last executing test programs: 4m29.386818262s ago: executing program 1 (id=3661): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000540), r0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000ecffffffffff2000000005002000000000000c001f0070687930", @ANYRES64=r0], 0x28}, 0x1, 0x0, 0x0, 0x801}, 0x0) (fail_nth: 3) 4m29.386439879s ago: executing program 1 (id=3662): r0 = syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00') openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002040), 0x2, 0x0) mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id-', @ANYRESDEC=0x0, @ANYBLOB=',default_permissions,\x00']) r2 = creat(&(0x7f00000002c0)='./file0\x00', 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x17, 0x7, &(0x7f0000000080)=@framed={{}, [@jmp={0x5, 0x0, 0xe, 0x0, 0x0, 0x3}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffc}, @jmp={0x5, 0x0, 0x5, 0x0, 0x0, 0xfffffffffffffffb, 0x10}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffa}]}, &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6a}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) write$qrtrtun(r2, &(0x7f0000000180)="080090aed299ac", 0x7) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r3, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], 0x0, 0x80010000, 0x1}}, 0x40) syz_fuse_handle_req(r1, &(0x7f0000009b40)="de98ee653502c564abeb97fc678bde22efebcf99c2d89952950acc703a3c6268a54c8b1bd1ee165c82980cd315b55a070dc41deeb2d4c1842d936a0bcde5fd7ed6031fdd9cb58ebfe8261528f097f309813b5722c24a1af8e6bc6ddaef7e85d2659690154bc5e6ee73c3fe7176509ad7b30e1098fc9873db91d3c1816825e710374de8d40693578b598922d9c523cfff93a630f121251d17ad40bce021d7fd57945fe2a186618a40b5f3995a9f0ceaa3e22b57e4f68e53fffeb5474fb83afaf5cde6b0aaf5cf0313ede442ddf1df6c280921e43d80dddfd005969272e1719b37fd8f749fcde83f8201826b4cf5b1c1da394568aa7d8833dd11309f46422b0152ede5ab29b17bc1ae80147346155b20a98d6fc2650bec3fe73327c45cad1b38f7c983cd070556a8f8ed5d58e1052f6436fad905099d18fb3e62c2c36a1c2209a94c820e30e5234e77be3beb4cd183015d281e7bf39cdcf0f1e541211c75d64a49b55ba4c2c444bef36d98df66bea814bab91ed65386d6a491a6295c24dbaf752a5e7a856e0dfe46a6f9e718ca3919c6f8978b0fd65c9e389114e5afd8e9e2a575b854463b63f46d08795f0f1d0d48d6d610fd74e9238de32ee3fa2ffef550336341803c083ac1d749be6c5440bbe4bd3bc3015bcde2b4e2160ba266d281a9641f74d9348fb6fa8550d1e8a8362999452e40b75c412cfa77ab8e1aaf1a9e83c855ec9b7ada38690f0d2e59f67a1f3babbcda8011595ea720816c24726b833beaca0a9d11e7b99373601d27d18c9e29940503d3a12149fdc4fe0065c3d023d6e7712eb853df19f2b4b886e08d61629288ff16c2597d7fae5bfc8b41f92fc325ffe0f61683b1f661409bdd7c3d88a854f8393484f4669b5d9654fd3a0819a32110b9064539a7419c332629b3fc71da35b783ef7c693842ce83733a63f2e6af37989cfcb768ab8cea5d21b82a0e9f6fdcec26b0107708867dec54c4e739fe9b931b3c6da013bfae097c57f1e16ba54f9028e672511938a0ad9d681d7feebc65a2f5f588abd66261393f3ba02d7b2cf650a9f7c6a4ca55b4d41132908dc9c90e26f0da8e2259e3a2b63b2d9e27754e278827ab80438070698c690ec375a9aeb4193079a28a2a062961ba0e65af01644af063f3ebefda92c4986379f7b099b2fd3960929578736f09887fc5816cb1b982e5b121b79662d1674dd0c6e82627cf8c63e576e5c1eb0af9415ddc10ff880e8ae3ce8c4fb87b8f9d364974c2a1d8eba4e04bc2bc018bfabc435683b2551c0e4908570b930c4fd7c03ddb95e9ec1d1994e3df0305fdac4e5b914641ae25b0c469b194c0bb78ab04887cdc4262da468475b926a18254d23b4c44705aeca34ef8a7b04dd55a43f39996529a23804e054655c5ba8661f7c02737e7539650364928d62b9b8d80988232009acb54214f06640e9bc6614c0ce02e4a22dc8b91a0aad711e4fd01d7020b7c7185e41e27ce266b9f5aec682cbd4bba3240d6277b17b564937254f37afe580cba0b78c6b0cc81830eaf10d7cc1f7e918d49e935629fe6c24b4368a04af1b99f6981340ee031874f3d4b3a9ebc31719b3b775bfe1fdfa0460a3820bff6f61b49b11ac2ca00836a0c4a74aed92a619f34231196669b942e761538e64f965d23d4f7814256e876263fe5307985c4e6eb69c974f66276764e80ab1de3f5c55e7b2cfdb78dd183a85473e968918ad73f29a266c818b9bf9f62eed86df25b2577bb6d98e3996e94f5bdf119b869541a94eb3536c979c3d77cc0df7c0c48a902ca2f03f5ba5a8ef9431cf95f6fc89744e8440e1d5ebb837e30ef7541fbc27672c31566ac3676a173cb9e466a2d206ba1ebc2b985eddcd6ff937375fbc8415eba46f5ec68cfa9f3a669d41b078867dd9f5160ba45fa4719f32cf877d4b7a6d77c977533659f7c7ac22c68f5e93c1df6c2a3d45b55a4afd3355680aed864f6bbe13da2da28a4851f73c88e555f3bb1c34a21fc45ab6c28287902e8b5fcae6899c804f364cd878a8d1734462bb075cb7bc709cc2c5d7747c4c29a2fa9259752301c26b852b7993adf889d45dbe39094c9b7b168756e5b939ed10bb6df57b8f5e14352cfc7d8b03cda5b978b06cf2430af5db17177b1ef664bc4b00307f970c4fc606a6bab72125f62b0f59655c35b104da7af188a953cfc09b3aa0785abf330830fefedcc8bf9a11d5dc4b5642f679d45cb44fe61ab1d906345c1c345f6b8027bae9585580c20115d2504d9c83ab54ea2557b6d2dd3bc65fa29f091aa46a215e77621836154104e6969fa9107139a19f2e45cc6bf55422a0e1a6d037ad9e63df5f9cd2045e13ac2d6a15bc12008c4cd23782df7d41bfecc0037292d22c7b42f2cc1a22db7502332d9f4fa85f7640c8635b9469681adb6bcec2dfdf6926f1815156d80a835ae918527f549ea6df45f350f618dc1f3ca139759be28e35013034f8bbfd3fa1a8f302594213c18015305911f42e287f2d86f17d76f8a0ea03fb574c60c808669f9f4454fc2eaf0e93873f688e34bd3341f6874d5d8fe754172a751d6ab23dc1642220e7fb1071df0ee3c7e07c338915494a3b360bdc0b38ed221c2c2bc86b29744448b255802b3ddfe600c1d0f9acabb2185e4e9dae5e456d5825f516c857f63e72e4a5f3d45eaf11a0e3a5ad0ba30a0bf0f94cc99586fd202d6118bb6f9c272f6cbe39dd9b8b36ea7fa51dfe0bb87a633be11c16a14d1bce8492387696e195fa3c5f172690b4434aa2e91ce7d225d73b1983d2605ec725aae0ae402cd2f79fc202a307f1896f3dfcf8c0fd8b841dcfeda5d65bb7d76f7c2d2eb1b164c0368e9984f320a224d7d438bc5c699acbc18a587b7589e960af114afbc9f59243646557962fc2e0cb5b5bf160a313bcfd9ade3e140b808e9f19415808aa312ae9c9e8bcd5a47fc721eda59d10670088714984a71d5c0df8b68e675a8e31ec15a92ff6a04d17e0ef849c782b302d11f742efe6486ab904fd65c0aac4ec25c6d877b453dce80e894de703aa8b1e5d00701850f149fe437fd0944cb95e54a924a49bd86bb9a602cf2904fbd9e399f1cdcd0b45b6d8f872e285f9dfeaa26aa760074651393c6451b36c643dd0b7236ec7803d69cec1b09bf1b63fbb68ad7c01507f00083b184ff01a62096f386f4c8fdc85e93eecf3f4b384aec1c10ccc60d8109a6d887bd389c3406163f9600879f0e944443d783e8644f69344f6f44f7bbf1883cda7369c9b9904d991c01552135f158a0bbb7f40c354f292c034824d82c209ebc770f5b756768ae51d45f8875b59904a07090689e65b40625566eed5d209130db812f287b966ae21ba46a3a7a3a0360a4e284d8d91ba9ed9806ea063827c8dda0fa98f758cbfa523ac645421f444a40b95bb065a64256c19354b1ad5002bb7b2add9b5236ad64e9052734b9d263515683db121b5e4dc1eab244dd8fc0fc62d962834ba0b21aad872b127afc0a33c7869a3f213519aa2ef51bab9ab28ed18859fd8239841a6668fc614dedd099121ae6c220a143c119cb9bff9068f65d0554b4c12105e59a22e91203a08ab8c718ec62c42d7ebb7b495e9e1be8fb7e4aab2777025da37b48d9d7b97578841a73898a6eab994e250106e096390c77b0600537be881ab7d81e3cb468bf1fe318b1e804d8df9875e9b8da22e6244997317391cce608085a28b8d070d654a29afab324ba3eecf427b6dfd43501ec0db919f71a932897eb37fe3bd64ab5a34ec60011696298b74ddd7a3710d3e444cedcc5cdc357f9dd58e67dc0ed3fc8df6dad82b3c00b4290c3280c28f78df052ec9cdd9df025abe8834616eddd5bb93379c69092911cd60761e7d14b426a83e335bfc8bf67a14e01df7cefb6023f0c6556534b975ed889de0d96d968526372402ce3d21a2c5c64a449dc3ba4ee0b5ceabc2fa29679e225681c8e946dc94b48af024bb1633e1860c7d8c14500967f24e2f8f46db537232a4e9f4abf8408f53bb52b035bdb89917a6f2f4bd22403ad002c2d936b785ecd965177e9f6235787a185d0eca92532f1aab16756ae86ece13925ba4a1fd08125102ae08c428d073aa426c4e792b5a4acf618605df1707021ce1eed62da4ee87334e34edf43338a0076b8ec739e2c31071e10c6a853e19fbf25b8a356527a67c8f7696dc184e374f4641f4e5b0aa345f1e6c4bfeba3a392d9a994bc271717a051c98d6c5b1f3296caf4c01d80ffb75b6fbdd0a0583f9d4695a44a2878df0c09a85aaab14522320cc3d2611603a34e52da03677a60cc87cc3c689975e5b5366c82e040b6643b8865d8bea0c84cef9ff85245a8b4bc41af1a50775b29fe55e42ac4b29fe80ddaf02e8c9bd07cab823f3d9021ac88236525ec045688a2fc9c6df66f549b10720cebf09ead919524f071cd128fb7575c84190c698b420f89b3c11195b5d83022d1f7e48afc21203995caf8f9286dcd5bd51b65c1af1caadf5a1b3f12579066855ff851075adb959dc3e086a7fb4e9a27fe80e8f3c0959b042486310ae7b785b0612e0385e36f50d4cae3474dd000c3957955534b4907b9480e2e5d83dedbeb76cb78d893c5b64dd51e31abc8e8b4c56b96f67c4b6e43861d91681af3270aae1a8f50712bd97326ee46a2640285b2902f051071d5a3400e99b76459956ac6908688c314bd8e54365383a65b186a6386cc5218e41e0b386759de81bccf5aa68f8608831a9d33ad1af2bdbd8579c5921cd8c3dd2f3bf1f123c742e118c76e2f43618bb7885e44826b7417c9ca5a139d774c16fbf74c8969c038ba6a54f27bab46ecc94d6455188d8dc1edf1da715c8d9976226877096df4158eeecced2248c7b88de0dd11a076db1f06bae4adba8286dc39aa62a55233886e011622ae1cf97238914a55078a78908145295777dbbc4e0d34364e0f3daa9eba6fa54c085777b18c0523818ff8710dee4bfeb3db549c3f38dde73b99a7b1b219282407a4e0ab3794089e21f6f2045ab6254ac3703903edb302fb2f0f97e47cca7969ad6b5b6cf27314137a04d5f4f29c193cfc5540592ab1342a1a9cbd514a7b4d6b23f724a5d7bfa6ffe8e3d9de29b8661139f179a0fafecf234f19bee75c25faffc765e02377d83e0ad0a0029c08f5c71595bc1b2fe88f0fe958f3f1f8ba6821ab834cab9bc902b2d47bd4b5ed52b5b0d7b3bc999b2f68879be39ddcb0428ce3a617b68c11459b746651f413d9e9a098cd2b5c0fcfd0ea1db2cde1672818d7bc73b053015692f9e9259a0153e3c9ac5e73e3343dd350cfbcaa57be93cc881a35063aec2db4ed71df2b1bd90b5ecbd84f399d4530c5450d622188423e151cec49673dc633e503c497d53843f4824750dc09abae9f2f465e92888715b6879f5edbab7bcd58f0899e1430ffb5f3063450945cb0fb3b5c3088ed6966c54dddae3aab489a80341b45a17cac02ae62749f209a7e16ecdfd86b43569c7b34511c65474acf2b2c18834e158e20957bf2320e4a6b9d63caea93b3a7dd4f7ba54443aba1ac2b6f2b27e1bf6f17d3fd1582462e0debc7069bb70e219654cbb99adfed54ab94329382163f2ab6710bb581d189cb3449a02c917c1f2d1d5f51958ce605fdb0e37ae5f3cb3f123276d43b2c26ea948dee863e0b679ecddf0fe41ce78bbca30167c9c7d6b0e9193c98090facd7205a490727e1ac49bb4d639348a32546007459c61c27bf8df87dd2ed3f3228b8193422a72d15f848bac13c6ffa7b8a767cf04866feb7c7a81267d7a8e890128d4709e4873223578aa7febdd562403c6092c0a3f6e0650772ede935ab6ef95e375bcbfa395e23ef1d73532388b845a95f158dc845a123f798176c73e177926d39abd38a910d40653006375110be2f2c5f6efc87b31908be36dd07c8ba5853519a37dfc4dea981af855293f49a3270bb67cdc17b780fbf2a418fcec8953dae927909a6bbbdce230d23113efad9c02474682dafc63311050cb4f3f86c282ff29728eefac5c678360122b4ce221bcec82d24e053b63972d2e9a631a180b48bb8d2d4de7254d91a856071df51a1d87ca7eb5d19ac3def1fdd6ebd8f57c2c9e43cb6ff2fa00d27f279368f5ee29a84ba219a51d1f0f1965781164edbb3aa6209fbce6d40284fbb4a33f59bf9e1248100a623de16613eebc11f510b7718dde9f13b4c9b2b6a10dd932696cdb7fa4b5733b0377453471462762457d42038ebf8c0fb392ca7656ad1f050c326de75fffc698c48f5d809ae360ddb9856b9a54b811073233294bf91e46414441b6665f432201da12e49718b0d7929b6cbcbf310a09ce0d22f07ee5cfa8ffb9f03acd224641171ffafdf50f18be8fa3c907226cc1a6f3b16a776781a6396dbf09f689ad6bba4d537dad490a6f036a45ee3e224e6f519e44b7352ee3e7d3f0d89f8c7c8f54b6d2698c0298a07866c9d9ca09c96c2ac8efd7974294df6dd1bb0598debadb6135e7123bbfddf84870de54476a291586fc0e64784e65fdf78d462e8b51cbac38e7ff1878b11418f188220e3deb5367a2d90ad7d44395f6965cc6d680c59daac268c16814d1085302d0453b48e4a8ae78b8a5b6951a875ef42776f6d11955da7e5734a72b61cefcc6889b8f8d58db51ee78d7b1a8ffebd90e15a64654054767aaec24dd3b5f338b572496c8731049c10622b7f54fdfa43aaea316946291fee7bc9e64640e8bccf33fd1e8693b67020b49cf77faaaa8269e2fecc4e2b43c8c3378a4a9b9b85a4fe2c346c5512cda631542e0ff5706eba996f4f72e629b076d6be1966d44b1835ce664e3c6a4f18c68f5e32f900a0a167e547d5aa79c0aede966f83d00366a623ef8107e328654c8558d5e606f69a12b6c2a6fcbe0e08f945c4ad2738ed0b28d79c98514abe0819569c6e4f4751c665fd651aaa9ee392c330560ef6d57c0a97f0764f88433b2bf7641ba391634316b0ee1dac23a63be21270e50ea1ac24ac3b429a0b46c38dbd48c540bfb1e141b8b3df6caa179c7e54f2b7b1371e8eb05a30f13da95200ab70dc58325f6bea0ee9fe1f04154998df393f2b4ff4431363f3a7450fa5210e883d67620ae63cc41f72e74e26a0244de1ac722b6f1c1d293f7483b331a0efda65a4e4e9144547fe6dce2f4535e29048b07079329b63754bb124b9e046a6e97929b1f4a387765bf93804530791c9f649db6efbebebf46fa4f9af7ff2587130d0e70a32d4aab1dfbee6aadd1f3e5317e3d4c8cde75b1479bc3dd16ea35db3dca11cf1eb1d2bbac60b83605e171619d85fd4b6d0e24be8db76df12efef05eb87473b832e59f3039df44ef034e5e7546b399cc817a41b2f020286ff139072a5b909ebb185a3c955cf88f4a9929b2112e0a9ab43da0288ce3ea268ccc9f46f852d387f5d0a2831dfc8cb0bf593905ba376c069b8c9b70558ec826c5bf9835031199c4c6d84c913da7e9e7db49c1d34511d917b9ad3c40af0598737d58fd61b8f2adc46b73a284957a99943cf73414412fa5440a5f85b63c20794d122c267fba72bfcd0e2741642fd8ff5a0ae1ffd8b30d852c053d0e31f505ca13a21c0223a8ee77cdd92de1b9f87ebee4ea332e9d4573d7efb2ad3f50c35fb7a596c4edb4b72bf6df5a16ffe3c8a236f2cab8c0712ac26c2cbcc68c1dc45209b579c952c7d645642aeed7d60407ee2dc168179d536da950108e962c5c976d3a05bf5142466ee38939ee94e707a0135f99c99b5d6376f63c711e4f64950f08dbc931c812f34735d9eb1c5997770d8159068cdca2e0f192311ca438d613728b544d6a3e50ae0e4e6b1eb611ce55a96bb2f991d49173073d8547f5ede69d8b587a34bb8f637297a15ab4fc45f1384bbd19b3feab5fb81322ba831386eeb6067e55af374c1b1eb9613a6c41dfe2bbbcfad157dd042c67c44400b350f0dc40a8611f2e947f32ea3ac3f609027b5dbc95b157c13216fe7c35edcc82950bd4e38bcb02b63d2576489c331a222e013e73b5333694889b184bedbbb6fdd6fd40a62b1d5d494e68cd2aefc264f74bf70ef38373e599faaa326f574ae32b1aad86854af22db8c9673d14666aa7c0c3bbe0d76a835ba4b391552777ed20c5c6cd0aa84f3be73ca0a3c128914107fb8fc02220317fb111cf13398480cd3325582a7e55f4c4ef5a258bcd01a97615e95f89c8064d41d04340b88cd5f4b1d827a030637145d98422facadbbbce97dc3060402a7bfa73d7b4dde53184a0923c0ee29c6e8e2c35e396808df2481af6aab053b619fcb2833f14f87051c5461567c5f8dd40383a7521971775493f896e18c78bad8219f88258ea686652780c03ebafb63ecbfcb23e24d52a2f88a77ed3b2280637807a5e155f4fad7149b76841772471a3b77aa42e8058c0af1ac2be9d88b5152851708f1a77582b3e31702864ee6a244a38f3f95d9797a60cddeb5ddf08cc48fc677f03f9e717ebe7f472883e5a6a7df31ca4272228f26991460c537ebc8aecb6a0c34a763eb1f57124fbfafd6db4c21bedf6723b252aeb21eb1fd9f4f811fd3e2e764422964761b2ef3aaaf986a48f7be66f6387578f9492feebc97dfbc6bc97380394a5635dbe582e52a1fb18ea8fc4e53974c63d198cf0d878ba8a8d58688a037c0f753c7073337ef3da4c134ef939c98c8806d09943591e6013a1342de7c722f993fd7eb36ba8e8407d1ea60eb5724b0d6262c70469dbd8ea1956b8d7f5a77707a9cbe2137079e7abda3966c5bee4fd86e8a3c4969bc88ff328a2adc8f4546f647575866d5ced16df06bf40d9a5f178f9d19e490bd76e187c441e7de0e571f6cea5512ec9bea48903d91a519dc82defe34a06b0244d623090b5a250786bbc66c1e76db6b18d81ed33c81a7c93782d5cdbe0a7cf7d1ab29c04be6ff4a9bbc10f716a67d52fd52d91425abd2002cf83c3797861db5fbeaec745a552ca4a50604340f2cf2c1b10e9ba76c8ea43b283c73f774f8be213f17f70cf93b9f6a8bab1f516a935e80c3cc6756945edafd572e6e00840eedf61fc40351869f03562d8c13006de585a1141c02f1311fbc8e45e4b3878c32810698e4764a6e8495f165eefee35714a1794f9ab50897c5565ab745425933d9d6272a172c1f2a274f9ca7bc8e1b01a27b8bd06fd9dc61880789696348c99e9a70c9dd2a62ca04d1f86dc87380b618c2a78b16229d614702fce242fa17ea90cda2648f9375bf7e78b4267d558983e08a9566d95871998d23cc6d22c23370ae067b677609844abc140df81cbd9addbf657fffaab5c22c479acca18f3e4b508cf01ff7b2ca308ff116389790f26f2c7635f89c747a5bc66f61de575653069349a89fd7e3dd785266b7bccf16eb8b4a8a86751de60d33e17d64f6e4e0f9d13a16d243ad7364114db7ad011f094c4debf20a39e35e7eeb440bbe8811db2857b965edd1e2675ceb1bc9a1691f123dedb341962fbbe539485d2241b0409adce2587d035187a0dd5a62076ac4eb5c3e2f4455569b6eac0fc16155da1774cbe505dc92e2087585a7846bae699bef32e3c5ec2356dd4433ed29d4b03ff7b38f7b3cb96b92874eefda6c2e0e326214e40f14cc2ef80e1cd3fe226257a423b8ff5bb368b87ac7066c5136487775b5b122a858334c37f6a3f53d758c3c866e2e79daf9aeab36a59eddbae2fa5b6d20973014196ef0a4cde1373c7297833e6f1e46828f4a42eebd829dd4f17999abe285218ed5dc6007b21bceb588a213b29dbb1ab1a79b41a12df26fe35f0cf6a310c9e50cf10d71ad5960626e4efec211032ec4ae52512001362ba4108d86eb774d2d4d0364cbb1dae68f03a774e328c2dc09899ee80c05ac2a8e3ba905b0b3b7a08a3df20b505901123e7dc0a15db48d09c84189ca4345c23c2010c12cc35287fad30211cab9631e148a7c1e8bfab61ced30e098d1c3cf7b6a7fbd8288dfdc48044d0d47c17f129f6b5d751af1984d395ab1b08ccca3e7309a89a8a36dfc3fb82d2a4269bffc32571438d04a7b98137b46ae1fea1bd9ea64f99e2f0c5f12ed84886b10bbd511993b0447036c4e57b9dae6d5bdad6aa3f2d12e62471194e43111613b8b6944c2baf1f539ea14dd76c356bfef7e3d4b6fb91f6d321a796a4bce5a4c6a5caaf0f3eccd914dea21ae909be7ba486075ff6139e7e351fdd7e98013ba51ff0248852398c734f245ffd7fde8cacfa4805496ad7350b1c96d7bf9da9be492f2f414e973937ac9109b6e8b8315aa9b81840f2c21239caf85a28f0e590bb6ad12148e75bd4d7ea69a9ffb053781db98d5fb5aca30a734017be7683a559c203c006ecd4b135afe3650b906e0aa208c889f2af09f3f8263260c3bd07cf8021124b6f0e0d021f9839e47996905c3d7562df810484552de3bcc9ae054b62a01af6a7991e4d63f30c7a92d8b58e01052e53818e64d7540a3208af321709a5d891ceecae5d27a999b00ed01616a73ec8854ca61973ed1fd3d82f8628b215c55eb7908e297d77098a7b0c362709005a7d13c89c54556589b2a926c6e08cc1c0afebc7eeb5d7ae4ef0507c91b8e706e6dbf83d898819192c812554ad1c6377871a8ca50f1325630f7b5266b807ef61d0c8d399fada49cb02a14c16d39f4fa7b81272573808e761c9dce7cfd12f4f18dd06b0ee471c166e095bf84aa4aaa2d82f1afcf09e5d960257c0a8dc404225b4b62187829c59e57da50bf848d72fabfb69362c117c6913541f84095a2a4ccdd2d30860cd96640bb2315e435a4af08c62c584ad129300adb02a871f3c548b96c4f6c47efdf4a1163a8a5ba9b4766b01437bc5957324660a8cd87df0f7e000d1309e896e3ce9f57b17562c9368a95a4cf66b3a5b57f0cca563b045452bbc8ad07b96fd0322728ccb3b05bfda14ef36ecfa2f32c5aa899811a67f2d62ed970db5723d6e4e4913c98c81ed6c03469112c23549f7e20be6401c6544db9078f34e6a4ad3cc868bace2e7ec6ea17225986f9e941ec67d9a3fc57958f9df8a60f585aa38b1769e26ed3f68dd85685b2cefae9dd72a18abc0de6b94689785df377ef4a812a6abc7f738a396f0e99ccbc5731801c36e746ab6b1dda88ca6ecb899528e18543cb3dfd439cd5be566594f01a4533da3638e6331fedf5b67870938ad044aa0dfdae33e3a6258ad40baadd726eacb1f3c1eb8d83ef4e185d7603a4f1eb006d90bf5849e2f65d37ffe750eb061bbad08a0c0cfabb9abf7f27d36ee5687d23feaa923e09d2ae905410a9193f21ed9b1d6331bb1f3babb90da2f2e023a6ceda4b4fe0f5d864738ee7f65a0b136021fbe076b4adf2d3af760e1361bad7ae35cb7ca010ddf4488255a2d3c492d0b26a1a5643f998b5d04a52a59f176d9bda85c916ff901329f09fe953b030b92f6415172476ad89d3e8cdcb4eda7dde5d4fcd5d6a584a312563558e784b0f9bcea7c53d26c3f2d3350c70a5e06a67c4c0373dd6279e29c320e6580fba8ab2df3039c289235c066af1b07dd112f25b25e292020f36c1aba246cba4e054d64b38f53ed57a712dffad7d3dc97f86af511638a2779107fc55da63b6498ea5f3ae36883163e5bf2324211a61a9889278f828e58daae797fdba9218d322da7aa23db7a48a00", 0x2000, &(0x7f0000007a80)={&(0x7f0000006400)={0x50, 0x0, 0x1ff, {0x7, 0x29, 0x1, 0x24ff871999e0dde7, 0xdcf, 0x4005, 0xb, 0x800, 0x0, 0x0, 0x2, 0x3}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r4, 0x2000300, 0xe, 0x0, &(0x7f0000000000)="63eced8e46dc3f0adf3389f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 4m29.243985886s ago: executing program 1 (id=3664): r0 = socket$kcm(0x2, 0x7, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0x6, [0x1, 0x0, 0xe, 0x8f7, 0x6, 0x5]}) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) r2 = socket(0x40000000015, 0x5, 0x0) setsockopt$sock_int(r2, 0x1, 0x23, 0x0, 0x0) bind$inet(r2, &(0x7f00008a5ff0)={0x2, 0x0, @loopback}, 0x10) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x1c3880, 0x0) openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000340)) r3 = syz_usbip_server_init(0x3) write$usbip_server(r3, 0x0, 0xfffffffffffffd8e) r4 = syz_io_uring_setup(0x497, &(0x7f0000000200)={0x0, 0x7278, 0x0, 0x2, 0x156}, &(0x7f0000000000)=0x0, &(0x7f0000000100)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r6 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r6, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) ptrace$setsig(0x4203, 0x0, 0x10, &(0x7f0000000140)={0x25, 0x2, 0x9}) io_uring_enter(r4, 0x26c8, 0x0, 0x1, 0x0, 0x10) mmap$IORING_OFF_CQ_RING(&(0x7f0000c74000/0x2000)=nil, 0x2000, 0x1000008, 0x13, r4, 0x8000000) recvmmsg(r2, &(0x7f0000000a40)=[{{&(0x7f00000003c0)=@xdp, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)=""/26, 0x1a}, {&(0x7f00000005c0)=""/153, 0x99}, {&(0x7f0000000a80)=""/242, 0xf2}, {&(0x7f0000000880)=""/222, 0xde}], 0x4}, 0x8}, {{&(0x7f0000000440)=@qipcrtr, 0x80, &(0x7f0000000980)=[{&(0x7f0000000780)=""/150, 0x96}], 0x1, &(0x7f00000009c0)=""/115, 0x73}, 0x991}], 0x2, 0x2, 0x0) sendto$inet(r2, 0x0, 0x0, 0x8000, &(0x7f0000000200)={0x2, 0x0, @loopback}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0) futex(&(0x7f000000cffc)=0x4, 0x80000000000b, 0x4, 0x0, 0x0, 0x0) r7 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)=ANY=[], 0x1c}], 0x1, 0x0, 0x0, 0x41}, 0x4c890) 4m27.478057827s ago: executing program 1 (id=3672): r0 = socket$netlink(0x10, 0x3, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='nr_inodes=M']) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000d80)='./file1\x00', 0x143042, 0x0) link(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000240)='./file0\x00') unlink(&(0x7f0000000240)='./file1\x00') r2 = socket(0x10, 0x3, 0x0) getsockname$packet(r2, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14) ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x85, &(0x7f0000000080)={0x0, 0xb, 0x0, 0x0, 0x7995}, 0xfcd6, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0}) r4 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}}, 0x24}}, 0x0) ioctl$USBDEVFS_FREE_STREAMS(r4, 0x802c550a, &(0x7f0000000000)=ANY=[]) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="4800000010000507000000000000000016000000", @ANYRES32=r3, @ANYBLOB="0000000200000000280012000c00010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x0) r5 = openat$binfmt_register(0xffffff9c, &(0x7f0000000840), 0x1, 0x0) write$binfmt_register(r5, &(0x7f0000000880)={0x3a, 'syz0', 0x3a, 'E', 0x3a, 0x1, 0x3a, '-(-+', 0x3a, ']', 0x3a, './file0', 0x3a, [0x43]}, 0x2d) r6 = openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi1\x00', 0x2180, 0x0) ioctl$F2FS_IOC_SET_PIN_FILE(r6, 0x4004f50d, &(0x7f0000000240)=0x1) r7 = socket$nl_route(0x10, 0x3, 0x0) r8 = socket(0x10, 0x803, 0x4) syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r8) getsockname$packet(r8, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14) io_uring_register$IORING_REGISTER_RING_FDS(r1, 0x14, &(0x7f0000000c80)=[{0x2, 0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000440)=""/250, 0xfa}, {&(0x7f0000000600)=""/246, 0xf6}], &(0x7f0000000540)=[0xd24a, 0xffffffff, 0x7fff, 0x800, 0x4, 0x9, 0x5, 0x7fffffff, 0x2]}, {0x1, 0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000700)=""/13, 0xd}], &(0x7f0000000780)=[0x80, 0x6, 0x1, 0xda37]}, {0x4, 0x1, 0x0, &(0x7f0000000b40)=[{&(0x7f0000000900)=""/229, 0xe5}, {&(0x7f0000000a00)=""/214, 0xd6}, {&(0x7f00000007c0)=""/81, 0x51}, {&(0x7f0000000b00)=""/12, 0xc}], &(0x7f0000000b80)=[0x4, 0x5, 0x67a, 0x2, 0x7, 0x2, 0x37e0]}, {0x0, 0x1, 0x0, &(0x7f0000000bc0), &(0x7f0000000c00)=[0x8, 0xb, 0xd, 0x3b7, 0x4, 0x2, 0x2, 0x0, 0x5]}], 0x4) setresuid(0x0, 0xee01, 0xee00) r10 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setown(r12, 0x8, r10) sendmmsg$unix(r11, &(0x7f0000006c40)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="11", 0x1}], 0x1}}], 0x1, 0x40015) sendmsg$nl_route_sched(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000003c0)=@delchain={0x3c, 0x2c, 0xf31, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {}, {0xfff2, 0xffff}, {0xfff3}}, [@filter_kind_options=@f_basic={{0xa}, {0xc, 0x2, [@TCA_BASIC_CLASSID={0x8, 0x1, {0x2, 0xfff2}}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4008844}, 0x4010) 4m27.372641791s ago: executing program 1 (id=3674): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r1, 0x0, r3, 0x0, 0xf3a, 0x0) syz_clone3(&(0x7f0000000400)={0x80000000, &(0x7f0000000180), &(0x7f0000000200)=0x0, &(0x7f0000000240), {0x12}, 0x0, 0x0, &(0x7f0000000640)=""/4096, &(0x7f0000000280)=[0x0, 0xffffffffffffffff], 0x2, {r2}}, 0x58) prctl$PR_SCHED_CORE(0x3e, 0x2, r4, 0x3, 0x0) close(r2) write(r0, 0x0, 0x0) 4m26.983932802s ago: executing program 1 (id=3676): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x6, 0x4, 0x4, 0xf, 0x0, 0x1}, 0x50) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="07000000040000002000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x50) bpf$BPF_GET_MAP_INFO(0x3, &(0x7f00000006c0)={r3, 0x58, &(0x7f0000000100)}, 0x87) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn']) renameat2(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000600)='./file5\x00', 0x2) r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x2}, 0x50) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$UHID_INPUT(r5, &(0x7f0000002080)={0xfc, {"a2336848149e516d4b5e071887f70e09d038e7ff7fc6e5539b0d500a8b089b3f383563030890e0879b0a71c6e70a9b334a959b669a242f0a0af3988f7ef319520100ffe8d178708c523c921b1b3e31070d0773090acd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9903f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928d28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f2730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b81305c038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849cd9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484539ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1f93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb8843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b2804563407308c58c89d9e99c81769177e6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463373b4b87c9050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e080000007ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e3933ed07c2b8081c128ad2706f48261ff07000000000000613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59500000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) r6 = syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0) r7 = socket$netlink(0x10, 0x3, 0x4) setsockopt$netlink_NETLINK_NO_ENOBUFS(r7, 0x10e, 0x5, 0x0, 0x0) writev(r7, &(0x7f0000000100)=[{&(0x7f0000000000)="580000001400192340834b80043f679a10ff3d425f9cc3f4ff7f4e32f61bcdf1e422000000000100804824cabecc4b381eaadc28f23457e792945f64009400050028925aaa000000c600000000000000feff2c707f8f00ff", 0x58}], 0x1) syz_genetlink_get_family_id$gtp(&(0x7f0000001100), r7) ioctl$VIDIOC_SUBSCRIBE_EVENT(r6, 0x4020565a, &(0x7f00000000c0)={0x3, 0x980900, 0x3}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) connect$inet6(r8, &(0x7f0000000140)={0xa, 0x4e20, 0xa86c, @dev={0xfe, 0x80, '\x00', 0x1a}, 0x8}, 0x1c) ioctl$VIDIOC_QUERYMENU(r6, 0xc008561c, 0x0) io_setup(0x6, &(0x7f00000003c0)=0x0) io_submit(r9, 0x9, &(0x7f0000001080)=[&(0x7f0000000340)={0x0, 0x0, 0x0, 0x5, 0x7, r8, &(0x7f0000000880)="5470e61cad700a1d28f2e202a6bb06c84995630170f58bf12906c56699d3a7e8257d05563418d9b0a25500fd877af6219c507627a78724cda795de13131cc5148f49a2074e2fc335336dfdb2d70da6068377da72effa7ce8a4403423625d77529538d3f5ed081315517f797e3cbf33fdb006093c4cc93fd73fdbc42d28cce5eed34b983ab9eae306fd9a3ecb12e0a84af585dcaf819c524f4e2f86cea9611d941be3b9d45391bfea0e79c475472a73479172d0aab90dc50f8dc3aefbdd39af6bd236e4efe12563932950fb1fb4bc22ae6f899cec398b32ffb9c790f91613cc53ddaa479396475939174e33587aed", 0xee, 0x7, 0x0, 0x2}, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x8, 0x2, r7, &(0x7f0000000980)="c49df50d8151bb8a0ace5c2818f2c2d0d48f0fd02a350da45c3eee6619f912f8ad59350757558d18c69bbc9f60ee0de821a8945f4903ac7e96f7fae18d99aee8ae7e4d1c8836a5f7cb90be8ff331094bc7713f9022a57df00fbe9026c6485b66a5a5b4cddcc61a9c6e82dad0e8785e0c828fcfc6ab315edb9ad24e56f1cbe2d1d83808e1b508c5e061", 0x89, 0x0, 0x0, 0x2, r4}, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x2, 0x7, r1, &(0x7f0000000640)="a61e2bd65f90c7b889c7766cef8d7976220f9876f9aa3867ed6fed2ee34d5390f1714ab63c445acdb6e07e4122db9dc6940228c1223fa850481d7d608053d7c17d8e8783e006ce7a8aec59290d", 0x4d, 0x3, 0x0, 0x1, r8}, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x3, 0xe, r3, &(0x7f00000007c0)="63ecd463b92f4c8c8f2595b6f2c257e659599cd3bd03a5e41602e9b9b072f6d8c5528fbad4f42316737b00e896ec2de12e0d8ecb31d333fb32751e252fd0e600d802a32b1f3dd3d9e5006879e33504dfff97edc85283bd56f5a49668", 0x5c, 0x4, 0x0, 0x3}, &(0x7f0000000b80)={0x0, 0x0, 0x0, 0x6, 0x9, r0, &(0x7f0000000ac0)="e2b4c0fcd42c44c098e5c313032fd4759a24dbaff05753ec373ae6b4f07bbb640fd350fd91ce429e14468e01abb439572c5ff1426b478ed858a04234bfc86fa577eda59ef65a97fa1f0eb0aee1f5a2d3582e0871f78752cfa5144373da99a5b30056b8f90bab0e9248079c38400fc243d70b3e7349247abfd9f645f0e1abf74eaa540ebe2fefe55e11d2a234c6ac546160e40a01c872b16a660290ff258e8843962386604cc1cd32be861edecf218197027423e9516fdcfb4a", 0xb9, 0x7}, &(0x7f0000000cc0)={0x0, 0x0, 0x0, 0x1, 