055] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 1.40 [ 1141.457093][T15055] usb 8-1: New USB device strings: Mfr=1, Product=0, SerialNumber=0 [ 1141.462838][T15055] usb 8-1: Manufacturer: syz [ 1141.646410][ T5228] Bluetooth: hci5: ACL packet for unknown connection handle 201 [ 1141.785262][ T35] usb 8-1: USB disconnect, device number 105 [ 1142.682102][ T5228] Bluetooth: hci1: ACL packet for unknown connection handle 201 [ 1142.852202][ T5228] Bluetooth: hci7: SCO packet for unknown connection handle 200 [ 1142.926257][ T5228] Bluetooth: hci7: ACL packet for unknown connection handle 201 [ 1142.933179][ T5228] Bluetooth: hci7: ACL packet for unknown connection handle 200 [ 1144.088348][ T968] usb 8-1: new high-speed USB device number 106 using dummy_hcd [ 1144.220045][ T5228] Bluetooth: hci1: SCO packet for unknown connection handle 200 [ 1144.237813][ T5228] Bluetooth: hci1: ACL packet for unknown connection handle 201 [ 1144.249701][ T5228] Bluetooth: hci1: ACL packet for unknown connection handle 200 [ 1144.330250][ T968] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1144.334100][ T968] usb 8-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18 [ 1144.339837][ T968] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 1.40 [ 1144.343363][ T968] usb 8-1: New USB device strings: Mfr=1, Product=0, SerialNumber=0 [ 1144.346721][ T968] usb 8-1: Manufacturer: syz [ 1144.670014][ T968] usb 8-1: USB disconnect, device number 106 [ 1145.099476][ T30] usb 5-1: new high-speed USB device number 122 using dummy_hcd [ 1145.132824][ T5228] Bluetooth: hci7: Ignoring connect complete event for invalid link type [ 1145.310528][ T30] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1145.317068][ T30] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18 [ 1145.326639][ T30] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 1.40 [ 1145.335561][ T30] usb 5-1: New USB device strings: Mfr=1, Product=0, SerialNumber=0 [ 1145.355938][ T30] usb 5-1: Manufacturer: syz [ 1145.666292][ T5258] usb 5-1: USB disconnect, device number 122 [ 1145.788245][T10364] usb 6-1: new high-speed USB device number 87 using dummy_hcd [ 1145.918044][ T5228] Bluetooth: hci2: Ignoring connect complete event for invalid link type [ 1145.968177][T10364] usb 6-1: Using ep0 maxpacket: 8 [ 1145.972815][T10364] usb 6-1: config 32 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 1145.987970][T10364] usb 6-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7 [ 1145.998267][T10364] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1146.533681][T10364] usb 6-1: string descriptor 0 read error: -71 [ 1146.546692][T10364] hub 6-1:32.0: USB hub found [ 1146.550887][ T5228] Bluetooth: hci7: ACL packet for unknown connection handle 200 [ 1146.553146][T10364] hub 6-1:32.0: config failed, can't read hub descriptor (err -22) [ 1146.618679][T10364] usb 6-1: USB disconnect, device number 87 [ 1146.906650][ T5228] Bluetooth: hci5: Ignoring connect complete event for invalid link type [ 1147.060657][ T4638] usb 7-1: new high-speed USB device number 93 using dummy_hcd [ 1147.254411][ T4638] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1147.311043][ T4638] usb 7-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18 [ 1147.326969][ T4638] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 1.40 [ 1147.331743][ T4638] usb 7-1: New USB device strings: Mfr=1, Product=0, SerialNumber=0 [ 1147.348224][ T4638] usb 7-1: Manufacturer: syz [ 1147.468857][T19854] warning: `syz.3.3778' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 1147.515488][ T5228] Bluetooth: hci5: ACL packet for unknown connection handle 201 [ 1147.666198][ T57] usb 7-1: USB disconnect, device number 93 [ 1147.728041][T19867] FAULT_INJECTION: forcing a failure. [ 1147.728041][T19867] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 1147.733992][T19867] CPU: 0 PID: 19867 Comm: syz.0.3783 Not tainted 6.10.0-syzkaller-04806-g8b0f0bb27c32 #0 [ 1147.737562][T19867] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1147.742117][T19867] Call Trace: [ 1147.743485][T19867] [ 1147.744751][T19867] dump_stack_lvl+0x16c/0x1f0 [ 1147.746802][T19867] should_fail_ex+0x497/0x5b0 [ 1147.748806][T19867] _copy_from_user+0x30/0xf0 [ 1147.750757][T19867] get_compat_msghdr+0xa8/0x170 [ 1147.752781][T19867] ? __pfx_get_compat_msghdr+0x10/0x10 [ 1147.754888][T19867] ? __pfx___lock_acquire+0x10/0x10 [ 1147.757009][T19867] ___sys_sendmsg+0x1b0/0x1e0 [ 1147.758989][T19867] ? __pfx____sys_sendmsg+0x10/0x10 [ 1147.761316][T19867] ? ksys_write+0x21c/0x260 [ 1147.763342][T19867] ? __fget_light+0x173/0x210 [ 1147.765448][T19867] __sys_sendmsg+0x117/0x1f0 [ 1147.767539][T19867] ? __pfx___sys_sendmsg+0x10/0x10 [ 1147.769812][T19867] __do_fast_syscall_32+0x73/0x120 [ 1147.772080][T19867] do_fast_syscall_32+0x32/0x80 [ 1147.774245][T19867] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1147.777024][T19867] RIP: 0023:0xf7f30579 [ 1147.778888][T19867] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1147.786151][T19867] RSP: 002b:00000000f5ce657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 1147.789447][T19867] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000200 [ 1147.792783][T19867] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1147.796098][T19867] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1147.799370][T19867] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1147.802668][T19867] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1147.806018][T19867] [ 1148.044238][T19871] input: syz1 as /devices/virtual/input/input7 [ 1148.335019][T19876] 9pnet_fd: Insufficient options for proto=fd [ 1148.351265][T19883] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 1148.563237][ T5228] Bluetooth: hci2: ACL packet for unknown connection handle 201 [ 1148.965172][ T39] kauditd_printk_skb: 14 callbacks suppressed [ 1148.965187][ T39] audit: type=1326 audit(1721259868.826:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19888 comm="syz.2.3789" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fe1579 code=0x0 [ 1149.282681][T19904] FAULT_INJECTION: forcing a failure. [ 1149.282681][T19904] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1149.288507][T19904] CPU: 0 PID: 19904 Comm: syz.0.3793 Not tainted 6.10.0-syzkaller-04806-g8b0f0bb27c32 #0 [ 1149.292526][T19904] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1149.296916][T19904] Call Trace: [ 1149.298375][T19904] [ 1149.299640][T19904] dump_stack_lvl+0x16c/0x1f0 [ 1149.301716][T19904] should_fail_ex+0x497/0x5b0 [ 1149.303937][T19904] _copy_from_user+0x30/0xf0 [ 1149.305691][T19904] get_compat_msghdr+0xa8/0x170 [ 1149.307359][T19904] ? __pfx_get_compat_msghdr+0x10/0x10 [ 1149.309220][T19904] ? __pfx___lock_acquire+0x10/0x10 [ 1149.311264][T19904] ___sys_sendmsg+0x1b0/0x1e0 [ 1149.313197][T19904] ? __pfx____sys_sendmsg+0x10/0x10 [ 1149.315442][T19904] ? ksys_write+0x21c/0x260 [ 1149.317053][T19904] ? __fget_light+0x173/0x210 [ 1149.318789][T19904] __sys_sendmsg+0x117/0x1f0 [ 1149.320681][T19904] ? __pfx___sys_sendmsg+0x10/0x10 [ 1149.322991][T19904] __do_fast_syscall_32+0x73/0x120 [ 1149.325191][T19904] do_fast_syscall_32+0x32/0x80 [ 1149.327092][T19904] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1149.329801][T19904] RIP: 0023:0xf7f30579 [ 1149.331509][T19904] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1149.339488][T19904] RSP: 002b:00000000f5ce657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 1149.342924][T19904] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000080 [ 1149.345633][T19904] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1149.349058][T19904] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1149.352572][T19904] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1149.355869][T19904] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1149.359136][T19904] [ 1149.399689][ T5228] Bluetooth: hci1: Ignoring connect complete event for invalid link type [ 1149.421471][T19896] input: syz1 as /devices/virtual/input/input8 [ 1149.776241][T19911] netlink: 'syz.3.3795': attribute type 4 has an invalid length. [ 1149.905450][T19917] netlink: 5056 bytes leftover after parsing attributes in process `syz.3.3797'. [ 1149.935353][T19917] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3797'. [ 1149.963450][T19917] netlink: 5056 bytes leftover after parsing attributes in process `syz.3.3797'. [ 1150.048380][ T5228] Bluetooth: hci7: ACL packet for unknown connection handle 201 [ 1150.318410][T19940] input: syz1 as /devices/virtual/input/input9 [ 1150.476667][ T5228] Bluetooth: hci2: SCO packet for unknown connection handle 200 [ 1150.509057][T19956] FAULT_INJECTION: forcing a failure. [ 1150.509057][T19956] name failslab, interval 1, probability 0, space 0, times 1 [ 1150.516828][T19956] CPU: 1 PID: 19956 Comm: syz.0.3803 Not tainted 6.10.0-syzkaller-04806-g8b0f0bb27c32 #0 [ 1150.520557][T19956] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1150.524962][T19956] Call Trace: [ 1150.526443][T19956] [ 1150.527758][T19956] dump_stack_lvl+0x16c/0x1f0 [ 1150.529759][T19956] should_fail_ex+0x497/0x5b0 [ 1150.531782][T19956] should_failslab+0x9/0x20 [ 1150.533738][T19956] __kmalloc_noprof+0xcf/0x420 [ 1150.535834][T19956] ? __pfx_lock_acquire+0x10/0x10 [ 1150.538002][T19956] tomoyo_realpath_from_path+0xbf/0x710 [ 1150.540196][T19956] ? tomoyo_profile+0x47/0x60 [ 1150.542124][T19956] tomoyo_path_number_perm+0x245/0x5b0 [ 1150.544272][T19956] ? tomoyo_path_number_perm+0x232/0x5b0 [ 1150.546426][T19956] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1150.548892][T19956] ? __pfx_lock_release+0x10/0x10 [ 1150.550731][T19956] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1150.553102][T19956] ? __fget_files+0x256/0x400 [ 1150.554818][T19956] security_file_ioctl_compat+0x75/0xc0 [ 1150.557263][T19956] __do_compat_sys_ioctl+0x5d/0x330 [ 1150.559294][T19956] __do_fast_syscall_32+0x73/0x120 [ 1150.561257][T19956] do_fast_syscall_32+0x32/0x80 [ 1150.563327][T19956] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1150.566129][T19956] RIP: 0023:0xf7f30579 [ 1150.567934][T19956] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1150.576379][T19956] RSP: 002b:00000000f5ce657c EFLAGS: 00000292 ORIG_RAX: 0000000000000036 [ 1150.579955][T19956] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000008924 [ 1150.583455][T19956] RDX: 00000000200000c0 RSI: 0000000000000000 RDI: 0000000000000000 [ 1150.587026][T19956] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1150.590445][T19956] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1150.593652][T19956] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1150.597092][T19956] [ 1150.598542][ C1] vkms_vblank_simulate: vblank timer overrun [ 1150.603733][T19956] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1150.603914][ T5228] Bluetooth: hci2: ACL packet for unknown connection handle 201 [ 1150.609696][ T5228] Bluetooth: hci2: ACL packet for unknown connection handle 200 [ 1150.771940][T19927] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1150.779653][T19927] Bluetooth: hci0: Error when powering off device on rfkill (-4) [ 1150.947826][T19927] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1150.967612][T19927] Bluetooth: hci4: Error when powering off device on rfkill (-4) [ 1151.052743][ T5228] Bluetooth: hci7: Ignoring connect complete event for invalid link type [ 1151.309211][T19927] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1151.311737][T19927] Bluetooth: hci1: Error when powering off device on rfkill (-4) [ 1151.390413][T19927] Bluetooth: hci7: Opcode 0x0c1a failed: -4 [ 1151.392986][T19927] Bluetooth: hci7: Error when powering off device on rfkill (-4) [ 1151.426661][T19973] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3806'. [ 1151.982248][T19927] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1151.985354][T19927] Bluetooth: hci2: Error when powering off device on rfkill (-4) [ 1152.349950][T19927] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 1152.352766][T19927] Bluetooth: hci5: Error when powering off device on rfkill (-4) [ 1153.414920][T20008] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3809'. [ 1153.780056][T20014] input: syz1 as /devices/virtual/input/input10 [ 1153.856661][T20020] nullb0: AHDI p1 [ 1153.898301][T20020] nullb0: AHDI p1 [ 1154.602720][T20042] cgroup: noprefix used incorrectly [ 1155.315538][ T39] audit: type=1326 audit(1721259875.176:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20059 comm="syz.1.3824" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fb8579 code=0x0 [ 1155.338228][ T30] usb 8-1: new high-speed USB device number 107 using dummy_hcd [ 1155.520461][ T30] usb 8-1: config 0 has no interfaces? [ 1155.522808][ T30] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1155.526629][ T30] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1155.545150][ T30] usb 8-1: config 0 descriptor?? [ 1155.855043][ T30] usb 8-1: USB disconnect, device number 107 [ 1156.079751][T20064] FAULT_INJECTION: forcing a failure. [ 1156.079751][T20064] name failslab, interval 1, probability 0, space 0, times 0 [ 1156.085516][T20064] CPU: 2 PID: 20064 Comm: syz.2.3825 