0x7, r8, &(0x7f0000000bc0)="ff7908aba110b5a1714efa7156ade912e8344d5c7d068fc8bd7797ffc04da99596ed73994d042e06033aab0577cb69b3053fa5669cb7d63947e7b49c9e4f3b13c8fd25621e09ff2690daaae1fe9da3b0fa18fda40e468a732ba647bad968647ae005d102d8aa212eb59e88c541359067a54d3664687e65c274e4f533cbce05f9b013f2e4bc93bbf7160633542e7a77993392724fd616c22d69ec502b94609e8e53ca06ee00513ed7b35b565c11de232a542c7ec79d840b4727d8223f454afa5f00777981613c880a8e45eced5ff2e05711a65683cc", 0xd5, 0x4, 0x0, 0x1}, &(0x7f0000000e00)={0x0, 0x0, 0x0, 0x2, 0x81, r3, &(0x7f0000000d00)="ac10da7065a3644dc42029bd0e5f0af424a9d891a1e9b8449d6d37442f93ea7b621782605c0527b686c91bbc16434d2bff43ce4f60de8dc74357779a29d1537a827bbe58b50a11c2f532c69505cbda4b8a26d70b3deb7e5956fffaef76b489a665ca2162fecbf929755ece830dc96a907516097824f2b6e8975348c11662d4283e33f9776bae39370e09d1e3bc2659e5e84ed998ad0f775c26d98451c048ba3847d9015182cbfc85964b426d00a82c66ab6a4922c019ae7c2b49fbfb0839bb2474", 0xc1, 0x7, 0x0, 0x2}, &(0x7f0000000f00)={0x0, 0x0, 0x0, 0x2, 0x3, 0xffffffffffffffff, &(0x7f0000000e40)="d4a5b0cb255c25141c11b5cd190b7eb5cbea7e484e4b6f6b28afa0da95f42ba8e3e8a68a0acf2d3db2abc7b661c36b4f47129121959e70e5c66894664de9830cc0d751447138caaf515bca32513b292c19a41ac11fea96cc69c5fe32af7403ff187f45f32adaca535435c7e8c0de5ccc53c755a8d9889cbdf3c14727f2c68870c0751e1c2ca25f58030e640ea72af5f1949cca14", 0x94, 0x3, 0x0, 0x4}, &(0x7f0000001040)={0x0, 0x0, 0x0, 0x0, 0x7, r0, &(0x7f0000000f40)="ce4c04f08b308b70de085bd8a4addb41ee9210b2d2f9b635825f218b4950b133ec34f1e3cb1f5e05d1825caa84097f3af4f050f885f0439827bd3dcc8a853b16c190ea31b78fef50b15293e3af3ad8603256d80a2fc942ad4be7e5a910dc63a0827194d147996b61e1d393367742f81eb950a079d3419a0ca203d3d3c7f8a49313d4aecdcdbf8528420ac2eaae295ca5a62fa0602af27f20ab43dc433564d514c2c720423d535335ceeffd2dc769d27823f93a8b0c843bc304ffd57522a32d197c0f39db32346079cd5f9bd15ec4ec35f238490c36f3e67e44e98f8bfd85bc5f68ea53b241acebf81c7a7ce255a9", 0xee, 0x10}]) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x1, 0x1c, &(0x7f00000004c0)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x64}, {{}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0x0, 0x8}}, {{0x5, 0x0, 0x3}, {0x95, 0x0, 0x0, 0x700}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9, 0xfe00}, {0x6, 0x0, 0x6, 0x9}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff0, 0x50}, {0x7, 0x1, 0xb, 0x6, 0x8, 0x20}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x7, 0x0, 0x7, 0x0}, {0x18, 0x2, 0x2, 0x0, r4}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, 0x0, 0x1, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback=0x32, 0x0, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NBD_CMD_CONNECT(r10, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000000400)=ANY=[@ANYBLOB="0f7fb1efa18deda8dbfda62d3d2fbd5d3ba89580876ef48db5f5aae695bab7cfdfea4e1b695ed6ef6babff40b87cfc651e104f0204098eea3dbc84bb4391332d72136681e86bcdba300c34decaf30437bf833d8a933dbdca", @ANYRES16=0x0, @ANYBLOB="010028bd7000fbdbdf2501000000040007800c0002000300000000000000"], 0x24}, 0x1, 0x0, 0x0, 0x20004000}, 0x0) 4m26.859153771s ago: executing program 32 (id=3676): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x6, 0x4, 0x4, 0xf, 0x0, 0x1}, 0x50) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="07000000040000002000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x50) bpf$BPF_GET_MAP_INFO(0x3, &(0x7f00000006c0)={r3, 0x58, &(0x7f0000000100)}, 0x87) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn']) renameat2(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000600)='./file5\x00', 0x2) r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x2}, 0x50) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$UHID_INPUT(r5, &(0x7f0000002080)={0xfc, {"a2336848149e516d4b5e071887f70e09d038e7ff7fc6e5539b0d500a8b089b3f383563030890e0879b0a71c6e70a9b334a959b669a242f0a0af3988f7ef319520100ffe8d178708c523c921b1b3e31070d0773090acd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9903f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928d28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f2730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b81305c038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849cd9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484539ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1f93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb8843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b2804563407308c58c89d9e99c81769177e6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463373b4b87c9050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e080000007ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e3933ed07c2b8081c128ad2706f48261ff07000000000000613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59500000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) r6 = syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0) r7 = socket$netlink(0x10, 0x3, 0x4) setsockopt$netlink_NETLINK_NO_ENOBUFS(r7, 0x10e, 0x5, 0x0, 0x0) writev(r7, &(0x7f0000000100)=[{&(0x7f0000000000)="580000001400192340834b80043f679a10ff3d425f9cc3f4ff7f4e32f61bcdf1e422000000000100804824cabecc4b381eaadc28f23457e792945f64009400050028925aaa000000c600000000000000feff2c707f8f00ff", 0x58}], 0x1) syz_genetlink_get_family_id$gtp(&(0x7f0000001100), r7) ioctl$VIDIOC_SUBSCRIBE_EVENT(r6, 0x4020565a, &(0x7f00000000c0)={0x3, 0x980900, 0x3}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) connect$inet6(r8, &(0x7f0000000140)={0xa, 0x4e20, 0xa86c, @dev={0xfe, 0x80, '\x00', 0x1a}, 0x8}, 0x1c) ioctl$VIDIOC_QUERYMENU(r6, 0xc008561c, 0x0) io_setup(0x6, &(0x7f00000003c0)=0x0) io_submit(r9, 0x9, &(0x7f0000001080)=[&(0x7f0000000340)={0x0, 0x0, 0x0, 0x5, 0x7, r8, &(0x7f0000000880)="5470e61cad700a1d28f2e202a6bb06c84995630170f58bf12906c56699d3a7e8257d05563418d9b0a25500fd877af6219c507627a78724cda795de13131cc5148f49a2074e2fc335336dfdb2d70da6068377da72effa7ce8a4403423625d77529538d3f5ed081315517f797e3cbf33fdb006093c4cc93fd73fdbc42d28cce5eed34b983ab9eae306fd9a3ecb12e0a84af585dcaf819c524f4e2f86cea9611d941be3b9d45391bfea0e79c475472a73479172d0aab90dc50f8dc3aefbdd39af6bd236e4efe12563932950fb1fb4bc22ae6f899cec398b32ffb9c790f91613cc53ddaa479396475939174e33587aed", 0xee, 0x7, 0x0, 0x2}, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x8, 0x2, r7, &(0x7f0000000980)="c49df50d8151bb8a0ace5c2818f2c2d0d48f0fd02a350da45c3eee6619f912f8ad59350757558d18c69bbc9f60ee0de821a8945f4903ac7e96f7fae18d99aee8ae7e4d1c8836a5f7cb90be8ff331094bc7713f9022a57df00fbe9026c6485b66a5a5b4cddcc61a9c6e82dad0e8785e0c828fcfc6ab315edb9ad24e56f1cbe2d1d83808e1b508c5e061", 0x89, 0x0, 0x0, 0x2, r4}, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x2, 0x7, r1, &(0x7f0000000640)="a61e2bd65f90c7b889c7766cef8d7976220f9876f9aa3867ed6fed2ee34d5390f1714ab63c445acdb6e07e4122db9dc6940228c1223fa850481d7d608053d7c17d8e8783e006ce7a8aec59290d", 0x4d, 0x3, 0x0, 0x1, r8}, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x3, 0xe, r3, &(0x7f00000007c0)="63ecd463b92f4c8c8f2595b6f2c257e659599cd3bd03a5e41602e9b9b072f6d8c5528fbad4f42316737b00e896ec2de12e0d8ecb31d333fb32751e252fd0e600d802a32b1f3dd3d9e5006879e33504dfff97edc85283bd56f5a49668", 0x5c, 0x4, 0x0, 0x3}, &(0x7f0000000b80)={0x0, 0x0, 0x0, 0x6, 0x9, r0, &(0x7f0000000ac0)="e2b4c0fcd42c44c098e5c313032fd4759a24dbaff05753ec373ae6b4f07bbb640fd350fd91ce429e14468e01abb439572c5ff1426b478ed858a04234bfc86fa577eda59ef65a97fa1f0eb0aee1f5a2d3582e0871f78752cfa5144373da99a5b30056b8f90bab0e9248079c38400fc243d70b3e7349247abfd9f645f0e1abf74eaa540ebe2fefe55e11d2a234c6ac546160e40a01c872b16a660290ff258e8843962386604cc1cd32be861edecf218197027423e9516fdcfb4a", 0xb9, 0x7}, &(0x7f0000000cc0)={0x0, 0x0, 0x0, 0x1, 0x7, r8, &(0x7f0000000bc0)="ff7908aba110b5a1714efa7156ade912e8344d5c7d068fc8bd7797ffc04da99596ed73994d042e06033aab0577cb69b3053fa5669cb7d63947e7b49c9e4f3b13c8fd25621e09ff2690daaae1fe9da3b0fa18fda40e468a732ba647bad968647ae005d102d8aa212eb59e88c541359067a54d3664687e65c274e4f533cbce05f9b013f2e4bc93bbf7160633542e7a77993392724fd616c22d69ec502b94609e8e53ca06ee00513ed7b35b565c11de232a542c7ec79d840b4727d8223f454afa5f00777981613c880a8e45eced5ff2e05711a65683cc", 0xd5, 0x4, 0x0, 0x1}, &(0x7f0000000e00)={0x0, 0x0, 0x0, 0x2, 0x81, r3, &(0x7f0000000d00)="ac10da7065a3644dc42029bd0e5f0af424a9d891a1e9b8449d6d37442f93ea7b621782605c0527b686c91bbc16434d2bff43ce4f60de8dc74357779a29d1537a827bbe58b50a11c2f532c69505cbda4b8a26d70b3deb7e5956fffaef76b489a665ca2162fecbf929755ece830dc96a907516097824f2b6e8975348c11662d4283e33f9776bae39370e09d1e3bc2659e5e84ed998ad0f775c26d98451c048ba3847d9015182cbfc85964b426d00a82c66ab6a4922c019ae7c2b49fbfb0839bb2474", 0xc1, 0x7, 0x0, 0x2}, &(0x7f0000000f00)={0x0, 0x0, 0x0, 0x2, 0x3, 0xffffffffffffffff, &(0x7f0000000e40)="d4a5b0cb255c25141c11b5cd190b7eb5cbea7e484e4b6f6b28afa0da95f42ba8e3e8a68a0acf2d3db2abc7b661c36b4f47129121959e70e5c66894664de9830cc0d751447138caaf515bca32513b292c19a41ac11fea96cc69c5fe32af7403ff187f45f32adaca535435c7e8c0de5ccc53c755a8d9889cbdf3c14727f2c68870c0751e1c2ca25f58030e640ea72af5f1949cca14", 0x94, 0x3, 0x0, 0x4}, &(0x7f0000001040)={0x0, 0x0, 0x0, 0x0, 0x7, r0, &(0x7f0000000f40)="ce4c04f08b308b70de085bd8a4addb41ee9210b2d2f9b635825f218b4950b133ec34f1e3cb1f5e05d1825caa84097f3af4f050f885f0439827bd3dcc8a853b16c190ea31b78fef50b15293e3af3ad8603256d80a2fc942ad4be7e5a910dc63a0827194d147996b61e1d393367742f81eb950a079d3419a0ca203d3d3c7f8a49313d4aecdcdbf8528420ac2eaae295ca5a62fa0602af27f20ab43dc433564d514c2c720423d535335ceeffd2dc769d27823f93a8b0c843bc304ffd57522a32d197c0f39db32346079cd5f9bd15ec4ec35f238490c36f3e67e44e98f8bfd85bc5f68ea53b241acebf81c7a7ce255a9", 0xee, 0x10}]) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x1, 0x1c, &(0x7f00000004c0)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x64}, {{}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0x0, 0x8}}, {{0x5, 0x0, 0x3}, {0x95, 0x0, 0x0, 0x700}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9, 0xfe00}, {0x6, 0x0, 0x6, 0x9}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff0, 0x50}, {0x7, 0x1, 0xb, 0x6, 0x8, 0x20}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x7, 0x0, 0x7, 0x0}, {0x18, 0x2, 0x2, 0x0, r4}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, 0x0, 0x1, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback=0x32, 0x0, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NBD_CMD_CONNECT(r10, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000000400)=ANY=[@ANYBLOB="0f7fb1efa18deda8dbfda62d3d2fbd5d3ba89580876ef48db5f5aae695bab7cfdfea4e1b695ed6ef6babff40b87cfc651e104f0204098eea3dbc84bb4391332d72136681e86bcdba300c34decaf30437bf833d8a933dbdca", @ANYRES16=0x0, @ANYBLOB="010028bd7000fbdbdf2501000000040007800c0002000300000000000000"], 0x24}, 0x1, 0x0, 0x0, 0x20004000}, 0x0) 1m20.544733028s ago: executing program 0 (id=4570): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) syz_open_dev$sg(0x0, 0x0, 0x38dd80) r0 = socket$inet6(0xa, 0xa, 0x400000) bind$inet6(r0, 0x0, 0x0) sendmmsg$inet6(r0, 0x0, 0x0, 0xc8000) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @raw_data="dea233684c996156af0d4bd8e3300217e750b8c97b7123d48003e7e1d3be5f710c41a1db6719881876e9bcc6e2f73c67cc6b675eb43188b5b7f9f898868de9a9c5d536d418ba283121a73a5aba55a87d2a2525295f4492bbde02ad8bc8e88779f2de06f38e99172df4d45b6f13c813dee4230c204a93172922b778fef7a1f89ce876bb89d44cd705bbb28db4869dfac20d928950507acd92c02d17f51b0a627539f6e0a0bdb92004bc6252cd35e8cd100962db9a83ad63a4e7e1ca17c1b6aac63fefa9bebe429d00"}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x62, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, 0x94) mknodat$loop(0xffffffffffffff9c, 0x0, 0x4, 0x1) open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x200000000000140) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x24004080) ioctl$BTRFS_IOC_ADD_DEV(r1, 0x5000940a, &(0x7f0000000c40)={{r1}, "7e993200ef8379553285b7e4500b085f1c07ff028a7aa1da0423fb63b102ee0a9dd820a940fbfeab99825d47de1228420d1a4ffb6807a5b3eace8382b8fc71bd4406f193b39a9e9ae85cd7c755d86b542e290e0c8cf4a2abcd058c84e7eaf4895edc63660385ccf82052ab44b883d796c437e4d8c9bab43c8d4aeeb73d3f287af918347652a2d63e76da11d5cc6d04869c091cb4d86f4b96b13903429e4207e59ad16f532c94fa1da8b4e081be6d7d30e5d40d9bcbc96acb8d32b90b23e1540fa8e56947a9369da8f6cf23152e9950fde6859ae73306ad3bb7ea0d508a5c481a914e2d17670f8b31c395201a7fdeb9410a3fbc6687fd069dc11255dc0968458933dc93ef6f27499de78f4fc4f2f25ba9ada5d4929c2c5eba5d21232119ffbc879f58598c211fcecd36722469b3a55a3ab28a242cb2545fa7a7441ca89f88cb43284b7b77b9f46c72e230f15a58b37edcf5cfe8a3bf9b7b2af96c0067efd14d663a4663051900d92d9045e2f5c7e7259438917ad43a96615aa9e0c41275018006b6475ae6a8029ad7b8e14b6d644fbd1039343d4d05d9e8a182fb8648ac164d6d4185c768b18092f947dc8506fb9ccf4f3c2c1396b5464ab19771e1f63f6c0eaf0c1181596d95ff3843583728288671375688803d656bea8f2a53cf93691ca2f31e012779ef6b7df159f4fd870d9259164c4367c19bc2338d42c17e6443476ef87798ee27c86d8d2cd5672e5b49a11c8a4e484f3887b180c848871ffaec3e0f09445070fc2a2363e4000e37bbcff42041fbc504fc3fc65ea6ba88d1955a8f57dd1d84fc52da5be59494308098a50c523a245de95f7828102eb49e8ba2392947fc7528cfd72638f1adb0b1505173f731696d3949ee80badbde508ba994f7b6f1c36d583abacf3842fadc0727a2259e448d200643c3ed4db584a53c630469d50c01162ac7f1e7a373d0fd5ac3dc20186a7c964f91535d542c5fffd3606df0f0252e2c9f93161c813e6a0442b69a791603d2e7f0ea4a1321d28d82320f746751006b4f8bfed3e03ba9616a3b289b006ea23ffd3ab5ffe83b022e2b5d369cca1578f3e8bc96945696e0dc4123423cd2c07754cd8533b9f032391b5e8e72513d9eb1c46fb88ff86f245a77986c9c4e933d3cf68fdf38a403d75e1bcf0d5ec217180eb28f28dc6b0bcbf8223cdaa3507413d1621ddaeb844fe0f8a7a6ea0d8901ea958516b74c5987c2c5f8be03637d9495d3f4a24aba6c0484f34fcfd4d269502f7fd0c2c7c66a0e4e88125075f45c3951f1a34d9184ec0f2fe0e93ff9b0c72bf1e16cd99c7dfcb85ac098b49697bcb7e7b202d1fece868d63ce6d3cfec1b3ae6e7ea5c2f955ab543681bca5e1c9285516855ebfa774cdad7ddbe84ac8552b9cfa1dba1942d6924caef88a6ece9f74c425623aa08dd804acc8dc2c5cf183d4b24edbe4c4c5a367807a34490ab16332389965b51ffb534cdaa148774d231981a9e17084664edea04fef6a7c7395b79bd7afd5074df0f6f56459b484ca68ff066a36305bf7b658271080c9b70fcd946c54702e5bf5f7ea782d3f583be3ba3fe697e20c49fa0b01b3f1dd0dce0fd445572b1d74e4cd65f0d30a088b0e7fddfd50bca49f17451347e48f6769f35d078fa25e71717a96c6c405316cf5439a220a4fec902f0f2749e35f48f4c3751abf9255d47d2b05c9c3fcf625c88974374039d0e6ffe4282aa0d6f4bf7e107e1f8c4f35aadfd7ecde0ce8d5663015d2474e75c0df46d9f2b6f9614305ef78b8f0726b7acae0883ec05c05c4df02329ec7d2d2094ad1277864677ec0a72098da8620cda4ec1dca7133561900bcacda331d6b1f54225ec79154b3116fce190c4cba04bd9398acb358745098f2c2217cedae830a1fecd81a25924cc3d6310dba1ec0f30400740d752d96adb6416212aef41446695e81cc6416178c8b410e0d1b9a5e26f712a70f36d9ce2dc5f2e62af86b5d812682f5dce2e49d5d5e5ff8657f247a1b2b918df99a2ef77eb74abced833800bcc9a7ba6d2300a37232d0d1298f311e3d727f63bdf24ce912cd3340419c695f2748933f690342bc161d83b8ebc047779bbecd66b9f48772e50dda79b2cde052f1f59f642ab09ab3a476f624ef4266483cabaf12d0ea26843be67172e6d9b7b2a03a976bab4c61da3e59bd1ea09be6355e8f8af0fcd4f87733ee0c23758dd4d848d37b126bc28d6b89016d373d698015e693746ba8bd8738c980bfedaa0256150f2f5a8eb667cd9b4be2e5a0bbacebbc4ef7cf454e12bbb26b506f9e0d3a171043c8b64f4ff13af33a1436bc975cb9a57878a2f8e68284116ad966e2578469bd78a8a0f318939d28acce14e151a76c01141dfe31cbe330d49352c2b9ace94a8c792296c8bd5592e450a5c8ca85a5920594291d18e9c819f88eea5f0f296472ec5d2409616f06ed57ebc6bf114d0fab3ea57f73b1b34ed0a7acea278c44f93f2475eb7b7105d13a9bb9ca9c42e2a52be7e2945411d6a5466178aaa7621932dd88528c974041df1270689a2e65365bf37644f50e1497b11625d6347e86a814d2276e2f758ad524fe994e27ae8a34f4ac60277d7e5aea57a099535e679e4d10b0ce8aa772ba449b74809a0c86ae6563f2c98089f93a16f4272aa010c2e8d25973bd8f5741a06cc77722312cf88f36e8c138dde8b5d419c025900c3ad0e397ca7924c4cd9b01c078d73723daa77fefa43f6d7b0c414da67008edc19e91365e3f55ef0b3409d74cf0767c976a83d074cba93e917a96a33debeb3f9a9108da797abad86ff3aaea7c00dfa683d0f96d2ac3c399e370cc199849d41b1cddace909b86c2d6427744f9498eb2e060ce28d0c68735b4f0678740c34c8b85304868ac51ba6e8b0894ec135d648b893487bd0f24b501bfad2ef54338ec9253e9cdb70029fbb1bbed8357817d96d2d425aed6a46ef8c6de53b952f7e5d97e4a628a1615815469e56c7e2a80b840b450f498256e1b358ed7a3ab943a56b1faf660b7f6c881c15920417f5a58778ce65835e2f6283b98ed24c19483e74653faa113d506d1d0bc0090c59fa2096a72bae9279720e4c17df60b8393843be47b0a0b7e2c7518245b94e9dd59af7b4740b54cfa63f4ce249fba3e7da7958e907a3e2cd0608910a8cdbed0747c9e69478de2553d14e9f373220325112ec916d00124a7fe9b350f293803c418363e4ac357181ea31bffd9076ba814a62593f32c46c7f80c8c68f7657f4ed7ee5ce36c99e18195d1bce0c2f57213b11cea138894ecfd7a3f357a5356537ae4004335f5b20e6b4ebfdad287fadde609a3189e9c7e8811a176ae631638613015960ad9b01b8f850af436a840784fc2832aad8b84d51e683f0b7ac9c89bf3cab79117afb23b7dc884a9571b6c87b925a88132c8c569e9da49902e5d77756e0fd01c2a31e6273ff8dd2c0c88462ca6be7878ab4e57837407e0df918bf1ffde66a072bf37cdf32c84bad3e912cb4750f39d7970fb1ebdb9eac64928f11a556078afb297be620612ad40ec5963f79cbc4b9d5bc1be3a6ba08ea6024b4e66ab056e5ffec14ac0a443835242669a2f43101fb4882d10955b52332207b671e3de666c5b55439a630a94104e904983a5a2095856814890c22b5ddb3ab66f64786ea30912ebcb91e3869f552a79c608268f9fe1b1e0c1dcca8303b039298e7b7e1ecdb42880f801d81b3168727faf7f299d6e26308d1d5bacfc9704b5435cd309fad6dadb2816c0d8f960a79cb6b889ee7d9da377d6865ad89ecdc1a242505735583975032bd8b4465c4cbdfff876c2bc603c4c53997f1227bf958a5b674212199a968c2af6a33bf69837c50c88f50f97378ea60a4c16e98e8ffe22f572daa1948ca071451cd3c9729b941220b93f512cb342853a44367ef4b5f0c3c125e33b34a39d5d112d0dcb28ad2689a64d23300fd49110e1e3730d3f3bae4f018eb78ebe8ad7f9ed1e379857d6109f3d95fc74a68388a4da02eac23aed38b0e0bf295a2c7360e9ccd31fa1e8401db3184f9052d7aa71c81a41a4e261e4ab4743b5aed5216e9353f9e81f1ca021ab126345296782d9b6d25a5e24fb3e2ee32974fed896e498ec46049d7089f58e8e3ce662342fd88c1e87f7c53baf65c5e6dae6c2310bd031e881b3bb1c7c1cd70a1c818d14d852134e43282bca7532de6dfe249e5b8d0b2da051d26e632f2db734a07e821f828a696d19b6d882380114f076c07742cd9b9af2364711ebc9150c4872cc4c8e37395db2490277d599335c75edb25f06b6c68ab3129154861ca634aeddffcdae2957db5215d5bc6b554e9ca5175947d9253fde4b4183a12b40f05bc06912eaa182d60f7e75735e09565611c0d6d8568716da06fc385771b14cc85d8a899d3a1310f6e8cefe359e915a1d88dec3b5639df6fded18c1c6eb8c7586a5780d89ba4fce28417e57ec2708b467f254dd2a19c70d35e93612279df887f5c23f21c9ce827e38edf132c74d3e42a54369b8e355c6bc9e7b852173c3671f26052b0154bcda579b60139a628597e70f109733361ff882f71fc766c4103da2806446d06dc40d752a7943e0deffba002bc4cbf9f3db65198d61343841dd996b3171cc9d2d88f1313b393e6a1cdd7cc467e2ddfab51ca3c39f62d2c564eb3c1bf5800a65d62921c326f2c716ac0076adcc4bbf0a3531efc7c3ee678d1c78f861fd8661a1905e57705cbe84559daa8aa9d0ee8eb5dbed9c361f7680c38247178be1fa23e19017a7b3ca2c8c268c9de0b602c9215baf807557b49435d01b4369b9f734028500e8939ddb9efe0aa549e8bbb134f4799c41390e49003b5b6623bf509a78918263169e6d90ce9e1015126033653e831fd0e328aef199c7ce15e6ff1692b2f6720873a8ae670043af6328a5d903d14c6ec6f3820bc63ec41d8281924808aa32fa886f778b6cadf221c4f91b6bc1638dbbdf365ae21e06bf488e4f79af9ea9f1b25c37fb3d959bf93c0d7d7cff31185ca36f6e94c16323baf2253959899b61ff5f77d9f505e6ddb5fae13f506eea637e3f0431b62ce0d74499751f3f945500ec2d8c44b47a2121081e559ea10976fdfd2228d31bf30b5ef4cb778963afb619514af26a14c593c1bf933b57e05ad857e7e63096ce6e3e7d3f2d8b02ba96eab19711195db9cd3316ba0b9c86a8b856ac5b5bdcea0dd37c26e081abc08ae917719e07543dc40f1dc775bea97f7a15725b5f69e8fa2d68648d06f581c66f3890ffc81059f3f41f97b0980d5cb7311c9f6176bbd5967aa68b7fd20a8affae3c8e7bdec62916c1aa4d3496a0348b460a4a6d775d044f7cbd74a2b029cfcd71013df095577a51b493d00f497695bc921ee2f862e50822f499b92acd6cff649c92f45c29a15039b6203186be2d77bd1058aa32a5356f706cec25be447a1b2ed1e0c33143dc0311b6d09634b823992f2f5b6920faeff8f16e31db656949fbeef9d27b338b2aab1a04472c49b91198f44ddb8284141667a63da4286697247e6773d5dae2cdce0f5259f5610593eb2df1b076d299bbdc4309257dbb9a93c68484f8963eb85debba245a5a81f08c7e2c267a5bd7962779f4f063d3859e8af7f5c0fb6c0fa64cef8180bde784f0b39383728c71f1b24b77a0cf5bb8a3cd80b350b6713850a1f6879479345645797a874473ab5f6172f56b1752151aba88900cd3f3ebd082dbffea63a2ad0d7c02c2d54c2000e64fb110663a9300a63da7cd5f5d94d324d1e96a6b58b0c15baa0cca3095953da06430baf0a4e2357c6ef5a44"}) r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0), 0xa0602, 0x0) writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0, 0xff2b}], 0x2) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[]) chdir(&(0x7f0000000000)='./file0\x00') r3 = open(&(0x7f0000000040)='./file0\x00', 0x80242, 0x1df2a23c5997fa7b) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x0, 0xf0, 0x0, 0x0, 0x0, 0x805, 0x0, 0xd, 0x0, 0x0, 0x0}, 0x4c) write$FUSE_CREATE_OPEN(r3, &(0x7f0000000500)={0xa0, 0x0, 0x0, {{0x80000000, 0x3, 0xfffffffffffffffb, 0xfffffffffedfff83, 0x3, 0x1, {0xffffffffffffffff, 0x3ff, 0x20ff, 0x7ff, 0xf7c, 0x800000000000d615, 0x3fb, 0x7fffffff, 0x6, 0x1000, 0x8, 0x0, 0x0, 0x3ff, 0x8ea2}}, {0x0, 0x12}}}, 0xa0) sendfile(r3, r3, &(0x7f0000000080), 0x7f04) 1m18.894680155s ago: executing program 0 (id=4576): r0 = openat$fb1(0xffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000380)={0x3c0, 0x78, 0x3f, 0x0, 0x1, 0x0, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) (fail_nth: 11) 1m18.434832863s ago: executing program 0 (id=4579): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000030000000400000002"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_kthread_work_queue_work\x00', r1}, 0x18) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={r3, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000280)="b9ff03076804268c989e14f088a8", 0x0, 0x2, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000006c0)={0x1b, 0x0, 0x0, 0xc596, 0x0, r0, 0x7, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x3}, 0x50) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={&(0x7f0000000380)="87a2765c5b2302aa8e2feaa46deb38dd2cd0285c5967ff6ea575935220949b7f940e41f2b0f2b68f0551ee73371d0370e34e3dfd4ffe5fd1295f5fb1414208cd9c261fbb4cf55d397628dfeee05c05a9ac75522970fef29f81ea24", &(0x7f00000004c0)=""/166, &(0x7f0000000580)="0f7ce7a0efded293bc8491ede5b0d203d16698104ef05e9bf176d97fc9299b68ece0bc24c8c68dd9e46e0821d459cd9ff65cf93e30ffe474f2d41230a46114fe61491d56a4ac0b15b30e6204c6570663e9f25d3d32d932383c8a8c12ba813f78bc07c0342cb33e18997df01af3d2de8e05195b6b915f1a501b09d515847e044156088f9d1fc32d8187813dbf385ad40141e8680e80513ea85a04eecb91", &(0x7f0000000640)="e2d484281e743236583039f15ee4ad2b484c795607577620681e25e7ec710af18ed6a2b3d519140962d0e5adbd911cfbfebbb22e79e49759603bdb45f3fe5543ccf1f86f733e0b2090", 0x401, r4}, 0x38) 1m18.224551713s ago: executing program 0 (id=4580): r0 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'veth0_to_bond\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000010c0)=@newqdisc={0x38, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0x2}}, @TCA_RATE={0x6}]}, 0x38}}, 0x4000) (fail_nth: 12) 1m18.154728658s ago: executing program 0 (id=4581): r0 = socket$kcm(0x2d, 0x2, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f0000000040)={r1}) socket(0x1e, 0x805, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000001240)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYRESHEX], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x60, '\x00', 0x0, @fallback=0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="5c000000020605000000000000000000000000000c00078005001500267d00000500010007000000050005000a000000050004"], 0x5c}}, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) mlock2(&(0x7f0000627000/0x3000)=nil, 0x3000, 0x0) mremap(&(0x7f0000532000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000190000/0x1000)=nil) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') r2 = syz_clone(0x88200200, 0x0, 0x0, 0x0, 0x0, 0x0) setpgid(r2, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x220) setpgid(0x0, r2) r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', 0x89901) move_mount(r3, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x10) mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './bus'}}], [], 0x2c}) openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0, 0x0) mlock(&(0x7f0000626000/0x5000)=nil, 0x5000) r4 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2) ioctl$vim2m_VIDIOC_S_CTRL(r4, 0xc008561c, &(0x7f0000000140)={0xf0f002}) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000f00), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_SET(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000011c0)={&(0x7f0000000f40)={0x64, r7, 0x1, 0xffffffff, 0x0, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x8}, {0x6}, {0x5}, {0x6}, {0x8, 0xb, 0x5}}]}, 0x64}}, 0x0) r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r5) sendmsg$ETHTOOL_MSG_DEBUG_SET(r5, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000580)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="01000000040200f2c8dc1b000000180001801400020073797a5f74756e0000000000000000000c000280"], 0x38}, 0x1, 0x0, 0x0, 0x20000844}, 0x0) 1m17.163914065s ago: executing program 0 (id=4584): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) syz_open_dev$sg(0x0, 0x0, 0x38dd80) r0 = socket$inet6(0xa, 0xa, 0x400000) bind$inet6(r0, 0x0, 0x0) sendmmsg$inet6(r0, 0x0, 0x0, 0xc8000) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @raw_data="dea233684c996156af0d4bd8e3300217e750b8c97b7123d48003e7e1d3be5f710c41a1db6719881876e9bcc6e2f73c67cc6b675eb43188b5b7f9f898868de9a9c5d536d418ba283121a73a5aba55a87d2a2525295f4492bbde02ad8bc8e88779f2de06f38e99172df4d45b6f13c813dee4230c204a93172922b778fef7a1f89ce876bb89d44cd705bbb28db4869dfac20d928950507acd92c02d17f51b0a627539f6e0a0bdb92004bc6252cd35e8cd100962db9a83ad63a4e7e1ca17c1b6aac63fefa9bebe429d00"}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x62, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, 0x94) name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000180), 0x0) open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x200000000000140) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x24004080) ioctl$BTRFS_IOC_ADD_DEV(r1, 0x5000940a, &(0x7f0000000c40)={{r1}, "7e993200ef8379553285b7e4500b085f1c07ff028a7aa1da0423fb63b102ee0a9dd820a940fbfeab99825d47de1228420d1a4ffb6807a5b3eace8382b8fc71bd4406f193b39a9e9ae85cd7c755d86b542e290e0c8cf4a2abcd058c84e7eaf4895edc63660385ccf82052ab44b883d796c437e4d8c9bab43c8d4aeeb73d3f287af918347652a2d63e76da11d5cc6d04869c091cb4d86f4b96b13903429e4207e59ad16f532c94fa1da8b4e081be6d7d30e5d40d9bcbc96acb8d32b90b23e1540fa8e56947a9369da8f6cf23152e9950fde6859ae73306ad3bb7ea0d508a5c481a914e2d17670f8b31c395201a7fdeb9410a3fbc6687fd069dc11255dc0968458933dc93ef6f27499de78f4fc4f2f25ba9ada5d4929c2c5eba5d21232119ffbc879f58598c211fcecd36722469b3a55a3ab28a242cb2545fa7a7441ca89f88cb43284b7b77b9f46c72e230f15a58b37edcf5cfe8a3bf9b7b2af96c0067efd14d663a4663051900d92d9045e2f5c7e7259438917ad43a96615aa9e0c41275018006b6475ae6a8029ad7b8e14b6d644fbd1039343d4d05d9e8a182fb8648ac164d6d4185c768b18092f947dc8506fb9ccf4f3c2c1396b5464ab19771e1f63f6c0eaf0c1181596d95ff3843583728288671375688803d656bea8f2a53cf93691ca2f31e012779ef6b7df159f4fd870d9259164c4367c19bc2338d42c17e6443476ef87798ee27c86d8d2cd5672e5b49a11c8a4e484f3887b180c848871ffaec3e0f09445070fc2a2363e4000e37bbcff42041fbc504fc3fc65ea6ba88d1955a8f57dd1d84fc52da5be59494308098a50c523a245de95f7828102eb49e8ba2392947fc7528cfd72638f1adb0b1505173f731696d3949ee80badbde508ba994f7b6f1c36d583abacf3842fadc0727a2259e448d200643c3ed4db584a53c630469d50c01162ac7f1e7a373d0fd5ac3dc20186a7c964f91535d542c5fffd3606df0f0252e2c9f93161c813e6a0442b69a791603d2e7f0ea4a1321d28d82320f746751006b4f8bfed3e03ba9616a3b289b006ea23ffd3ab5ffe83b022e2b5d369cca1578f3e8bc96945696e0dc4123423cd2c07754cd8533b9f032391b5e8e72513d9eb1c46fb88ff86f245a77986c9c4e933d3cf68fdf38a403d75e1bcf0d5ec217180eb28f28dc6b0bcbf8223cdaa3507413d1621ddaeb844fe0f8a7a6ea0d8901ea958516b74c5987c2c5f8be03637d9495d3f4a24aba6c0484f34fcfd4d269502f7fd0c2c7c66a0e4e88125075f45c3951f1a34d9184ec0f2fe0e93ff9b0c72bf1e16cd99c7dfcb85ac098b49697bcb7e7b202d1fece868d63ce6d3cfec1b3ae6e7ea5c2f955ab543681bca5e1c9285516855ebfa774cdad7ddbe84ac8552b9cfa1dba1942d6924caef88a6ece9f74c425623aa08dd804acc8dc2c5cf183d4b24edbe4c4c5a367807a34490ab16332389965b51ffb534cdaa148774d231981a9e17084664edea04fef6a7c7395b79bd7afd5074df0f6f56459b484ca68ff066a36305bf7b658271080c9b70fcd946c54702e5bf5f7ea782d3f583be3ba3fe697e20c49fa0b01b3f1dd0dce0fd445572b1d74e4cd65f0d30a088b0e7fddfd50bca49f17451347e48f6769f35d078fa25e71717a96c6c405316cf5439a220a4fec902f0f2749e35f48f4c3751abf9255d47d2b05c9c3fcf625c88974374039d0e6ffe4282aa0d6f4bf7e107e1f8c4f35aadfd7ecde0ce8d5663015d2474e75c0df46d9f2b6f9614305ef78b8f0726b7acae0883ec05c05c4df02329ec7d2d2094ad1277864677ec0a72098da8620cda4ec1dca7133561900bcacda331d6b1f54225ec79154b3116fce190c4cba04bd9398acb358745098f2c2217cedae830a1fecd81a25924cc3d6310dba1ec0f30400740d752d96adb6416212aef41446695e81cc6416178c8b410e0d1b9a5e26f712a70f36d9ce2dc5f2e62af86b5d812682f5dce2e49d5d5e5ff8657f247a1b2b918df99a2ef77eb74abced833800bcc9a7ba6d2300a37232d0d1298f311e3d727f63bdf24ce912cd3340419c695f2748933f690342bc161d83b8ebc047779bbecd66b9f48772e50dda79b2cde052f1f59f642ab09ab3a476f624ef4266483cabaf12d0ea26843be67172e6d9b7b2a03a976bab4c61da3e59bd1ea09be6355e8f8af0fcd4f87733ee0c23758dd4d848d37b126bc28d6b89016d373d698015e693746ba8bd8738c980bfedaa0256150f2f5a8eb667cd9b4be2e5a0bbacebbc4ef7cf454e12bbb26b506f9e0d3a171043c8b64f4ff13af33a1436bc975cb9a57878a2f8e68284116ad966e2578469bd78a8a0f318939d28acce14e151a76c01141dfe31cbe330d49352c2b9ace94a8c792296c8bd5592e450a5c8ca85a5920594291d18e9c819f88eea5f0f296472ec5d2409616f06ed57ebc6bf114d0fab3ea57f73b1b34ed0a7acea278c44f93f2475eb7b7105d13a9bb9ca9c42e2a52be7e2945411d6a5466178aaa7621932dd88528c974041df1270689a2e65365bf37644f50e1497b11625d6347e86a814d2276e2f758ad524fe994e27ae8a34f4ac60277d7e5aea57a099535e679e4d10b0ce8aa772ba449b74809a0c86ae6563f2c98089f93a16f4272aa010c2e8d25973bd8f5741a06cc77722312cf88f36e8c138dde8b5d419c025900c3ad0e397ca7924c4cd9b01c078d73723daa77fefa43f6d7b0c414da67008edc19e91365e3f55ef0b3409d74cf0767c976a83d074cba93e917a96a33debeb3f9a9108da797abad86ff3aaea7c00dfa683d0f96d2ac3c399e370cc199849d41b1cddace909b86c2d6427744f9498eb2e060ce28d0c68735b4f0678740c34c8b85304868ac51ba6e8b0894ec135d648b893487bd0f24b501bfad2ef54338ec9253e9cdb70029fbb1bbed8357817d96d2d425aed6a46ef8c6de53b952f7e5d97e4a628a1615815469e56c7e2a80b840b450f498256e1b358ed7a3ab943a56b1faf660b7f6c881c15920417f5a58778ce65835e2f6283b98ed24c19483e74653faa113d506d1d0bc0090c59fa2096a72bae9279720e4c17df60b8393843be47b0a0b7e2c7518245b94e9dd59af7b4740b54cfa63f4ce249fba3e7da7958e907a3e2cd0608910a8cdbed0747c9e69478de2553d14e9f373220325112ec916d00124a7fe9b350f293803c418363e4ac357181ea31bffd9076ba814a62593f32c46c7f80c8c68f7657f4ed7ee5ce36c99e18195d1bce0c2f57213b11cea138894ecfd7a3f357a5356537ae4004335f5b20e6b4ebfdad287fadde609a3189e9c7e8811a176ae631638613015960ad9b01b8f850af436a840784fc2832aad8b84d51e683f0b7ac9c89bf3cab79117afb23b7dc884a9571b6c87b925a88132c8c569e9da49902e5d77756e0fd01c2a31e6273ff8dd2c0c88462ca6be7878ab4e57837407e0df918bf1ffde66a072bf37cdf32c84bad3e912cb4750f39d7970fb1ebdb9eac64928f11a556078afb297be620612ad40ec5963f79cbc4b9d5bc1be3a6ba08ea6024b4e66ab056e5ffec14ac0a443835242669a2f43101fb4882d10955b52332207b671e3de666c5b55439a630a94104e904983a5a2095856814890c22b5ddb3ab66f64786ea30912ebcb91e3869f552a79c608268f9fe1b1e0c1dcca8303b039298e7b7e1ecdb42880f801d81b3168727faf7f299d6e26308d1d5bacfc9704b5435cd309fad6dadb2816c0d8f960a79cb6b889ee7d9da377d6865ad89ecdc1a242505735583975032bd8b4465c4cbdfff876c2bc603c4c53997f1227bf958a5b674212199a968c2af6a33bf69837c50c88f50f97378ea60a4c16e98e8ffe22f572daa1948ca071451cd3c9729b941220b93f512cb342853a44367ef4b5f0c3c125e33b34a39d5d112d0dcb28ad2689a64d23300fd49110e1e3730d3f3bae4f018eb78ebe8ad7f9ed1e379857d6109f3d95fc74a68388a4da02eac23aed38b0e0bf295a2c7360e9ccd31fa1e8401db3184f9052d7aa71c81a41a4e261e4ab4743b5aed5216e9353f9e81f1ca021ab126345296782d9b6d25a5e24fb3e2ee32974fed896e498ec46049d7089f58e8e3ce662342fd88c1e87f7c53baf65c5e6dae6c2310bd031e881b3bb1c7c1cd70a1c818d14d852134e43282bca7532de6dfe249e5b8d0b2da051d26e632f2db734a07e821f828a696d19b6d882380114f076c07742cd9b9af2364711ebc9150c4872cc4c8e37395db2490277d599335c75edb25f06b6c68ab3129154861ca634aeddffcdae2957db5215d5bc6b554e9ca5175947d9253fde4b4183a12b40f05bc06912eaa182d60f7e75735e09565611c0d6d8568716da06fc385771b14cc85d8a899d3a1310f6e8cefe359e915a1d88dec3b5639df6fded18c1c6eb8c7586a5780d89ba4fce28417e57ec2708b467f254dd2a19c70d35e93612279df887f5c23f21c9ce827e38edf132c74d3e42a54369b8e355c6bc9e7b852173c3671f26052b0154bcda579b60139a628597e70f109733361ff882f71fc766c4103da2806446d06dc40d752a7943e0deffba002bc4cbf9f3db65198d61343841dd996b3171cc9d2d88f1313b393e6a1cdd7cc467e2ddfab51ca3c39f62d2c564eb3c1bf5800a65d62921c326f2c716ac0076adcc4bbf0a3531efc7c3ee678d1c78f861fd8661a1905e57705cbe84559daa8aa9d0ee8eb5dbed9c361f7680c38247178be1fa23e19017a7b3ca2c8c268c9de0b602c9215baf807557b49435d01b4369b9f734028500e8939ddb9efe0aa549e8bbb134f4799c41390e49003b5b6623bf509a78918263169e6d90ce9e1015126033653e831fd0e328aef199c7ce15e6ff1692b2f6720873a8ae670043af6328a5d903d14c6ec6f3820bc63ec41d8281924808aa32fa886f778b6cadf221c4f91b6bc1638dbbdf365ae21e06bf488e4f79af9ea9f1b25c37fb3d959bf93c0d7d7cff31185ca36f6e94c16323baf2253959899b61ff5f77d9f505e6ddb5fae13f506eea637e3f0431b62ce0d74499751f3f945500ec2d8c44b47a2121081e559ea10976fdfd2228d31bf30b5ef4cb778963afb619514af26a14c593c1bf933b57e05ad857e7e63096ce6e3e7d3f2d8b02ba96eab19711195db9cd3316ba0b9c86a8b856ac5b5bdcea0dd37c26e081abc08ae917719e07543dc40f1dc775bea97f7a15725b5f69e8fa2d68648d06f581c66f3890ffc81059f3f41f97b0980d5cb7311c9f6176bbd5967aa68b7fd20a8affae3c8e7bdec62916c1aa4d3496a0348b460a4a6d775d044f7cbd74a2b029cfcd71013df095577a51b493d00f497695bc921ee2f862e50822f499b92acd6cff649c92f45c29a15039b6203186be2d77bd1058aa32a5356f706cec25be447a1b2ed1e0c33143dc0311b6d09634b823992f2f5b6920faeff8f16e31db656949fbeef9d27b338b2aab1a04472c49b91198f44ddb8284141667a63da4286697247e6773d5dae2cdce0f5259f5610593eb2df1b076d299bbdc4309257dbb9a93c68484f8963eb85debba245a5a81f08c7e2c267a5bd7962779f4f063d3859e8af7f5c0fb6c0fa64cef8180bde784f0b39383728c71f1b24b77a0cf5bb8a3cd80b350b6713850a1f6879479345645797a874473ab5f6172f56b1752151aba88900cd3f3ebd082dbffea63a2ad0d7c02c2d54c2000e64fb110663a9300a63da7cd5f5d94d324d1e96a6b58b0c15baa0cca3095953da06430baf0a4e2357c6ef5a44"}) r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0), 0xa0602, 0x0) writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0, 0xff2b}], 0x2) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[]) chdir(&(0x7f0000000000)='./file0\x00') r3 = open(&(0x7f0000000040)='./file0\x00', 0x80242, 0x1df2a23c5997fa7b) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x0, 0xf0, 0x0, 0x0, 0x0, 0x805, 0x0, 0xd, 0x0, 0x0, 0x0}, 0x4c) write$FUSE_CREATE_OPEN(r3, &(0x7f0000000500)={0xa0, 0x0, 0x0, {{0x80000000, 0x3, 0xfffffffffffffffb, 0xfffffffffedfff83, 0x3, 0x1, {0xffffffffffffffff, 0x3ff, 0x20ff, 0x7ff, 0xf7c, 0x800000000000d615, 0x3fb, 0x7fffffff, 0x6, 0x1000, 0x8, 0x0, 0x0, 0x3ff, 0x8ea2}}, {0x0, 0x12}}}, 0xa0) sendfile(r3, r3, &(0x7f0000000080), 0x7f04) 1m1.915478146s ago: executing program 33 (id=4584): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) syz_open_dev$sg(0x0, 0x0, 0x38dd80) r0 = socket$inet6(0xa, 0xa, 0x400000) bind$inet6(r0, 0x0, 0x0) sendmmsg$inet6(r0, 0x0, 0x0, 0xc8000) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @raw_data="dea233684c996156af0d4bd8e3300217e750b8c97b7123d48003e7e1d3be5f710c41a1db6719881876e9bcc6e2f73c67cc6b675eb43188b5b7f9f898868de9a9c5d536d418ba283121a73a5aba55a87d2a2525295f4492bbde02ad8bc8e88779f2de06f38e99172df4d45b6f13c813dee4230c204a93172922b778fef7a1f89ce876bb89d44cd705bbb28db4869dfac20d928950507acd92c02d17f51b0a627539f6e0a0bdb92004bc6252cd35e8cd100962db9a83ad63a4e7e1ca17c1b6aac63fefa9bebe429d00"}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x62, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, 0x94) name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000180), 0x0) open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x200000000000140) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x24004080) ioctl$BTRFS_IOC_ADD_DEV(r1, 0x5000940a, &(0x7f0000000c40)={{r1}, "7e993200ef8379553285b7e4500b085f1c07ff028a7aa1da0423fb63b102ee0a9dd820a940fbfeab99825d47de1228420d1a4ffb6807a5b3eace8382b8fc71bd4406f193b39a9e9ae85cd7c755d86b542e290e0c8cf4a2abcd058c84e7eaf4895edc63660385ccf82052ab44b883d796c437e4d8c9bab43c8d4aeeb73d3f287af918347652a2d63e76da11d5cc6d04869c091cb4d86f4b96b13903429e4207e59ad16f532c94fa1da8b4e081be6d7d30e5d40d9bcbc96acb8d32b90b23e1540fa8e56947a9369da8f6cf23152e9950fde6859ae73306ad3bb7ea0d508a5c481a914e2d17670f8b31c395201a7fdeb9410a3fbc6687fd069dc11255dc0968458933dc93ef6f27499de78f4fc4f2f25ba9ada5d4929c2c5eba5d21232119ffbc879f58598c211fcecd36722469b3a55a3ab28a242cb2545fa7a7441ca89f88cb43284b7b77b9f46c72e230f15a58b37edcf5cfe8a3bf9b7b2af96c0067efd14d663a4663051900d92d9045e2f5c7e7259438917ad43a96615aa9e0c41275018006b6475ae6a8029ad7b8e14b6d644fbd1039343d4d05d9e8a182fb8648ac164d6d4185c768b18092f947dc8506fb9ccf4f3c2c1396b5464ab19771e1f63f6c0eaf0c1181596d95ff3843583728288671375688803d656bea8f2a53cf93691ca2f31e012779ef6b7df159f4fd870d9259164c4367c19bc2338d42c17e6443476ef87798ee27c86d8d2cd5672e5b49a11c8a4e484f3887b180c848871ffaec3e0f09445070fc2a2363e4000e37bbcff42041fbc504fc3fc65ea6ba88d1955a8f57dd1d84fc52da5be59494308098a50c523a245de95f7828102eb49e8ba2392947fc7528cfd72638f1adb0b1505173f731696d3949ee80badbde508ba994f7b6f1c36d583abacf3842fadc0727a2259e448d200643c3ed4db584a53c630469d50c01162ac7f1e7a373d0fd5ac3dc20186a7c964f91535d542c5fffd3606df0f0252e2c9f93161c813e6a0442b69a791603d2e7f0ea4a1321d28d82320f746751006b4f8bfed3e03ba9616a3b289b006ea23ffd3ab5ffe83b022e2b5d369cca1578f3e8bc96945696e0dc4123423cd2c07754cd8533b9f032391b5e8e72513d9eb1c46fb88ff86f245a77986c9c4e933d3cf68fdf38a403d75e1bcf0d5ec217180eb28f28dc6b0bcbf8223cdaa3507413d1621ddaeb844fe0f8a7a6ea0d8901ea958516b74c5987c2c5f8be03637d9495d3f4a24aba6c0484f34fcfd4d269502f7fd0c2c7c66a0e4e88125075f45c3951f1a34d9184ec0f2fe0e93ff9b0c72bf1e16cd99c7dfcb85ac098b49697bcb7e7b202d1fece868d63ce6d3cfec1b3ae6e7ea5c2f955ab543681bca5e1c9285516855ebfa774cdad7ddbe84ac8552b9cfa1dba1942d6924caef88a6ece9f74c425623aa08dd804acc8dc2c5cf183d4b24edbe4c4c5a367807a34490ab16332389965b51ffb534cdaa148774d231981a9e17084664edea04fef6a7c7395b79bd7afd5074df0f6f56459b484ca68ff066a36305bf7b658271080c9b70fcd946c54702e5bf5f7ea782d3f583be3ba3fe697e20c49fa0b01b3f1dd0dce0fd445572b1d74e4cd65f0d30a088b0e7fddfd50bca49f17451347e48f6769f35d078fa25e71717a96c6c405316cf5439a220a4fec902f0f2749e35f48f4c3751abf9255d47d2b05c9c3fcf625c88974374039d0e6ffe4282aa0d6f4bf7e107e1f8c4f35aadfd7ecde0ce8d5663015d2474e75c0df46d9f2b6f9614305ef78b8f0726b7acae0883ec05c05c4df02329ec7d2d2094ad1277864677ec0a72098da8620cda4ec1dca7133561900bcacda331d6b1f54225ec79154b3116fce190c4cba04bd9398acb358745098f2c2217cedae830a1fecd81a25924cc3d6310dba1ec0f30400740d752d96adb6416212aef41446695e81cc6416178c8b410e0d1b9a5e26f712a70f36d9ce2dc5f2e62af86b5d812682f5dce2e49d5d5e5ff8657f247a1b2b918df99a2ef77eb74abced833800bcc9a7ba6d2300a37232d0d1298f311e3d727f63bdf24ce912cd3340419c695f2748933f690342bc161d83b8ebc047779bbecd66b9f48772e50dda79b2cde052f1f59f642ab09ab3a476f624ef4266483cabaf12d0ea26843be67172e6d9b7b2a03a976bab4c61da3e59bd1ea09be6355e8f8af0fcd4f87733ee0c23758dd4d848d37b126bc28d6b89016d373d698015e693746ba8bd8738c980bfedaa0256150f2f5a8eb667cd9b4be2e5a0bbacebbc4ef7cf454e12bbb26b506f9e0d3a171043c8b64f4ff13af33a1436bc975cb9a57878a2f8e68284116ad966e2578469bd78a8a0f318939d28acce14e151a76c01141dfe31cbe330d49352c2b9ace94a8c792296c8bd5592e450a5c8ca85a5920594291d18e9c819f88eea5f0f296472ec5d2409616f06ed57ebc6bf114d0fab3ea57f73b1b34ed0a7acea278c44f93f2475eb7b7105d13a9bb9ca9c42e2a52be7e2945411d6a5466178aaa7621932dd88528c974041df1270689a2e65365bf37644f50e1497b11625d6347e86a814d2276e2f758ad524fe994e27ae8a34f4ac60277d7e5aea57a099535e679e4d10b0ce8aa772ba449b74809a0c86ae6563f2c98089f93a16f4272aa010c2e8d25973bd8f5741a06cc77722312cf88f36e8c138dde8b5d419c025900c3ad0e397ca7924c4cd9b01c078d73723daa77fefa43f6d7b0c414da67008edc19e91365e3f55ef0b3409d74cf0767c976a83d074cba93e917a96a33debeb3f9a9108da797abad86ff3aaea7c00dfa683d0f96d2ac3c399e370cc199849d41b1cddace909b86c2d6427744f9498eb2e060ce28d0c68735b4f0678740c34c8b85304868ac51ba6e8b0894ec135d648b893487bd0f24b501bfad2ef54338ec9253e9cdb70029fbb1bbed8357817d96d2d425aed6a46ef8c6de53b952f7e5d97e4a628a1615815469e56c7e2a80b840b450f498256e1b358ed7a3ab943a56b1faf660b7f6c881c15920417f5a58778ce65835e2f6283b98ed24c19483e74653faa113d506d1d0bc0090c59fa2096a72bae9279720e4c17df60b8393843be47b0a0b7e2c7518245b94e9dd59af7b4740b54cfa63f4ce249fba3e7da7958e907a3e2cd0608910a8cdbed0747c9e69478de2553d14e9f373220325112ec916d00124a7fe9b350f293803c418363e4ac357181ea31bffd9076ba814a62593f32c46c7f80c8c68f7657f4ed7ee5ce36c99e18195d1bce0c2f57213b11cea138894ecfd7a3f357a5356537ae4004335f5b20e6b4ebfdad287fadde609a3189e9c7e8811a176ae631638613015960ad9b01b8f850af436a840784fc2832aad8b84d51e683f0b7ac9c89bf3cab79117afb23b7dc884a9571b6c87b925a88132c8c569e9da49902e5d77756e0fd01c2a31e6273ff8dd2c0c88462ca6be7878ab4e57837407e0df918bf1ffde66a072bf37cdf32c84bad3e912cb4750f39d7970fb1ebdb9eac64928f11a556078afb297be620612ad40ec5963f79cbc4b9d5bc1be3a6ba08ea6024b4e66ab056e5ffec14ac0a443835242669a2f43101fb4882d10955b52332207b671e3de666c5b55439a630a94104e904983a5a2095856814890c22b5ddb3ab66f64786ea30912ebcb91e3869f552a79c608268f9fe1b1e0c1dcca8303b039298e7b7e1ecdb42880f801d81b3168727faf7f299d6e26308d1d5bacfc9704b5435cd309fad6dadb2816c0d8f960a79cb6b889ee7d9da377d6865ad89ecdc1a242505735583975032bd8b4465c4cbdfff876c2bc603c4c53997f1227bf958a5b674212199a968c2af6a33bf69837c50c88f50f97378ea60a4c16e98e8ffe22f572daa1948ca071451cd3c9729b941220b93f512cb342853a44367ef4b5f0c3c125e33b34a39d5d112d0dcb28ad2689a64d23300fd49110e1e3730d3f3bae4f018eb78ebe8ad7f9ed1e379857d6109f3d95fc74a68388a4da02eac23aed38b0e0bf295a2c7360e9ccd31fa1e8401db3184f9052d7aa71c81a41a4e261e4ab4743b5aed5216e9353f9e81f1ca021ab126345296782d9b6d25a5e24fb3e2ee32974fed896e498ec46049d7089f58e8e3ce662342fd88c1e87f7c53baf65c5e6dae6c2310bd031e881b3bb1c7c1cd70a1c818d14d852134e43282bca7532de6dfe249e5b8d0b2da051d26e632f2db734a07e821f828a696d19b6d882380114f076c07742cd9b9af2364711ebc9150c4872cc4c8e37395db2490277d599335c75edb25f06b6c68ab3129154861ca634aeddffcdae2957db5215d5bc6b554e9ca5175947d9253fde4b4183a12b40f05bc06912eaa182d60f7e75735e09565611c0d6d8568716da06fc385771b14cc85d8a899d3a1310f6e8cefe359e915a1d88dec3b5639df6fded18c1c6eb8c7586a5780d89ba4fce28417e57ec2708b467f254dd2a19c70d35e93612279df887f5c23f21c9ce827e38edf132c74d3e42a54369b8e355c6bc9e7b852173c3671f26052b0154bcda579b60139a628597e70f109733361ff882f71fc766c4103da2806446d06dc40d752a7943e0deffba002bc4cbf9f3db65198d61343841dd996b3171cc9d2d88f1313b393e6a1cdd7cc467e2ddfab51ca3c39f62d2c564eb3c1bf5800a65d62921c326f2c716ac0076adcc4bbf0a3531efc7c3ee678d1c78f861fd8661a1905e57705cbe84559daa8aa9d0ee8eb5dbed9c361f7680c38247178be1fa23e19017a7b3ca2c8c268c9de0b602c9215baf807557b49435d01b4369b9f734028500e8939ddb9efe0aa549e8bbb134f4799c41390e49003b5b6623bf509a78918263169e6d90ce9e1015126033653e831fd0e328aef199c7ce15e6ff1692b2f6720873a8ae670043af6328a5d903d14c6ec6f3820bc63ec41d8281924808aa32fa886f778b6cadf221c4f91b6bc1638dbbdf365ae21e06bf488e4f79af9ea9f1b25c37fb3d959bf93c0d7d7cff31185ca36f6e94c16323baf2253959899b61ff5f77d9f505e6ddb5fae13f506eea637e3f0431b62ce0d74499751f3f945500ec2d8c44b47a2121081e559ea10976fdfd2228d31bf30b5ef4cb778963afb619514af26a14c593c1bf933b57e05ad857e7e63096ce6e3e7d3f2d8b02ba96eab19711195db9cd3316ba0b9c86a8b856ac5b5bdcea0dd37c26e081abc08ae917719e07543dc40f1dc775bea97f7a15725b5f69e8fa2d68648d06f581c66f3890ffc81059f3f41f97b0980d5cb7311c9f6176bbd5967aa68b7fd20a8affae3c8e7bdec62916c1aa4d3496a0348b460a4a6d775d044f7cbd74a2b029cfcd71013df095577a51b493d00f497695bc921ee2f862e50822f499b92acd6cff649c92f45c29a15039b6203186be2d77bd1058aa32a5356f706cec25be447a1b2ed1e0c33143dc0311b6d09634b823992f2f5b6920faeff8f16e31db656949fbeef9d27b338b2aab1a04472c49b91198f44ddb8284141667a63da4286697247e6773d5dae2cdce0f5259f5610593eb2df1b076d299bbdc4309257dbb9a93c68484f8963eb85debba245a5a81f08c7e2c267a5bd7962779f4f063d3859e8af7f5c0fb6c0fa64cef8180bde784f0b39383728c71f1b24b77a0cf5bb8a3cd80b350b6713850a1f6879479345645797a874473ab5f6172f56b1752151aba88900cd3f3ebd082dbffea63a2ad0d7c02c2d54c2000e64fb110663a9300a63da7cd5f5d94d324d1e96a6b58b0c15baa0cca3095953da06430baf0a4e2357c6ef5a44"}) r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0), 0xa0602, 0x0) writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0, 0xff2b}], 0x2) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[]) chdir(&(0x7f0000000000)='./file0\x00') r3 = open(&(0x7f0000000040)='./file0\x00', 0x80242, 0x1df2a23c5997fa7b) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x0, 0xf0, 0x0, 0x0, 0x0, 0x805, 0x0, 0xd, 0x0, 0x0, 0x0}, 0x4c) write$FUSE_CREATE_OPEN(r3, &(0x7f0000000500)={0xa0, 0x0, 0x0, {{0x80000000, 0x3, 0xfffffffffffffffb, 0xfffffffffedfff83, 0x3, 0x1, {0xffffffffffffffff, 0x3ff, 0x20ff, 0x7ff, 0xf7c, 0x800000000000d615, 0x3fb, 0x7fffffff, 0x6, 0x1000, 0x8, 0x0, 0x0, 0x3ff, 0x8ea2}}, {0x0, 0x12}}}, 0xa0) sendfile(r3, r3, &(0x7f0000000080), 0x7f04) 3.831123681s ago: executing program 4 (id=4901): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x16, 0xe, &(0x7f0000000c00)=ANY=[@ANYBLOB="b702000000000080bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe00000000850000001a000000b70000000000000095000000000000008e17f199a68b061b93d83298a8cdda1ce784909b849d5550ad855dab54d8877a6db61d69f2ffcaa10350e11cb97ce8df1bc9a0c4eeceb9971e43405d621ffbc9b0d8ca56b50f0c010d631f6dbc8486bc5d5bf2ca8285056892db03cf1c62d57c08a90b189d190c341035de53a9a53608c10556e5734eb84049761451ce540c772e069f80cb201b2de17dfdb4b60939d5d6aed4062049b87e03e2cd18a77dda613e0c64497fcc059c062234d5595f6fbaa187b81d1106000000000f0000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd8000000000000000b91c61bd99dc89f12907af7dccd106cb937b450f859ce8292a79c3e40000b59b0fc46d6cec3c080a882add4e1179bd4a44f231a2d73148be4248cdc138408ba953df4aece69311687f4122073a236c3a32efa04137d46f0247d2638da3261c8162bb7c7824be6195a66d2e17e122040e11001131ce319045e5b3334e68475ac3f46aa2837f9004600daded9b19b35eebe52613c346e255421b23a278fd00004270b1cd5fc9aa2286ccca37db965d9dd366598f5ec993cb0cf127e2a46cfbdf63eea190d86a4d1b75ae98480100bd5828954a7d093a54f7e75b3753508ca3c41685d1e407315e59d626c23b3f89a926e9382966853774e7dd1f1a2177cdf2802237c177d543e8da47a01f05e113e53518270239b69c117e2637c31085f4d8a596b6edab26afaf6605b231199f38a6fc7eb83714387450ea18eafbace8eec18a4b2c442e7b88a7611c1283bec84e1715fb9f4fcaf52c08058fc4f21c0ad71adabdd850aed3eeec6eaab347bdf474e17b9aa345d1e6e3bb83f90230bdf53e7d0e5c3f914d905422b83f30936674ba8f0bffaf2305c0972df71fe5f4e01506471e897bced7798509e64df360d95f9a4099f86438ac2bbcbdbd1d9db21a1d5c065567fd70aae68096827fa5c2d9bd20292344c7dcf6241447cfbb05b5d0fdb4e08afbac5397b64aa369922ed7ed8918f97294b6854210d2b93aaf92159dbaa2f186d4a420c68d6baf1c31de4f0bf478bfd51bb1e96ea849a80ae5a89be7e38474c7aade344d68324f9e12a6b9770e6bd12ae69efffaee58040753701af84c2924c1b5aea1650f42c9ae9820a33095f062fb88313d035ea405515a61a4be64f9fa0985c5be592090cc48291004609fdac2ab6100000000000000a84570c7c00d647daf8af334050b61e9b2d3f0adad1d1ff47be19b8da2799e9ecef8efabe73f92dbd0760f8bbd9c590bd1371e2b5d9a2ea2190f5e4f5cd641cdfe5d89f84a368ef7e6ff1eacdc0ec9e97b8f9c9e314661ea0aa8a104008d188b66b3a4aedeed9df4238a08fc2fb1007233cc2c87fcaa0cccd8ec03444471c1dd660c87acc17bff740d199a7c0c52c63c0408b5158e0000000c275eedb02f141113cf2c55b2c08c2c68cc99d2bb5840fba332e1c82862ec9b90106248f81d32a47ac94ddee815dba8aeb5d3121cf247a81aef7805b020e9eec44cbe3055be69fe066824ba2292b9cdce41635fc00df96fb10a3a8cc60c4a76c65ebbb0640e0a29de94edf5cbefac1c5fa96e7080af804b22cabce10ea52f1018527f4aa39cdafa3eff63de2a7f50d042667820f6f86f276afb2b8134301e031351ee13013137e9d5cec0c84d7e3f82c6fd12eb98f9ea654bcb9ce59a2015183c6e65bb0537e611b830d74c30fb8207fca0990acdbb51e4e234026e00000000b3ebae3eb52c140953a350fcf0124b1a30b1afc29ea56f8413686d912eb8118d73ef9c6d3843ebcb555301c0205dd3bd9b1d742e334319c8979c322e92"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000340)}, 0x42) 3.643773922s ago: executing program 4 (id=4904): r0 = syz_open_dev$vim2m(&(0x7f0000000040), 0x8, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000340)={0x2000, 0x2, 0x2, {0x1, @pix={0x2, 0x7c, 0x35303553, 0x9, 0x6, 0xf, 0xb, 0x3, 0x1, 0x6}}}) mq_open(&(0x7f0000000380)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|\x00\x17\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbb\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8\xbf\xe6\xb2M\b/\rp\xa5\x00\x00\x00\x00', 0x40, 0x0, 0x0) pselect6(0x40, &(0x7f0000000400)={0x9, 0xa, 0x9, 0xfff, 0x10000, 0xff, 0x13, 0x9}, 0x0, 0x0, &(0x7f00000004c0), 0x0) 3.643319873s ago: executing program 4 (id=4905): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000003c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_CHANNEL_SWITCH(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010008020000001800006600000008000300", @ANYRES32=r4, @ANYBLOB="08002600940900000800b700"], 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) sendmsg$NL80211_CMD_SET_STATION(r0, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB='t\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010028bd7000fbdbdf251200000008000300", @ANYRES32=r4, @ANYBLOB="0c0099007c000000000000000000000008000000040011800500e400000000000600ab000c0000001400810005000200090000050001004c0000000a00bd00ff0fba12000000000500c2000c0000667af294f7c0d834a854f13b93f4d1c2d759987488fb15405c27659900"/121], 0x74}}, 0x44000) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan0\x00'}) r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r5, 0x10000000000) r6 = socket$nl_route(0x10, 0x3, 0x0) ioctl$int_in(0xffffffffffffffff, 0x5452, 0x0) connect$tipc(0xffffffffffffffff, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x1, {0x41, 0x4}}, 0x10) r7 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r6, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000009c0)=@newqdisc={0x24, 0x25, 0x4ee4e6a52ff56541, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r8, {}, {0xffff, 0xffff}, {0x8, 0x10}}}, 0x24}, 0x1, 0x0, 0x0, 0x2404c000}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r9 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r9, 0x6, 0x2, &(0x7f0000000000)=0x66e7, 0x4) r10 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d010110000000090400"], 0x0) syz_usb_control_io$printer(r10, 0x0, &(0x7f0000000480)={0x53, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0}) syz_open_dev$char_usb(0xc, 0xb4, 0x0) syz_usb_disconnect(r10) r11 = socket$igmp(0x2, 0x3, 0x2) close_range(r11, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f00007fe000/0x800000)=nil) sendmsg$NL80211_CMD_NEW_STATION(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x28, r1, 0xb97534d5fe9704cf, 0xffffffff, 0xfffffffc, {{0x12}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_STA_VLAN={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000}, 0x0) syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121) r12 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r12) 3.268678743s ago: executing program 5 (id=4907): write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x13f, 0x4}}, 0x20) r0 = syz_io_uring_setup(0x327d, &(0x7f0000000480)={0x0, 0xc0fc, 0x400, 0x3, 0x168}, &(0x7f0000000380)=0x0, &(0x7f0000000300)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) r3 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) close_range(r3, 0xffffffffffffffff, 0x0) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x33, 0x0, 0x0, 0x4}]}, 0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r5 = dup(r4) write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c) mq_open(&(0x7f0000000080)='/dev/snd/midiC#D#\x00', 0x80, 0x4, &(0x7f00000000c0)={0x97c06866, 0x9, 0xffff, 0x1000}) r6 = syz_io_uring_setup(0x7a61, &(0x7f0000000100)={0x0, 0x53, 0x10100, 0x0, 0x2b5}, &(0x7f0000000180)=0x0, &(0x7f00000001c0)=0x0) r9 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) lseek(r9, 0x1000, 0x1) syz_io_uring_submit(r7, r8, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1}) io_uring_enter(r6, 0x708, 0x41e3, 0x0, 0x0, 0x0) r10 = open(&(0x7f0000000180)='.