Not tainted 6.10.0-syzkaller-04806-g8b0f0bb27c32 #0 [ 1156.089744][T20064] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1156.094149][T20064] Call Trace: [ 1156.095498][T20064] [ 1156.096683][T20064] dump_stack_lvl+0x16c/0x1f0 [ 1156.098609][T20064] should_fail_ex+0x497/0x5b0 [ 1156.100686][T20064] should_failslab+0x9/0x20 [ 1156.102555][T20064] __kmalloc_noprof+0xcf/0x420 [ 1156.104482][T20064] ? __pfx_lock_acquire+0x10/0x10 [ 1156.106505][T20064] tomoyo_realpath_from_path+0xbf/0x710 [ 1156.108850][T20064] ? tomoyo_profile+0x47/0x60 [ 1156.110756][T20064] tomoyo_path_number_perm+0x245/0x5b0 [ 1156.112924][T20064] ? tomoyo_path_number_perm+0x232/0x5b0 [ 1156.115175][T20064] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1156.117883][T20064] ? __pfx_lock_release+0x10/0x10 [ 1156.119960][T20064] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1156.122435][T20064] ? __fget_files+0x256/0x400 [ 1156.124334][T20064] security_file_ioctl_compat+0x75/0xc0 [ 1156.126557][T20064] __do_compat_sys_ioctl+0x5d/0x330 [ 1156.128686][T20064] __do_fast_syscall_32+0x73/0x120 [ 1156.130776][T20064] do_fast_syscall_32+0x32/0x80 [ 1156.132754][T20064] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1156.135321][T20064] RIP: 0023:0xf7fe1579 [ 1156.136966][T20064] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1156.144654][T20064] RSP: 002b:00000000f5d9657c EFLAGS: 00000292 ORIG_RAX: 0000000000000036 [ 1156.147986][T20064] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000008914 [ 1156.150934][T20064] RDX: 0000000020004280 RSI: 0000000000000000 RDI: 0000000000000000 [ 1156.154082][T20064] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1156.156878][T20064] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1156.159884][T20064] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1156.162925][T20064] [ 1156.214877][T20064] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1156.751836][T20080] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3830'. [ 1156.769726][T20082] FAULT_INJECTION: forcing a failure. [ 1156.769726][T20082] name failslab, interval 1, probability 0, space 0, times 0 [ 1156.775892][T20082] CPU: 0 PID: 20082 Comm: syz.1.3831 Not tainted 6.10.0-syzkaller-04806-g8b0f0bb27c32 #0 [ 1156.780291][T20082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1156.793873][T20082] Call Trace: [ 1156.795361][T20082] [ 1156.796692][T20082] dump_stack_lvl+0x16c/0x1f0 [ 1156.798820][T20082] should_fail_ex+0x497/0x5b0 [ 1156.800905][T20082] should_failslab+0x9/0x20 [ 1156.802914][T20082] __kmalloc_noprof+0xcf/0x420 [ 1156.805015][T20082] ? __pfx_lock_acquire+0x10/0x10 [ 1156.807098][T20082] tomoyo_realpath_from_path+0xbf/0x710 [ 1156.809178][T20082] ? tomoyo_profile+0x47/0x60 [ 1156.811091][T20082] tomoyo_path_number_perm+0x245/0x5b0 [ 1156.813755][T20082] ? tomoyo_path_number_perm+0x232/0x5b0 [ 1156.816249][T20082] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1156.818904][T20082] ? __pfx_lock_release+0x10/0x10 [ 1156.821113][T20082] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1156.823757][T20082] ? __fget_files+0x256/0x400 [ 1156.825790][T20082] security_file_ioctl_compat+0x75/0xc0 [ 1156.828207][T20082] __do_compat_sys_ioctl+0x5d/0x330 [ 1156.830816][T20082] __do_fast_syscall_32+0x73/0x120 [ 1156.832853][T20082] do_fast_syscall_32+0x32/0x80 [ 1156.834937][T20082] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1156.837611][T20082] RIP: 0023:0xf7fb8579 [ 1156.839348][T20082] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1156.847307][T20082] RSP: 002b:00000000f5d6657c EFLAGS: 00000292 ORIG_RAX: 0000000000000036 [ 1156.850783][T20082] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c01064c8 [ 1156.854045][T20082] RDX: 0000000020000040 RSI: 0000000000000000 RDI: 0000000000000000 [ 1156.857384][T20082] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1156.860661][T20082] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1156.863877][T20082] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1156.867177][T20082] [ 1156.872544][T20082] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1156.947160][ T39] audit: type=1326 audit(1721259876.806:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20087 comm="syz.0.3834" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f30579 code=0x0 [ 1157.138238][T15055] usb 7-1: new high-speed USB device number 94 using dummy_hcd [ 1157.320028][T15055] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1157.324570][T15055] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 1157.330724][T15055] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1157.337017][T15055] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1157.341982][T20103] FAULT_INJECTION: forcing a failure. [ 1157.341982][T20103] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1157.343449][T15055] usb 7-1: config 0 descriptor?? [ 1157.357640][T20103] CPU: 1 PID: 20103 Comm: syz.3.3839 Not tainted 6.10.0-syzkaller-04806-g8b0f0bb27c32 #0 [ 1157.362056][T20103] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1157.366758][T20103] Call Trace: [ 1157.368234][T20103] [ 1157.369560][T20103] dump_stack_lvl+0x16c/0x1f0 [ 1157.371705][T20103] should_fail_ex+0x497/0x5b0 [ 1157.373896][T20103] _copy_from_user+0x30/0xf0 [ 1157.375862][T20103] get_compat_msghdr+0xa8/0x170 [ 1157.377904][T20103] ? __pfx_get_compat_msghdr+0x10/0x10 [ 1157.380274][T20103] ? find_held_lock+0x2d/0x110 [ 1157.382400][T20103] ___sys_recvmsg+0x193/0x1a0 [ 1157.384615][T20103] ? __pfx____sys_recvmsg+0x10/0x10 [ 1157.387003][T20103] ? __fget_light+0x173/0x210 [ 1157.389122][T20103] do_recvmmsg+0x51a/0x750 [ 1157.391111][T20103] ? __pfx_do_recvmmsg+0x10/0x10 [ 1157.393001][T20103] ? __pfx_lock_release+0x10/0x10 [ 1157.394929][T20103] ? vfs_write+0x14d/0x1140 [ 1157.396896][T20103] __sys_recvmmsg+0x21e/0x280 [ 1157.398848][T20103] ? __pfx___sys_recvmmsg+0x10/0x10 [ 1157.401103][T20103] ? __pfx_ksys_write+0x10/0x10 [ 1157.403202][T20103] __ia32_compat_sys_recvmmsg_time32+0xc4/0x160 [ 1157.405815][T20103] ? lockdep_hardirqs_on+0x7c/0x110 [ 1157.408075][T20103] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 1157.410966][T20103] __do_fast_syscall_32+0x73/0x120 [ 1157.413243][T20103] do_fast_syscall_32+0x32/0x80 [ 1157.415384][T20103] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1157.417815][T20103] RIP: 0023:0xf7f97579 [ 1157.419580][T20103] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1157.427894][T20103] RSP: 002b:00000000f5d4657c EFLAGS: 00000292 ORIG_RAX: 0000000000000151 [ 1157.431450][T20103] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200012c0 [ 1157.434880][T20103] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000 [ 1157.438305][T20103] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1157.441732][T20103] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1157.445145][T20103] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1157.448606][T20103] [ 1157.857350][T15055] usbhid 7-1:0.0: can't add hid device: -71 [ 1157.861822][T15055] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 1157.866942][T15055] usb 7-1: USB disconnect, device number 94 [ 1157.898768][T20115] netlink: 'syz.3.3844': attribute type 29 has an invalid length. [ 1157.976501][T20115] netlink: 'syz.3.3844': attribute type 29 has an invalid length. [ 1158.141090][T20126] FAULT_INJECTION: forcing a failure. [ 1158.141090][T20126] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1158.146831][T20126] CPU: 0 PID: 20126 Comm: syz.1.3847 Not tainted 6.10.0-syzkaller-04806-g8b0f0bb27c32 #0 [ 1158.150949][T20126] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1158.155307][T20126] Call Trace: [ 1158.156719][T20126] [ 1158.157981][T20126] dump_stack_lvl+0x16c/0x1f0 [ 1158.160167][T20126] should_fail_ex+0x497/0x5b0 [ 1158.162457][T20126] _copy_from_user+0x30/0xf0 [ 1158.164452][T20126] get_compat_msghdr+0xa8/0x170 [ 1158.166518][T20126] ? __pfx_get_compat_msghdr+0x10/0x10 [ 1158.168791][T20126] ? __pfx___lock_acquire+0x10/0x10 [ 1158.171029][T20126] ___sys_sendmsg+0x1b0/0x1e0 [ 1158.173117][T20126] ? __pfx____sys_sendmsg+0x10/0x10 [ 1158.175405][T20126] ? ksys_write+0x21c/0x260 [ 1158.177384][T20126] ? __fget_light+0x173/0x210 [ 1158.179425][T20126] __sys_sendmsg+0x117/0x1f0 [ 1158.181408][T20126] ? __pfx___sys_sendmsg+0x10/0x10 [ 1158.183623][T20126] __do_fast_syscall_32+0x73/0x120 [ 1158.185832][T20126] do_fast_syscall_32+0x32/0x80 [ 1158.187965][T20126] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1158.190603][T20126] RIP: 0023:0xf7fb8579 [ 1158.192252][T20126] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1158.200388][T20126] RSP: 002b:00000000f5d6657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 1158.203999][T20126] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000540 [ 1158.207490][T20126] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1158.210928][T20126] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1158.214279][T20126] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1158.217555][T20126] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1158.220926][T20126] [ 1158.222463][ C0] vkms_vblank_simulate: vblank timer overrun [ 1158.404343][T20138] netlink: 104 bytes leftover after parsing attributes in process `syz.3.3849'. [ 1158.431294][T20138] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6) [ 1158.433859][T20138] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 1158.456502][T20138] vhci_hcd vhci_hcd.0: Device attached [ 1158.468426][T20139] vhci_hcd: cannot find the pending unlink 5 [ 1158.731060][T15055] usb 19-1: new high-speed USB device number 21 using vhci_hcd [ 1159.038548][T20163] netlink: 'syz.0.3855': attribute type 29 has an invalid length. [ 1159.058079][T20167] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3856'. [ 1159.115552][T20171] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6gre0, syncid = 0, id = 0 [ 1159.116119][T20170] FAULT_INJECTION: forcing a failure. [ 1159.116119][T20170] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1159.126413][T20170] CPU: 0 PID: 20170 Comm: syz.2.3857 Not tainted 6.10.0-syzkaller-04806-g8b0f0bb27c32 #0 [ 1159.130370][T20170] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1159.134467][T20170] Call Trace: [ 1159.135841][T20170] [ 1159.137114][T20170] dump_stack_lvl+0x16c/0x1f0 [ 1159.139131][T20170] should_fail_ex+0x497/0x5b0 [ 1159.141037][T20170] _copy_from_user+0x30/0xf0 [ 1159.142796][T20170] do_ip_vs_set_ctl+0x332/0x1070 [ 1159.144918][T20170] ? __pfx_do_ip_vs_set_ctl+0x10/0x10 [ 1159.147238][T20170] ? nf_sockopt_find.constprop.0+0x221/0x290 [ 1159.149387][T20170] ? __pfx_lock_release+0x10/0x10 [ 1159.151404][T20170] ? trace_contention_end+0xea/0x140 [ 1159.153683][T20170] ? __mutex_unlock_slowpath+0x164/0x650 [ 1159.155807][T20170] ? nf_setsockopt+0x8a/0xf0 [ 1159.157480][T20170] nf_setsockopt+0x8a/0xf0 [ 1159.159344][T20170] ip_setsockopt+0xcb/0xf0 [ 1159.161282][T20170] raw_setsockopt+0xb8/0x290 [ 1159.163132][T20170] ? __pfx_raw_setsockopt+0x10/0x10 [ 1159.165248][T20170] ? sock_common_setsockopt+0x2e/0xf0 [ 1159.167532][T20170] ? bpf_lsm_socket_setsockopt+0x9/0x10 [ 1159.169854][T20170] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 1159.172337][T20170] do_sock_setsockopt+0x222/0x480 [ 1159.174466][T20170] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 1159.176829][T20170] ? __fget_light+0x173/0x210 [ 1159.179021][T20170] __sys_setsockopt+0x1a4/0x270 [ 1159.181048][T20170] ? __pfx___sys_setsockopt+0x10/0x10 [ 1159.183083][T20170] ? fput+0x32/0x390 [ 1159.184723][T20170] ? ksys_write+0x1ab/0x260 [ 1159.186417][T20170] ? __pfx_ksys_write+0x10/0x10 [ 1159.188075][T20170] __ia32_sys_setsockopt+0xbc/0x160 [ 1159.190261][T20170] ? lockdep_hardirqs_on+0x7c/0x110 [ 1159.192181][T20170] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 1159.194651][T20170] __do_fast_syscall_32+0x73/0x120 [ 1159.196526][T20170] do_fast_syscall_32+0x32/0x80 [ 1159.198579][T20170] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1159.200908][T20170] RIP: 0023:0xf7fe1579 [ 1159.202506][T20170] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1159.206524][T20163] netlink: 'syz.0.3855': attribute type 29 has an invalid length. [ 1159.209751][T20170] RSP: 002b:00000000f5d9657c EFLAGS: 00000292 ORIG_RAX: 000000000000016e [ 1159.209767][T20170] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000000 [ 1159.209775][T20170] RDX: 000000000000048c RSI: 0000000020000000 RDI: 0000000000000018 [ 1159.209781][T20170] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1159.209787][T20170] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1159.209793][T20170] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1159.209806][T20170] [ 1159.235795][ C0] vkms_vblank_simulate: vblank timer overrun [ 1159.240728][T20139] vhci_hcd: connection reset by peer [ 1159.246379][T19236] vhci_hcd: stop threads [ 1159.248413][T19236] vhci_hcd: release socket [ 1159.257711][T19236] vhci_hcd: disconnect device [ 1159.299037][T20172] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3854'. [ 1159.379867][T20174] IPVS: stopping master sync thread 20171 ... [ 1159.455156][T20183] random: crng reseeded on system resumption [ 1159.487408][T20183] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.3861'. [ 1159.491399][T20183] openvswitch: netlink: IP tunnel attribute has 3048 unknown bytes. [ 1159.576200][T20186] FAULT_INJECTION: forcing a failure. [ 1159.576200][T20186] name failslab, interval 1, probability 0, space 0, times 0 [ 1159.590283][T20186] CPU: 0 PID: 20186 Comm: syz.2.3863 Not tainted 6.10.0-syzkaller-04806-g8b0f0bb27c32 #0 [ 1159.594542][T20186] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1159.599488][T20186] Call Trace: [ 1159.600979][T20186] [ 1159.602306][T20186] dump_stack_lvl+0x16c/0x1f0 [ 1159.604308][T20186] should_fail_ex+0x497/0x5b0 [ 1159.606097][T20186] should_failslab+0x9/0x20 [ 1159.607983][T20186] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 1159.610388][T20186] ? ext4_init_io_end+0x24/0x170 [ 1159.612333][T20186] ext4_init_io_end+0x24/0x170 [ 1159.614203][T20186] ext4_do_writepages+0xa76/0x3250 [ 1159.616540][T20186] ? __pfx_ext4_do_writepages+0x10/0x10 [ 1159.618977][T20186] ext4_writepages+0x303/0x730 [ 1159.621217][T20186] ? __pfx_ext4_writepages+0x10/0x10 [ 1159.623657][T20186] ? __pfx_mark_lock+0x10/0x10 [ 1159.625727][T20186] ? __pfx_ext4_writepages+0x10/0x10 [ 1159.628052][T20186] do_writepages+0x1a3/0x7f0 [ 1159.630050][T20186] ? __pfx_do_writepages+0x10/0x10 [ 1159.632343][T20186] ? __pfx_lock_acquire+0x10/0x10 [ 1159.634591][T20186] ? do_raw_spin_lock+0x12d/0x2c0 [ 1159.636432][T20186] ? do_raw_spin_unlock+0x172/0x230 [ 1159.638357][T20186] ? _raw_spin_unlock+0x28/0x50 [ 1159.640454][T20186] ? wbc_attach_and_unlock_inode+0x597/0x940 [ 1159.643145][T20186] filemap_fdatawrite_wbc+0x148/0x1c0 [ 1159.645511][T20186] ? __pfx___lock_acquire+0x10/0x10 [ 1159.647693][T20186] __filemap_fdatawrite_range+0xba/0x100 [ 1159.650143][T20186] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 1159.653116][T20186] ? __pfx_mt_find+0x10/0x10 [ 1159.655252][T20186] ? rwsem_read_trylock+0x12d/0x250 [ 1159.657460][T20186] ? find_held_lock+0x2d/0x110 [ 1159.659639][T20186] file_write_and_wait_range+0xd0/0x140 [ 1159.662094][T20186] ext4_sync_file+0x296/0xf30 [ 1159.664120][T20186] ? __pfx___up_read+0x10/0x10 [ 1159.665789][T20186] ? __pfx_ext4_sync_file+0x10/0x10 [ 1159.667714][T20186] vfs_fsync_range+0x141/0x230 [ 1159.669521][T20186] __do_sys_msync+0x3de/0x5d0 [ 1159.671523][T20186] __do_fast_syscall_32+0x73/0x120 [ 1159.673728][T20186] do_fast_syscall_32+0x32/0x80 [ 1159.675642][T20186] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1159.678350][T20186] RIP: 0023:0xf7fe1579 [ 1159.680178][T20186] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1159.687667][T20186] RSP: 002b:00000000f5d9657c EFLAGS: 00000292 ORIG_RAX: 0000000000000090 [ 1159.691254][T20186] RAX: ffffffffffffffda RBX: 0000000020952000 RCX: 00000000d1cc6ad9 [ 1159.694533][T20186] RDX: 0000000000000006 RSI: 0000000000000000 RDI: 0000000000000000 [ 1159.697623][T20186] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1159.700690][T20186] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1159.703955][T20186] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1159.707179][T20186] [ 1159.708461][ C0] vkms_vblank_simulate: vblank timer overrun [ 1160.087047][T20205] FAULT_INJECTION: forcing a failure. [ 1160.087047][T20205] name failslab, interval 1, probability 0, space 0, times 0 [ 1160.092817][T20205] CPU: 1 PID: 20205 Comm: syz.1.3867 Not tainted 6.10.0-syzkaller-04806-g8b0f0bb27c32 #0 [ 1160.097035][T20205] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1160.101640][T20205] Call Trace: [ 1160.103125][T20205] [ 1160.104429][T20205] dump_stack_lvl+0x16c/0x1f0 [ 1160.106546][T20205] should_fail_ex+0x497/0x5b0 [ 1160.108547][T20205] should_failslab+0x9/0x20 [ 1160.110371][T20205] __kmalloc_noprof+0xcf/0x420 [ 1160.112217][T20205] ? __pfx_lock_acquire+0x10/0x10 [ 1160.114154][T20205] tomoyo_realpath_from_path+0xbf/0x710 [ 1160.116353][T20205] ? tomoyo_profile+0x47/0x60 [ 1160.118197][T20205] tomoyo_path_number_perm+0x245/0x5b0 [ 1160.120689][T20205] ? tomoyo_path_number_perm+0x232/0x5b0 [ 1160.123154][T20205] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1160.125446][T20205] ? __pfx_lock_release+0x10/0x10 [ 1160.127401][T20205] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1160.129789][T20205] ? __fget_files+0x256/0x400 [ 1160.131614][T20205] security_file_ioctl_compat+0x75/0xc0 [ 1160.133724][T20205] __do_compat_sys_ioctl+0x5d/0x330 [ 1160.135744][T20205] __do_fast_syscall_32+0x73/0x120 [ 1160.137697][T20205] do_fast_syscall_32+0x32/0x80 [ 1160.139585][T20205] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1160.142011][T20205] RIP: 0023:0xf7fb8579 [ 1160.143557][T20205] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1160.150852][T20205] RSP: 002b:00000000f5d6657c EFLAGS: 00000292 ORIG_RAX: 0000000000000036 [ 1160.154016][T20205] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000000089f1 [ 1160.157014][T20205] RDX: 0000000020000900 RSI: 0000000000000000 RDI: 0000000000000000 [ 1160.160013][T20205] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1160.163051][T20205] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1160.166041][T20205] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1160.169016][T20205] [ 1160.173042][T20205] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1160.181659][T20210] FAULT_INJECTION: forcing a failure. [ 1160.181659][T20210] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1160.186518][T20210] CPU: 3 PID: 20210 Comm: syz.0.3870 Not tainted 6.10.0-syzkaller-04806-g8b0f0bb27c32 #0 [ 1160.190545][T20210] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1160.195502][T20210] Call Trace: [ 1160.196934][T20210] [ 1160.198405][T20210] dump_stack_lvl+0x16c/0x1f0 [ 1160.200378][T20210] should_fail_ex+0x497/0x5b0 [ 1160.202178][T20210] _copy_from_user+0x30/0xf0 [ 1160.203940][T20210] get_compat_msghdr+0xa8/0x170 [ 1160.205918][T20210] ? __pfx_get_compat_msghdr+0x10/0x10 [ 1160.208834][T20210] ? __pfx___lock_acquire+0x10/0x10 [ 1160.211540][T20210] ___sys_sendmsg+0x1b0/0x1e0 [ 1160.214091][T20210] ? __pfx____sys_sendmsg+0x10/0x10 [ 1160.216490][T20210] ? ksys_write+0x21c/0x260 [ 1160.218884][T20210] ? __fget_light+0x173/0x210 [ 1160.221161][T20210] __sys_sendmsg+0x117/0x1f0 [ 1160.223301][T20210] ? __pfx___sys_sendmsg+0x10/0x10 [ 1160.226189][T20210] __do_fast_syscall_32+0x73/0x120 [ 1160.228550][T20210] do_fast_syscall_32+0x32/0x80 [ 1160.230704][T20210] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1160.233463][T20210] RIP: 0023:0xf7f30579 [ 1160.235259][T20210] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1160.243848][T20210] RSP: 002b:00000000f5ce657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 1160.247542][T20210] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200000c0 [ 1160.250886][T20210] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1160.254209][T20210] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1160.257578][T20210] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1160.261630][T20210] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1160.265328][T20210] [ 1160.394531][ T39] audit: type=1326 audit(1721259880.256:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20212 comm="syz.1.3872" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fb8579 code=0x0 [ 1160.406305][T20217] vxcan1: tx drop: invalid sa for name 0x0000000000000003 [ 1161.103156][T20251] netlink: 80 bytes leftover after parsing attributes in process `syz.0.3881'. [ 1161.174259][T20254] FAULT_INJECTION: forcing a failure. [ 1161.174259][T20254] name failslab, interval 1, probability 0, space 0, times 0 [ 1161.186798][T20254] CPU: 0 PID: 20254 Comm: syz.1.3882 Not tainted 6.10.0-syzkaller-04806-g8b0f0bb27c32 #0 [ 1161.191710][T20254] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1161.198434][T20254] Call Trace: [ 1161.199867][T20254] [ 1161.201104][T20254] dump_stack_lvl+0x16c/0x1f0 [ 1161.203045][T20254] should_fail_ex+0x497/0x5b0 [ 1161.205399][T20254] should_failslab+0x9/0x20 [ 1161.207397][T20254] __kmalloc_noprof+0xcf/0x420 [ 1161.209920][T20254] kernfs_fop_write_iter+0x229/0x500 [ 1161.212401][T20254] vfs_write+0x6b6/0x1140 [ 1161.214673][T20254] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 1161.218303][T20254] ? __pfx_vfs_write+0x10/0x10 [ 1161.220561][T20254] ? __pfx___mutex_lock+0x10/0x10 [ 1161.223227][T20254] ? __fget_files+0x256/0x400 [ 1161.225544][T20254] ksys_write+0x12f/0x260 [ 1161.227259][T20254] ? __pfx_ksys_write+0x10/0x10 [ 1161.229759][T20254] __do_fast_syscall_32+0x73/0x120 [ 1161.231852][T20254] do_fast_syscall_32+0x32/0x80 [ 1161.233984][T20254] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1161.236838][T20254] RIP: 0023:0xf7fb8579 [ 1161.238702][T20254] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1161.247753][T20254] RSP: 002b:00000000f5d6657c EFLAGS: 00000292 ORIG_RAX: 0000000000000004 [ 1161.251713][T20254] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000100 [ 1161.255100][T20254] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 1161.258420][T20254] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1161.261637][T20254] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1161.264932][T20254] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1161.268530][T20254] [ 1161.270035][ C0] vkms_vblank_simulate: vblank timer overrun [ 1161.308345][ T30] usb 8-1: new high-speed USB device number 108 using dummy_hcd [ 1161.489884][ T30] usb 8-1: config 0 has no interfaces? [ 1161.495908][T20261] vxcan1: tx drop: invalid sa for name 0x0000000000000003 [ 1161.498293][ T30] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1161.502537][ T30] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1161.516421][ T30] usb 8-1: config 0 descriptor?? [ 1161.549853][T20264] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3885'. [ 1161.740760][ T57] usb 8-1: USB disconnect, device number 108 [ 1163.067285][T20326] FAULT_INJECTION: forcing a failure. [ 1163.067285][T20326] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1163.110765][T20326] CPU: 0 PID: 20326 Comm: syz.1.3901 Not tainted 6.10.0-syzkaller-04806-g8b0f0bb27c32 #0 [ 1163.114835][T20326] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1163.119334][T20326] Call Trace: [ 1163.120834][T20326] [ 1163.122146][T20326] dump_stack_lvl+0x16c/0x1f0 [ 1163.124193][T20326] should_fail_ex+0x497/0x5b0 [ 1163.126198][T20326] _copy_from_user+0x30/0xf0 [ 1163.128156][T20326] udp_lib_setsockopt+0x19b/0x1030 [ 1163.130411][T20326] ? __pfx_udp_v6_push_pending_frames+0x10/0x10 [ 1163.133165][T20326] ? __pfx_udp_lib_setsockopt+0x10/0x10 [ 1163.135508][T20326] ? __pfx_aa_sk_perm+0x10/0x10 [ 1163.137574][T20326] udpv6_setsockopt+0xbc/0xd0 [ 1163.139670][T20326] ? __pfx_udp_v6_push_pending_frames+0x10/0x10 [ 1163.142390][T20326] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 1163.144620][T20326] do_sock_setsockopt+0x222/0x480 [ 1163.146764][T20326] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 1163.149051][T20326] ? __fget_light+0x173/0x210 [ 1163.151067][T20326] __sys_setsockopt+0x1a4/0x270 [ 1163.153237][T20326] ? __pfx___sys_setsockopt+0x10/0x10 [ 1163.155513][T20326] ? fput+0x32/0x390 [ 1163.157147][T20326] ? ksys_write+0x1ab/0x260 [ 1163.158983][T20326] ? __pfx_ksys_write+0x10/0x10 [ 1163.161092][T20326] __ia32_sys_setsockopt+0xbc/0x160 [ 1163.163063][T20326] ? lockdep_hardirqs_on+0x7c/0x110 [ 1163.164592][T20326] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 1163.167029][T20326] __do_fast_syscall_32+0x73/0x120 [ 1163.169140][T20326] do_fast_syscall_32+0x32/0x80 [ 1163.171209][T20326] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1163.173821][T20326] RIP: 0023:0xf7fb8579 [ 1163.175575][T20326] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1163.183007][T20326] RSP: 002b:00000000f5d6657c EFLAGS: 00000292 ORIG_RAX: 000000000000016e [ 1163.186339][T20326] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000011 [ 1163.189711][T20326] RDX: 0000000000000064 RSI: 00000000200000c0 RDI: 0000000000000004 [ 1163.192703][T20326] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1163.196015][T20326] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1163.199279][T20326] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1163.202252][T20326] [ 1163.203561][ C0] vkms_vblank_simulate: vblank timer overrun [ 1163.480434][T20329] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3902'. [ 1163.880300][T15055] vhci_hcd: vhci_device speed not set [ 1164.360452][T20353] trusted_key: encrypted_key: key description must be 16 hexadecimal characters long [ 1164.372569][T20351] bridge0: port 2(bridge_slave_1) entered disabled state [ 1164.375751][T20351] bridge0: port 1(bridge_slave_0) entered disabled state [ 1164.455264][T20351] trusted_key: encrypted_key: insufficient parameters specified [ 1164.469043][T20346] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3908'. [ 1164.880055][T20361] vxcan1: tx drop: invalid sa for name 0x0000000000000003 [ 1165.293117][T20371] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3915'. [ 1166.498382][T20404] trusted_key: encrypted_key: key description must be 16 hexadecimal characters long [ 1166.574378][T20394] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3922'. [ 1166.625074][T20409] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3926'. [ 1166.660091][T20407] vxcan1: tx drop: invalid sa for name 0x0000000000000003 [ 1166.806343][T20411] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3927'. [ 1167.619278][T20431] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3935'. [ 1167.918857][T20441] pim6reg1: entered allmulticast mode [ 1168.894122][T20455] FAULT_INJECTION: forcing a failure. [ 1168.894122][T20455] name failslab, interval 1, probability 0, space 0, times 0 [ 1168.900196][T20455] CPU: 0 PID: 20455 Comm: syz.2.3940 Not tainted 6.10.0-syzkaller-04806-g8b0f0bb27c32 #0 [ 1168.906207][T20455] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1168.911686][T20455] Call Trace: [ 1168.913133][T20455] [ 1168.914299][T20455] dump_stack_lvl+0x16c/0x1f0 [ 1168.916114][T20455] should_fail_ex+0x497/0x5b0 [ 1168.917954][T20455] should_failslab+0x9/0x20 [ 1168.919948][T20455] kmem_cache_alloc_node_noprof+0x71/0x310 [ 1168.922688][T20455] ? __alloc_skb+0x2b3/0x380 [ 1168.924771][T20455] __alloc_skb+0x2b3/0x380 [ 1168.928010][T20455] ? __pfx___alloc_skb+0x10/0x10 [ 1168.930178][T20455] ? apparmor_file_permission+0x251/0x410 [ 1168.932806][T20455] ppp_write+0xc3/0x3e0 [ 1168.934684][T20455] ? rw_verify_area+0xd0/0x6c0 [ 1168.937085][T20455] ? __pfx_ppp_write+0x10/0x10 [ 1168.939500][T20455] vfs_writev+0x6ec/0xde0 [ 1168.942011][T20455] ? __pfx_vfs_writev+0x10/0x10 [ 1168.944326][T20455] ? find_held_lock+0x2d/0x110 [ 1168.946934][T20455] ? __pfx_lock_release+0x10/0x10 [ 1168.949361][T20455] ? do_pwritev+0x1b2/0x260 [ 1168.951672][T20455] do_pwritev+0x1b2/0x260 [ 1168.953851][T20455] ? __pfx_do_pwritev+0x10/0x10 [ 1168.956069][T20455] __do_fast_syscall_32+0x73/0x120 [ 1168.958643][T20455] do_fast_syscall_32+0x32/0x80 [ 1168.960824][T20455] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1168.963695][T20455] RIP: 0023:0xf7fe1579 [ 1168.965518][T20455] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1168.975875][T20455] RSP: 002b:00000000f5d9657c EFLAGS: 00000292 ORIG_RAX: 000000000000014e [ 1168.979739][T20455] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000380 [ 1168.983639][T20455] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000 [ 1168.987215][T20455] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1168.990806][T20455] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1168.994320][T20455] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1168.997800][T20455] [ 1168.999140][ C0] vkms_vblank_simulate: vblank timer overrun [ 1169.109483][T20470] netlink: 184 bytes leftover after parsing attributes in process `syz.2.3944'. [ 1169.115436][T20470] netlink: 'syz.2.3944': attribute type 1 has an invalid length. [ 1169.238237][ T35] usb 5-1: new high-speed USB device number 123 using dummy_hcd [ 1169.427210][T20483] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3950'. [ 1169.430170][ T35] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1169.452017][ T35] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1169.462869][ T35] usb 5-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 1169.466918][ T35] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1169.493142][ T35] usb 5-1: config 0 descriptor?? [ 1169.508516][T20484] trusted_key: encrypted_key: key description must be 16 hexadecimal characters long [ 1169.592618][T20479] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3948'. [ 1169.635003][T20497] dns_resolver: Unsupported content type (98) [ 1169.909043][ T35] cm6533_jd 0003:0D8C:0022.0002: unknown main item tag 0x0 [ 1169.912560][ T35] cm6533_jd 0003:0D8C:0022.0002: unknown main item tag 0x0 [ 1169.961577][ T35] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/0003:0D8C:0022.0002/input/input11 [ 1170.010155][ T35] cm6533_jd 0003:0D8C:0022.0002: input,hiddev0,hidraw1: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.0-1/input0 [ 1170.106190][ T57] usb 5-1: USB disconnect, device number 123 [ 1170.271494][T15055] usb 8-1: new high-speed USB device number 109 using dummy_hcd [ 1170.448409][T10364] usb 7-1: new high-speed USB device number 95 using dummy_hcd [ 1170.458243][T15055] usb 8-1: Using ep0 maxpacket: 8 [ 1170.462495][T15055] usb 8-1: config 0 has an invalid interface number: 1 but max is 0 [ 1170.466655][T15055] usb 8-1: config 0 has no interface number 0 [ 1170.469483][T15055] usb 8-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 1170.473265][T15055] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 1170.476835][T15055] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1170.483735][T15055] usb 8-1: config 0 descriptor?? [ 1170.489761][T15055] iowarrior 8-1:0.1: no interrupt-in endpoint found [ 1170.629672][T10364] usb 7-1: Using ep0 maxpacket: 8 [ 1170.633965][T10364] usb 7-1: config 0 has an invalid interface number: 1 but max is 0 [ 1170.637123][T10364] usb 7-1: config 0 has no interface number 0 [ 1170.640490][T10364] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 1170.644804][T10364] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 1170.648939][T10364] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1170.653984][T10364] usb 7-1: config 0 descriptor?? [ 1170.658700][T10364] iowarrior 7-1:0.1: no interrupt-in endpoint found [ 1170.706000][T10364] usb 8-1: USB disconnect, device number 109 [ 1170.857766][T20506] FAULT_INJECTION: forcing a failure. [ 1170.857766][T20506] name failslab, interval 1, probability 0, space 0, times 0 [ 1170.863244][T20506] CPU: 1 PID: 20506 Comm: syz.2.3957 Not tainted 6.10.0-syzkaller-04806-g8b0f0bb27c32 #0 [ 1170.867383][T20506] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1170.871938][T20506] Call Trace: [ 1170.873091][T20506] [ 1170.874210][T20506] dump_stack_lvl+0x16c/0x1f0 [ 1170.876219][T20506] should_fail_ex+0x497/0x5b0 [ 1170.878385][T20506] should_failslab+0x9/0x20 [ 1170.880404][T20506] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 1170.882822][T20506] ? getname_flags.part.0+0x4c/0x550 [ 1170.885158][T20506] ? vfs_write+0x14d/0x1140 [ 1170.887281][T20506] getname_flags.part.0+0x4c/0x550 [ 1170.889557][T20506] getname+0x8d/0xe0 [ 1170.891223][T20506] do_sys_openat2+0x104/0x1e0 [ 1170.893184][T20506] ? __pfx_do_sys_openat2+0x10/0x10 [ 1170.895383][T20506] __ia32_compat_sys_openat+0x16e/0x210 [ 1170.897792][T20506] ? __pfx___ia32_compat_sys_openat+0x10/0x10 [ 1170.900335][T20506] ? ksys_write+0x1ab/0x260 [ 1170.902119][T20506] __do_fast_syscall_32+0x73/0x120 [ 1170.904088][T20506] do_fast_syscall_32+0x32/0x80 [ 1170.905995][T20506] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1170.908506][T20506] RIP: 0023:0xf7fe1579 [ 1170.910244][T20506] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1170.918018][T20506] RSP: 002b:00000000f5d96120 EFLAGS: 00000293 ORIG_RAX: 0000000000000127 [ 1170.921200][T20506] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000f5d96170 [ 1170.924440][T20506] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 00000000f7468ff4 [ 1170.927878][T20506] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000 [ 1170.930974][T20506] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1170.934379][T20506] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1170.937309][T20506] [ 1170.946958][ T5261] usb 7-1: USB disconnect, device number 95 [ 1171.320021][T20538] evm: overlay not supported [ 1171.368216][ T39] audit: type=1804 audit(1721259891.216:44): pid=20538 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.3965" name="/newroot/314/bus/file0" dev="overlay" ino=1744 res=1 errno=0 [ 1172.118247][T20560] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 1172.380978][T20563] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3972'. [ 1172.458209][T10364] usb 7-1: new high-speed USB device number 96 using dummy_hcd [ 1172.567450][T20571] netlink: 'syz.3.3974': attribute type 25 has an invalid length. [ 1172.659976][T10364] usb 7-1: too many configurations: 12, using maximum allowed: 8 [ 1172.681087][T10364] usb 7-1: New USB device found, idVendor=5bd3, idProduct=317c, bcdDevice= 4.5e [ 1172.684542][T10364] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1172.694793][T10364] usb 7-1: config 0 descriptor?? [ 1173.115216][T20581] vhci_hcd vhci_hcd.0: pdev(2) rhport(1) sockfd(10) [ 1173.118044][T20581] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 1173.139665][T20581] vhci_hcd vhci_hcd.0: Device attached [ 1173.386523][ T30] vhci_hcd: vhci_device speed not set [ 1173.422441][ T9899] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1173.436586][ T9899] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1173.442747][ T9899] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1173.448282][ T30] usb 17-2: new full-speed USB device number 29 using vhci_hcd [ 1173.452125][ T9899] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1173.456061][ T9899] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 1173.467028][ T9899] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1173.517792][ T5228] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1173.540329][ T5228] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1173.543991][ T5228] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1173.579462][ T5228] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1173.582436][ T5228] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 1173.586274][ T5228] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1173.808814][ T1197] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1173.945468][ T1197] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1174.088817][ T1197] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1174.237352][ T1197] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1174.497114][ T1197] bridge_slave_1: left allmulticast mode [ 1174.500212][ T1197] bridge_slave_1: left promiscuous mode [ 1174.505207][ T1197] bridge0: port 2(bridge_slave_1) entered disabled state [ 1174.543742][ T1197] bridge_slave_0: left allmulticast mode [ 1174.546316][ T1197] bridge_slave_0: left promiscuous mode [ 1174.553884][ T1197] bridge0: port 1(bridge_slave_0) entered disabled state [ 1174.708916][T20609] trusted_key: syz.1.3980 sent an empty control message without MSG_MORE. [ 1174.982723][T20582] vhci_hcd: connection reset by peer [ 1174.986307][T10364] usb 7-1: string descriptor 0 read error: -71 [ 1174.992120][ T1087] vhci_hcd: stop threads [ 1174.993983][ T1087] vhci_hcd: release socket [ 1175.002417][T10364] usb 7-1: USB disconnect, device number 96 [ 1175.043823][ T1087] vhci_hcd: disconnect device [ 1175.047241][T20620] overlayfs: failed to resolve './file0': -2 [ 1175.300086][ T1197] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1175.361323][ T1197] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1175.394788][ T1197] bond0 (unregistering): Released all slaves [ 1175.461832][T20589] chnl_net:caif_netlink_parms(): no params data found [ 1175.632078][ T5228] Bluetooth: hci2: command tx timeout [ 1175.832150][T20589] bridge0: port 1(bridge_slave_0) entered blocking state [ 1175.840439][T20589] bridge0: port 1(bridge_slave_0) entered disabled state [ 1175.846748][T20589] bridge_slave_0: entered allmulticast mode [ 1175.854168][T20589] bridge_slave_0: entered promiscuous mode [ 1175.917713][T20589] bridge0: port 2(bridge_slave_1) entered blocking state [ 1175.925447][T20589] bridge0: port 2(bridge_slave_1) entered disabled state [ 1175.952602][T20589] bridge_slave_1: entered allmulticast mode [ 1175.957726][T20589] bridge_slave_1: entered promiscuous mode [ 1176.163896][T20589] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1176.189695][ T1197] hsr_slave_0: left promiscuous mode [ 1176.196396][ T1197] hsr_slave_1: left promiscuous mode [ 1176.221701][ T1197] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1176.226174][ T1197] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1176.233175][ T1197] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1176.238181][ T1197] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1176.317491][ T1197] veth1_macvtap: left promiscuous mode [ 1176.320665][ T1197] veth0_macvtap: left promiscuous mode [ 1176.323825][ T1197] veth1_vlan: left promiscuous mode [ 1176.328392][ T1197] veth0_vlan: left promiscuous mode [ 1177.241495][ T1354] ieee802154 phy0 wpan0: encryption failed: -22 [ 1177.244229][ T1354] ieee802154 phy1 wpan1: encryption failed: -22 [ 1177.724058][ T9899] Bluetooth: hci2: command tx timeout [ 1178.588481][ T30] vhci_hcd: vhci_device speed not set [ 1178.689242][ T1197] team0 (unregistering): Port device team_slave_1 removed [ 1178.932639][ T1197] team0 (unregistering): Port device team_slave_0 removed [ 1179.788424][ T9899] Bluetooth: hci2: command 0x040f tx timeout [ 1180.984166][T20589] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1181.186649][T20589] team0: Port device team_slave_0 added [ 1181.204593][T20589] team0: Port device team_slave_1 added [ 