\x00', 0x0, 0x0) flock(r10, 0x2) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) flock(0xffffffffffffffff, 0x1) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f00000002c0)="ca0000c441f96ec80fc4c60066400fe2def3ad46c7045300101000f00fc01ec422e10399c5c1202066410f6f15040000000000e1f563df", 0xdc000006, 0x0}, 0x0, 0x8, &(0x7f0000000340)) syz_open_dev$radio(&(0x7f0000000000), 0x1, 0x2) r11 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r11, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x50, 0x0, 0x0, 0x0, 0x1}) io_uring_enter(r0, 0x47bc, 0x0, 0x21, 0x0, 0x0) socket$alg(0x26, 0x5, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'sm3\x00'}, 0x58) syz_open_dev$sndpcmc(&(0x7f0000000a00), 0x0, 0x0) 2.953694208s ago: executing program 5 (id=4910): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket(0x10, 0x3, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x2200, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f00000004c0)=ANY=[@ANYBLOB="010000000015000020000040"]) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r6) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x17) munlockall() sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r7, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c}}]}, 0x78}, 0x1, 0x0, 0x0, 0x4040004}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4) mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x4) mount$bind(0x0, &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f0000000080)='./file0/../file0\x00', 0x0, 0x100000, 0x0) r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00') read$FUSE(r8, &(0x7f00000020c0)={0x2020}, 0x2020) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000100)=0x2, 0x4) getsockopt$X25_QBITINCL(r1, 0x106, 0x1, 0x0, &(0x7f0000000280)) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x2, @ipv4={'\x00', '\xff\xff', @remote}, 0x400}, 0x1c) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x14, 0x30, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x0) syz_open_dev$dri(0x0, 0x20000200, 0x400000) openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0) io_uring_setup(0x1946, &(0x7f0000000440)={0x0, 0xa94e, 0x40, 0x0, 0x1ea}) openat$uinput(0xffffffffffffff9c, 0x0, 0x2, 0x0) 2.322792976s ago: executing program 3 (id=4911): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r0}, 0x18) r1 = syz_open_dev$media(&(0x7f0000000000), 0x0, 0x0) ioctl$MEDIA_IOC_ENUM_ENTITIES(r1, 0xc1007c01, &(0x7f0000000240)) (fail_nth: 1) 2.217697145s ago: executing program 5 (id=4912): r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x11, r0) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x3, 0x32, 0x0, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000480), r1) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x145040, 0x0) ioctl$DVD_READ_STRUCT(r5, 0x5392, &(0x7f0000000fc0)=@type=0x3) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x11, 0xd, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000851000000100000095000000000000001800000020646c2500000000002020207b1a00fe00000000bda100000000000007010000f8ffffffb702000008000000b70300000000000085000000760000009500000000000000d36b59ac17a572d7444fe29366d8bcacdf913a8e7588905bf6cca226529c4362b31459e7b4279afff4c2"], &(0x7f0000000300)='GPL\x00', 0x9}, 0x94) socket$nl_generic(0x10, 0x3, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x16, 0xe, &(0x7f0000000c00)=ANY=[@ANYBLOB="b702000000000080bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe00000000850000001a000000b70000000000000095000000000000008e17f199a68b061b93d83298a8cdda1ce784909b849d5550ad855dab54d8877a6db61d69f2ffcaa10350e11cb97ce8df1bc9a0c4eeceb9971e43405d621ffbc9b0d8ca56b50f0c010d631f6dbc8486bc5d5bf2ca8285056892db03cf1c62d57c08a90b189d190c341035de53a9a53608c10556e5734eb84049761451ce540c772e069f80cb201b2de17dfdb4b60939d5d6aed4062049b87e03e2cd18a77dda613e0c64497fcc059c062234d5595f6fbaa187b81d1106000000000f0000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd8000000000000000b91c61bd99dc89f12907af7dccd106cb937b450f859ce8292a79c3e40000b59b0fc46d6cec3c080a882add4e1179bd4a44f231a2d73148be4248cdc138408ba953df4aece69311687f4122073a236c3a32efa04137d46f0247d2638da3261c8162bb7c7824be6195a66d2e17e122040e11001131ce319045e5b3334e68475ac3f46aa2837f9004600daded9b19b35eebe52613c346e255421b23a278fd00004270b1cd5fc9aa2286ccca37db965d9dd366598f5ec993cb0cf127e2a46cfbdf63eea190d86a4d1b75ae98480100bd5828954a7d093a54f7e75b3753508ca3c41685d1e407315e59d626c23b3f89a926e9382966853774e7dd1f1a2177cdf2802237c177d543e8da47a01f05e113e53518270239b69c117e2637c31085f4d8a596b6edab26afaf6605b231199f38a6fc7eb83714387450ea18eafbace8eec18a4b2c442e7b88a7611c1283bec84e1715fb9f4fcaf52c08058fc4f21c0ad71adabdd850aed3eeec6eaab347bdf474e17b9aa345d1e6e3bb83f90230bdf53e7d0e5c3f914d905422b83f30936674ba8f0bffaf2305c0972df71fe5f4e01506471e897bced7798509e64df360d95f9a4099f86438ac2bbcbdbd1d9db21a1d5c065567fd70aae68096827fa5c2d9bd20292344c7dcf6241447cfbb05b5d0fdb4e08afbac5397b64aa369922ed7ed8918f97294b6854210d2b93aaf92159dbaa2f186d4a420c68d6baf1c31de4f0bf478bfd51bb1e96ea849a80ae5a89be7e38474c7aade344d68324f9e12a6b9770e6bd12ae69efffaee58040753701af84c2924c1b5aea1650f42c9ae9820a33095f062fb88313d035ea405515a61a4be64f9fa0985c5be592090cc48291004609fdac2ab6100000000000000a84570c7c00d647daf8af334050b61e9b2d3f0adad1d1ff47be19b8da2799e9ecef8efabe73f92dbd0760f8bbd9c590bd1371e2b5d9a2ea2190f5e4f5cd641cdfe5d89f84a368ef7e6ff1eacdc0ec9e97b8f9c9e314661ea0aa8a104008d188b66b3a4aedeed9df4238a08fc2fb1007233cc2c87fcaa0cccd8ec03444471c1dd660c87acc17bff740d199a7c0c52c63c0408b5158e0000000c275eedb02f141113cf2c55b2c08c2c68cc99d2bb5840fba332e1c82862ec9b90106248f81d32a47ac94ddee815dba8aeb5d3121cf247a81aef7805b020e9eec44cbe3055be69fe066824ba2292b9cdce41635fc00df96fb10a3a8cc60c4a76c65ebbb0640e0a29de94edf5cbefac1c5fa96e7080af804b22cabce10ea52f1018527f4aa39cdafa3eff63de2a7f50d042667820f6f86f276afb2b8134301e031351ee13013137e9d5cec0c84d7e3f82c6fd12eb98f9ea654bcb9ce59a2015183c6e65bb0537e611b830d74c30fb8207fca0990acdbb51e4e234026e00000000b3ebae3eb52c140953a350fcf0124b1a30b1afc29ea56f8413686d912eb8118d73ef9c6d3843ebcb555301c0205dd3bd9b1d742e334319c8979c322e92"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000340)}, 0x42) r6 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r6, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a"], 0xc8}}, 0x0) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r7, &(0x7f00000000c0)=ANY=[], 0x118) ioctl$DRM_IOCTL_MODE_ATOMIC(r6, 0xc03864bc, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 2.043738175s ago: executing program 3 (id=4913): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x20241, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2, 0x810, 0xffffffffffffffff, 0x0) landlock_create_ruleset(&(0x7f0000000080)={0x804, 0x0, 0x2}, 0x18, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r2 = socket(0x1, 0x4, 0x0) r3 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000380)=@bpf_lsm={0x10, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="7910480000000000690030000000000095"], &(0x7f0000000100)='GPL\x00'}, 0x80) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0x10}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0) syz_open_dev$dri(&(0x7f0000000080), 0x0, 0x0) prctl$PR_CAP_AMBIENT(0x2f, 0x1, 0x5) madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19) syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff) r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000240)={'wlan1\x00', 0x0}) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) r8 = socket$kcm(0x10, 0x400000002, 0x0) r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r10 = socket(0x2, 0x3, 0x0) r11 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r10, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x2, 0x70bd2c, 0x25dfdbfb, {0x0, 0x0, 0x0, r12, {0x1d, 0x1}, {0xffff, 0xffff}, {0xfff1, 0xfff2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x1}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4004800}, 0x4000) sendmsg$nl_route_sched(r10, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@newtfilter={0x38, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, r12, {0x0, 0xf}, {}, {0xf, 0x9}}, [@filter_kind_options=@f_matchall={{0xd}, {0x4}}]}, 0x38}, 0x1, 0x0, 0x0, 0x24000014}, 0x20084084) sendmsg$inet(r8, &(0x7f0000000100)={0x0, 0x2, &(0x7f0000000080)=[{&(0x7f0000000140)="600000002e000d190a762d7f089e", 0xfca2}, {&(0x7f0000000280)="68cabf2dfb58fc0a1d6b689866f05d490d010088a8ffff0200258f2e4409b8f9e6aaeb88bea123dc2c6726e89b1ae2f6e8bcb5ee52dcd7298d39093c510293bca0b646a3ce904f6e6b788b3204c233e60ddc", 0x52}], 0x2}, 0x0) r13 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_FRAME(r13, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="48040000", @ANYRES16=r7, @ANYBLOB="01e5c300000000fb04003b1c210008000300", @ANYRES32=r6, @ANYBLOB="2c0433005000de295b3acba52ee4080211000001505050505050"], 0x448}}, 0x0) 1.97328605s ago: executing program 2 (id=4914): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r0}, 0x18) r1 = syz_open_dev$media(&(0x7f0000000000), 0x0, 0x0) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000480)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close_range(r2, 0xffffffffffffffff, 0x0) mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)={[{@lowerdir, 0x5c}]}) ioctl$MEDIA_IOC_ENUM_ENTITIES(r1, 0xc1007c01, &(0x7f0000000240)) 1.882256684s ago: executing program 2 (id=4915): setreuid(0xee01, 0xee01) (async) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00') read$FUSE(r0, &(0x7f0000000300)={0x2020, 0x0, 0x0}, 0x2020) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f00000000c0)=ANY=[@ANYRESHEX=r1, @ANYRES32=r1, @ANYRES16=r0], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r0, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x20, 0x6}, 0x10}, 0x94) (async) r2 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) recvfrom$netrom(r2, &(0x7f0000000040)=""/89, 0x59, 0x10042, 0x0, 0x0) 1.81355163s ago: executing program 2 (id=4916): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDFONTOP_SET(r0, 0x4b72, &(0x7f0000000000)={0x4, 0x0, 0x16, 0x1, 0x100, &(0x7f0000000040)="387ed7626d850509a2d6c1aa38f15cd0c263cb226db671261fff7ce9c555f18dafae3530db6dd493f2a3cc88731b9ae21b3e3b4523ae2594f47d8f62b480c4160b1f90ac9c41fae6ab12ac4c113fef588684ef494c89092883b902a41cd75387ef6f7bc7d461d5e665f398ff95596dc94ec97003c7e6f3c82fbd8de6e11aa4031a61c51caf7a65a2b613bda33f3eaeae635d7cd81761e74c38a7695800a15516eb337056e02335f9a7d10aa2eaf7beb7e1aed6e850ecb3421143c5c4ded0f06affc524dcf3208272619b6a952db5bc96141b26c54d13c7a5416287a3b6f7aadf50bc549974b6401a19cdb130282b955592efa94242065a4c8d695a2cdd9ada350defd58c775b92d348305774d3a256c7520b285d8ddbf5e20d604413ed2ddf9bcbf881caf811852806175d638909f6234fbcd7a88a2a0aea45d19148f0e7dada7d6d0d77881387fdeaa0284abe90b88dfff412bff40c31c6415c54ae3335e54a49d315851feffe30d999c36def4df7df747695efbd649f42f310859122c0d2c1e558dc6586958a283762386ecf369274e43003a0fdff59ea515eb44504901ef0d00baa91c10a8e44a76aac3468a15bd3d45ad389977467f306f9bcde071b30769795eed2f1580414d168f557cd90040c4bd2a3d6bc5092548feaef7204a12cece59181fcb5bad8c24bd9f8f78d17ab82831325501e80d899e9252f99d3a266639438ac5252d9bccff4dd9f45657f8224fc78eb1168fe0527fac33466aadf48f16994d29a47778566e0f3945b2bf36b6eecc7fa18914beb66ac9e519bd333b30d3ce2f50dddeea3447aebbe3bed781e39d5a0fb0cdc60e196f2261305feb596b68986af3eee7b199fefb5f79ffb2d1050e46982af1c14a88dd9000400002f56a8404755c73e74bb90e64bab9647c70ed5afca1c3d87907d01000100df6f40a80ace2bb8a2aad3b0c66915927db4233181943d88c0c76d5969e2043db5bd77fd60ba0f013139929ccfec965c0c769785a4d23332ba1f0875e3146afef5b20cc306d3ecee65944fe9829e0ad0c3f6bb2fd81bc31152538db50f47dc38ba908a0d808687e478a609fe0daa02d4e9c618b99266e7f2e98597e2813e1dba9c3c16e9fab3bda6ed33cb1c75513e2264b69d472dd0e1338688ba782b41bde141f99c4894ded98eff9aa53d22eb77c9d93169c04ab2490bf28106f770e07eb7a9e87dde71929f918b98c4cbfcb11a9013923167f493760278df0cc34be9e8f86f948d9a62e63ad6ca9d2195ff9c6320c85bddc42915e4f3a5db642447bc2195a3d64e04c9ecd1c313c08e29b814bd8fed1ab6d2846c73345962895d289ac77152cac2e0e32b75ce814731c542091f218dd1e68a15f8226577bf9481ae0555db64a717eb23a811356d00"}) 1.812635765s ago: executing program 3 (id=4917): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000072000000000000000e200000095000000000000"], &(0x7f00000001c0)='syzkaller\x00'}, 0x80) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'wg2\x00', 0x0}) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r4}, 0x10) r5 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r1, r3, 0x25, 0x0, @val=@iter={0x0}}, 0x40) sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=@newtfilter={0x2c, 0x11, 0x4, 0x1000000, 0x0, {0x0, 0x0, 0x74, r3, {0xe}, {0xffff}, {0x0, 0x8}}, [@TCA_RATE={0x6, 0x5, {0xf, 0x9}}]}, 0x2c}, 0x1, 0xf0ffffffffffff, 0x0, 0x800}, 0x14) close(r5) 1.775495294s ago: executing program 2 (id=4918): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDFONTOP_SET(r0, 0x4b72, &(0x7f0000000000)={0x4, 0x0, 0x16, 0x1, 0x100, &(0x7f0000000040)="387ed7626d850509a2d6c1aa38f15cd0c263cb226db671261fff7ce9c555f18dafae3530db6dd493f2a3cc88731b9ae21b3e3b4523ae2594f47d8f62b480c4160b1f90ac9c41fae6ab12ac4c113fef588684ef494c89092883b902a41cd75387ef6f7bc7d461d5e665f398ff95596dc94ec97003c7e6f3c82fbd8de6e11aa4031a61c51caf7a65a2b613bda33f3eaeae635d7cd81761e74c38a7695800a15516eb337056e02335f9a7d10aa2eaf7beb7e1aed6e850ecb3421143c5c4ded0f06affc524dcf3208272619b6a952db5bc96141b26c54d13c7a5416287a3b6f7aadf50bc549974b6401a19cdb130282b955592efa94242065a4c8d695a2cdd9ada350defd58c775b92d348305774d3a256c7520b285d8ddbf5e20d604413ed2ddf9bcbf881caf811852806175d638909f6234fbcd7a88a2a0aea45d19148f0e7dada7d6d0d77881387fdeaa0284abe90b88dfff412bff40c31c6415c54ae3335e54a49d315851feffe30d999c36def4df7df747695efbd649f42f310859122c0d2c1e558dc6586958a283762386ecf369274e43003a0fdff59ea515eb44504901ef0d00baa91c10a8e44a76aac3468a15bd3d45ad389977467f306f9bcde071b30769795eed2f1580414d168f557cd90040c4bd2a3d6bc5092548feaef7204a12cece59181fcb5bad8c24bd9f8f78d17ab82831325501e80d899e9252f99d3a266639438ac5252d9bccff4dd9f45657f8224fc78eb1168fe0527fac33466aadf48f16994d29a47778566e0f3945b2bf36b6eecc7fa18914beb66ac9e519bd333b30d3ce2f50dddeea3447aebbe3bed781e39d5a0fb0cdc60e196f2261305feb596b68986af3eee7b199fefb5f79ffb2d1050e46982af1c14a88dd9000400002f56a8404755c73e74bb90e64bab9647c70ed5afca1c3d87907d01000100df6f40a80ace2bb8a2aad3b0c66915927db4233181943d88c0c76d5969e2043db5bd77fd60ba0f013139929ccfec965c0c769785a4d23332ba1f0875e3146afef5b20cc306d3ecee65944fe9829e0ad0c3f6bb2fd81bc31152538db50f47dc38ba908a0d808687e478a609fe0daa02d4e9c618b99266e7f2e98597e2813e1dba9c3c16e9fab3bda6ed33cb1c75513e2264b69d472dd0e1338688ba782b41bde141f99c4894ded98eff9aa53d22eb77c9d93169c04ab2490bf28106f770e07eb7a9e87dde71929f918b98c4cbfcb11a9013923167f493760278df0cc34be9e8f86f948d9a62e63ad6ca9d2195ff9c6320c85bddc42915e4f3a5db642447bc2195a3d64e04c9ecd1c313c08e29b814bd8fed1ab6d2846c73345962895d289ac77152cac2e0e32b75ce814731c542091f218dd1e68a15f8226577bf9481ae0555db64a717eb23a811356d00"}) (fail_nth: 2) 1.717657589s ago: executing program 3 (id=4919): sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x4000000) (async, rerun: 64) socketpair$unix(0x1, 0x3, 0x0, 0x0) (async, rerun: 64) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @pix={0x434c, 0x8, 0x584e4f53, 0x4, 0x2, 0x7, 0x0, 0x5, 0x1, 0x4, 0x2, 0x7}}) (async) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async, rerun: 64) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) (rerun: 64) removexattr(&(0x7f0000000200)='./cgroup\x00', &(0x7f0000000240)=@known='user.incfs.metadata\x00') sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) (async) ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0) (async) set_mempolicy(0x2, &(0x7f0000000080)=0x51e1, 0x3ff) (async, rerun: 32) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x401c2, 0x0) (rerun: 32) ftruncate(r1, 0x8800000) (async) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg(r3, &(0x7f00000034c0)=[{{0x0, 0x0, &(0x7f0000001e40)=[{&(0x7f0000000b80)=""/4096, 0x20001b80}, {&(0x7f0000001b80)=""/112, 0x70}], 0x2, 0x0, 0xa0028cb4}}], 0x40000000000013c, 0x700, 0x0) (async) r4 = socket$inet6_udplite(0xa, 0x2, 0x88) connect$inet6(r4, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) (async) connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x1}, 0x1c) (async, rerun: 32) sendfile(r2, r1, 0x0, 0x578410eb) (async, rerun: 32) process_vm_readv(0x0, &(0x7f0000008400)=[{0x0}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0) (async) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) syz_io_uring_setup(0x5a86, &(0x7f0000000300)={0x0, 0x40cb, 0x800, 0x0, 0x3d2}, &(0x7f00000000c0)=0x0, &(0x7f0000000280)) syz_io_uring_complete(r5) (async) r6 = socket$kcm(0x29, 0x5, 0x0) (async, rerun: 32) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) (rerun: 32) splice(r6, 0x0, r7, 0x0, 0xf3e, 0x0) (async) timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x0, @thr={&(0x7f0000000300), &(0x7f0000000380)="c75f16175bb69c4013d0479f629c0ba46ff8ac8dc98098b878545ed70bb5bc1bacf36b28b91a23b1365fa8e67059f7c1fc1ade5eb855207f7066f96bdafb14234e8d9afeee1f3fd22e4b4fe5a61f4afde21805ae5206b87bb22d882df14583a3e6616fce86827ba486d004155a4450ce7bc978b14dadd17103787da46b699548021f41884a83569757da03e5194f8d83c3"}}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) 1.493755964s ago: executing program 2 (id=4920): r0 = syz_open_procfs(0x0, 0x0) syz_io_uring_setup(0x496, &(0x7f00000005c0)={0x0, 0x7075, 0x0, 0x13, 0x28b, 0x0, r0}, &(0x7f00000003c0), &(0x7f0000000380)) ioctl$VT_GETSTATE(r0, 0x5603, &(0x7f0000000040)={0x80, 0x4, 0x1}) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$nl_route_sched(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newqdisc={0x3c, 0x24, 0x4, 0x1, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0xb, 0xc}, {0xe, 0x6}, {0xfff1, 0xfff1}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_FLOW_MODE={0x8, 0x5, 0x3}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x4048084) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff752b056800080000faff8141", @ANYRES32=0x0, @ANYBLOB="67a9fde500000000280012800a00010076786c616e"], 0x3}}, 0x0) r3 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0) ioctl$UI_ABS_SETUP(r3, 0x401c5504, &(0x7f0000000340)={0x400000100002f}) write$uinput_user_dev(r3, &(0x7f0000000800)={'syz1\x00', {0x0, 0x0, 0x1}, 0x2004a, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x296, 0x970, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x4, 0x0, 0x0, 0xf, 0x5], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x8, 0x0, 0x0, 0x0, 0x85, 0x0, 0x0, 0x0, 0x0, 0x3, 0x800000, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x80000, 0x0, 0x0, 0x0, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff], [0x11, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x3, 0x200, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0xfffffffd, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0xfffffffd, 0x74e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x930, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xbd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffe900, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe]}, 0x45c) ioctl$UI_SET_EVBIT(r3, 0x40045564, 0x3) ioctl$UI_DEV_CREATE(r3, 0x5501) r4 = socket$nl_route(0x10, 0x3, 0x0) write$binfmt_misc(r2, &(0x7f0000000000), 0xfffffecc) splice(r1, 0x0, r4, 0x0, 0x4ffe6, 0x0) openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0xe2981) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x3, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000fcffffff00000000000002009500000000000000"], &(0x7f0000000300)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r5}, 0x10) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x16, &(0x7f0000000040)=0x5, 0x4) openat$pmem0(0xffffffffffffff9c, &(0x7f0000002340), 0x80d01, 0x0) r6 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40186f40, &(0x7f0000000440)=0x20000) ioctl$FS_IOC_SETFLAGS(r6, 0x40046f41, &(0x7f0000000440)=0x10) 912.935124ms ago: executing program 3 (id=4921): r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r2 = syz_io_uring_setup(0x10e, &(0x7f00000000c0)={0x0, 0x8d2dc, 0x0, 0xffffffff}, &(0x7f00000003c0)=0x0, &(0x7f0000000140)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) setpriority(0x0, 0x1, 0xa7a8) syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x40, 0x5, r1, 0x0, 0x0, 0x0, 0x80000}) io_uring_enter(r2, 0x47f5, 0x0, 0x0, 0x0, 0x0) sendmsg$NFQNL_MSG_CONFIG(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x44, 0x2, 0x3, 0x101, 0x0, 0x0, {0x3}, [@NFQA_CFG_MASK={0x8}, @NFQA_CFG_PARAMS={0x9, 0x2, {0xff, 0x1}}, @NFQA_CFG_PARAMS={0x9, 0x2, {0xffffffff}}, @NFQA_CFG_QUEUE_MAXLEN={0x8, 0x3, 0x1, 0x0, 0x1}, @NFQA_CFG_FLAGS={0x8, 0x5, 0x1, 0x0, 0x20}]}, 0x44}, 0x1, 0x0, 0x0, 0x4008014}, 0x10) r5 = syz_open_dev$admmidi(&(0x7f0000000140), 0x20, 0x0) read$midi(r5, 0x0, 0x43) 723.436199ms ago: executing program 5 (id=4922): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f00000000c0)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={0x1c, r1, 0x48212b8952c3affd, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8084}, 0x0) ioctl$KDFONTOP_SET(r0, 0x4b72, &(0x7f0000000000)={0x4, 0x0, 0x1e, 0x0, 0x100, &(0x7f0000000040)="387ed7626d850509a2d6c1aa38f15cd0c263cb226db671261fff7ce9c555f18dafae3530db6dd493f2a3cc88731b9ae21b3e3b4523ae2594f47d8f62b480c4160b1f90ac9c41fae6ab12ac4c113fef588684ef494c89092883b902a41cd75387ef6f7bc7d461d5e665f398ff95596dc94ec97003c7e6f3c82fbd8de6e11aa4031a61c51caf7a65a2b613bda33f3eaeae635d7cd81761e74c38a7695800a15516eb337056e02335f9a7d10aa2eaf7beb7e1aed6e850ecb3421143c5c4ded0f06affc524dcf3208272619b6a952db5bc96141b26c54d13c7a5416287a3b6f7aadf50bc549974b6401a19cdb130282b955592efa94242065a4c8d695a2cdd9ada350defd58c775b92d348305774d3a256c7520b285d8ddbf5e20d604413ed2ddf9bcbf881caf811852806175d638909f6234fbcd7a88a2a0aea45d19148f0e7dada7d6d0d77881387fdeaa0284abe90b88dfff412bff40c31c6415c54ae3335e54a49d315851feffe30d999c36def4df7df747695efbd649f42f310859122c0d2c1e558dc6586958a283762386ecf369274e43003a0fdff59ea515eb44504901ef0d00baa91c10a8e44a76aac3468a15bd3d45ad389977467f306f9bcde071b30769795eed2f1580414d168f557cd90040c4bd2a3d6bc5092548feaef7204a12cece59181fcb5bad8c24bd9f8f78d17ab82831325501e80d899e9252f99d3a266639438ac5252d9bccff4dd9f45657f8224fc78eb1168fe0527fac33466aadf48f16994d29a47778566e0f3945b2bf36b6eecc7fa18914beb66ac9e519bd333b30d3ce2f50dddeea3447aebbe3bed781e39d5a0fb0cdc60e196f2261305feb596b68986af3eee7b199fefb5f79ffb2d1050e46982af1c14a88dd9000400002f56a8404755c73e74bb90e64bab9647c70ed5afca1c3d87907d01000100df6f40a80ace2bb8a2aad3b0c66915927db4233181943d88c0c76d5969e2043db5bd77fd60ba0f013139929ccfec965c0c769785a4d23332ba1f0875e3146afef5b20cc306d3ecee65944fe9829e0ad0c3f6bb2fd81bc31152538db50f47dc38ba908a0d808687e478a609fe0daa02d4e9c618b99266e7f2e98597e2813e1dba9c3c16e9fab3bda6ed33cb1c75513e2264b69d472dd0e1338688ba782b41bde141f99c4894ded98eff9aa53d22eb77c9d93169c04ab2490bf28106f770e07eb7a9e87dde71929f918b98c4cbfcb11a9013923167f493760278df0cc34be9e8f86f948d9a62e63ad6ca9d2195ff9c6320c85bddc42915e4f3a5db642447bc2195a3d64e04c9ecd1c313c08e29b814bd8fed1ab6d2846c73345962895d289ac77152cac2e0e32b75ce814731c542091f218dd1e68a15f8226577bf9481ae0555db64a717eb23a811356d00"}) 722.582356ms ago: executing program 5 (id=4923): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bridge0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@bridge_delneigh={0x28, 0x1c, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x40, 0xa6, 0xb}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}, 0x1, 0x0, 0x0, 0x800}, 0x0) 622.802542ms ago: executing program 5 (id=4924): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000ff0f000003"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000bc0)={0x1d, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_io_uring_setup(0x16b, &(0x7f0000000000)={0x0, 0x0, 0x13090}, 0x0, 0x0) syz_io_uring_setup(0x17af, &(0x7f0000000380)={0x0, 0x0, 0x13290}, 0x0, 0x0) pselect6(0x40, &(0x7f0000000080), 0x0, &(0x7f0000000100)={0x18}, &(0x7f0000000140)={0x0, 0x989680}, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r3, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="120100007516b7108c0d0e008f8e0018030109021b0001000000000904080001030000000905", @ANYBLOB="8fcf"], 0x0) r4 = syz_open_dev$tty1(0xc, 0x4, 0x2) r5 = dup(r4) write$UHID_INPUT(r5, &(0x7f0000001040)={0xf, {"a2e3ad21ed0d09f91b3d090987f70e06d038e7ff7fc6e5539b0d650e8b089b3f350768090890e0878f0e1ac6e7049b3346959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d07580936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15ffffffffffffffff1243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e14ffd9f9db2a7869d85864056526f889af4303000000572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc34510100194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab6e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c014073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f423500c7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b608108e8044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9cc8036cbd65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c3635980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400", 0x1000}}, 0x1006) write$P9_RLERROR(r5, &(0x7f0000000040)={0xd, 0x7, 0x1, {0x4, '.%]^'}}, 0xd) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x68c81, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x1) ioctl$KVM_PRE_FAULT_MEMORY(r8, 0xc040aed5, &(0x7f00000000c0)={0xf000, 0x118000}) 570.739477ms ago: executing program 2 (id=4925): r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0) syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000480)={0x53, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0}) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$EVIOCGMASK(r1, 0x5b03, 0x0) syz_io_uring_setup(0x10f, &(0x7f00000000c0)={0x0, 0x10, 0x0, 0x3, 0x85}, 0x0, 0x0) sched_setscheduler(0x0, 0x2, 0x0) syz_usb_disconnect(r0) 500.84005ms ago: executing program 4 (id=4926): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x20241, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2, 0x810, 0xffffffffffffffff, 0x0) landlock_create_ruleset(&(0x7f0000000080)={0x804, 0x0, 0x2}, 0x18, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r2 = socket(0x1, 0x4, 0x0) r3 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000380)=@bpf_lsm={0x10, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="7910480000000000690030000000000095"], &(0x7f0000000100)='GPL\x00'}, 0x80) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0x10}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0) syz_open_dev$dri(&(0x7f0000000080), 0x0, 0x0) prctl$PR_CAP_AMBIENT(0x2f, 0x1, 0x5) madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19) syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff) r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000240)={'wlan1\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) r6 = socket$kcm(0x10, 0x400000002, 0x0) r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r8 = socket(0x2, 0x3, 0x0) r9 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r8, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x2, 0x70bd2c, 0x25dfdbfb, {0x0, 0x0, 0x0, r10, {0x1d, 0x1}, {0xffff, 0xffff}, {0xfff1, 0xfff2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x1}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4004800}, 0x4000) sendmsg$nl_route_sched(r8, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@newtfilter={0x38, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, r10, {0x0, 0xf}, {}, {0xf, 0x9}}, [@filter_kind_options=@f_matchall={{0xd}, {0x4}}]}, 0x38}, 0x1, 0x0, 0x0, 0x24000014}, 0x20084084) sendmsg$inet(r6, &(0x7f0000000100)={0x0, 0x2, &(0x7f0000000080)=[{&(0x7f0000000140)="600000002e000d190a762d7f089e", 0xfca2}, {&(0x7f0000000280)="68cabf2dfb58fc0a1d6b689866f05d490d010088a8ffff0200258f2e4409b8f9e6aaeb88bea123dc2c6726e89b1ae2f6e8bcb5ee52dcd7298d39093c510293bca0b646a3ce904f6e6b788b3204c233e60ddc", 0x52}], 0x2}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) 343.945639ms ago: executing program 4 (id=4927): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bridge0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@bridge_delneigh={0x28, 0x1c, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x40, 0xa6, 0xb}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}, 0x1, 0x0, 0x0, 0x800}, 0x0) (fail_nth: 2) 245.33558ms ago: executing program 4 (id=4928): socket$packet(0x11, 0x3, 0x300) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) r0 = syz_usbip_server_init(0x3) write$usbip_server(r0, &(0x7f0000000380)=ANY=[], 0xfffffffffffffd8e) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) socket(0x1d, 0x2, 0x6) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0) socket$pppl2tp(0x18, 0x1, 0x1) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB], 0x30}}, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000004700)={'team0\x00', 0x0}) sendmsg$TEAM_CMD_OPTIONS_SET(r4, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f00000047c0)={0x60, r5, 0x405, 0x70bd27, 0x25dfdbfe, {}, [{{0x8, 0x1, r6}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @name={{0x24}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000401}, 0x44084) socket$nl_route(0x10, 0x3, 0x0) syz_usb_connect$cdc_ncm(0x1, 0x0, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480f0000005e140602000000000e000a001000000002800000121f", 0x2e}], 0x1}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0xffff0000, {0x0, 0x0, 0x74, r6, {}, {}, {0x8, 0x5}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x8881}, 0x0) openat$autofs(0xffffffffffffff9c, &(0x7f0000000f80), 0x3, 0x0) 0s ago: executing program 3 (id=4929): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000900)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x4000}}) read$FUSE(r3, &(0x7f0000006380)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r3, &(0x7f0000004200)={0x50, 0x0, r4, {0x7, 0x1f, 0x0, 0x2066012}}, 0x50) syz_fuse_handle_req(r3, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003c58b3bd0000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20, 0x0, 0x2, {0x0, 0x1e}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(r5, 0x401c5820, &(0x7f0000000240)={0x800, 0x8001, 0xbb9, 0x7, 0xb7}) kernel console output (not intermixed with test programs): 0xd2/0x510 [ 1007.115332][T23488] tomoyo_realpath_from_path+0xc2/0x6e0 [ 1007.115357][T23488] ? tomoyo_profile+0x47/0x60 [ 1007.115384][T23488] tomoyo_path_number_perm+0x245/0x580 [ 1007.115401][T23488] ? tomoyo_path_number_perm+0x237/0x580 [ 1007.115422][T23488] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1007.115469][T23488] ? find_held_lock+0x2b/0x80 [ 1007.115488][T23488] ? hook_file_ioctl_common+0x145/0x410 [ 1007.115514][T23488] ? __fget_files+0x20e/0x3c0 [ 1007.115535][T23488] ? __fput_deferred+0x450/0x480 [ 1007.115557][T23488] security_file_ioctl_compat+0x9b/0x240 [ 1007.115582][T23488] __ia32_compat_sys_ioctl+0xc3/0x370 [ 1007.115607][T23488] __do_fast_syscall_32+0x7c/0x3a0 [ 1007.115636][T23488] do_fast_syscall_32+0x32/0x80 [ 1007.115662][T23488] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1007.115685][T23488] RIP: 0023:0xf70ce579 [ 1007.115699][T23488] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1007.115716][T23488] RSP: 002b:00000000f50be55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 1007.115733][T23488] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000005521 [ 1007.115745][T23488] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1007.115755][T23488] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1007.115765][T23488] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1007.115776][T23488] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1007.115801][T23488] [ 1007.115808][T23488] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1007.327313][T23493] input input32: cannot allocate more than FF_MAX_EFFECTS effects [ 1007.391862][T23494] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4648'. [ 1007.395773][T23494] netlink: 'syz.5.4648': attribute type 5 has an invalid length. [ 1007.443756][T23494] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 1007.447592][T23494] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 1007.451627][T23494] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 1007.455693][T23494] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 1007.506753][T23494] vxlan0: entered promiscuous mode [ 1007.619903][T23494] ubi0: attaching mtd0 [ 1007.628000][T23494] ubi0: scanning is finished [ 1007.754753][T23494] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 1007.800993][T23494] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 1007.803898][T23494] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 1007.807900][T23494] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 1007.812184][T23494] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 1007.815915][T23494] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 1007.819892][T23494] ubi0: max/mean erase counter: 2/1, WL threshold: 4096, image sequence number: 2209839093 [ 1007.843914][T23494] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 1007.847956][T23497] ubi0: background thread "ubi_bgt0d" started, PID 23497 [ 1007.850748][T23495] ubi0: detaching mtd0 [ 1007.899576][T23495] ubi0: mtd0 is detached [ 1008.260806][ T5960] Bluetooth: hci0: command tx timeout [ 1008.334332][T23502] netlink: 212376 bytes leftover after parsing attributes in process `syz.5.4649'. [ 1008.576030][T23505] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4650'. [ 1008.643727][T23507] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4650'. [ 1009.022100][T23513] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4651'. [ 1009.507555][T23519] overlayfs: missing 'lowerdir' [ 1010.351174][ T5960] Bluetooth: hci0: command tx timeout [ 1010.677443][T23537] input input33: cannot allocate more than FF_MAX_EFFECTS effects [ 1010.746372][T23538] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4658'. [ 1010.764411][T23538] netlink: 'syz.2.4658': attribute type 5 has an invalid length. [ 1010.832490][T23538] ubi0: attaching mtd0 [ 1010.835753][T23538] ubi0: scanning is finished [ 1010.846116][T23541] FAULT_INJECTION: forcing a failure. [ 1010.846116][T23541] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1010.860911][T23541] CPU: 0 UID: 0 PID: 23541 Comm: syz.5.4659 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 1010.860941][T23541] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1010.860953][T23541] Call Trace: [ 1010.860959][T23541] [ 1010.860967][T23541] dump_stack_lvl+0x16c/0x1f0 [ 1010.860999][T23541] should_fail_ex+0x512/0x640 [ 1010.861029][T23541] _copy_to_iter+0x29f/0x16f0 [ 1010.861059][T23541] ? __pfx_jent_read_random_block+0x10/0x10 [ 1010.861086][T23541] ? preempt_schedule_thunk+0x16/0x30 [ 1010.861110][T23541] ? __pfx__copy_to_iter+0x10/0x10 [ 1010.861136][T23541] ? preempt_schedule_common+0x44/0xc0 [ 1010.861163][T23541] ? preempt_schedule_thunk+0x16/0x30 [ 1010.861195][T23541] _rng_recvmsg.constprop.0+0x18a/0x210 [ 1010.861217][T23541] ? __pfx__rng_recvmsg.constprop.0+0x10/0x10 [ 1010.861236][T23541] ? aa_sk_perm+0x2f4/0xb10 [ 1010.861273][T23541] sock_recvmsg+0x1f6/0x250 [ 1010.861295][T23541] ____sys_recvmsg+0x218/0x6b0 [ 1010.861319][T23541] ? __pfx_____sys_recvmsg+0x10/0x10 [ 1010.861337][T23541] ? import_iovec+0x86/0xb0 [ 1010.861364][T23541] ? __lock_acquire+0x622/0x1c90 [ 1010.861394][T23541] ___sys_recvmsg+0x114/0x1a0 [ 1010.861423][T23541] ? __pfx____sys_recvmsg+0x10/0x10 [ 1010.861453][T23541] ? find_held_lock+0x2b/0x80 [ 1010.861488][T23541] do_recvmmsg+0x55d/0x750 [ 1010.861517][T23541] ? __pfx_do_recvmmsg+0x10/0x10 [ 1010.861560][T23541] ? __fget_files+0x20e/0x3c0 [ 1010.861583][T23541] ? handle_mm_fault+0x1e0/0xd10 [ 1010.861608][T23541] __sys_recvmmsg+0x21c/0x280 [ 1010.861660][T23541] ? __pfx___sys_recvmmsg+0x10/0x10 [ 1010.861691][T23541] ? __pfx_ksys_write+0x10/0x10 [ 1010.861720][T23541] __ia32_compat_sys_recvmmsg_time32+0xc4/0x160 [ 1010.861738][T23541] ? lockdep_hardirqs_on+0x7c/0x110 [ 1010.861760][T23541] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 1010.861786][T23541] __do_fast_syscall_32+0x7c/0x3a0 [ 1010.861815][T23541] do_fast_syscall_32+0x32/0x80 [ 1010.861875][T23541] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1010.861899][T23541] RIP: 0023:0xf70ce579 [ 1010.861913][T23541] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1010.861929][T23541] RSP: 002b:00000000f50be55c EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 1010.861946][T23541] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000300 [ 1010.861957][T23541] RDX: 0000000000000001 RSI: 0000000000000021 RDI: 0000000000000000 [ 1010.861967][T23541] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1010.861977][T23541] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1010.861987][T23541] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1010.862010][T23541] [ 1011.250165][T23547] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4661'. [ 1011.281113][T23538] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 1011.284450][T23538] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 1011.287561][T23538] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 1011.290597][T23538] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 1011.294515][T23538] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 1011.297431][T23538] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 1011.311129][T23538] ubi0: max/mean erase counter: 2/1, WL threshold: 4096, image sequence number: 2209839093 [ 1011.315518][T23538] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 1011.321026][T23548] ubi0: background thread "ubi_bgt0d" started, PID 23548 [ 1011.322945][T23549] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4661'. [ 1011.352186][T23542] ubi0: detaching mtd0 [ 1011.371985][T23542] ubi0: mtd0 is detached [ 1012.097020][T23566] netlink: 64 bytes leftover after parsing attributes in process `syz.3.4666'. [ 1012.300777][ T40] audit: type=1326 audit(1752711781.205:2800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23551 comm="syz.2.4662" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x0 [ 1012.460724][ T5960] Bluetooth: hci0: command tx timeout [ 1013.204055][T23593] overlayfs: missing 'lowerdir' [ 1014.144191][T23601] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4672'. [ 1014.207435][T23604] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4672'. [ 1015.685584][T23624] netlink: 40 bytes leftover after parsing attributes in process `syz.5.4679'. [ 1015.770818][T19533] usb 7-1: new high-speed USB device number 74 using dummy_hcd [ 1015.810354][T23632] bridge_slave_0: left allmulticast mode [ 1015.812997][T23632] bridge_slave_0: left promiscuous mode [ 1015.815701][T23632] bridge0: port 1(bridge_slave_0) entered disabled state [ 1015.821008][T23632] bridge_slave_1: left allmulticast mode [ 1015.822848][T23632] bridge_slave_1: left promiscuous mode [ 1015.824648][T23632] bridge0: port 2(bridge_slave_1) entered disabled state [ 1015.830351][T23632] bond0: (slave bond_slave_0): Releasing backup interface [ 1015.838331][T23632] bond0: (slave bond_slave_1): Releasing backup interface [ 1015.860878][T23632] team0: Port device team_slave_0 removed [ 1015.869791][T23632] team0: Port device team_slave_1 removed [ 1015.872738][T23632] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1015.875384][T23632] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1015.878943][T23632] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1015.882902][T23632] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1015.908906][T23633] team0: Mode changed to "loadbalance" [ 1015.918092][T23632] vlan0: entered promiscuous mode [ 1015.923175][T19533] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 1015.926839][T19533] usb 7-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 1015.930437][T19533] usb 7-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1015.937469][T23632] team0: Port device vlan0 added [ 1015.937779][T19533] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41 [ 1015.942562][T23632] tipc: Started in network mode [ 1015.942588][T23632] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711 [ 1015.942714][T23632] tipc: Enabled bearer , priority 0 [ 1015.944313][T19533] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11 [ 1015.953377][T19533] usb 7-1: Product: syz [ 1015.960734][T19533] usb 7-1: Manufacturer: syz [ 1015.962448][T19533] usb 7-1: SerialNumber: syz [ 1016.008111][T23636] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4684'. [ 1016.048378][T23639] tmpfs: Unknown parameter 'quot”–l [ 1016.048378][T23639] Ra³ÆÈ9“´g­»tpHû}b¹.ç:4úÎY¦¶™ [ 1016.048378][T23639] o–{Íeú¢«é¨£9}Ùܼâ&þ­ôl:•' [ 1016.098663][T23639] overlayfs: missing 'lowerdir' [ 1016.404684][T19533] usblp 7-1:1.0: usblp0: USB Unidirectional printer dev 74 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 1016.514421][T23641] lo speed is unknown, defaulting to 1000 [ 1016.613479][T19533] usb 7-1: USB disconnect, device number 74 [ 1016.630373][T19533] usblp0: removed [ 1017.037246][T23649] input input34: cannot allocate more than FF_MAX_EFFECTS effects [ 1017.060978][ T6021] tipc: Node number set to 11578026 [ 1017.095961][T23650] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4688'. [ 1017.099856][T23650] netlink: 'syz.5.4688': attribute type 5 has an invalid length. [ 1017.176800][T23655] fuse: Unknown parameter ']"n¹ªøºeJCD¿jÊæÊî3g¥m¢o æ—•ۓϽ’t¶3cÆzµŒZV™úJA~³§àê0EÎÎyKÈÊ6C¼ôZé]'y‘×”føšß¯‹é^ž_æ³™üM%±0x0000000000000007' [ 1017.219258][T23659] fuse: Unknown parameter 'use00000000000000000000' [ 1017.224782][T23659] Invalid ELF header type: 3 != 1 [ 1018.172914][T23652] Bluetooth: hci0: Opcode 0x080f failed: -4 [ 1018.377953][T23685] FAULT_INJECTION: forcing a failure. [ 1018.377953][T23685] name failslab, interval 1, probability 0, space 0, times 0 [ 1018.402688][T23685] CPU: 2 UID: 0 PID: 23685 Comm: syz.2.4699 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 1018.402715][T23685] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1018.402725][T23685] Call Trace: [ 1018.402731][T23685] [ 1018.402738][T23685] dump_stack_lvl+0x16c/0x1f0 [ 1018.402768][T23685] should_fail_ex+0x512/0x640 [ 1018.402791][T23685] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1018.402816][T23685] should_failslab+0xc2/0x120 [ 1018.402832][T23685] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1018.402852][T23685] ? net_generic+0xf4/0x2a0 [ 1018.402877][T23685] ? nf_tables_newtable+0xd67/0x1b40 [ 1018.402901][T23685] nf_tables_newtable+0xd67/0x1b40 [ 1018.402927][T23685] ? __pfx___nla_validate_parse+0x10/0x10 [ 1018.402946][T23685] ? __pfx_nf_tables_newtable+0x10/0x10 [ 1018.402973][T23685] ? __nla_parse+0x40/0x60 [ 1018.402993][T23685] nfnetlink_rcv_batch+0x18ea/0x2330 [ 1018.403027][T23685] ? __pfx_nfnetlink_rcv_batch+0x10/0x10 [ 1018.403046][T23685] ? __pfx_stack_trace_save+0x10/0x10 [ 1018.403077][T23685] ? __kasan_slab_alloc+0x89/0x90 [ 1018.403100][T23685] ? kmem_cache_alloc_node_noprof+0x1d5/0x3b0 [ 1018.403124][T23685] ? kmalloc_reserve+0x18b/0x2c0 [ 1018.403139][T23685] ? __alloc_skb+0x166/0x380 [ 1018.403159][T23685] ? netlink_alloc_large_skb+0x69/0x130 [ 1018.403211][T23685] ? __nla_parse+0x40/0x60 [ 1018.403232][T23685] nfnetlink_rcv+0x3c1/0x430 [ 1018.403252][T23685] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 1018.403272][T23685] ? is_vmalloc_addr+0x86/0xa0 [ 1018.403299][T23685] netlink_unicast+0x58d/0x850 [ 1018.403320][T23685] ? __pfx_netlink_unicast+0x10/0x10 [ 1018.403344][T23685] netlink_sendmsg+0x8d1/0xdd0 [ 1018.403366][T23685] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1018.403385][T23685] ? __import_iovec+0x1dd/0x650 [ 1018.403406][T23685] ____sys_sendmsg+0xa95/0xc70 [ 1018.403428][T23685] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1018.403445][T23685] ? get_compat_msghdr+0x11a/0x170 [ 1018.403482][T23685] ___sys_sendmsg+0x134/0x1d0 [ 1018.403508][T23685] ? __pfx____sys_sendmsg+0x10/0x10 [ 1018.403542][T23685] ? find_held_lock+0x2b/0x80 [ 1018.403575][T23685] __sys_sendmsg+0x16d/0x220 [ 1018.403600][T23685] ? __pfx___sys_sendmsg+0x10/0x10 [ 1018.403636][T23685] ? rcu_is_watching+0x12/0xc0 [ 1018.403657][T23685] __do_fast_syscall_32+0x7c/0x3a0 [ 1018.403682][T23685] do_fast_syscall_32+0x32/0x80 [ 1018.403704][T23685] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1018.403725][T23685] RIP: 0023:0xf705e579 [ 1018.403739][T23685] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1018.403755][T23685] RSP: 002b:00000000f504e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 1018.403771][T23685] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000 [ 1018.403782][T23685] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1018.403792][T23685] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1018.403801][T23685] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1018.403811][T23685] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1018.403832][T23685] [ 1018.540123][ C2] hpet: Lost 7 RTC interrupts [ 1018.723733][T23693] loop5: detected capacity change from 0 to 7447 [ 1018.731433][T23694] fuse: Unknown parameter 'use00000000000000000000' [ 1018.735423][T23694] Invalid ELF header type: 3 != 1 [ 1018.738650][T23693] loop5: detected capacity change from 7447 to 9407 [ 1018.822351][T23697] fuse: Unknown parameter 'vd' [ 1018.825196][T23697] fuse: Unknown parameter 'fe' [ 1018.827502][T23698] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5) [ 1018.830231][T23698] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 1018.836911][T23698] vhci_hcd vhci_hcd.0: Device attached [ 1018.842806][T22368] buffer_io_error: 37 callbacks suppressed [ 1018.842820][T22368] Buffer I/O error on dev loop5, logical block 1175, async page read [ 1018.842826][T23699] usbip_core: unknown command [ 1018.842838][T23699] vhci_hcd: unknown pdu 774857321 [ 1018.853332][T23699] usbip_core: unknown command [ 1018.871822][ T1226] vhci_hcd: stop threads [ 1018.873694][ T1226] vhci_hcd: release socket [ 1018.875520][ T1226] vhci_hcd: disconnect device [ 1018.925290][T23701] bond0: (slave syz_tun): Releasing backup interface [ 1018.993265][T23706] mkiss: ax0: crc mode is auto. [ 1018.999174][T23706] overlayfs: overlapping lowerdir path [ 1019.012065][T23706] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 1019.020895][ T6021] usb 7-1: new high-speed USB device number 75 using dummy_hcd [ 1019.099703][T22367] Buffer I/O error on dev loop5, logical block 1175, async page read [ 1019.152933][ T5960] Bluetooth: hci0: command 0x080f tx timeout [ 1019.172329][ T6021] usb 7-1: Using ep0 maxpacket: 16 [ 1019.180427][ T6021] usb 7-1: config 0 has no interfaces? [ 1019.186424][ T6021] usb 7-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 1019.202857][ T6021] usb 7-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 1019.206471][ T6021] usb 7-1: Manufacturer: syz [ 1019.215540][ T6021] usb 7-1: config 0 descriptor?? [ 1019.430100][T23693] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4700'. [ 1019.565781][T22368] Buffer I/O error on dev loop5, logical block 1175, async page read [ 1019.749967][ T6021] usb 7-1: USB disconnect, device number 75 [ 1020.314139][T23739] bridge1: entered promiscuous mode [ 1020.316412][T23739] bridge1: entered allmulticast mode [ 1020.674311][T23759] dvmrp9: entered allmulticast mode [ 1020.731950][T23761] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4716'. [ 1020.791178][T23768] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4716'. [ 1021.043804][T23773] binder: 23772:23773 ioctl c0306201 80000540 returned -22 [ 1021.090114][T23775] input input35: cannot allocate more than FF_MAX_EFFECTS effects [ 1021.145752][T23776] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4720'. [ 1021.149303][T23776] netlink: 'syz.2.4720': attribute type 5 has an invalid length. [ 1021.196921][T23778] FAULT_INJECTION: forcing a failure. [ 1021.196921][T23778] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1021.202400][T23778] CPU: 2 UID: 0 PID: 23778 Comm: syz.2.4721 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 1021.202423][T23778] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1021.202434][T23778] Call Trace: [ 1021.202441][T23778] [ 1021.202448][T23778] dump_stack_lvl+0x16c/0x1f0 [ 1021.202476][T23778] should_fail_ex+0x512/0x640 [ 1021.202502][T23778] _copy_to_user+0x32/0xd0 [ 1021.202528][T23778] simple_read_from_buffer+0xcb/0x170 [ 1021.202551][T23778] proc_fail_nth_read+0x197/0x270 [ 1021.202571][T23778] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1021.202593][T23778] ? rw_verify_area+0xcf/0x680 [ 1021.202613][T23778] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1021.202632][T23778] vfs_read+0x1e4/0xc60 [ 1021.202651][T23778] ? fdget_pos+0x2a2/0x370 [ 1021.202677][T23778] ? __pfx_vfs_read+0x10/0x10 [ 1021.202696][T23778] ? find_held_lock+0x2b/0x80 [ 1021.202720][T23778] ? __fget_files+0x20e/0x3c0 [ 1021.202744][T23778] ? handle_mm_fault+0x1e0/0xd10 [ 1021.202772][T23778] ksys_read+0x12a/0x250 [ 1021.202792][T23778] ? __pfx_ksys_read+0x10/0x10 [ 1021.202814][T23778] ? rcu_is_watching+0x12/0xc0 [ 1021.202836][T23778] __do_fast_syscall_32+0x7c/0x3a0 [ 1021.202863][T23778] do_fast_syscall_32+0x32/0x80 [ 1021.202886][T23778] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1021.202905][T23778] RIP: 0023:0xf705e579 [ 1021.202918][T23778] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1021.202933][T23778] RSP: 002b:00000000f504e590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 1021.202948][T23778] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f504e620 [ 1021.202959][T23778] RDX: 000000000000000f RSI: 00000000f73c4ff4 RDI: 0000000000000000 [ 1021.202968][T23778] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 1021.202978][T23778] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1021.202987][T23778] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1021.203009][T23778] [ 1021.283586][ C2] hpet: Lost 4 RTC interrupts [ 1021.584279][T23781] overlayfs: failed to resolve './file1': -2 [ 1021.851801][T14969] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 1021.863747][T14969] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 1021.889177][T14969] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 1021.894150][T23793] FAULT_INJECTION: forcing a failure. [ 1021.894150][T23793] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1021.899548][T23793] CPU: 0 UID: 0 PID: 23793 Comm: syz.3.4728 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 1021.899572][T23793] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1021.899582][T23793] Call Trace: [ 1021.899589][T23793] [ 1021.899597][T23793] dump_stack_lvl+0x16c/0x1f0 [ 1021.899624][T23793] should_fail_ex+0x512/0x640 [ 1021.899651][T23793] _copy_from_user+0x2e/0xd0 [ 1021.899676][T23793] move_addr_to_kernel+0x65/0x170 [ 1021.899697][T23793] __sys_sendto+0x1be/0x520 [ 1021.899718][T23793] ? __pfx___sys_sendto+0x10/0x10 [ 1021.899746][T23793] ? __lock_acquire+0xb8a/0x1c90 [ 1021.899791][T23793] __ia32_compat_sys_socketcall+0x625/0x770 [ 1021.899810][T23793] ? __fget_files+0x20e/0x3c0 [ 1021.899832][T23793] ? __pfx___ia32_compat_sys_socketcall+0x10/0x10 [ 1021.899852][T23793] ? fput+0x70/0xf0 [ 1021.899874][T23793] ? rcu_is_watching+0x12/0xc0 [ 1021.899895][T23793] __do_fast_syscall_32+0x7c/0x3a0 [ 1021.899921][T23793] do_fast_syscall_32+0x32/0x80 [ 1021.899942][T23793] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1021.899962][T23793] RIP: 0023:0xf703e579 [ 1021.899977][T23793] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1021.899993][T23793] RSP: 002b:00000000f502d430 EFLAGS: 00000293 ORIG_RAX: 0000000000000066 [ 1021.900009][T23793] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00000000f502d444 [ 1021.900019][T23793] RDX: 0000000000000000 RSI: 00000000f502d560 RDI: 00000000f73a4ff4 [ 1021.900029][T23793] RBP: 00000000f502d560 R08: 0000000000000000 R09: 0000000000000000 [ 1021.900039][T23793] R10: 0000000000000000 R11: 0000000000000286 R12: 0000000000000000 [ 1021.900049][T23793] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1021.900070][T23793] [ 1021.980991][T14969] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 1021.984759][T14969] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 1022.098133][T23790] lo speed is unknown, defaulting to 1000 [ 1022.164463][T23800] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4730'. [ 1022.231703][T23802] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4730'. [ 1022.254323][T23803] kernel profiling enabled (shift: 63) [ 1022.256970][T23803] profiling shift: 63 too large [ 1022.667469][T23790] chnl_net:caif_netlink_parms(): no params data found [ 1022.833330][T23790] bridge0: port 1(bridge_slave_0) entered blocking state [ 1022.837207][T23790] bridge0: port 1(bridge_slave_0) entered disabled state [ 1022.839564][T23790] bridge_slave_0: entered allmulticast mode [ 1022.851758][T23790] bridge_slave_0: entered promiscuous mode [ 1022.864953][T23790] bridge0: port 2(bridge_slave_1) entered blocking state [ 1022.871957][T23790] bridge0: port 2(bridge_slave_1) entered disabled state [ 1022.878065][T23790] bridge_slave_1: entered allmulticast mode [ 1022.882690][T23790] bridge_slave_1: entered promiscuous mode [ 1022.996818][T23790] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1023.004934][T23790] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1023.139284][T23842] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4741'. [ 1023.212759][T23790] team0: Port device team_slave_0 added [ 1023.219951][T23790] team0: Port device team_slave_1 added [ 1023.252318][T23842] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4741'. [ 1023.280573][T23844] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 1023.285954][T23844] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 1023.377177][T23790] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1023.380158][T23790] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1023.393146][T23790] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1023.402611][T23790] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1023.405574][T23790] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1023.416536][T23790] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1023.539265][T23790] hsr_slave_0: entered promiscuous mode [ 1023.545992][T23790] hsr_slave_1: entered promiscuous mode [ 1023.555302][T23790] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1023.558581][T23790] Cannot create hsr debugfs directory [ 1023.669105][T23852] netlink: 36 bytes leftover after parsing attributes in process `syz.4.4743'. [ 1023.925750][T23790] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1023.930359][T23790] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1024.020480][T23790] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1024.021914][ T5960] Bluetooth: hci4: command tx timeout [ 1024.024885][T23790] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1024.155626][T23790] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1024.159884][T23790] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1024.308770][T23865] FAULT_INJECTION: forcing a failure. [ 1024.308770][T23865] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1024.315344][T23865] CPU: 0 UID: 0 PID: 23865 Comm: syz.3.4747 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 1024.315369][T23865] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1024.315393][T23865] Call Trace: [ 1024.315400][T23865] [ 1024.315407][T23865] dump_stack_lvl+0x16c/0x1f0 [ 1024.315436][T23865] should_fail_ex+0x512/0x640 [ 1024.315464][T23865] _copy_from_user+0x2e/0xd0 [ 1024.315490][T23865] memdup_user+0x6b/0xe0 [ 1024.315515][T23865] sctp_getsockopt+0x2995/0x6b10 [ 1024.315536][T23865] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 1024.315562][T23865] ? __pfx_sctp_getsockopt+0x10/0x10 [ 1024.315584][T23865] ? __lock_acquire+0xb8a/0x1c90 [ 1024.315619][T23865] ? __pfx___might_resched+0x10/0x10 [ 1024.315642][T23865] ? aa_sk_perm+0x2f4/0xb10 [ 1024.315664][T23865] ? __pfx_aa_sk_perm+0x10/0x10 [ 1024.315685][T23865] ? __schedule+0x1181/0x5de0 [ 1024.315716][T23865] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 1024.315736][T23865] do_sock_getsockopt+0x3fc/0x800 [ 1024.315756][T23865] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 1024.315773][T23865] ? __fget_files+0x204/0x3c0 [ 1024.315806][T23865] __sys_getsockopt+0x123/0x1b0 [ 1024.315834][T23865] __ia32_sys_getsockopt+0xbc/0x160 [ 1024.315856][T23865] ? lockdep_hardirqs_on+0x7c/0x110 [ 1024.315880][T23865] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 1024.315905][T23865] __do_fast_syscall_32+0x7c/0x3a0 [ 1024.315931][T23865] do_fast_syscall_32+0x32/0x80 [ 1024.315955][T23865] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1024.315975][T23865] RIP: 0023:0xf703e579 [ 1024.315988][T23865] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1024.316005][T23865] RSP: 002b:00000000f4fec55c EFLAGS: 00000296 ORIG_RAX: 000000000000016d [ 1024.316021][T23865] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000000084 [ 1024.316031][T23865] RDX: 000000000000006f RSI: 00000000800000c0 RDI: 0000000080000100 [ 1024.316042][T23865] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1024.316051][T23865] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1024.316060][T23865] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1024.316083][T23865] [ 1024.495714][T23790] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1024.500079][T23790] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1024.646089][T23872] FAULT_INJECTION: forcing a failure. [ 1024.646089][T23872] name failslab, interval 1, probability 0, space 0, times 0 [ 1024.653573][T23872] CPU: 1 UID: 0 PID: 23872 Comm: syz.3.4749 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 1024.653600][T23872] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1024.653611][T23872] Call Trace: [ 1024.653618][T23872] [ 1024.653626][T23872] dump_stack_lvl+0x16c/0x1f0 [ 1024.653656][T23872] should_fail_ex+0x512/0x640 [ 1024.653681][T23872] ? __kmalloc_cache_node_noprof+0x5a/0x420 [ 1024.653709][T23872] should_failslab+0xc2/0x120 [ 1024.653725][T23872] __kmalloc_cache_node_noprof+0x6d/0x420 [ 1024.653752][T23872] ? __get_vm_area_node+0x101/0x330 [ 1024.653777][T23872] __get_vm_area_node+0x101/0x330 [ 1024.653802][T23872] __vmalloc_node_range_noprof+0x271/0x14b0 [ 1024.653825][T23872] ? __vcalloc_noprof+0x4d/0x80 [ 1024.653853][T23872] ? __vmap_pages_range_noflush+0x1d0/0x230 [ 1024.653875][T23872] ? is_vmalloc_or_module_addr+0x47/0x60 [ 1024.653902][T23872] ? __vcalloc_noprof+0x4d/0x80 [ 1024.653934][T23872] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 1024.653963][T23872] ? __vcalloc_noprof+0x4d/0x80 [ 1024.653998][T23872] ? __vcalloc_noprof+0x4d/0x80 [ 1024.654024][T23872] __vmalloc_node_noprof+0xad/0xf0 [ 1024.654045][T23872] ? __vcalloc_noprof+0x4d/0x80 [ 1024.654074][T23872] __vcalloc_noprof+0x4d/0x80 [ 1024.654101][T23872] kvm_arch_prepare_memory_region+0x35a/0x8d0 [ 1024.654138][T23872] kvm_set_memslot+0x139/0x1380 [ 1024.654163][T23872] ? kasan_save_track+0x14/0x30 [ 1024.654191][T23872] kvm_set_memory_region+0xebc/0x1680 [ 1024.654223][T23872] ? __pfx_kvm_set_memory_region+0x10/0x10 [ 1024.654256][T23872] kvm_vm_ioctl+0x149a/0x3dd0 [ 1024.654284][T23872] ? stack_trace_save+0x8e/0xc0 [ 1024.654305][T23872] ? __pfx_stack_trace_save+0x10/0x10 [ 1024.654325][T23872] ? stack_depot_save_flags+0x28/0xa40 [ 1024.654352][T23872] ? __lock_acquire+0xb8a/0x1c90 [ 1024.654377][T23872] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 1024.654402][T23872] ? kasan_save_stack+0x42/0x60 [ 1024.654426][T23872] ? kasan_save_stack+0x33/0x60 [ 1024.654450][T23872] ? kasan_save_track+0x14/0x30 [ 1024.654473][T23872] ? kasan_save_free_info+0x3b/0x60 [ 1024.654494][T23872] ? __kasan_slab_free+0x51/0x70 [ 1024.654518][T23872] ? kfree+0x2b4/0x4d0 [ 1024.654537][T23872] ? tomoyo_path_number_perm+0x470/0x580 [ 1024.654557][T23872] ? security_file_ioctl_compat+0x9b/0x240 [ 1024.654578][T23872] ? __ia32_compat_sys_ioctl+0xc3/0x370 [ 1024.654598][T23872] ? __do_fast_syscall_32+0x7c/0x3a0 [ 1024.654622][T23872] ? do_fast_syscall_32+0x32/0x80 [ 1024.654646][T23872] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1024.654668][T23872] ? kvm_arch_vm_compat_ioctl+0x2d0/0x470 [ 1024.654690][T23872] ? __pfx_kvm_arch_vm_compat_ioctl+0x10/0x10 [ 1024.654733][T23872] ? kasan_quarantine_put+0x10a/0x240 [ 1024.654757][T23872] ? lockdep_hardirqs_on+0x7c/0x110 [ 1024.654785][T23872] ? find_held_lock+0x2b/0x80 [ 1024.654820][T23872] ? do_vfs_ioctl+0x523/0x1a60 [ 1024.654841][T23872] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 1024.654874][T23872] kvm_vm_compat_ioctl+0x393/0x430 [ 1024.654902][T23872] ? __pfx_kvm_vm_compat_ioctl+0x10/0x10 [ 1024.654931][T23872] ? find_held_lock+0x2b/0x80 [ 1024.654949][T23872] ? hook_file_ioctl_common+0x145/0x410 [ 1024.654979][T23872] ? __fget_files+0x20e/0x3c0 [ 1024.655000][T23872] ? __fput_deferred+0x450/0x480 [ 1024.655022][T23872] ? __pfx_kvm_vm_compat_ioctl+0x10/0x10 [ 1024.655050][T23872] __ia32_compat_sys_ioctl+0x23f/0x370 [ 1024.655074][T23872] __do_fast_syscall_32+0x7c/0x3a0 [ 1024.655102][T23872] do_fast_syscall_32+0x32/0x80 [ 1024.655128][T23872] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1024.655149][T23872] RIP: 0023:0xf703e579 [ 1024.655163][T23872] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1024.655180][T23872] RSP: 002b:00000000f502e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 1024.655198][T23872] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000004020ae46 [ 1024.655210][T23872] RDX: 0000000080000080 RSI: 0000000000000000 RDI: 0000000000000000 [ 1024.655220][T23872] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1024.655231][T23872] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1024.655242][T23872] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1024.655266][T23872] [ 1024.655275][T23872] syz.3.4749: vmalloc error: size 4, vm_struct allocation failed, mode:0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null) [ 1024.705588][T23790] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1024.840930][T23872] ,cpuset=/,mems_allowed=0-1 [ 1024.849757][T23872] CPU: 1 UID: 0 PID: 23872 Comm: syz.3.4749 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 1024.849775][T23872] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1024.849782][T23872] Call Trace: [ 1024.849786][T23872] [ 1024.849792][T23872] dump_stack_lvl+0x16c/0x1f0 [ 1024.849812][T23872] warn_alloc+0x248/0x3a0 [ 1024.849848][T23872] ? __pfx_warn_alloc+0x10/0x10 [ 1024.849865][T23872] ? __kmalloc_cache_node_noprof+0x272/0x420 [ 1024.849882][T23872] ? __kasan_kmalloc+0x8a/0xb0 [ 1024.849898][T23872] ? __get_vm_area_node+0x208/0x330 [ 1024.849914][T23872] __vmalloc_node_range_noprof+0xb2d/0x14b0 [ 1024.849928][T23872] ? __vmap_pages_range_noflush+0x1d0/0x230 [ 1024.849944][T23872] ? is_vmalloc_or_module_addr+0x47/0x60 [ 1024.849961][T23872] ? __vcalloc_noprof+0x4d/0x80 [ 1024.849981][T23872] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 1024.849995][T23872] ? __vcalloc_noprof+0x4d/0x80 [ 1024.850014][T23872] ? __vcalloc_noprof+0x4d/0x80 [ 1024.850030][T23872] __vmalloc_node_noprof+0xad/0xf0 [ 1024.850043][T23872] ? __vcalloc_noprof+0x4d/0x80 [ 1024.850060][T23872] __vcalloc_noprof+0x4d/0x80 [ 1024.850077][T23872] kvm_arch_prepare_memory_region+0x35a/0x8d0 [ 1024.850098][T23872] kvm_set_memslot+0x139/0x1380 [ 1024.850114][T23872] ? kasan_save_track+0x14/0x30 [ 1024.850131][T23872] kvm_set_memory_region+0xebc/0x1680 [ 1024.850150][T23872] ? __pfx_kvm_set_memory_region+0x10/0x10 [ 1024.850168][T23872] kvm_vm_ioctl+0x149a/0x3dd0 [ 1024.850186][T23872] ? stack_trace_save+0x8e/0xc0 [ 1024.850198][T23872] ? __pfx_stack_trace_save+0x10/0x10 [ 1024.850210][T23872] ? stack_depot_save_flags+0x28/0xa40 [ 1024.850226][T23872] ? __lock_acquire+0xb8a/0x1c90 [ 1024.850241][T23872] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 1024.850257][T23872] ? kasan_save_stack+0x42/0x60 [ 1024.850271][T23872] ? kasan_save_stack+0x33/0x60 [ 1024.850285][T23872] ? kasan_save_track+0x14/0x30 [ 1024.850300][T23872] ? kasan_save_free_info+0x3b/0x60 [ 1024.850312][T23872] ? __kasan_slab_free+0x51/0x70 [ 1024.850326][T23872] ? kfree+0x2b4/0x4d0 [ 1024.850338][T23872] ? tomoyo_path_number_perm+0x470/0x580 [ 1024.850350][T23872] ? security_file_ioctl_compat+0x9b/0x240 [ 1024.850363][T23872] ? __ia32_compat_sys_ioctl+0xc3/0x370 [ 1024.850376][T23872] ? __do_fast_syscall_32+0x7c/0x3a0 [ 1024.850391][T23872] ? do_fast_syscall_32+0x32/0x80 [ 1024.850406][T23872] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1024.850420][T23872] ? kvm_arch_vm_compat_ioctl+0x2d0/0x470 [ 1024.850433][T23872] ? __pfx_kvm_arch_vm_compat_ioctl+0x10/0x10 [ 1024.850457][T23872] ? kasan_quarantine_put+0x10a/0x240 [ 1024.850472][T23872] ? lockdep_hardirqs_on+0x7c/0x110 [ 1024.850488][T23872] ? find_held_lock+0x2b/0x80 [ 1024.850507][T23872] ? do_vfs_ioctl+0x523/0x1a60 [ 1024.850519][T23872] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 1024.850538][T23872] kvm_vm_compat_ioctl+0x393/0x430 [ 1024.850555][T23872] ? __pfx_kvm_vm_compat_ioctl+0x10/0x10 [ 1024.850572][T23872] ? find_held_lock+0x2b/0x80 [ 1024.850583][T23872] ? hook_file_ioctl_common+0x145/0x410 [ 1024.850597][T23872] ? __fget_files+0x20e/0x3c0 [ 1024.850623][T23872] ? __fput_deferred+0x450/0x480 [ 1024.850636][T23872] ? __pfx_kvm_vm_compat_ioctl+0x10/0x10 [ 1024.850654][T23872] __ia32_compat_sys_ioctl+0x23f/0x370 [ 1024.850669][T23872] __do_fast_syscall_32+0x7c/0x3a0 [ 1024.850690][T23872] do_fast_syscall_32+0x32/0x80 [ 1024.850706][T23872] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1024.850719][T23872] RIP: 0023:0xf703e579 [ 1024.850728][T23872] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1024.850738][T23872] RSP: 002b:00000000f502e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 1024.850749][T23872] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000004020ae46 [ 1024.850756][T23872] RDX: 0000000080000080 RSI: 0000000000000000 RDI: 0000000000000000 [ 1024.850762][T23872] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1024.850768][T23872] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1024.850774][T23872] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1024.850787][T23872] [ 1024.920889][T23790] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1025.050785][T23872] Mem-Info: [ 1025.052320][T23872] active_anon:3893 inactive_anon:2267 isolated_anon:0 [ 1025.052320][T23872] active_file:4910 inactive_file:7558 isolated_file:0 [ 1025.052320][T23872] unevictable:1768 dirty:84 writeback:0 [ 1025.052320][T23872] slab_reclaimable:6675 slab_unreclaimable:90611 [ 1025.052320][T23872] mapped:26457 shmem:4630 pagetables:1328 [ 1025.052320][T23872] sec_pagetables:327 bounce:0 [ 1025.052320][T23872] kernel_misc_reclaimable:0 [ 1025.052320][T23872] free:43782 free_pcp:4776 free_cma:0 [ 1025.088057][T23790] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1025.091865][T23872] Node 0 active_anon:2296kB inactive_anon:28kB active_file:256kB inactive_file:0kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:1624kB dirty:0kB writeback:0kB shmem:6088kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:7696kB pagetables:1484kB sec_pagetables:1144kB all_unreclaimable? yes Balloon:0kB [ 1025.107295][T23872] Node 1 active_anon:10572kB inactive_anon:9040kB active_file:19384kB inactive_file:18132kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:104204kB dirty:336kB writeback:0kB shmem:9728kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:6876kB pagetables:3752kB sec_pagetables:164kB all_unreclaimable? no Balloon:0kB [ 1025.110461][T23790] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1025.119582][T23872] Node 0 DMA free:2500kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:24kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:336kB local_pcp:0kB free_cma:0kB [ 1025.133549][T23872] lowmem_reserve[]: 0 288 288 288 288 [ 1025.135748][T23872] Node 0 DMA32 free:29364kB boost:6144kB min:19364kB low:22668kB high:25972kB reserved_highatomic:2048KB free_highatomic:960KB active_anon:1064kB inactive_anon:28kB active_file:256kB inactive_file:0kB unevictable:3536kB writepending:0kB present:1032196kB managed:295892kB mlocked:0kB bounce:0kB free_pcp:2920kB local_pcp:4kB free_cma:0kB [ 1025.147273][T23872] lowmem_reserve[]: 0 0 0 0 0 [ 1025.149187][T23872] Node 1 DMA32 free:147492kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:8372kB inactive_anon:9040kB active_file:19384kB inactive_file:10132kB unevictable:3536kB writepending:336kB present:1048432kB managed:948284kB mlocked:0kB bounce:0kB free_pcp:38768kB local_pcp:5288kB free_cma:0kB [ 1025.160660][T23872] lowmem_reserve[]: 0 0 0 0 0 [ 1025.162560][T23872] Node 0 DMA: 20*4kB (UM) 18*8kB (UM) 11*16kB (UM) 14*32kB (UM) 8*64kB (UM) 1*128kB (M) 0*256kB 0*512kB 1*1024kB (M) 0*2048kB 0*4096kB = 2512kB [ 1025.168441][T23872] Node 0 DMA32: 586*4kB (UMEH) 521*8kB (UMEH) 203*16kB (UMEH) 170*32kB (UMH) 59*64kB (UMH) 35*128kB (UMEH) 16*256kB (UME) 1*512kB (U) 1*1024kB (M) 0*2048kB 0*4096kB = 29088kB [ 1025.175158][T23872] Node 1 DMA32: 3326*4kB (UME) 2111*8kB (UME) 1094*16kB (UME) 511*32kB (UME) 270*64kB (UME) 115*128kB (UME) 71*256kB (UME) 34*512kB (UME) 9*1024kB (M) 8*2048kB (UM) 0*4096kB = 157232kB [ 1025.182041][T23872] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1025.185629][T23872] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1025.189144][T23872] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1025.192815][T23872] Node 1 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 1025.196283][T23872] 9475 total pagecache pages [ 1025.198239][T23872] 335 pages in swap cache [ 1025.199915][T23872] Free swap = 111084kB [ 1025.201493][T23872] Total swap = 124996kB [ 1025.203163][T23872] 524155 pages RAM [ 1025.204653][T23872] 0 pages HighMem/MovableOnly [ 1025.206520][T23872] 209271 pages reserved [ 1025.208258][T23872] 0 pages cma reserved [ 1025.244684][T23853] syz.4.4743 (23853): drop_caches: 1 [ 1025.245429][T23854] syz.4.4743 (23854): drop_caches: 1 [ 1025.250283][T23790] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1025.269841][T23790] 8021q: adding VLAN 0 to HW filter on device team0 [ 1025.278194][T15727] bridge0: port 1(bridge_slave_0) entered blocking state [ 1025.281271][T15727] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1025.302034][T15727] bridge0: port 2(bridge_slave_1) entered blocking state [ 1025.304286][T15727] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1025.314314][T23884] fuse: Bad value for 'fd' [ 1025.360467][T23884] kvm: user requested TSC rate below hardware speed [ 1025.367888][T23887] input input36: cannot allocate more than FF_MAX_EFFECTS effects [ 1025.441550][T23891] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4753'. [ 1025.445660][T23891] netlink: 'syz.4.4753': attribute type 5 has an invalid length. [ 1025.621099][T23790] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1025.649704][T23790] veth0_vlan: entered promiscuous mode [ 1025.679835][T23790] veth1_vlan: entered promiscuous mode [ 1025.719013][T23790] veth0_macvtap: entered promiscuous mode [ 1025.738227][T23790] veth1_macvtap: entered promiscuous mode [ 1025.773032][T23790] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1025.803448][T23790] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1025.818390][T23790] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1025.823695][T23790] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1025.828195][T23790] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1025.833095][T23790] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1025.939672][ T72] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1025.966103][ T72] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1026.005560][ T72] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1026.016281][ T72] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1026.100938][T14969] Bluetooth: hci4: command tx timeout [ 1026.360357][T23905] netlink: 76 bytes leftover after parsing attributes in process `syz.2.4755'. [ 1026.620925][ T24] usb 7-1: new high-speed USB device number 76 using dummy_hcd [ 1026.750891][ T24] usb 7-1: device descriptor read/64, error -71 [ 1026.790215][T23915] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1026.797925][T23915] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1026.803535][T23915] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1026.807711][T23915] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1026.811380][T23915] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1026.849438][T23913] lo speed is unknown, defaulting to 1000 [ 1026.998169][ T24] usb 7-1: new high-speed USB device number 77 using dummy_hcd [ 1027.131315][ T24] usb 7-1: device descriptor read/64, error -71 [ 1027.241011][ T24] usb usb7-port1: attempt power cycle [ 1027.246192][T23913] chnl_net:caif_netlink_parms(): no params data found [ 1027.485270][T23913] bridge0: port 1(bridge_slave_0) entered blocking state [ 1027.488348][T23913] bridge0: port 1(bridge_slave_0) entered disabled state [ 1027.492142][T23913] bridge_slave_0: entered allmulticast mode [ 1027.496309][T23913] bridge_slave_0: entered promiscuous mode [ 1027.504200][T23913] bridge0: port 2(bridge_slave_1) entered blocking state [ 1027.507487][T23913] bridge0: port 2(bridge_slave_1) entered disabled state [ 1027.510768][T23913] bridge_slave_1: entered allmulticast mode [ 1027.516405][T23913] bridge_slave_1: entered promiscuous mode [ 1027.518938][T23932] FAULT_INJECTION: forcing a failure. [ 1027.518938][T23932] name failslab, interval 1, probability 0, space 0, times 0 [ 1027.525865][T23932] CPU: 3 UID: 0 PID: 23932 Comm: syz.5.4761 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 1027.525891][T23932] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1027.525902][T23932] Call Trace: [ 1027.525909][T23932] [ 1027.525923][T23932] dump_stack_lvl+0x16c/0x1f0 [ 1027.525953][T23932] should_fail_ex+0x512/0x640 [ 1027.525977][T23932] ? fs_reclaim_acquire+0xae/0x150 [ 1027.526000][T23932] ? tomoyo_encode2+0x100/0x3e0 [ 1027.526021][T23932] should_failslab+0xc2/0x120 [ 1027.526038][T23932] __kmalloc_noprof+0xd2/0x510 [ 1027.526062][T23932] ? d_absolute_path+0x136/0x1a0 [ 1027.526085][T23932] tomoyo_encode2+0x100/0x3e0 [ 1027.526112][T23932] tomoyo_encode+0x29/0x50 [ 1027.526133][T23932] tomoyo_realpath_from_path+0x18f/0x6e0 [ 1027.526164][T23932] tomoyo_path_number_perm+0x245/0x580 [ 1027.526184][T23932] ? tomoyo_path_number_perm+0x237/0x580 [ 1027.526206][T23932] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1027.526253][T23932] ? find_held_lock+0x2b/0x80 [ 1027.526272][T23932] ? hook_file_ioctl_common+0x145/0x410 [ 1027.526296][T23932] ? __fget_files+0x20e/0x3c0 [ 1027.526317][T23932] ? __fput_deferred+0x450/0x480 [ 1027.526340][T23932] security_file_ioctl_compat+0x9b/0x240 [ 1027.526364][T23932] __ia32_compat_sys_ioctl+0xc3/0x370 [ 1027.526388][T23932] __do_fast_syscall_32+0x7c/0x3a0 [ 1027.526417][T23932] do_fast_syscall_32+0x32/0x80 [ 1027.526443][T23932] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1027.526463][T23932] RIP: 0023:0xf70ce579 [ 1027.526477][T23932] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1027.526493][T23932] RSP: 002b:00000000f50be55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 1027.526510][T23932] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000008020640d [ 1027.526521][T23932] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000 [ 1027.526531][T23932] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1027.526555][T23932] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1027.526564][T23932] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1027.526587][T23932] [ 1027.526605][T23932] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1027.580864][ T24] usb 7-1: new high-speed USB device number 78 using dummy_hcd [ 1027.605631][ T24] usb 7-1: device descriptor read/8, error -71 [ 1027.675880][T15727] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1027.718170][T23913] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1027.723959][T23913] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1027.731651][T23934] netlink: 'syz.5.4762': attribute type 4 has an invalid length. [ 1027.737937][T23938] FAULT_INJECTION: forcing a failure. [ 1027.737937][T23938] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1027.744269][T23938] CPU: 0 UID: 0 PID: 23938 Comm: syz.4.4764 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 1027.744293][T23938] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1027.744304][T23938] Call Trace: [ 1027.744311][T23938] [ 1027.744317][T23938] dump_stack_lvl+0x16c/0x1f0 [ 1027.744348][T23938] should_fail_ex+0x512/0x640 [ 1027.744376][T23938] _copy_to_iter+0x463/0x16f0 [ 1027.744407][T23938] ? __pfx__copy_to_iter+0x10/0x10 [ 1027.744432][T23938] ? traverse.part.0.constprop.0+0x2c5/0x640 [ 1027.744461][T23938] seq_read_iter+0x719/0x12c0 [ 1027.744483][T23938] ? aa_file_perm+0x4d6/0xfb0 [ 1027.744510][T23938] seq_read+0x39e/0x4e0 [ 1027.744528][T23938] ? __pfx_seq_read+0x10/0x10 [ 1027.744553][T23938] ? get_pid_task+0xfc/0x250 [ 1027.744605][T23938] ? __pfx_seq_read+0x10/0x10 [ 1027.744628][T23938] proc_reg_read+0x240/0x330 [ 1027.744654][T23938] ? __pfx_proc_reg_read+0x10/0x10 [ 1027.744678][T23938] vfs_read+0x1e4/0xc60 [ 1027.744714][T23938] ? __pfx_vfs_read+0x10/0x10 [ 1027.744735][T23938] ? find_held_lock+0x2b/0x80 [ 1027.744754][T23938] ? __fget_files+0x204/0x3c0 [ 1027.744780][T23938] ? __fget_files+0x20e/0x3c0 [ 1027.744800][T23938] ? __fget_files+0x180/0x3c0 [ 1027.744830][T23938] ksys_pread64+0x161/0x1a0 [ 1027.744855][T23938] ? __pfx_ksys_pread64+0x10/0x10 [ 1027.744879][T23938] ? rcu_is_watching+0x12/0xc0 [ 1027.744900][T23938] __do_fast_syscall_32+0x7c/0x3a0 [ 1027.744928][T23938] do_fast_syscall_32+0x32/0x80 [ 1027.744952][T23938] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1027.744972][T23938] RIP: 0023:0xf70be579 [ 1027.744986][T23938] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1027.745003][T23938] RSP: 002b:00000000f50ae55c EFLAGS: 00000296 ORIG_RAX: 00000000000000b4 [ 1027.745020][T23938] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000008004b680 [ 1027.745032][T23938] RDX: 0000000000018fd4 RSI: 0000000000000008 RDI: 0000000000000000 [ 1027.745041][T23938] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1027.745051][T23938] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1027.745061][T23938] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1027.745084][T23938] [ 1027.782355][T23939] netlink: 'syz.5.4762': attribute type 4 has an invalid length. [ 1027.853462][T23941] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4765'. [ 1027.895454][T15727] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1027.911378][ T24] usb 7-1: new high-speed USB device number 79 using dummy_hcd [ 1027.927224][T23913] team0: Port device team_slave_0 added [ 1027.932634][ T24] usb 7-1: device descriptor read/8, error -71 [ 1027.936860][T23913] team0: Port device team_slave_1 added [ 1027.972035][T23941] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4765'. [ 1028.019645][T15727] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1028.036649][T23913] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1028.039633][T23913] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1028.051859][T23913] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1028.053889][ T24] usb usb7-port1: unable to enumerate USB device [ 1028.069053][T23913] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1028.079816][T23913] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1028.100255][T23913] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1028.124414][T15727] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1028.180861][T23915] Bluetooth: hci4: command 0x040f tx timeout [ 1028.233632][T23913] hsr_slave_0: entered promiscuous mode [ 1028.237073][T23913] hsr_slave_1: entered promiscuous mode [ 1028.241603][T23913] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1028.244799][T23913] Cannot create hsr debugfs directory [ 1028.748418][T15727] dvmrp9 (unregistering): left allmulticast mode [ 1028.821100][ T5960] Bluetooth: hci1: command tx timeout [ 1028.843747][T23957] tmpfs: Unknown parameter 'quot”–l [ 1028.843747][T23957] Ra³ÆÈ9“´g­»tpHû}b¹.ç:4úÎY¦¶™ [ 1028.843747][T23957] o–{Íeú¢«é¨£9}Ùܼâ&þ­ôl:•' [ 1028.858310][T23957] overlayfs: missing 'lowerdir' [ 1029.611819][T23967] FAULT_INJECTION: forcing a failure. [ 1029.611819][T23967] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1029.617365][T23967] CPU: 1 UID: 0 PID: 23967 Comm: syz.4.4772 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 1029.617390][T23967] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1029.617401][T23967] Call Trace: [ 1029.617408][T23967] [ 1029.617416][T23967] dump_stack_lvl+0x16c/0x1f0 [ 1029.617452][T23967] should_fail_ex+0x512/0x640 [ 1029.617509][T23967] _copy_to_user+0x32/0xd0 [ 1029.617541][T23967] simple_read_from_buffer+0xcb/0x170 [ 1029.617565][T23967] proc_fail_nth_read+0x197/0x270 [ 1029.617586][T23967] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1029.617607][T23967] ? rw_verify_area+0xcf/0x680 [ 1029.617628][T23967] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1029.617648][T23967] vfs_read+0x1e4/0xc60 [ 1029.617671][T23967] ? fdget_pos+0x2a2/0x370 [ 1029.617703][T23967] ? __pfx_vfs_read+0x10/0x10 [ 1029.617724][T23967] ? find_held_lock+0x2b/0x80 [ 1029.617748][T23967] ? __fget_files+0x20e/0x3c0 [ 1029.617777][T23967] ksys_read+0x12a/0x250 [ 1029.617800][T23967] ? __pfx_ksys_read+0x10/0x10 [ 1029.617824][T23967] ? rcu_is_watching+0x12/0xc0 [ 1029.617846][T23967] __do_fast_syscall_32+0x7c/0x3a0 [ 1029.617875][T23967] do_fast_syscall_32+0x32/0x80 [ 1029.617900][T23967] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1029.617922][T23967] RIP: 0023:0xf70be579 [ 1029.617934][T23967] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1029.617951][T23967] RSP: 002b:00000000f50ae590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 1029.617966][T23967] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f50ae620 [ 1029.617977][T23967] RDX: 000000000000000f RSI: 00000000f7424ff4 RDI: 0000000000000000 [ 1029.617987][T23967] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 1029.617997][T23967] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1029.618007][T23967] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1029.618029][T23967] [ 1030.260984][ T5960] Bluetooth: hci4: command 0x040f tx timeout [ 1030.309775][T23971] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4774'. [ 1030.418410][T23973] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4774'. [ 1030.435031][T15727] bond0 (unregistering): Released all slaves [ 1030.445632][T15727] bond1 (unregistering): Released all slaves [ 1030.532968][T15727] : left promiscuous mode [ 1030.594159][T23976] FAULT_INJECTION: forcing a failure. [ 1030.594159][T23976] name failslab, interval 1, probability 0, space 0, times 0 [ 1030.601484][T23976] CPU: 0 UID: 0 PID: 23976 Comm: syz.2.4775 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 1030.601507][T23976] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1030.601516][T23976] Call Trace: [ 1030.601522][T23976] [ 1030.601529][T23976] dump_stack_lvl+0x16c/0x1f0 [ 1030.601556][T23976] should_fail_ex+0x512/0x640 [ 1030.601578][T23976] ? fs_reclaim_acquire+0xae/0x150 [ 1030.601597][T23976] ? tomoyo_encode2+0x100/0x3e0 [ 1030.601616][T23976] should_failslab+0xc2/0x120 [ 1030.601631][T23976] __kmalloc_noprof+0xd2/0x510 [ 1030.601653][T23976] ? d_absolute_path+0x136/0x1a0 [ 1030.601674][T23976] tomoyo_encode2+0x100/0x3e0 [ 1030.601696][T23976] tomoyo_encode+0x29/0x50 [ 1030.601718][T23976] tomoyo_realpath_from_path+0x18f/0x6e0 [ 1030.601747][T23976] tomoyo_path_number_perm+0x245/0x580 [ 1030.601764][T23976] ? tomoyo_path_number_perm+0x237/0x580 [ 1030.601782][T23976] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1030.601823][T23976] ? find_held_lock+0x2b/0x80 [ 1030.601839][T23976] ? hook_file_ioctl_common+0x145/0x410 [ 1030.601860][T23976] ? __fget_files+0x20e/0x3c0 [ 1030.601879][T23976] ? __fput_deferred+0x450/0x480 [ 1030.601899][T23976] security_file_ioctl_compat+0x9b/0x240 [ 1030.601922][T23976] __ia32_compat_sys_ioctl+0xc3/0x370 [ 1030.601953][T23976] __do_fast_syscall_32+0x7c/0x3a0 [ 1030.601981][T23976] do_fast_syscall_32+0x32/0x80 [ 1030.602005][T23976] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1030.602027][T23976] RIP: 0023:0xf7f32579 [ 1030.602041][T23976] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1030.602058][T23976] RSP: 002b:00000000f505655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 1030.602075][T23976] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000000af01 [ 1030.602085][T23976] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1030.602096][T23976] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1030.602106][T23976] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1030.602117][T23976] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1030.602139][T23976] [ 1030.602157][T23976] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1030.698822][T23976] cgroup: fork rejected by pids controller in /syz2 [ 1030.715163][T15727] tipc: Disabling bearer [ 1030.722486][T15727] tipc: Left network mode [ 1030.763162][T23981] input input37: cannot allocate more than FF_MAX_EFFECTS effects [ 1030.818655][T23983] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4777'. [ 1030.822937][T23983] netlink: 'syz.5.4777': attribute type 5 has an invalid length. [ 1030.901135][ T5960] Bluetooth: hci1: command tx timeout [ 1031.189377][T15727] hsr_slave_0: left promiscuous mode [ 1031.194104][T15727] hsr_slave_1: left promiscuous mode [ 1031.346833][T23915] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 1031.368379][T23915] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 1031.382249][T23915] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 1031.386830][T23915] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 1031.402754][T23915] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 1032.984025][ T5960] Bluetooth: hci1: command tx timeout [ 1033.383265][ T6021] usb 10-1: new high-speed USB device number 2 using dummy_hcd [ 1033.468637][ T5960] Bluetooth: hci3: command tx timeout [ 1033.541012][ T6021] usb 10-1: Using ep0 maxpacket: 32 [ 1033.545318][ T6021] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1033.549907][ T6021] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1033.554381][ T6021] usb 10-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 1033.558185][ T6021] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1033.563947][ T6021] usb 10-1: config 0 descriptor?? [ 1033.577593][T23989] lo speed is unknown, defaulting to 1000 [ 1033.582194][T23913] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1033.586855][T23913] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1033.591665][T23913] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1033.600256][T23913] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1033.688353][T23913] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1033.726717][T23913] 8021q: adding VLAN 0 to HW filter on device team0 [ 1033.739153][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 1033.742352][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1033.754452][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 1033.757446][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1033.969387][T23989] chnl_net:caif_netlink_parms(): no params data found [ 1033.991389][ T6021] savu 0003:1E7D:2D5A.0006: hiddev0,hidraw1: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.5-1/input0 [ 1034.115382][T15727] IPVS: stop unused estimator thread 0... [ 1034.238213][T23913] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1034.248665][T23989] bridge0: port 1(bridge_slave_0) entered blocking state [ 1034.260196][T23989] bridge0: port 1(bridge_slave_0) entered disabled state [ 1034.273917][T23989] bridge_slave_0: entered allmulticast mode [ 1034.276887][T23989] bridge_slave_0: entered promiscuous mode [ 1034.293666][T23989] bridge0: port 2(bridge_slave_1) entered blocking state [ 1034.296626][T23989] bridge0: port 2(bridge_slave_1) entered disabled state [ 1034.300507][T23989] bridge_slave_1: entered allmulticast mode [ 1034.308620][T23989] bridge_slave_1: entered promiscuous mode [ 1034.326018][ T24] usb 10-1: USB disconnect, device number 2 [ 1034.387697][ T5960] Bluetooth: hci0: unexpected event for opcode 0x0411 [ 1034.481055][T23989] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1034.489250][T23989] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1034.609211][T23989] team0: Port device team_slave_0 added [ 1034.653039][T15727] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1034.672805][T23989] team0: Port device team_slave_1 added [ 1034.765489][T15727] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1034.775379][T23989] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1034.777554][T23989] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1034.787592][T23989] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1034.798708][T23989] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1034.801648][T23989] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1034.812576][T23989] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1034.831769][T15727] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1034.936071][T23989] hsr_slave_0: entered promiscuous mode [ 1034.939282][T23989] hsr_slave_1: entered promiscuous mode [ 1034.949905][T23989] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1034.956936][T23989] Cannot create hsr debugfs directory [ 1035.002482][T15727] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1035.060807][ T5960] Bluetooth: hci1: command tx timeout [ 1035.105745][T23913] veth0_vlan: entered promiscuous mode [ 1035.118687][T23913] veth1_vlan: entered promiscuous mode [ 1035.285757][ C2] hpet: Lost 1 RTC interrupts [ 1035.344581][T23913] veth0_macvtap: entered promiscuous mode [ 1035.349297][T15727] bridge_slave_1: left allmulticast mode [ 1035.352185][T15727] bridge_slave_1: left promiscuous mode [ 1035.356853][T15727] bridge0: port 2(bridge_slave_1) entered disabled state [ 1035.366202][T15727] bridge_slave_0: left allmulticast mode [ 1035.368589][T15727] bridge_slave_0: left promiscuous mode [ 1035.373397][T15727] bridge0: port 1(bridge_slave_0) entered disabled state [ 1035.551573][ T5960] Bluetooth: hci3: command tx timeout [ 1035.906012][T15727] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1035.912502][T15727] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1035.920508][T15727] bond0 (unregistering): Released all slaves [ 1035.972607][T23913] veth1_macvtap: entered promiscuous mode [ 1036.034733][T23913] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1036.129355][T23913] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1036.176835][T23913] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1036.181051][T23913] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1036.184545][T23913] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1036.187590][T23913] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1036.355437][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1036.368310][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1036.532052][ T102] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1036.546717][ T102] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1036.593084][T23989] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1036.616889][T23989] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1036.640420][T23989] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1036.657839][T23989] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1036.691652][T15727] hsr_slave_0: left promiscuous mode [ 1036.697611][T15727] hsr_slave_1: left promiscuous mode [ 1036.707082][T15727] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1036.710447][T15727] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1036.729101][T15727] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1036.733748][T15727] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1036.778186][T24044] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5) [ 1036.781011][T24044] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 1036.785990][T24044] vhci_hcd vhci_hcd.0: Device attached [ 1036.791197][T24045] vhci_hcd: cannot find a urb of seqnum 9 max seqnum 30 [ 1036.798745][ T102] vhci_hcd: stop threads [ 1036.810075][ T102] vhci_hcd: release socket [ 1036.818599][ T102] vhci_hcd: disconnect device [ 1036.822537][T15727] veth1_macvtap: left promiscuous mode [ 1036.825130][T15727] veth0_macvtap: left promiscuous mode [ 1036.828105][T15727] veth1_vlan: left promiscuous mode [ 1036.830581][T15727] veth0_vlan: left promiscuous mode [ 1036.934222][T24048] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4790'. [ 1037.065103][T24052] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4790'. [ 1037.330774][ T7363] usb 9-1: new high-speed USB device number 14 using dummy_hcd [ 1037.480747][ T7363] usb 9-1: Using ep0 maxpacket: 8 [ 1037.493295][ T7363] usb 9-1: config 168 descriptor has 1 excess byte, ignoring [ 1037.496444][ T7363] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 1037.501211][ T7363] usb 9-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 1037.506122][ T7363] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 1037.522162][ T7363] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 1037.527824][ T7363] usb 9-1: config 168 descriptor has 1 excess byte, ignoring [ 1037.531016][ T7363] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 1037.535562][ T7363] usb 9-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 1037.540278][ T7363] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 1037.545361][ T7363] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 1037.550915][ T7363] usb 9-1: config 168 descriptor has 1 excess byte, ignoring [ 1037.554174][ T7363] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 1037.559557][ T7363] usb 9-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 1037.565366][ T7363] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 1037.569865][ T7363] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 1037.577217][ T7363] usb 9-1: string descriptor 0 read error: -22 [ 1037.579929][ T7363] usb 9-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 1037.584086][ T7363] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1037.594246][ T7363] adutux 9-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 1037.620833][ T5960] Bluetooth: hci3: command tx timeout [ 1037.917159][ T7363] usb 9-1: USB disconnect, device number 14 [ 1037.922459][T24054] adutux: No device or device unplugged -19 [ 1038.110403][T15727] team0 (unregistering): Port device team_slave_1 removed [ 1038.245628][T15727] team0 (unregistering): Port device team_slave_0 removed [ 1039.346820][T23989] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1039.406628][T23989] 8021q: adding VLAN 0 to HW filter on device team0 [ 1039.417239][ T102] bridge0: port 1(bridge_slave_0) entered blocking state [ 1039.420130][ T102] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1039.445795][ T102] bridge0: port 2(bridge_slave_1) entered blocking state [ 1039.448971][ T102] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1039.496632][T23989] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 1039.500148][T23989] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1039.711682][ T5960] Bluetooth: hci3: command tx timeout [ 1039.928272][T23989] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1040.161817][T23989] veth0_vlan: entered promiscuous mode [ 1040.223414][T23989] veth1_vlan: entered promiscuous mode [ 1040.508241][T23989] veth0_macvtap: entered promiscuous mode [ 1040.592000][T23989] veth1_macvtap: entered promiscuous mode [ 1040.776773][T23989] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1040.788137][T23989] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1040.794540][T23989] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1040.797521][T23989] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1040.800914][T23989] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1040.804084][T23989] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1040.906239][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1040.908804][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1040.940073][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1040.948804][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1041.047440][T24098] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4801'. [ 1041.145734][T24101] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4802'. [ 1041.202130][T24106] tmpfs: Unknown parameter 'quot”–l [ 1041.202130][T24106] Ra³ÆÈ9“´g­»tpHû}b¹.ç:4úÎY¦¶™ [ 1041.202130][T24106] o–{Íeú¢«é¨£9}Ùܼâ&þ­ôl:•' [ 1041.215459][T24106] overlayfs: missing 'lowerdir' [ 1041.231494][T24105] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4801'. [ 1041.527031][T24108] block nbd4: NBD_DISCONNECT [ 1041.821297][ T6039] usb 9-1: new low-speed USB device number 15 using dummy_hcd [ 1041.904328][T24121] FAULT_INJECTION: forcing a failure. [ 1041.904328][T24121] name failslab, interval 1, probability 0, space 0, times 0 [ 1041.904357][T24121] CPU: 3 UID: 0 PID: 24121 Comm: syz.3.4809 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 1041.904380][T24121] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1041.904391][T24121] Call Trace: [ 1041.904398][T24121] [ 1041.904404][T24121] dump_stack_lvl+0x16c/0x1f0 [ 1041.904434][T24121] should_fail_ex+0x512/0x640 [ 1041.904460][T24121] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 1041.904487][T24121] should_failslab+0xc2/0x120 [ 1041.904506][T24121] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 1041.904531][T24121] ? __alloc_skb+0x2b2/0x380 [ 1041.904561][T24121] __alloc_skb+0x2b2/0x380 [ 1041.904585][T24121] ? __pfx___alloc_skb+0x10/0x10 [ 1041.904626][T24121] netlink_alloc_large_skb+0x69/0x130 [ 1041.904646][T24121] netlink_sendmsg+0x6a1/0xdd0 [ 1041.904669][T24121] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1041.904691][T24121] ? __import_iovec+0x1dd/0x650 [ 1041.904710][T24121] ____sys_sendmsg+0xa95/0xc70 [ 1041.904734][T24121] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1041.904752][T24121] ? get_compat_msghdr+0x11a/0x170 [ 1041.904789][T24121] ___sys_sendmsg+0x134/0x1d0 [ 1041.904817][T24121] ? __pfx____sys_sendmsg+0x10/0x10 [ 1041.904852][T24121] ? find_held_lock+0x2b/0x80 [ 1041.904887][T24121] __sys_sendmsg+0x16d/0x220 [ 1041.904911][T24121] ? __pfx___sys_sendmsg+0x10/0x10 [ 1041.904965][T24121] ? rcu_is_watching+0x12/0xc0 [ 1041.904988][T24121] __do_fast_syscall_32+0x7c/0x3a0 [ 1041.905016][T24121] do_fast_syscall_32+0x32/0x80 [ 1041.905043][T24121] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1041.905064][T24121] RIP: 0023:0xf7f22579 [ 1041.905079][T24121] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1041.905096][T24121] RSP: 002b:00000000f504655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 1041.905114][T24121] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000a80 [ 1041.905125][T24121] RDX: 0000000000004000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1041.905134][T24121] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1041.905145][T24121] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1041.905155][T24121] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1041.905178][T24121] [ 1041.969441][T24123] cgroup2: Unknown parameter '' [ 1042.090561][T24125] ALSA: mixer_oss: invalid OSS volume '' [ 1042.123934][ T6039] usb 9-1: config 168 descriptor has 1 excess byte, ignoring [ 1042.124156][ T6039] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 1042.124250][ T6039] usb 9-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 1042.124440][ T6039] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 1042.124591][ T6039] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 1042.163496][ T6039] usb 9-1: config 168 descriptor has 1 excess byte, ignoring [ 1042.175207][ T6039] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 1042.188926][ T6039] usb 9-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 1042.212849][ T6039] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 1042.223894][ T6039] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 1042.274886][T24130] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4812'. [ 1042.293846][ T6039] usb 9-1: config 168 descriptor has 1 excess byte, ignoring [ 1042.297149][ T6039] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 1042.306770][ T6039] usb 9-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 1042.328841][ T6039] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 1042.337267][T24131] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4812'. [ 1042.344807][ T6039] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 1042.396887][ T6039] usb 9-1: string descriptor 0 read error: -22 [ 1042.400062][ T6039] usb 9-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 1042.404606][ T6039] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1042.438705][ T6039] adutux 9-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 1043.290053][ T6040] hid-generic 0000:0004:0000.0007: unknown main item tag 0x0 [ 1043.293708][ T6040] hid-generic 0000:0004:0000.0007: unknown main item tag 0x0 [ 1043.296817][ T6040] hid-generic 0000:0004:0000.0007: unknown main item tag 0x0 [ 1043.368090][ T6040] hid-generic 0000:0004:0000.0007: hidraw1: HID v0.00 Device [syz0] on syz0 [ 1043.448997][T24148] fido_id[24148]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 1043.684270][T24151] tmpfs: Unknown parameter 'quot”–l [ 1043.684270][T24151] Ra³ÆÈ9“´g­»tpHû}b¹.ç:4úÎY¦¶™ [ 1043.684270][T24151] o–{Íeú¢«é¨£9}Ùܼâ&þ­ôl:•' [ 1043.697496][T24151] overlayfs: missing 'lowerdir' [ 1043.983661][T24157] FAULT_INJECTION: forcing a failure. [ 1043.983661][T24157] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1043.988665][T24157] CPU: 0 UID: 0 PID: 24157 Comm: syz.3.4819 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 1043.988689][T24157] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1043.988701][T24157] Call Trace: [ 1043.988708][T24157] [ 1043.988716][T24157] dump_stack_lvl+0x16c/0x1f0 [ 1043.988747][T24157] should_fail_ex+0x512/0x640 [ 1043.988781][T24157] _copy_from_user+0x2e/0xd0 [ 1043.988822][T24157] ucma_write+0x128/0x330 [ 1043.988864][T24157] ? __pfx_ucma_write+0x10/0x10 [ 1043.988890][T24157] ? bpf_lsm_file_permission+0x9/0x10 [ 1043.988910][T24157] ? security_file_permission+0x71/0x210 [ 1043.988931][T24157] ? rw_verify_area+0xcf/0x680 [ 1043.988955][T24157] ? __pfx_ucma_write+0x10/0x10 [ 1043.988979][T24157] vfs_write+0x29d/0x1150 [ 1043.989009][T24157] ? __pfx_vfs_write+0x10/0x10 [ 1043.989032][T24157] ? find_held_lock+0x2b/0x80 [ 1043.989053][T24157] ? __fget_files+0x204/0x3c0 [ 1043.989082][T24157] ? __fget_files+0x20e/0x3c0 [ 1043.989112][T24157] ksys_write+0x1f8/0x250 [ 1043.989136][T24157] ? __pfx_ksys_write+0x10/0x10 [ 1043.989159][T24157] ? __pfx___rdmsr_safe_on_cpu+0x10/0x10 [ 1043.989182][T24157] ? rcu_is_watching+0x12/0xc0 [ 1043.989202][T24157] ? rcu_is_watching+0x12/0xc0 [ 1043.989224][T24157] __do_fast_syscall_32+0x7c/0x3a0 [ 1043.989253][T24157] do_fast_syscall_32+0x32/0x80 [ 1043.989279][T24157] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1043.989301][T24157] RIP: 0023:0xf7f22579 [ 1043.989315][T24157] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1043.989332][T24157] RSP: 002b:00000000f502555c EFLAGS: 00000296 ORIG_RAX: 0000000000000004 [ 1043.989369][T24157] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000080000040 [ 1043.989381][T24157] RDX: 0000000000000020 RSI: 0000000000000000 RDI: 0000000000000000 [ 1043.989391][T24157] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1043.989401][T24157] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1043.989411][T24157] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1043.989435][T24157] [ 1044.993427][ T6021] usb 9-1: USB disconnect, device number 15 [ 1045.207375][T24186] loop2: detected capacity change from 0 to 7 [ 1045.213283][ C3] blk_print_req_error: 36 callbacks suppressed [ 1045.213299][ C3] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1045.219974][ C3] Buffer I/O error on dev loop2, logical block 0, async page read [ 1045.224069][ C3] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1045.227984][ C3] Buffer I/O error on dev loop2, logical block 0, async page read [ 1045.234181][ C2] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1045.237922][ C2] Buffer I/O error on dev loop2, logical block 0, async page read [ 1045.241855][ C2] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1045.244762][ C2] Buffer I/O error on dev loop2, logical block 0, async page read [ 1045.248204][ C2] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1045.252067][ C2] Buffer I/O error on dev loop2, logical block 0, async page read [ 1045.254376][ T40] audit: type=1326 audit(1752711814.255:2801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24178 comm="syz.2.4825" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f81579 code=0x0 [ 1045.262960][ C3] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1045.266556][ C3] Buffer I/O error on dev loop2, logical block 0, async page read [ 1045.269595][ C3] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1045.273028][ C3] Buffer I/O error on dev loop2, logical block 0, async page read [ 1045.276371][T22368] ldm_validate_partition_table(): Disk read failed. [ 1045.279502][ C3] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1045.283477][ C3] Buffer I/O error on dev loop2, logical block 0, async page read [ 1045.286882][ C2] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1045.290781][ C2] Buffer I/O error on dev loop2, logical block 0, async page read [ 1045.296704][ C2] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1045.300541][ C2] Buffer I/O error on dev loop2, logical block 0, async page read [ 1045.308206][T22368] Dev loop2: unable to read RDB block 0 [ 1045.311369][T22368] loop2: unable to read partition table [ 1045.313980][T22368] loop2: partition table beyond EOD, truncated [ 1045.362264][ T40] audit: type=1800 audit(1752711814.365:2802): pid=24183 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz.4.4826" name="/newroot/278/bus" dev="tmpfs" ino=1647 res=0 errno=0 [ 1045.370067][T24187] Invalid ELF header magic: != ELF [ 1045.520007][T24186] ldm_validate_partition_table(): Disk read failed. [ 1045.523621][T24186] Dev loop2: unable to read RDB block 0 [ 1045.527015][T24186] loop2: unable to read partition table [ 1045.529792][T24186] loop2: partition table beyond EOD, truncated [ 1045.532850][T24186] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 1045.755938][T24198] 9pnet_fd: Insufficient options for proto=fd [ 1045.963747][T24209] FAULT_INJECTION: forcing a failure. [ 1045.963747][T24209] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1045.968100][T24209] CPU: 3 UID: 0 PID: 24209 Comm: syz.2.4830 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 1045.968116][T24209] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1045.968122][T24209] Call Trace: [ 1045.968127][T24209] [ 1045.968132][T24209] dump_stack_lvl+0x16c/0x1f0 [ 1045.968153][T24209] should_fail_ex+0x512/0x640 [ 1045.968171][T24209] strncpy_from_user+0x3b/0x2e0 [ 1045.968187][T24209] getname_flags.part.0+0x8f/0x550 [ 1045.968203][T24209] getname_flags+0x93/0xf0 [ 1045.968217][T24209] do_sys_openat2+0xb8/0x1d0 [ 1045.968229][T24209] ? __pfx_do_sys_openat2+0x10/0x10 [ 1045.968243][T24209] ? __fget_files+0x20e/0x3c0 [ 1045.968256][T24209] ? handle_mm_fault+0x1e0/0xd10 [ 1045.968272][T24209] __ia32_compat_sys_openat+0x16d/0x210 [ 1045.968286][T24209] ? __pfx___ia32_compat_sys_openat+0x10/0x10 [ 1045.968298][T24209] ? ksys_write+0x1ac/0x250 [ 1045.968315][T24209] ? rcu_is_watching+0x12/0xc0 [ 1045.968329][T24209] __do_fast_syscall_32+0x7c/0x3a0 [ 1045.968346][T24209] do_fast_syscall_32+0x32/0x80 [ 1045.968362][T24209] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1045.968376][T24209] RIP: 0023:0xf7f81579 [ 1045.968385][T24209] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1045.968395][T24209] RSP: 002b:00000000f508555c EFLAGS: 00000296 ORIG_RAX: 0000000000000127 [ 1045.968405][T24209] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000800018c0 [ 1045.968412][T24209] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000 [ 1045.968418][T24209] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1045.968424][T24209] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1045.968430][T24209] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1045.968443][T24209] [ 1048.510883][ T6039] usb 9-1: new high-speed USB device number 16 using dummy_hcd [ 1048.530747][T19533] usb 10-1: new high-speed USB device number 3 using dummy_hcd [ 1048.700738][T19533] usb 10-1: Using ep0 maxpacket: 8 [ 1048.704549][T19533] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1048.708735][T19533] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 1048.713456][T19533] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 1048.717567][T19533] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1048.720858][ T6039] usb 9-1: Using ep0 maxpacket: 8 [ 1048.730421][T19533] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 1048.732226][ T6039] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1048.736042][T19533] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1048.738546][ T6039] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 1048.748020][ T6039] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 1048.753041][ T6039] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1048.758128][ T6039] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 1048.762969][ T6039] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1048.858088][T24255] FAULT_INJECTION: forcing a failure. [ 1048.858088][T24255] name failslab, interval 1, probability 0, space 0, times 0 [ 1048.863699][T24255] CPU: 1 UID: 0 PID: 24255 Comm: syz.3.4840 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 1048.863740][T24255] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1048.863752][T24255] Call Trace: [ 1048.863759][T24255] [ 1048.863767][T24255] dump_stack_lvl+0x16c/0x1f0 [ 1048.863802][T24255] should_fail_ex+0x512/0x640 [ 1048.863826][T24255] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 1048.863853][T24255] should_failslab+0xc2/0x120 [ 1048.863870][T24255] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 1048.863895][T24255] ? __alloc_skb+0x2b2/0x380 [ 1048.863923][T24255] __alloc_skb+0x2b2/0x380 [ 1048.863946][T24255] ? __pfx___alloc_skb+0x10/0x10 [ 1048.863972][T24255] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 1048.864010][T24255] netlink_alloc_large_skb+0x69/0x130 [ 1048.864030][T24255] netlink_sendmsg+0x6a1/0xdd0 [ 1048.864052][T24255] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1048.864071][T24255] ? __import_iovec+0x1dd/0x650 [ 1048.864094][T24255] ____sys_sendmsg+0xa95/0xc70 [ 1048.864111][T24255] ? buf_lo_after_commit+0xb0/0x210 [ 1048.864133][T24255] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1048.864151][T24255] ? get_compat_msghdr+0x11a/0x170 [ 1048.864188][T24255] ___sys_sendmsg+0x134/0x1d0 [ 1048.864214][T24255] ? __pfx____sys_sendmsg+0x10/0x10 [ 1048.864250][T24255] ? find_held_lock+0x2b/0x80 [ 1048.864282][T24255] __sys_sendmsg+0x16d/0x220 [ 1048.864307][T24255] ? __pfx___sys_sendmsg+0x10/0x10 [ 1048.864342][T24255] ? rcu_is_watching+0x12/0xc0 [ 1048.864375][T24255] __do_fast_syscall_32+0x7c/0x3a0 [ 1048.864402][T24255] do_fast_syscall_32+0x32/0x80 [ 1048.864427][T24255] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1048.864449][T24255] RIP: 0023:0xf7f22579 [ 1048.864463][T24255] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1048.864480][T24255] RSP: 002b:00000000f504655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 1048.864497][T24255] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0 [ 1048.864508][T24255] RDX: 0000000004040140 RSI: 0000000000000000 RDI: 0000000000000000 [ 1048.864518][T24255] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1048.864527][T24255] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1048.864538][T24255] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1048.864560][T24255] [ 1048.961462][T19533] usb 10-1: GET_CAPABILITIES returned 0 [ 1048.964906][T19533] usbtmc 10-1:16.0: can't read capabilities [ 1049.021538][ T6039] usb 9-1: GET_CAPABILITIES returned 0 [ 1049.023823][ T6039] usbtmc 9-1:16.0: can't read capabilities [ 1049.170550][ C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 1049.174254][ C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 1049.177947][ C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 1049.181564][ C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 1049.194081][ C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 1049.197817][ C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 1049.200562][T24260] random: crng reseeded on system resumption [ 1049.201767][ C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 1049.202528][ C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 1049.211886][ C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 1049.215888][ C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 1049.220283][ C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 1049.233899][ C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 1049.237795][ C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 1049.241696][ C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 1049.241742][ C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 1049.241778][ C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 1049.245270][T19533] usb 10-1: USB disconnect, device number 3 [ 1049.793382][T24281] FAULT_INJECTION: forcing a failure. [ 1049.793382][T24281] name