1181.386867][T20589] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1181.396879][T20589] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1181.419844][T20589] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1181.459617][T20589] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1181.462697][T20589] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1181.478148][T20589] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1181.537936][T20668] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3992'. [ 1181.801653][T20589] hsr_slave_0: entered promiscuous mode [ 1181.825216][T20589] hsr_slave_1: entered promiscuous mode [ 1181.878229][ T5228] Bluetooth: hci2: command 0x040f tx timeout [ 1182.889313][T20702] netlink: 'syz.0.3997': attribute type 21 has an invalid length. [ 1182.892000][T20702] netlink: 132 bytes leftover after parsing attributes in process `syz.0.3997'. [ 1182.967816][T20589] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1182.974505][T20589] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1182.985628][T20589] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1182.992669][T20589] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1183.137067][T12628] usb 7-1: new high-speed USB device number 97 using dummy_hcd [ 1183.145602][T20589] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1183.180812][T20716] FAULT_INJECTION: forcing a failure. [ 1183.180812][T20716] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1183.188308][T20716] CPU: 0 PID: 20716 Comm: syz.0.4000 Not tainted 6.10.0-syzkaller-04806-g8b0f0bb27c32 #0 [ 1183.192488][T20716] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1183.196954][T20716] Call Trace: [ 1183.198412][T20716] [ 1183.199679][T20716] dump_stack_lvl+0x16c/0x1f0 [ 1183.201683][T20716] should_fail_ex+0x497/0x5b0 [ 1183.203719][T20716] _copy_from_user+0x30/0xf0 [ 1183.205707][T20716] get_compat_msghdr+0xa8/0x170 [ 1183.207808][T20716] ? __pfx_get_compat_msghdr+0x10/0x10 [ 1183.210114][T20716] ? __pfx___lock_acquire+0x10/0x10 [ 1183.212313][T20716] ___sys_sendmsg+0x1b0/0x1e0 [ 1183.213318][T20589] 8021q: adding VLAN 0 to HW filter on device team0 [ 1183.214341][T20716] ? __pfx____sys_sendmsg+0x10/0x10 [ 1183.219489][T20716] ? ksys_write+0x21c/0x260 [ 1183.221435][T20716] ? __fget_light+0x173/0x210 [ 1183.223402][T20716] __sys_sendmsg+0x117/0x1f0 [ 1183.225387][T20716] ? __pfx___sys_sendmsg+0x10/0x10 [ 1183.227642][T20716] __do_fast_syscall_32+0x73/0x120 [ 1183.229874][T20716] do_fast_syscall_32+0x32/0x80 [ 1183.230013][T14999] bridge0: port 1(bridge_slave_0) entered blocking state [ 1183.231958][T20716] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1183.235003][T14999] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1183.237530][T20716] RIP: 0023:0xf7f30579 [ 1183.242489][T20716] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1183.250430][T20716] RSP: 002b:00000000f5ce657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 1183.253853][T20716] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 1183.257089][T20716] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1183.260336][T20716] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1183.263535][T20716] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1183.266840][T20716] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1183.270264][T20716] [ 1183.303181][T14999] bridge0: port 2(bridge_slave_1) entered blocking state [ 1183.306199][T14999] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1183.363200][T20589] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1183.399468][T12628] usb 7-1: config 0 has no interfaces? [ 1183.401776][T12628] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1183.405480][T12628] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1183.424369][T12628] usb 7-1: config 0 descriptor?? [ 1183.544680][T20734] fuse: Unknown parameter '̯Pi-ցnd [ 1183.544680][T20734] г70x0000000000000005' [ 1183.558848][T20734] netlink: 80 bytes leftover after parsing attributes in process `syz.0.4003'. [ 1183.733683][ T968] usb 7-1: USB disconnect, device number 97 [ 1183.758631][T20739] nbd0: detected capacity change from 0 to 288 [ 1183.808526][T20734] nbd0: detected capacity change from 288 to 12 [ 1183.815843][T20674] block nbd0: Send control failed (result -89) [ 1183.821296][T20589] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1183.822601][T20674] block nbd0: Request send failed, requeueing [ 1183.833523][ T5228] block nbd0: Receive control failed (result -32) [ 1183.843964][T19099] block nbd0: Dead connection, failed to find a fallback [ 1183.847213][T19099] block nbd0: shutting down sockets [ 1183.850121][T19099] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1183.856227][T19099] buffer_io_error: 4 callbacks suppressed [ 1183.856240][T19099] Buffer I/O error on dev nbd0, logical block 0, async page read [ 1183.887749][T20674] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1183.891537][T20589] veth0_vlan: entered promiscuous mode [ 1183.892335][T20674] Buffer I/O error on dev nbd0, logical block 0, async page read [ 1183.897703][T20674] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1183.908038][T20589] veth1_vlan: entered promiscuous mode [ 1183.917189][T20674] Buffer I/O error on dev nbd0, logical block 0, async page read [ 1183.920513][T20674] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1183.924456][T20674] Buffer I/O error on dev nbd0, logical block 0, async page read [ 1183.927827][T20674] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1183.948380][ T5228] Bluetooth: hci2: command 0x040f tx timeout [ 1183.963204][T20674] Buffer I/O error on dev nbd0, logical block 0, async page read [ 1183.966630][T20674] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1183.971327][T20674] Buffer I/O error on dev nbd0, logical block 0, async page read [ 1183.972122][T20589] veth0_macvtap: entered promiscuous mode [ 1183.975003][T20674] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1183.988243][T20674] Buffer I/O error on dev nbd0, logical block 0, async page read [ 1183.991717][T20674] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1183.992209][T20589] veth1_macvtap: entered promiscuous mode [ 1183.995085][T20674] Buffer I/O error on dev nbd0, logical block 0, async page read [ 1184.030192][T20674] ldm_validate_partition_table(): Disk read failed. [ 1184.040307][T20589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1184.044590][T20674] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1184.044846][T20589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1184.058599][T20674] Buffer I/O error on dev nbd0, logical block 0, async page read [ 1184.059316][T20589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1184.061551][T20674] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1184.065873][T20589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1184.069785][T20674] Buffer I/O error on dev nbd0, logical block 0, async page read [ 1184.082556][T20589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1184.087083][T20589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1184.088369][T20674] Dev nbd0: unable to read RDB block 0 [ 1184.093774][T20674] nbd0: unable to read partition table [ 1184.095258][T20589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1184.096086][T20674] nbd0: partition table beyond EOD, [ 1184.105059][T20589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1184.108145][T20674] truncated [ 1184.113796][T20589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1184.119571][T20589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1184.139381][T20674] ldm_validate_partition_table(): Disk read failed. [ 1184.142341][T20674] Dev nbd0: unable to read RDB block 0 [ 1184.144451][T20674] nbd0: unable to read partition table [ 1184.146622][T20589] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1184.146986][T20674] nbd0: partition table beyond EOD, truncated [ 1184.158653][T14999] usb 5-1: new high-speed USB device number 124 using dummy_hcd [ 1184.185965][T20589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1184.186415][T20674] ldm_validate_partition_table(): Disk read failed. [ 1184.190306][T20589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1184.192479][T20674] Dev nbd0: unable to read RDB block 0 [ 1184.195985][T20589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1184.198539][T20674] nbd0: unable to read partition table [ 1184.205063][T20674] nbd0: partition table beyond EOD, truncated [ 1184.207599][T20589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1184.211663][T20589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1184.218308][T20589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1184.219849][T20674] ldm_validate_partition_table(): Disk read failed. [ 1184.221758][T20589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1184.224848][T20674] Dev nbd0: unable to read RDB block 0 [ 1184.228078][T20589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1184.232512][T20589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1184.238353][T20674] nbd0: unable to read partition table [ 1184.239133][T20589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1184.241368][T20674] nbd0: partition table beyond EOD, truncated [ 1184.247238][T20589] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1184.272057][T20589] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1184.275740][T20589] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1184.289616][T20589] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1184.293229][T20589] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1184.348494][T14999] usb 5-1: Using ep0 maxpacket: 8 [ 1184.357424][T14999] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 1184.362031][T14999] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1184.366259][T14999] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 1184.398042][T14999] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 1184.412750][T14999] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1184.428723][T14999] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 1184.432015][T19236] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1184.432760][T14999] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1184.435764][T19236] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1184.483225][T19236] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1184.490381][T19236] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1184.658330][T14999] usb 5-1: usb_control_msg returned -32 [ 1184.665519][T14999] usbtmc 5-1:16.0: can't read capabilities [ 1184.733292][ T5228] Bluetooth: hci2: Ignoring connect complete event for invalid link type [ 1185.213717][ T35] usb 5-1: USB disconnect, device number 124 [ 1185.333782][ T39] audit: type=1326 audit(1721259905.176:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20767 comm="syz.3.4009" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f1f579 code=0x0 [ 1185.364074][T20772] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 1185.542845][T20774] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1185.790629][T20782] FAULT_INJECTION: forcing a failure. [ 1185.790629][T20782] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1185.796407][T20782] CPU: 3 PID: 20782 Comm: syz.0.4013 Not tainted 6.10.0-syzkaller-04806-g8b0f0bb27c32 #0 [ 1185.800365][T20782] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1185.804418][T20782] Call Trace: [ 1185.805776][T20782] [ 1185.806926][T20782] dump_stack_lvl+0x16c/0x1f0 [ 1185.808855][T20782] should_fail_ex+0x497/0x5b0 [ 1185.810836][T20782] _copy_from_user+0x30/0xf0 [ 1185.812749][T20782] get_compat_msghdr+0xa8/0x170 [ 1185.814724][T20782] ? __pfx_get_compat_msghdr+0x10/0x10 [ 1185.816647][T20782] ? __pfx___lock_acquire+0x10/0x10 [ 1185.818578][T20782] ___sys_sendmsg+0x1b0/0x1e0 [ 1185.820425][T20782] ? __pfx____sys_sendmsg+0x10/0x10 [ 1185.822424][T20782] ? __pfx_lock_release+0x10/0x10 [ 1185.824101][T20782] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 1185.826135][T20782] ? __fget_light+0x173/0x210 [ 1185.827869][T20782] __sys_sendmmsg+0x2a5/0x450 [ 1185.829424][T20782] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1185.831161][T20782] ? vfs_write+0x14d/0x1140 [ 1185.832690][T20782] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1185.834710][T20782] ? fput+0x32/0x390 [ 1185.836122][T20782] ? ksys_write+0x1ab/0x260 [ 1185.837609][T20782] ? __pfx_ksys_write+0x10/0x10 [ 1185.839714][T20782] __ia32_compat_sys_sendmmsg+0x9d/0x100 [ 1185.841957][T20782] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 1185.844363][T20782] __do_fast_syscall_32+0x73/0x120 [ 1185.846094][T20782] do_fast_syscall_32+0x32/0x80 [ 1185.847701][T20782] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1185.850104][T20782] RIP: 0023:0xf7f30579 [ 1185.851564][T20782] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1185.858521][T20782] RSP: 002b:00000000f5ce657c EFLAGS: 00000292 ORIG_RAX: 0000000000000159 [ 1185.861894][T20782] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200032c0 [ 1185.864778][T20782] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000 [ 1185.867921][T20782] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1185.871076][T20782] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1185.873993][T20782] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1185.876838][T20782] [ 1186.015639][T20787] netlink: 'syz.0.4014': attribute type 4 has an invalid length. [ 1186.094911][T20789] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4015'. [ 1186.184458][ T39] audit: type=1326 audit(1721259906.046:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20788 comm="syz.2.4015" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fe1579 code=0x0 [ 1186.295165][ T39] audit: type=1326 audit(1721259906.156:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20788 comm="syz.2.4015" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fe1579 code=0x0 [ 1186.562715][T20801] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4017'. [ 1187.141371][T20811] team0: Cannot enslave team device to itself [ 1187.480060][ T57] usb 8-1: new high-speed USB device number 110 using dummy_hcd [ 1187.685433][ T57] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 1187.688837][ T57] usb 8-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config [ 1187.693161][ T57] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 1187.696952][ T57] usb 8-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 1187.718197][ T57] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 1187.722728][ T57] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 1187.731437][ T57] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 1187.735085][ T57] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 1187.738506][ T57] usb 8-1: Product: syz [ 1187.740122][ T57] usb 8-1: Manufacturer: syz [ 1187.743990][T20814] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1187.747469][ T57] cdc_wdm 8-1:1.0: skipping garbage [ 1187.749427][ T57] cdc_wdm 8-1:1.0: skipping garbage [ 1187.754686][ T57] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device [ 1187.756748][ T57] cdc_wdm 8-1:1.0: Unknown control protocol [ 1187.977953][ T35] usb 8-1: USB disconnect, device number 110 [ 1188.053464][T20827] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4026'. [ 1188.359556][ T39] audit: type=1326 audit(1721259908.226:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20826 comm="syz.2.4026" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fe1579 code=0x0 [ 1188.618212][ T35] usb 8-1: new high-speed USB device number 111 using dummy_hcd [ 1188.810148][ T35] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 1188.815355][ T35] usb 8-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config [ 1188.832363][ T35] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 1188.836077][ T35] usb 8-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 1188.861407][ T35] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 1188.866245][ T35] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 1188.878943][ T35] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 1188.882690][ T35] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 1188.888470][ T35] usb 8-1: Product: syz [ 1188.898458][ T35] usb 8-1: Manufacturer: syz [ 1188.910716][T20814] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1188.920093][ T35] cdc_wdm 8-1:1.0: skipping garbage [ 1188.922410][ T35] cdc_wdm 8-1:1.0: skipping garbage [ 1188.935215][T20842] FAULT_INJECTION: forcing a failure. [ 1188.935215][T20842] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1188.948433][ T35] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device [ 1188.950859][ T35] cdc_wdm 8-1:1.0: Unknown control protocol [ 1188.970348][T20842] CPU: 3 PID: 20842 Comm: syz.2.4029 Not tainted 6.10.0-syzkaller-04806-g8b0f0bb27c32 #0 [ 1188.974511][T20842] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1188.979147][T20842] Call Trace: [ 1188.980678][T20842] [ 1188.982012][T20842] dump_stack_lvl+0x16c/0x1f0 [ 1188.984025][T20842] should_fail_ex+0x497/0x5b0 [ 1188.985977][T20842] _copy_from_user+0x30/0xf0 [ 1188.987890][T20842] get_compat_msghdr+0xa8/0x170 [ 1188.989934][T20842] ? __pfx_get_compat_msghdr+0x10/0x10 [ 1188.992293][T20842] ? __pfx___lock_acquire+0x10/0x10 [ 1188.994521][T20842] ___sys_sendmsg+0x1b0/0x1e0 [ 1188.996558][T20842] ? __pfx____sys_sendmsg+0x10/0x10 [ 1188.998840][T20842] ? ksys_write+0x21c/0x260 [ 1189.000804][T20842] ? __fget_light+0x173/0x210 [ 1189.002802][T20842] __sys_sendmsg+0x117/0x1f0 [ 1189.004718][T20842] ? __pfx___sys_sendmsg+0x10/0x10 [ 1189.006988][T20842] __do_fast_syscall_32+0x73/0x120 [ 1189.009266][T20842] do_fast_syscall_32+0x32/0x80 [ 1189.011328][T20842] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1189.013993][T20842] RIP: 0023:0xf7fe1579 [ 1189.015736][T20842] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1189.022967][T20842] RSP: 002b:00000000f5d9657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 1189.025469][T20842] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000040 [ 1189.028803][T20842] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1189.031966][T20842] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1189.035298][T20842] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1189.038511][T20842] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1189.041815][T20842] [ 1189.477276][T20859] ======================================================= [ 1189.477276][T20859] WARNING: The mand mount option has been deprecated and [ 1189.477276][T20859] and is ignored by this kernel. Remove the mand [ 1189.477276][T20859] option from the mount to silence this warning. [ 1189.477276][T20859] ======================================================= [ 1189.508019][T20859] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1189.512751][T20859] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1189.522948][T20859] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1189.528504][T20859] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1190.759360][ T968] usb 8-1: USB disconnect, device number 111 [ 1191.178236][ T7928] usb 6-1: new high-speed USB device number 88 using dummy_hcd [ 1191.188388][T20889] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4045'. [ 1191.198353][ T968] usb 8-1: new high-speed USB device number 112 using dummy_hcd [ 1191.331448][T20891] FAULT_INJECTION: forcing a failure. [ 1191.331448][T20891] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1191.349590][T20891] CPU: 0 PID: 20891 Comm: syz.0.4046 Not tainted 6.10.0-syzkaller-04806-g8b0f0bb27c32 #0 [ 1191.353886][T20891] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1191.358017][T20891] Call Trace: [ 1191.358256][ T7928] usb 6-1: Using ep0 maxpacket: 8 [ 1191.359424][T20891] [ 1191.362789][T20891] dump_stack_lvl+0x16c/0x1f0 [ 1191.364991][T20891] should_fail_ex+0x497/0x5b0 [ 1191.367409][T20891] _copy_from_user+0x30/0xf0 [ 1191.369816][T20891] get_compat_msghdr+0xa8/0x170 [ 1191.371762][T20891] ? __pfx_get_compat_msghdr+0x10/0x10 [ 1191.371859][ T7928] usb 6-1: config 0 has an invalid interface number: 1 but max is 0 [ 1191.374278][T20891] ? __pfx___lock_acquire+0x10/0x10 [ 1191.377762][ T7928] usb 6-1: config 0 has no interface number 0 [ 1191.379968][T20891] ___sys_sendmsg+0x1b0/0x1e0 [ 1191.379994][T20891] ? __pfx____sys_sendmsg+0x10/0x10 [ 1191.380022][T20891] ? ksys_write+0x21c/0x260 [ 1191.380043][T20891] ? __fget_light+0x173/0x210 [ 1191.388215][ T7928] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1191.390001][T20891] __sys_sendmsg+0x117/0x1f0 [ 1191.396284][T20891] ? __pfx___sys_sendmsg+0x10/0x10 [ 1191.398346][T20891] __do_fast_syscall_32+0x73/0x120 [ 1191.400425][T20891] do_fast_syscall_32+0x32/0x80 [ 1191.402365][T20891] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1191.404838][ T7928] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 1191.405039][T20891] RIP: 0023:0xf7f30579 [ 1191.408754][ T7928] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1191.410273][T20891] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1191.421192][T20891] RSP: 002b:00000000f5ce657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 1191.424516][T20891] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000280 [ 1191.427858][T20891] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1191.429001][ T7928] usb 6-1: config 0 descriptor?? [ 1191.431267][T20891] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1191.436527][T20891] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1191.439665][T20891] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1191.442809][T20891] [ 1191.444131][ T7928] iowarrior 6-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 1191.448597][ T968] usb 8-1: Using ep0 maxpacket: 8 [ 1191.466291][ T968] usb 8-1: config 0 has an invalid interface number: 1 but max is 0 [ 1191.469907][ T968] usb 8-1: config 0 has no interface number 0 [ 1191.472418][ T968] usb 8-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1191.477149][ T968] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 1191.481136][ T968] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1191.491638][ T968] usb 8-1: config 0 descriptor?? [ 1191.499482][ T968] iowarrior 8-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior1 [ 1191.708798][T20885] FAULT_INJECTION: forcing a failure. [ 1191.708798][T20885] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1191.725489][ C2] iowarrior 6-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19 [ 1191.726811][ T968] usb 6-1: USB disconnect, device number 88 [ 1191.729266][T20885] CPU: 2 PID: 20885 Comm: syz.3.4043 Not tainted 6.10.0-syzkaller-04806-g8b0f0bb27c32 #0 [ 1191.735785][T20885] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1191.739711][T20885] Call Trace: [ 1191.740843][T20885] [ 1191.742129][T20885] dump_stack_lvl+0x16c/0x1f0 [ 1191.744160][T20885] should_fail_ex+0x497/0x5b0 [ 1191.746145][T20885] _copy_to_user+0x30/0xc0 [ 1191.748157][T20885] simple_read_from_buffer+0xd0/0x160 [ 1191.750368][T20885] proc_fail_nth_read+0x1b0/0x290 [ 1191.752493][T20885] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1191.754872][T20885] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1191.757149][T20885] vfs_read+0x1d4/0xbd0 [ 1191.758788][T20885] ? __fdget_pos+0xeb/0x180 [ 1191.760536][T20885] ? __pfx_vfs_read+0x10/0x10 [ 1191.762365][T20885] ? __pfx___mutex_lock+0x10/0x10 [ 1191.764287][T20885] ? __fget_files+0x256/0x400 [ 1191.766127][T20885] ksys_read+0x12f/0x260 [ 1191.767783][T20885] ? __pfx_ksys_read+0x10/0x10 [ 1191.769619][T20885] __do_fast_syscall_32+0x73/0x120 [ 1191.771600][T20885] do_fast_syscall_32+0x32/0x80 [ 1191.773472][T20885] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1191.775906][T20885] RIP: 0023:0xf7f1f579 [ 1191.777487][T20885] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1191.784728][T20885] RSP: 002b:00000000f5cd65b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 1191.787888][T20885] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000f5cd6630 [ 1191.790878][T20885] RDX: 000000000000000f RSI: 00000000f73a8ff4 RDI: 0000000000000000 [ 1191.793889][T20885] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 1191.796899][T20885] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 1191.800020][T20885] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1191.803063][T20885] [ 1191.814425][ T968] iowarrior 6-1:0.1: I/O-Warror #0 now disconnected [ 1191.878506][ T5223] usb 8-1: USB disconnect, device number 112 [ 1191.883246][ T5223] iowarrior 8-1:0.1: I/O-Warror #1 now disconnected [ 1192.049732][T20897] create_pit_timer: 40 callbacks suppressed [ 1192.049796][T20897] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 1192.135549][T20897] kvm: pic: level sensitive irq not supported [ 1192.147877][T20897] kvm: pic: non byte read [ 1192.350220][T20910] o2cb: This node has not been configured. [ 1192.371669][T20910] o2cb: Cluster check failed. Fix errors before retrying. [ 1192.378452][T20910] (syz.3.4052,20910,3):user_dlm_register:674 ERROR: status = -22 [ 1192.385347][T20910] (syz.3.4052,20910,3):dlmfs_mkdir:436 ERROR: Error -22 could not register domain "syz1" [ 1192.398836][T20910] FAULT_INJECTION: forcing a failure. [ 1192.398836][T20910] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1192.408327][T20910] CPU: 0 PID: 20910 Comm: syz.3.4052 Not tainted 6.10.0-syzkaller-04806-g8b0f0bb27c32 #0 [ 1192.412081][T20910] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1192.416229][T20910] Call Trace: [ 1192.417688][T20910] [ 1192.419016][T20910] dump_stack_lvl+0x16c/0x1f0 [ 1192.421129][T20910] should_fail_ex+0x497/0x5b0 [ 1192.423256][T20910] _copy_to_user+0x30/0xc0 [ 1192.425227][T20910] simple_read_from_buffer+0xd0/0x160 [ 1192.427791][T20910] proc_fail_nth_read+0x1b0/0x290 [ 1192.429853][T20910] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1192.432015][T20910] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1192.434151][T20910] vfs_read+0x1d4/0xbd0 [ 1192.435754][T20910] ? __fdget_pos+0xeb/0x180 [ 1192.437519][T20910] ? __pfx_vfs_read+0x10/0x10 [ 1192.439637][T20910] ? __pfx___mutex_lock+0x10/0x10 [ 1192.441922][T20910] ? __fget_files+0x256/0x400 [ 1192.443934][T20910] ksys_read+0x12f/0x260 [ 1192.445575][T20910] ? __pfx_ksys_read+0x10/0x10 [ 1192.447459][T20910] __do_fast_syscall_32+0x73/0x120 [ 1192.449424][T20910] do_fast_syscall_32+0x32/0x80 [ 1192.451372][T20910] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1192.454042][T20910] RIP: 0023:0xf7f1f579 [ 1192.455939][T20910] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1192.464385][T20910] RSP: 002b:00000000f5cd65b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 1192.468791][T20910] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f5cd6630 [ 1192.471737][T20910] RDX: 000000000000000f RSI: 00000000f73a8ff4 RDI: 0000000000000000 [ 1192.474839][T20910] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 1192.477885][T20910] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 1192.481077][T20910] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1192.484344][T20910] [ 1193.020999][T20924] FAULT_INJECTION: forcing a failure. [ 1193.020999][T20924] name failslab, interval 1, probability 0, space 0, times 0 [ 1193.026715][T20924] CPU: 0 PID: 20924 Comm: syz.0.4059 Not tainted 6.10.0-syzkaller-04806-g8b0f0bb27c32 #0 [ 1193.030242][T20924] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1193.034003][T20924] Call Trace: [ 1193.035141][T20924] [ 1193.036147][T20924] dump_stack_lvl+0x16c/0x1f0 [ 1193.037777][T20924] should_fail_ex+0x497/0x5b0 [ 1193.039629][T20924] should_failslab+0x9/0x20 [ 1193.041302][T20924] __kmalloc_noprof+0xcf/0x420 [ 1193.043177][T20924] ? __pfx_lock_acquire+0x10/0x10 [ 1193.044924][T20924] tomoyo_realpath_from_path+0xbf/0x710 [ 1193.047093][T20924] ? tomoyo_profile+0x47/0x60 [ 1193.048917][T20924] tomoyo_path_number_perm+0x245/0x5b0 [ 1193.051101][T20924] ? tomoyo_path_number_perm+0x232/0x5b0 [ 1193.053038][T20924] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1193.055176][T20924] ? __pfx_lock_release+0x10/0x10 [ 1193.057258][T20924] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1193.059887][T20924] ? __fget_files+0x256/0x400 [ 1193.061726][T20924] security_file_ioctl_compat+0x75/0xc0 [ 1193.063639][T20924] __do_compat_sys_ioctl+0x5d/0x330 [ 1193.065645][T20924] __do_fast_syscall_32+0x73/0x120 [ 1193.067240][T20924] do_fast_syscall_32+0x32/0x80 [ 1193.069026][T20924] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1193.071806][T20924] RIP: 0023:0xf7f30579 [ 1193.073635][T20924] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1193.081420][T20924] RSP: 002b:00000000f5ce657c EFLAGS: 00000292 ORIG_RAX: 0000000000000036 [ 1193.084916][T20924] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000c008ae88 [ 1193.088004][T20924] RDX: 00000000200007c0 RSI: 0000000000000000 RDI: 0000000000000000 [ 1193.091504][T20924] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1193.094987][T20924] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1193.098095][T20924] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1193.100782][T20924] [ 1193.103786][T20924] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1193.149268][ T5228] Bluetooth: Unexpected continuation frame (len 18) [ 1193.499108][T20939] FAULT_INJECTION: forcing a failure. [ 1193.499108][T20939] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1193.499971][T20943] FAULT_INJECTION: forcing a failure. [ 1193.499971][T20943] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1193.504770][T20939] CPU: 3 PID: 20939 Comm: syz.1.4063 Not tainted 6.10.0-syzkaller-04806-g8b0f0bb27c32 #0 [ 1193.504791][T20939] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1193.504802][T20939] Call Trace: [ 1193.504809][T20939] [ 1193.504815][T20939] dump_stack_lvl+0x16c/0x1f0 [ 1193.504837][T20939] should_fail_ex+0x497/0x5b0 [ 1193.504862][T20939] _copy_from_user+0x30/0xf0 [ 1193.529307][T20939] __sys_bpf+0x239/0x5600 [ 1193.531139][T20939] ? __pfx___sys_bpf+0x10/0x10 [ 1193.533062][T20939] ? ksys_write+0x12f/0x260 [ 1193.534959][T20939] ? find_held_lock+0x2d/0x110 [ 1193.536972][T20939] ? ksys_write+0x21c/0x260 [ 1193.539218][T20939] ? __pfx_lock_release+0x10/0x10 [ 1193.541457][T20939] ? vfs_write+0x14d/0x1140 [ 1193.543453][T20939] ? __mutex_unlock_slowpath+0x164/0x650 [ 1193.545984][T20939] ? fput+0x32/0x390 [ 1193.548170][T20939] ? ksys_write+0x1ab/0x260 [ 1193.550015][T20939] ? __pfx_ksys_write+0x10/0x10 [ 1193.551970][T20939] __ia32_sys_bpf+0x76/0xe0 [ 1193.554039][T20939] __do_fast_syscall_32+0x73/0x120 [ 1193.556055][T20939] do_fast_syscall_32+0x32/0x80 [ 1193.558579][T20939] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1193.561401][T20939] RIP: 0023:0xf7fb8579 [ 1193.563410][T20939] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1193.573063][T20939] RSP: 002b:00000000f5d6657c EFLAGS: 00000292 ORIG_RAX: 0000000000000165 [ 1193.577548][T20939] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000020000240 [ 1193.581930][T20939] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000 [ 1193.585765][T20939] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1193.589600][T20939] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1193.593462][T20939] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1193.597009][T20939] [ 1193.598423][T20943] CPU: 0 PID: 20943 Comm: syz.0.4064 Not tainted 6.10.0-syzkaller-04806-g8b0f0bb27c32 #0 [ 1193.602452][T20943] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1193.607181][T20943] Call Trace: [ 1193.608790][T20943] [ 1193.610070][T20943] dump_stack_lvl+0x16c/0x1f0 [ 1193.612054][T20943] should_fail_ex+0x497/0x5b0 [ 1193.614020][T20943] _copy_from_user+0x30/0xf0 [ 1193.615954][T20943] sctp_getsockopt_assoc_stats+0xd6/0x5e0 [ 1193.618397][T20943] ? __pfx_sctp_getsockopt_assoc_stats+0x10/0x10 [ 1193.621332][T20943] ? mark_held_locks+0x9f/0xe0 [ 1193.623620][T20943] ? sctp_getsockopt+0x2e8/0x7ae0 [ 1193.625743][T20943] ? __local_bh_enable_ip+0xa4/0x120 [ 1193.627912][T20943] sctp_getsockopt+0x1238/0x7ae0 [ 1193.630001][T20943] ? aa_label_sk_perm+0x165/0x560 [ 1193.632093][T20943] ? __lock_acquire+0xc5d/0x3b30 [ 1193.634154][T20943] ? __pfx_sctp_getsockopt+0x10/0x10 [ 1193.636340][T20943] ? __pfx___lock_acquire+0x10/0x10 [ 1193.638512][T20943] ? hlock_class+0x4e/0x130 [ 1193.640482][T20943] ? __pfx___might_resched+0x10/0x10 [ 1193.642750][T20943] ? __pfx___lock_acquire+0x10/0x10 [ 1193.644896][T20943] ? __pfx_lock_release+0x10/0x10 [ 1193.647083][T20943] ? aa_sk_perm+0x2f5/0xb40 [ 1193.649110][T20943] ? __pfx_aa_sk_perm+0x10/0x10 [ 1193.651301][T20943] ? find_held_lock+0x2d/0x110 [ 1193.653712][T20943] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 1193.656588][T20943] ? do_sock_getsockopt+0x2e5/0x7c0 [ 1193.659390][T20943] do_sock_getsockopt+0x2e5/0x7c0 [ 1193.662069][T20943] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 1193.664365][T20943] ? __fget_files+0x256/0x400 [ 1193.666346][T20943] ? __fget_light+0x173/0x210 [ 1193.668324][T20943] __sys_getsockopt+0x1a1/0x270 [ 1193.670577][T20943] ? __pfx___sys_getsockopt+0x10/0x10 [ 1193.672883][T20943] ? fput+0x32/0x390 [ 1193.674625][T20943] ? ksys_write+0x1ab/0x260 [ 1193.676558][T20943] ? __pfx_ksys_write+0x10/0x10 [ 1193.679005][T20943] __ia32_sys_getsockopt+0xbc/0x160 [ 1193.681959][T20943] ? lockdep_hardirqs_on+0x7c/0x110 [ 1193.684574][T20943] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 1193.687407][T20943] __do_fast_syscall_32+0x73/0x120 [ 1193.692869][T20943] do_fast_syscall_32+0x32/0x80 [ 1193.695059][T20943] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1193.698088][T20943] RIP: 0023:0xf7f30579 [ 1193.700394][T20943] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1193.709045][T20943] RSP: 002b:00000000f5ce657c EFLAGS: 00000292 ORIG_RAX: 000000000000016d [ 1193.713265][T20943] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000084 [ 1193.717522][T20943] RDX: 0000000000000070 RSI: 0000000020003280 RDI: 0000000020001080 [ 1193.722148][T20943] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1193.726506][T20943] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1193.730415][T20943] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1193.734448][T20943] [ 1193.945359][ T5228] Bluetooth: hci2: Received unexpected HCI Event 0x00 [ 1194.105756][ T5228] Bluetooth: Unexpected continuation frame (len 18) [ 1194.188506][ T57] usb 5-1: new high-speed USB device number 125 using dummy_hcd [ 1194.378396][ T57] usb 5-1: Using ep0 maxpacket: 8 [ 1194.386804][ T57] usb 5-1: config 32 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 1194.391816][ T57] usb 5-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7 [ 1194.395673][ T57] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1194.438347][T20956] netlink: 696 bytes leftover after parsing attributes in process `syz.3.4068'. [ 1194.832064][ T57] usb 5-1: string descriptor 0 read error: -71 [ 1194.835610][ T57] hub 5-1:32.0: USB hub found [ 1194.858008][ T57] hub 5-1:32.0: config failed, can't read hub descriptor (err -22) [ 1194.940045][ T57] usb 5-1: USB disconnect, device number 125 [ 1195.606994][T20964] trusted_key: encrypted_key: insufficient parameters specified [ 1195.794599][T20970] FAULT_INJECTION: forcing a failure. [ 1195.794599][T20970] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1195.803182][T20970] CPU: 3 PID: 20970 Comm: syz.1.4073 Not tainted 6.10.0-syzkaller-04806-g8b0f0bb27c32 #0 [ 1195.807264][T20970] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1195.811902][T20970] Call Trace: [ 1195.813338][T20970] [ 1195.814615][T20970] dump_stack_lvl+0x16c/0x1f0 [ 1195.816653][T20970] should_fail_ex+0x497/0x5b0 [ 1195.818718][T20970] _copy_to_user+0x30/0xc0 [ 1195.820670][T20970] simple_read_from_buffer+0xd0/0x160 [ 1195.822961][T20970] proc_fail_nth_read+0x1b0/0x290 [ 1195.825087][T20970] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1195.827786][T20970] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1195.830154][T20970] vfs_read+0x1d4/0xbd0 [ 1195.831922][T20970] ? __fdget_pos+0xeb/0x180 [ 1195.833836][T20970] ? __pfx_vfs_read+0x10/0x10 [ 1195.835799][T20970] ? __pfx___mutex_lock+0x10/0x10 [ 1195.837981][T20970] ? __fget_files+0x256/0x400 [ 1195.842200][T20970] ksys_read+0x12f/0x260 [ 1195.844054][T20970] ? __pfx_ksys_read+0x10/0x10 [ 1195.846219][T20970] __do_fast_syscall_32+0x73/0x120 [ 1195.848644][T20970] do_fast_syscall_32+0x32/0x80 [ 1195.850744][T20970] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1195.853415][T20970] RIP: 0023:0xf7fb8579 [ 1195.855152][T20970] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1195.863225][T20970] RSP: 002b:00000000f5d665b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 1195.866991][T20970] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5d66630 [ 1195.870845][T20970] RDX: 000000000000000f RSI: 00000000f7438ff4 RDI: 0000000000000000 [ 1195.874543][T20970] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 1195.877987][T20970] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 1195.881630][T20970] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1195.885134][T20970] [ 1195.955552][T20974] netlink: 32 bytes leftover after parsing attributes in process `syz.3.4072'. [ 1196.141664][ C0] [ 1196.142803][ C0] ================================ [ 1196.145070][ C0] WARNING: inconsistent lock state [ 1196.147336][ C0] 6.10.0-syzkaller-04806-g8b0f0bb27c32 #0 Not tainted [ 1196.152593][ C0] -------------------------------- [ 1196.154948][ C0] inconsistent {HARDIRQ-ON-W} -> {IN-HARDIRQ-W} usage. [ 1196.157671][ C0] syz.3.4072/20968 [HC1[1]:SC0[0]:HE0:SE1] takes: [ 1196.160078][ C0] ffff88802c038aa0 (lock#14){?.+.}-{2:2}, at: __mmap_lock_do_trace_acquire_returned+0x7f/0x790 [ 1196.164412][ C0] {HARDIRQ-ON-W} state was registered at: [ 1196.166805][ C0] lock_acquire+0x1b1/0x560 [ 1196.169281][ C0] __mmap_lock_do_trace_acquire_returned+0x97/0x790 [ 1196.172703][ C0] try_to_inc_max_seq+0xa52/0x1250 [ 1196.175060][ C0] try_to_shrink_lruvec+0x736/0x9b0 [ 1196.177900][ C0] shrink_one+0x3f8/0x7c0 [ 1196.180387][ C0] lru_gen_shrink_node+0x89f/0x1750 [ 1196.183320][ C0] balance_pgdat+0x1105/0x1970 [ 1196.185930][ C0] kswapd+0x5ea/0xbf0 [ 1196.188104][ C0] kthread+0x2c1/0x3a0 [ 1196.190695][ C0] ret_from_fork+0x45/0x80 [ 1196.193077][ C0] ret_from_fork_asm+0x1a/0x30 [ 1196.195125][ C0] irq event stamp: 4100 [ 1196.196977][ C0] hardirqs last enabled at (4099): [] __do_fast_syscall_32+0x80/0x120 [ 1196.201917][ C0] hardirqs last disabled at (4100): [] irqentry_enter+0x54/0x60 [ 1196.206757][ C0] softirqs last enabled at (3998): [] handle_softirqs+0x5be/0x8f0 [ 1196.211388][ C0] softirqs last disabled at (3981): [] irq_exit_rcu+0xbb/0x120 [ 1196.215141][ C0] [ 1196.215141][ C0] other info that might help us debug this: [ 1196.219171][ C0] Possible unsafe locking scenario: [ 1196.219171][ C0] [ 1196.223225][ C0] CPU0 [ 1196.225209][ C0] ---- [ 1196.227147][ C0] lock(lock#14); [ 1196.228925][ C0] [ 1196.230632][ C0] lock(lock#14); [ 1196.232331][ C0] [ 1196.232331][ C0] *** DEADLOCK *** [ 1196.232331][ C0] [ 1196.236184][ C0] 2 locks held by syz.3.4072/20968: [ 1196.238653][ C0] #0: ffffffff8dbb4e60 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run2+0x1c2/0x590 [ 1196.243195][ C0] #1: ffff888029a44d98 (&mm->mmap_lock){++++}-{3:3}, at: stack_map_get_build_id_offset+0x28a/0x760 [ 1196.249246][ C0] [ 1196.249246][ C0] stack backtrace: [ 1196.252820][ C0] CPU: 0 PID: 20968 Comm: syz.3.4072 Not tainted 6.10.0-syzkaller-04806-g8b0f0bb27c32 #0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 1196.258499][ C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1196.264068][ C0] Call Trace: [ 1196.265798][ C0] [ 1196.267597][ C0] dump_stack_lvl+0x116/0x1f0 [ 1196.270828][ C0] mark_lock+0x923/0xc60 [ 1196.273372][ C0] ? __pfx_mark_lock+0x10/0x10 [ 1196.276166][ C0] ? hlock_class+0x4e/0x130 [ 1196.279260][ C0] ? __lock_acquire+0x14f4/0x3b30 [ 1196.282112][ C0] ? hlock_class+0x4e/0x130 [ 1196.284340][ C0] ? __lock_acquire+0x14f4/0x3b30 [ 1196.286492][ C0] ? hlock_class+0x4e/0x130 [ 1196.288499][ C0] ? __lock_acquire+0xc5d/0x3b30 [ 1196.290433][ C0] __lock_acquire+0x1359/0x3b30 [ 1196.292637][ C0] ? __pfx_warn_bogus_irq_restore+0x2/0x10 [ 1196.295015][ C0] ? __pfx___lock_acquire+0x10/0x10 [ 1196.297441][ C0] ? lock_acquire+0x1b1/0x560 [ 1196.299708][ C0] lock_acquire+0x1b1/0x560 [ 1196.301946][ C0] ? __mmap_lock_do_trace_acquire_returned+0x7f/0x790 [ 1196.305641][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 1196.308298][ C0] ? get_segment_base+0x1c6/0x270 [ 1196.310338][ C0] ? perf_callchain_user+0x534/0xa20 [ 1196.312489][ C0] ? down_read_trylock+0x1ed/0x3f0 [ 1196.314554][ C0] ? stack_map_get_build_id_offset+0x28a/0x760 [ 1196.317204][ C0] __mmap_lock_do_trace_acquire_returned+0x97/0x790 [ 1196.320407][ C0] ? __mmap_lock_do_trace_acquire_returned+0x7f/0x790 [ 1196.323481][ C0] stack_map_get_build_id_offset+0x602/0x760 [ 1196.326313][ C0] ? __pfx___lock_acquire+0x10/0x10 [ 1196.328844][ C0] ? futex_wait+0x121/0x380 [ 1196.331112][ C0] __bpf_get_stack+0x68a/0x710 [ 1196.333386][ C0] ? __pfx___bpf_get_stack+0x10/0x10 [ 1196.336690][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 1196.339375][ C0] bpf_get_stack_raw_tp+0x124/0x160 [ 1196.341696][ C0] bpf_prog_ec3b2eefa702d8d3+0x42/0x46 [ 1196.344406][ C0] bpf_trace_run2+0x231/0x590 [ 1196.347598][ C0] ? __pfx_bpf_trace_run2+0x10/0x10 [ 1196.349718][ C0] ? flush_tlb_func+0x3d2/0x600 [ 1196.351792][ C0] ? __pfx_flush_tlb_func+0x10/0x10 [ 1196.353993][ C0] trace_tlb_flush+0xf3/0x170 [ 1196.356001][ C0] __flush_smp_call_function_queue+0x27a/0x8c0 [ 1196.358454][ C0] __sysvec_call_function_single+0x8c/0x410 [ 1196.360764][ C0] sysvec_call_function_single+0x43/0xb0 [ 1196.363294][ C0] asm_sysvec_call_function_single+0x1a/0x20 [ 1196.366729][ C0] RIP: 0023:0xf710a71b [ 1196.368426][ C0] Code: 8b 44 24 1c 8b 6c 24 2c 8d b4 26 00 00 00 00 8b 4c 24 10 39 54 24 0c 19 f9 73 2d 89 44 24 10 89 74 24 14 8d 74 26 00 8b 45 08 <8b> 4d 0c 83 c5 08 89 ce 39 d0 19 fe 72 ef 89 44 24 0c 8b 44 24 10 [ 1196.378088][ C0] RSP: 002b:00000000ffc56570 EFLAGS: 00000297 [ 1196.380765][ C0] RAX: 00000000813cb609 RBX: 00000000ffffffff RCX: 00000000ffffffff [ 1196.385410][ C0] RDX: 00000000813cd272 RSI: 00000000ffffffff RDI: 00000000ffffffff [ 1196.389016][ C0] RBP: 00000000f66e39b8 R08: 0000000000000000 R09: 0000000000000000 [ 1196.393023][ C0] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 1196.396750][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1196.400775][ C0] [ 1197.211746][ T1087] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1197.372725][ T1087] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1197.538262][ T1087] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1197.700035][ T1087] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1197.878945][ T1087] bridge_slave_1: left allmulticast mode [ 1197.881448][ T1087] bridge_slave_1: left promiscuous mode [ 1197.884132][ T1087] bridge0: port 2(bridge_slave_1) entered disabled state [ 1197.908763][ T1087] bridge_slave_0: left allmulticast mode [ 1197.911285][ T1087] bridge_slave_0: left promiscuous mode [ 1197.913904][ T1087] bridge0: port 1(bridge_slave_0) entered disabled state [ 1198.508581][ T1087] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1198.539454][ T1087] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1198.559859][ T1087] bond0 (unregistering): Released all slaves [ 1199.118780][ T1087] hsr_slave_0: left promiscuous mode [ 1199.138335][ T1087] hsr_slave_1: left promiscuous mode [ 1199.140925][ T1087] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1199.144156][ T1087] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1199.170345][ T1087] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1199.173851][ T1087] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1199.190195][ T1087] veth1_macvtap: left promiscuous mode [ 1199.192429][ T1087] veth0_macvtap: left promiscuous mode [ 1199.194679][ T1087] veth1_vlan: left promiscuous mode [ 1199.196832][ T1087] veth0_vlan: left promiscuous mode [ 1199.661868][ T1087] team0 (unregistering): Port device team_slave_1 removed [ 1199.718595][ T1087] team0 (unregistering): Port device team_slave_0 removed [ 1200.755265][ T1087] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1200.870364][ T1087] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1200.992600][ T1087] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1201.064404][ T1087] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1201.281556][ T1087] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1201.410159][ T1087] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1201.509076][ T1087] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1201.569868][ T1087] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1201.753234][ T1087] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1201.829379][ T1087] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1201.968856][ T1087] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1202.042894][ T1087] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1202.279055][ T1087] bridge_slave_1: left allmulticast mode [ 1202.282857][ T1087] bridge_slave_1: left promiscuous mode [ 1202.290523][ T1087] bridge0: port 2(bridge_slave_1) entered disabled state [ 1202.312159][ T1087] bridge_slave_0: left allmulticast mode [ 1202.314476][ T1087] bridge_slave_0: left promiscuous mode [ 1202.316719][ T1087] bridge0: port 1(bridge_slave_0) entered disabled state [ 1202.362063][ T1087] bridge_slave_1: left allmulticast mode [ 1202.364459][ T1087] bridge_slave_1: left promiscuous mode [ 1202.366948][ T1087] bridge0: port 2(bridge_slave_1) entered disabled state [ 1202.379632][ T1087] bridge_slave_0: left allmulticast mode [ 1202.388360][ T1087] bridge_slave_0: left promiscuous mode [ 1202.390713][ T1087] bridge0: port 1(bridge_slave_0) entered disabled state [ 1202.412329][ T1087] bridge_slave_1: left allmulticast mode [ 1202.414261][ T1087] bridge_slave_1: left promiscuous mode [ 1202.416184][ T1087] bridge0: port 2(bridge_slave_1) entered disabled state [ 1202.434273][ T1087] bridge_slave_0: left allmulticast mode [ 1202.436314][ T1087] bridge_slave_0: left promiscuous mode [ 1202.448306][ T1087] bridge0: port 1(bridge_slave_0) entered disabled state [ 1203.443079][ T1087] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1203.468575][ T1087] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1203.499486][ T1087] bond0 (unregistering): Released all slaves [ 1203.610619][ T1087] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1203.629782][ T1087] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1203.679043][ T1087] bond0 (unregistering): Released all slaves [ 1203.768556][ T1087] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1203.774150][ T1087] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1203.779166][ T1087] bond0 (unregistering): Released all slaves [ 1204.876200][ T1087] hsr_slave_0: left promiscuous mode [ 1204.880050][ T1087] hsr_slave_1: left promiscuous mode [ 1204.883448][ T1087] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1204.887157][ T1087] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1204.891290][ T1087] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1204.933419][ T1087] hsr_slave_0: left promiscuous mode [ 1204.950249][ T1087] hsr_slave_1: left promiscuous mode [ 1204.953105][ T1087] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1204.955651][ T1087] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1204.964930][ T1087] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1204.967780][ T1087] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1204.974382][ T1087] hsr_slave_0: left promiscuous mode [ 1204.977270][ T1087] hsr_slave_1: left promiscuous mode [ 1204.980377][ T1087] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1204.983642][ T1087] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1204.987201][ T1087] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1204.990495][ T1087] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1204.997168][ T1087] veth1_macvtap: left promiscuous mode [ 1204.999419][ T1087] veth0_macvtap: left promiscuous mode [ 1205.001670][ T1087] veth1_vlan: left promiscuous mode [ 1205.003771][ T1087] veth0_vlan: left promiscuous mode [ 1205.007018][ T1087] veth1_macvtap: left promiscuous mode [ 1205.009091][ T1087] veth0_macvtap: left promiscuous mode [ 1205.011038][ T1087] veth1_vlan: left promiscuous mode [ 1205.013316][ T1087] veth0_vlan: left promiscuous mode [ 1205.016472][ T1087] veth1_macvtap: left promiscuous mode [ 1205.018837][ T1087] veth0_macvtap: left promiscuous mode [ 1205.020954][ T1087] veth1_vlan: left promiscuous mode [ 1205.023046][ T1087] veth0_vlan: left promiscuous mode [ 1205.596190][ T1087] team0 (unregistering): Port device team_slave_1 removed [ 1205.654291][ T1087] team0 (unregistering): Port device team_slave_0 removed [ 1206.052098][ T1087] team0 (unregistering): Port device team_slave_1 removed [ 1206.139566][ T1087] team0 (unregistering): Port device team_slave_0 removed VM DIAGNOSIS: 23:45:16 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000061 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff84facab5 RDI=ffffffff94d88f80 RBP=ffffffff94d88f40 RSP=ffffc900071573f0 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=732d302e30312e36 R12=0000000000000000 R13=0000000000000061 R14=ffffffff84faca50 R15=0000000000000000 RIP=ffffffff84facadf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802c000000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f73a1a14 CR3=00000000115b4000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000000 RBX=ffff88802c046420 RCX=ffffc9002b3dc000 RDX=0000000000040000 RSI=ffffffff818269d5 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc9000761f248 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000007 R12=ffffed1005808c85 R13=0000000000000001 R14=ffff88802c046428 R15=ffff88802c13fe80 RIP=ffffffff818269e1 RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802c100000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000002066a000 CR3=00000000115b4000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=0000000000000069 RCX=ffffffff81f5bb4b RDX=ffff88801a1c2440 RSI=ffffffff81f5ba06 RDI=0000000000000005 RBP=ffff88801e2b8350 RSP=ffffc90000e1f728 R8 =0000000000000005 R9 =00000000ffffffff R10=0000000000000069 R11=0000000000000000 R12=dffffc0000000000 R13=000000000000006b R14=0000000000000000 R15=ffff888026eedc00 RIP=ffffffff818e96d8 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c200000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f73e2b2c CR3=0000000056322000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000000 RBX=ffff88802c046440 RCX=ffffffff818269fb RDX=ffff8880191b8000 RSI=ffffffff818269d5 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc90003db7910 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000 R12=ffffed1005808c89 R13=0000000000000001 R14=ffff88802c046448 R15=ffff88802c33fe80 RIP=ffffffff818269d7 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c300000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000559404fdb000 CR3=000000000d97a000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 0054454955510029 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 005445495551000c ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 ZMM21=9cea75c39cea75c3 9cea75c39cea75c3 9cea75c39cea75c3 9cea75c39cea75c3 9cea75c39cea75c3 9cea75c39cea75c3 9cea75c39cea75c3 9cea75c39cea75c3 ZMM22=0558624805586248 0558624805586248 0558624805586248 0558624805586248 0558624805586248 0558624805586248 0558624805586248 0558624805586248 ZMM23=e2ae855ee2ae855e e2ae855ee2ae855e e2ae855ee2ae855e e2ae855ee2ae855e e2ae855ee2ae855e e2ae855ee2ae855e e2ae855ee2ae855e e2ae855ee2ae855e ZMM24=d0f0cc25d0f0cc25 d0f0cc25d0f0cc25 d0f0cc25d0f0cc25 d0f0cc25d0f0cc25 d0f0cc25d0f0cc25 d0f0cc25d0f0cc25 d0f0cc25d0f0cc25 d0f0cc25d0f0cc25 ZMM25=f7ec118bf7ec118b f7ec118bf7ec118b f7ec118bf7ec118b f7ec118bf7ec118b f7ec118bf7ec118b f7ec118bf7ec118b f7ec118bf7ec118b f7ec118bf7ec118b ZMM26=cb36f318cb36f318 cb36f318cb36f318 cb36f318cb36f318 cb36f318cb36f318 cb36f318cb36f318 cb36f318cb36f318 cb36f318cb36f318 cb36f318cb36f318 ZMM27=97e315ee97e315ee 97e315ee97e315ee 97e315ee97e315ee 97e315ee97e315ee 97e315ee97e315ee 97e315ee97e315ee 97e315ee97e315ee 97e315ee97e315ee ZMM28=000000300000002f 0000002e0000002d 0000002c0000002b 0000002a00000029 0000002800000027 0000002600000025 0000002400000023 0000002200000021 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=b2270000b2270000 b2270000b2270000 b2270000b2270000 b2270000b2270000 b2270000b2270000 b2270000b2270000 b2270000b2270000 b2270000b2270000