failslab, interval 1, probability 0, space 0, times 0 [ 1049.797666][T24281] CPU: 3 UID: 0 PID: 24281 Comm: syz.2.4844 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 1049.797681][T24281] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1049.797688][T24281] Call Trace: [ 1049.797693][T24281] [ 1049.797697][T24281] dump_stack_lvl+0x16c/0x1f0 [ 1049.797718][T24281] should_fail_ex+0x512/0x640 [ 1049.797737][T24281] ? fs_reclaim_acquire+0xae/0x150 [ 1049.797751][T24281] ? tomoyo_encode2+0x100/0x3e0 [ 1049.797766][T24281] should_failslab+0xc2/0x120 [ 1049.797776][T24281] __kmalloc_noprof+0xd2/0x510 [ 1049.797792][T24281] ? d_absolute_path+0x136/0x1a0 [ 1049.797806][T24281] tomoyo_encode2+0x100/0x3e0 [ 1049.797822][T24281] tomoyo_encode+0x29/0x50 [ 1049.797841][T24281] tomoyo_realpath_from_path+0x18f/0x6e0 [ 1049.797865][T24281] tomoyo_path_number_perm+0x245/0x580 [ 1049.797882][T24281] ? tomoyo_path_number_perm+0x237/0x580 [ 1049.797903][T24281] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1049.797929][T24281] ? find_held_lock+0x2b/0x80 [ 1049.797941][T24281] ? hook_file_ioctl_common+0x145/0x410 [ 1049.797958][T24281] ? __fget_files+0x20e/0x3c0 [ 1049.797979][T24281] ? __fput_deferred+0x450/0x480 [ 1049.797999][T24281] security_file_ioctl_compat+0x9b/0x240 [ 1049.798022][T24281] __ia32_compat_sys_ioctl+0xc3/0x370 [ 1049.798044][T24281] __do_fast_syscall_32+0x7c/0x3a0 [ 1049.798068][T24281] do_fast_syscall_32+0x32/0x80 [ 1049.798084][T24281] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1049.798104][T24281] RIP: 0023:0xf7f81579 [ 1049.798117][T24281] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1049.798132][T24281] RSP: 002b:00000000f50a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 1049.798147][T24281] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c008561c [ 1049.798158][T24281] RDX: 0000000080000140 RSI: 0000000000000000 RDI: 0000000000000000 [ 1049.798168][T24281] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1049.798178][T24281] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1049.798185][T24281] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1049.798205][T24281] [ 1049.798223][T24281] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1049.831015][T24285] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4846'. [ 1049.965658][T24289] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4848'. [ 1050.059010][T24291] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4848'. [ 1050.280818][T15161] usb 8-1: new high-speed USB device number 78 using dummy_hcd [ 1050.430767][T15161] usb 8-1: Using ep0 maxpacket: 16 [ 1050.445194][T15161] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1050.449442][T15161] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1050.454528][T15161] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 1050.458759][T15161] usb 8-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 1050.465586][T15161] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1050.470084][T15161] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 1050.474092][T15161] usb 8-1: SerialNumber: syz [ 1050.486014][T15161] hub 8-1:1.0: bad descriptor, ignoring hub [ 1050.488551][T15161] hub 8-1:1.0: probe with driver hub failed with error -5 [ 1050.494183][T15161] cdc_ether 8-1:1.0: probe with driver cdc_ether failed with error -22 [ 1050.508984][T24294] lo speed is unknown, defaulting to 1000 [ 1050.512406][ T61] usb 9-1: USB disconnect, device number 16 [ 1051.001832][ T61] usb 9-1: new high-speed USB device number 17 using dummy_hcd [ 1051.046917][T24307] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1051.054576][T24307] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1051.155611][ T61] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 1051.159165][ T61] usb 9-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 1051.163246][ T61] usb 9-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1051.170432][ T61] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41 [ 1051.174154][ T61] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11 [ 1051.177590][ T61] usb 9-1: Product: syz [ 1051.179415][ T61] usb 9-1: Manufacturer: syz [ 1051.181915][ T61] usb 9-1: SerialNumber: syz [ 1051.398961][ T61] usblp 9-1:1.0: usblp0: USB Unidirectional printer dev 17 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 1051.598269][ T7364] usb 9-1: USB disconnect, device number 17 [ 1051.604941][ T7364] usblp0: removed [ 1052.600767][T24319] tmpfs: Unknown parameter 'quot”–l [ 1052.600767][T24319] Ra³ÆÈ9“´g­»tpHû}b¹.ç:4úÎY¦¶™ [ 1052.600767][T24319] o–{Íeú¢«é¨£9}Ùܼâ&þ­ôl:•' [ 1052.614719][T24319] overlayfs: missing 'lowerdir' [ 1052.802793][T24327] netlink: 76 bytes leftover after parsing attributes in process `syz.4.4857'. [ 1052.941650][T13877] usb 8-1: USB disconnect, device number 78 [ 1053.120816][ T53] usb 9-1: new high-speed USB device number 18 using dummy_hcd [ 1053.325209][T24338] FAULT_INJECTION: forcing a failure. [ 1053.325209][T24338] name failslab, interval 1, probability 0, space 0, times 0 [ 1053.332539][T24338] CPU: 0 UID: 0 PID: 24338 Comm: syz.5.4859 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 1053.332567][T24338] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1053.332612][T24338] Call Trace: [ 1053.332621][T24338] [ 1053.332629][T24338] dump_stack_lvl+0x16c/0x1f0 [ 1053.332658][T24338] should_fail_ex+0x512/0x640 [ 1053.332681][T24338] ? fs_reclaim_acquire+0xae/0x150 [ 1053.332702][T24338] ? tomoyo_encode2+0x100/0x3e0 [ 1053.332719][T24338] should_failslab+0xc2/0x120 [ 1053.332730][T24338] __kmalloc_noprof+0xd2/0x510 [ 1053.332750][T24338] tomoyo_encode2+0x100/0x3e0 [ 1053.332770][T24338] tomoyo_encode+0x29/0x50 [ 1053.332783][T24338] tomoyo_realpath_from_path+0x18f/0x6e0 [ 1053.332800][T24338] ? tomoyo_profile+0x47/0x60 [ 1053.332817][T24338] tomoyo_path_number_perm+0x245/0x580 [ 1053.332830][T24338] ? tomoyo_path_number_perm+0x237/0x580 [ 1053.332843][T24338] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1053.332870][T24338] ? find_held_lock+0x2b/0x80 [ 1053.332882][T24338] ? hook_file_ioctl_common+0x145/0x410 [ 1053.332896][T24338] ? __fget_files+0x20e/0x3c0 [ 1053.332910][T24338] ? __fput_deferred+0x450/0x480 [ 1053.332923][T24338] security_file_ioctl_compat+0x9b/0x240 [ 1053.332938][T24338] __ia32_compat_sys_ioctl+0xc3/0x370 [ 1053.332953][T24338] __do_fast_syscall_32+0x7c/0x3a0 [ 1053.332971][T24338] do_fast_syscall_32+0x32/0x80 [ 1053.332987][T24338] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1053.333001][T24338] RIP: 0023:0xf70ce579 [ 1053.333010][T24338] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1053.333021][T24338] RSP: 002b:00000000f50be55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 1053.333031][T24338] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080049370 [ 1053.333038][T24338] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1053.333048][T24338] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1053.333057][T24338] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1053.333066][T24338] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1053.333088][T24338] [ 1053.333507][T24338] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1053.971063][ T1416] ieee802154 phy1 wpan1: encryption failed: -22 [ 1054.115381][ T5960] Bluetooth: hci1: unexpected event 0x0f length: 18 > 4 [ 1054.181006][ T53] usb 9-1: device descriptor read/64, error -71 [ 1054.430917][ T53] usb 9-1: new high-speed USB device number 19 using dummy_hcd [ 1054.557386][ C2] hpet: Lost 1 RTC interrupts [ 1054.562638][ T53] usb 9-1: device descriptor read/64, error -71 [ 1054.563398][T24360] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4867'. [ 1054.631419][T24353] tmpfs: Unknown parameter 'quot”–l [ 1054.631419][T24353] Ra³ÆÈ9“´g­»tpHû}b¹.ç:4úÎY¦¶™ [ 1054.631419][T24353] o–{Íeú¢«é¨£9}Ùܼâ&þ­ôl:•' [ 1054.646425][T24353] overlayfs: missing 'lowerdir' [ 1054.670966][ T53] usb usb9-port1: attempt power cycle [ 1054.902633][T24371] bridge0: port 1(syz_tun) entered blocking state [ 1054.906138][T24371] bridge0: port 1(syz_tun) entered disabled state [ 1054.912038][T24371] syz_tun: entered allmulticast mode [ 1054.917772][T24371] syz_tun: entered promiscuous mode [ 1054.931440][T24371] bridge0: port 1(syz_tun) entered blocking state [ 1054.935462][T24371] bridge0: port 1(syz_tun) entered forwarding state [ 1055.020757][ T53] usb 9-1: new high-speed USB device number 20 using dummy_hcd [ 1055.041230][ T53] usb 9-1: device descriptor read/8, error -71 [ 1055.291073][ T53] usb 9-1: new high-speed USB device number 21 using dummy_hcd [ 1055.311611][ T53] usb 9-1: device descriptor read/8, error -71 [ 1055.420989][ T53] usb usb9-port1: unable to enumerate USB device [ 1055.738013][T24377] IPv6: NLM_F_REPLACE set, but no existing node found! [ 1056.714363][T24403] netlink: 48 bytes leftover after parsing attributes in process `syz.2.4878'. [ 1056.731798][T24402] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(8) [ 1056.734443][T24402] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 1056.741743][T24402] vhci_hcd vhci_hcd.0: Device attached [ 1056.773537][T24403] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4878'. [ 1056.780435][T24403] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4878'. [ 1056.979199][ T40] audit: type=1800 audit(1752711825.975:2803): pid=24409 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.4880" name="/" dev="9p" ino=4611686018427387906 res=0 errno=0 [ 1056.990836][ T61] usb 45-1: new high-speed USB device number 9 using vhci_hcd [ 1057.028554][ T24] usb 7-1: new high-speed USB device number 80 using dummy_hcd [ 1057.181059][ T24] usb 7-1: Using ep0 maxpacket: 16 [ 1057.192543][ T24] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 3 [ 1057.198338][ T24] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1057.202485][ T24] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1057.205629][ T24] usb 7-1: Product: syz [ 1057.207999][ T24] usb 7-1: Manufacturer: syz [ 1057.209992][ T24] usb 7-1: SerialNumber: syz [ 1057.216457][ T24] usb 7-1: config 0 descriptor?? [ 1057.232159][T24413] FAULT_INJECTION: forcing a failure. [ 1057.232159][T24413] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1057.237615][T24413] CPU: 3 UID: 0 PID: 24413 Comm: syz.5.4882 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 1057.237638][T24413] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1057.237649][T24413] Call Trace: [ 1057.237655][T24413] [ 1057.237663][T24413] dump_stack_lvl+0x16c/0x1f0 [ 1057.237692][T24413] should_fail_ex+0x512/0x640 [ 1057.237720][T24413] strncpy_from_user+0x3b/0x2e0 [ 1057.237743][T24413] getname_flags.part.0+0x8f/0x550 [ 1057.237766][T24413] getname_flags+0x93/0xf0 [ 1057.237787][T24413] do_sys_openat2+0xb8/0x1d0 [ 1057.237805][T24413] ? __pfx_do_sys_openat2+0x10/0x10 [ 1057.237825][T24413] ? __fget_files+0x20e/0x3c0 [ 1057.237846][T24413] ? handle_mm_fault+0x1e0/0xd10 [ 1057.237871][T24413] __ia32_compat_sys_openat+0x16d/0x210 [ 1057.237892][T24413] ? __pfx___ia32_compat_sys_openat+0x10/0x10 [ 1057.237910][T24413] ? ksys_write+0x1ac/0x250 [ 1057.237937][T24413] ? rcu_is_watching+0x12/0xc0 [ 1057.237958][T24413] __do_fast_syscall_32+0x7c/0x3a0 [ 1057.237984][T24413] do_fast_syscall_32+0x32/0x80 [ 1057.238007][T24413] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1057.238027][T24413] RIP: 0023:0xf70ce579 [ 1057.238040][T24413] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1057.238056][T24413] RSP: 002b:00000000f50be55c EFLAGS: 00000296 ORIG_RAX: 0000000000000127 [ 1057.238072][T24413] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 000000008000c380 [ 1057.238082][T24413] RDX: 0000000000020842 RSI: 0000000000000022 RDI: 0000000000000000 [ 1057.238091][T24413] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1057.238101][T24413] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1057.238111][T24413] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1057.238132][T24413] [ 1057.321013][T24404] vhci_hcd: connection reset by peer [ 1057.325696][ T12] vhci_hcd: stop threads [ 1057.327596][ T12] vhci_hcd: release socket [ 1057.329420][ T12] vhci_hcd: disconnect device [ 1057.743400][ T24] usb 7-1: USB disconnect, device number 80 [ 1058.024991][T24421] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4885'. [ 1058.193607][ T5960] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 1058.197667][ T5960] Bluetooth: hci1: Injecting HCI hardware error event [ 1058.203965][T23915] Bluetooth: hci1: hardware error 0x00 [ 1058.450790][ T6039] usb 10-1: new high-speed USB device number 4 using dummy_hcd [ 1058.515073][T24432] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4888'. [ 1058.518873][T24432] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4888'. [ 1058.522877][T24432] netlink: 'syz.3.4888': attribute type 6 has an invalid length. [ 1058.653627][ T6039] usb 10-1: config 0 has an invalid interface number: 50 but max is 0 [ 1058.659158][ T6039] usb 10-1: config 0 has no interface number 0 [ 1058.661707][ T6039] usb 10-1: config 0 interface 50 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1058.668346][ T6039] usb 10-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=e6.fc [ 1058.672873][ T6039] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1058.676211][ T6039] usb 10-1: Product: syz [ 1058.678107][ T6039] usb 10-1: Manufacturer: syz [ 1058.680110][ T6039] usb 10-1: SerialNumber: syz [ 1058.685593][ T6039] usb 10-1: config 0 descriptor?? [ 1058.694433][ T6039] yurex 10-1:0.50: USB YUREX device now attached to Yurex #0 [ 1058.931490][T24426] FAULT_INJECTION: forcing a failure. [ 1058.931490][T24426] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1058.936937][T24426] CPU: 3 UID: 0 PID: 24426 Comm: syz.5.4886 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 1058.936960][T24426] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1058.936971][T24426] Call Trace: [ 1058.936977][T24426] [ 1058.936984][T24426] dump_stack_lvl+0x16c/0x1f0 [ 1058.937014][T24426] should_fail_ex+0x512/0x640 [ 1058.937042][T24426] _copy_to_user+0x32/0xd0 [ 1058.937069][T24426] simple_read_from_buffer+0xcb/0x170 [ 1058.937093][T24426] proc_fail_nth_read+0x197/0x270 [ 1058.937112][T24426] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1058.937134][T24426] ? rw_verify_area+0xcf/0x680 [ 1058.937154][T24426] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1058.937173][T24426] vfs_read+0x1e4/0xc60 [ 1058.937197][T24426] ? fdget_pos+0x2a2/0x370 [ 1058.937248][T24426] ? __pfx_vfs_read+0x10/0x10 [ 1058.937268][T24426] ? find_held_lock+0x2b/0x80 [ 1058.937291][T24426] ? __fget_files+0x20e/0x3c0 [ 1058.937320][T24426] ksys_read+0x12a/0x250 [ 1058.937342][T24426] ? __pfx_ksys_read+0x10/0x10 [ 1058.937366][T24426] ? rcu_is_watching+0x12/0xc0 [ 1058.937386][T24426] __do_fast_syscall_32+0x7c/0x3a0 [ 1058.937412][T24426] do_fast_syscall_32+0x32/0x80 [ 1058.937435][T24426] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1058.937456][T24426] RIP: 0023:0xf70ce579 [ 1058.937470][T24426] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1058.937485][T24426] RSP: 002b:00000000f50be590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 1058.937502][T24426] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f50be620 [ 1058.937513][T24426] RDX: 000000000000000f RSI: 00000000f7434ff4 RDI: 0000000000000000 [ 1058.937523][T24426] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 1058.937532][T24426] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1058.937542][T24426] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1058.937566][T24426] [ 1059.083738][T24427] ALSA: mixer_oss: invalid OSS volume '' [ 1059.163548][ T6039] usb 10-1: USB disconnect, device number 4 [ 1059.171005][ T6039] yurex 10-1:0.50: USB YUREX #0 now disconnected [ 1059.631564][ T6039] libceph: connect (1)[c::]:6789 error -101 [ 1059.635051][ T6039] libceph: mon0 (1)[c::]:6789 connect error [ 1059.923118][T24452] netlink: 32 bytes leftover after parsing attributes in process `syz.3.4894'. [ 1059.953801][ T6040] libceph: connect (1)[c::]:6789 error -101 [ 1059.956574][ T6040] libceph: mon0 (1)[c::]:6789 connect error [ 1060.256980][T24445] ceph: No mds server is up or the cluster is laggy [ 1060.294627][T23915] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 1061.165863][T24471] FAULT_INJECTION: forcing a failure. [ 1061.165863][T24471] name failslab, interval 1, probability 0, space 0, times 0 [ 1061.171328][T24471] CPU: 0 UID: 0 PID: 24471 Comm: syz.5.4899 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 1061.171379][T24471] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1061.171397][T24471] Call Trace: [ 1061.171404][T24471] [ 1061.171411][T24471] dump_stack_lvl+0x16c/0x1f0 [ 1061.171441][T24471] should_fail_ex+0x512/0x640 [ 1061.171466][T24471] ? __kmalloc_noprof+0xbf/0x510 [ 1061.171491][T24471] ? alloc_pipe_info+0x1ec/0x590 [ 1061.171513][T24471] should_failslab+0xc2/0x120 [ 1061.171530][T24471] __kmalloc_noprof+0xd2/0x510 [ 1061.171555][T24471] ? kasan_save_track+0x14/0x30 [ 1061.171581][T24471] alloc_pipe_info+0x1ec/0x590 [ 1061.171609][T24471] splice_direct_to_actor+0x77d/0xa30 [ 1061.171632][T24471] ? __pfx_direct_splice_actor+0x10/0x10 [ 1061.171655][T24471] ? __pfx_aa_file_perm+0x10/0x10 [ 1061.171677][T24471] ? find_held_lock+0x2b/0x80 [ 1061.171695][T24471] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 1061.171723][T24471] do_splice_direct+0x174/0x240 [ 1061.171743][T24471] ? __pfx_do_splice_direct+0x10/0x10 [ 1061.171764][T24471] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 1061.171788][T24471] ? rw_verify_area+0xcf/0x680 [ 1061.171812][T24471] do_sendfile+0xb06/0xe50 [ 1061.171839][T24471] ? __pfx_do_sendfile+0x10/0x10 [ 1061.171862][T24471] ? __might_fault+0xe3/0x190 [ 1061.171885][T24471] ? __might_fault+0x13b/0x190 [ 1061.171914][T24471] __ia32_compat_sys_sendfile+0x162/0x220 [ 1061.171931][T24471] ? __pfx___ia32_compat_sys_sendfile+0x10/0x10 [ 1061.171949][T24471] ? trace_irq_enable.constprop.0+0x2f/0x120 [ 1061.171979][T24471] __do_fast_syscall_32+0x7c/0x3a0 [ 1061.172005][T24471] do_fast_syscall_32+0x32/0x80 [ 1061.172029][T24471] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1061.172049][T24471] RIP: 0023:0xf70ce579 [ 1061.172065][T24471] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1061.172081][T24471] RSP: 002b:00000000f509d55c EFLAGS: 00000296 ORIG_RAX: 00000000000000bb [ 1061.172098][T24471] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000004 [ 1061.172110][T24471] RDX: 0000000080000080 RSI: 0000000000007f04 RDI: 0000000000000000 [ 1061.172121][T24471] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1061.172131][T24471] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1061.172142][T24471] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1061.172165][T24471] [ 1061.590382][T24457] Process accounting resumed [ 1061.732448][T24480] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4903'. [ 1061.736344][T24480] trusted_key: syz.2.4903 sent an empty control message without MSG_MORE. [ 1062.062844][T24487] netlink: 76 bytes leftover after parsing attributes in process `syz.4.4905'. [ 1062.170999][ T61] vhci_hcd: vhci_device speed not set [ 1062.374520][ T7364] usb 9-1: new high-speed USB device number 22 using dummy_hcd [ 1062.520784][ T7364] usb 9-1: Using ep0 maxpacket: 8 [ 1062.531775][ T7364] usb 9-1: config index 0 descriptor too short (expected 301, got 45) [ 1062.540962][ T7364] usb 9-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 1062.545099][ T7364] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 1062.549014][ T7364] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1062.720881][T24504] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4910'. [ 1062.735363][T24502] wireguard0: entered promiscuous mode [ 1062.737840][T24502] wireguard0: entered allmulticast mode [ 1062.831192][T24506] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4910'. [ 1063.184509][T24508] FAULT_INJECTION: forcing a failure. [ 1063.184509][T24508] name failslab, interval 1, probability 0, space 0, times 0 [ 1063.189848][T24508] CPU: 1 UID: 0 PID: 24508 Comm: syz.3.4911 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 1063.189873][T24508] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1063.189884][T24508] Call Trace: [ 1063.189892][T24508] [ 1063.189901][T24508] dump_stack_lvl+0x16c/0x1f0 [ 1063.189932][T24508] should_fail_ex+0x512/0x640 [ 1063.189957][T24508] ? fs_reclaim_acquire+0xae/0x150 [ 1063.189980][T24508] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 1063.190004][T24508] should_failslab+0xc2/0x120 [ 1063.190023][T24508] __kmalloc_noprof+0xd2/0x510 [ 1063.190055][T24508] tomoyo_realpath_from_path+0xc2/0x6e0 [ 1063.190082][T24508] ? tomoyo_profile+0x47/0x60 [ 1063.190111][T24508] tomoyo_path_number_perm+0x245/0x580 [ 1063.190130][T24508] ? tomoyo_path_number_perm+0x237/0x580 [ 1063.190153][T24508] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1063.190198][T24508] ? find_held_lock+0x2b/0x80 [ 1063.190216][T24508] ? hook_file_ioctl_common+0x145/0x410 [ 1063.190241][T24508] ? __fget_files+0x20e/0x3c0 [ 1063.190264][T24508] ? __fput_deferred+0x450/0x480 [ 1063.190286][T24508] security_file_ioctl_compat+0x9b/0x240 [ 1063.190310][T24508] __ia32_compat_sys_ioctl+0xc3/0x370 [ 1063.190336][T24508] __do_fast_syscall_32+0x7c/0x3a0 [ 1063.190364][T24508] do_fast_syscall_32+0x32/0x80 [ 1063.190390][T24508] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1063.190413][T24508] RIP: 0023:0xf7f22579 [ 1063.190428][T24508] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1063.190445][T24508] RSP: 002b:00000000f504655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 1063.190463][T24508] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c1007c01 [ 1063.190475][T24508] RDX: 0000000080000240 RSI: 0000000000000000 RDI: 0000000000000000 [ 1063.190485][T24508] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1063.190495][T24508] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1063.190506][T24508] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1063.190529][T24508] [ 1063.190537][T24508] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1063.440765][T24519] overlayfs: empty lowerdir [ 1063.476809][T24516] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4913'. [ 1063.727277][T24536] FAULT_INJECTION: forcing a failure. [ 1063.727277][T24536] name failslab, interval 1, probability 0, space 0, times 0 [ 1063.732919][T24536] CPU: 3 UID: 0 PID: 24536 Comm: syz.2.4918 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 1063.732945][T24536] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1063.732957][T24536] Call Trace: [ 1063.732964][T24536] [ 1063.732972][T24536] dump_stack_lvl+0x16c/0x1f0 [ 1063.733002][T24536] should_fail_ex+0x512/0x640 [ 1063.733029][T24536] ? fs_reclaim_acquire+0xae/0x150 [ 1063.733053][T24536] ? tomoyo_encode2+0x100/0x3e0 [ 1063.733077][T24536] should_failslab+0xc2/0x120 [ 1063.733095][T24536] __kmalloc_noprof+0xd2/0x510 [ 1063.733121][T24536] ? d_absolute_path+0x136/0x1a0 [ 1063.733146][T24536] tomoyo_encode2+0x100/0x3e0 [ 1063.733194][T24536] tomoyo_encode+0x29/0x50 [ 1063.733217][T24536] tomoyo_realpath_from_path+0x18f/0x6e0 [ 1063.733250][T24536] tomoyo_path_number_perm+0x245/0x580 [ 1063.733271][T24536] ? tomoyo_path_number_perm+0x237/0x580 [ 1063.733308][T24536] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1063.733357][T24536] ? find_held_lock+0x2b/0x80 [ 1063.733378][T24536] ? hook_file_ioctl_common+0x145/0x410 [ 1063.733405][T24536] ? __fget_files+0x20e/0x3c0 [ 1063.733427][T24536] ? __fput_deferred+0x450/0x480 [ 1063.733450][T24536] security_file_ioctl_compat+0x9b/0x240 [ 1063.733475][T24536] __ia32_compat_sys_ioctl+0xc3/0x370 [ 1063.733514][T24536] __do_fast_syscall_32+0x7c/0x3a0 [ 1063.733545][T24536] do_fast_syscall_32+0x32/0x80 [ 1063.733571][T24536] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1063.733595][T24536] RIP: 0023:0xf7f81579 [ 1063.733610][T24536] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1063.733629][T24536] RSP: 002b:00000000f50a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 1063.733647][T24536] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000004b72 [ 1063.733659][T24536] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1063.733671][T24536] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1063.733687][T24536] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1063.733699][T24536] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1063.733724][T24536] [ 1063.733831][T24536] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1063.892633][T24538] input input39: cannot allocate more than FF_MAX_EFFECTS effects [ 1063.949273][T24539] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4920'. [ 1063.954100][T24539] netlink: 'syz.2.4920': attribute type 5 has an invalid length. [ 1063.964955][T24539] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 1063.968715][T24539] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 1063.972435][T24539] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 1063.977074][T24539] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 1063.990071][T24539] vxlan0: entered promiscuous mode [ 1064.709557][T24548] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 1064.794761][ T7364] usb 9-1: USB disconnect, device number 22 [ 1064.938531][T24554] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4926'. [ 1065.020946][T15161] usb 10-1: new high-speed USB device number 5 using dummy_hcd [ 1065.029751][T24558] FAULT_INJECTION: forcing a failure. [ 1065.029751][T24558] name failslab, interval 1, probability 0, space 0, times 0 [ 1065.034106][T24558] CPU: 2 UID: 0 PID: 24558 Comm: syz.4.4927 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 1065.034125][T24558] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1065.034134][T24558] Call Trace: [ 1065.034139][T24558] [ 1065.034145][T24558] dump_stack_lvl+0x16c/0x1f0 [ 1065.034169][T24558] should_fail_ex+0x512/0x640 [ 1065.034188][T24558] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 1065.034211][T24558] should_failslab+0xc2/0x120 [ 1065.034225][T24558] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 1065.034244][T24558] ? __alloc_skb+0x2b2/0x380 [ 1065.034266][T24558] __alloc_skb+0x2b2/0x380 [ 1065.034284][T24558] ? __pfx___alloc_skb+0x10/0x10 [ 1065.034305][T24558] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 1065.034324][T24558] netlink_alloc_large_skb+0x69/0x130 [ 1065.034339][T24558] netlink_sendmsg+0x6a1/0xdd0 [ 1065.034357][T24558] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1065.034374][T24558] ? __import_iovec+0x1dd/0x650 [ 1065.034391][T24558] ____sys_sendmsg+0xa95/0xc70 [ 1065.034408][T24558] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1065.034427][T24558] ? get_compat_msghdr+0x11a/0x170 [ 1065.034457][T24558] ___sys_sendmsg+0x134/0x1d0 [ 1065.034477][T24558] ? __pfx____sys_sendmsg+0x10/0x10 [ 1065.034506][T24558] ? find_held_lock+0x2b/0x80 [ 1065.034534][T24558] __sys_sendmsg+0x16d/0x220 [ 1065.034553][T24558] ? __pfx___sys_sendmsg+0x10/0x10 [ 1065.034583][T24558] ? rcu_is_watching+0x12/0xc0 [ 1065.034601][T24558] __do_fast_syscall_32+0x7c/0x3a0 [ 1065.034624][T24558] do_fast_syscall_32+0x32/0x80 [ 1065.034644][T24558] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1065.034662][T24558] RIP: 0023:0xf70be579 [ 1065.034673][T24558] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 1065.034688][T24558] RSP: 002b:00000000f50ae55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 1065.034702][T24558] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000240 [ 1065.034711][T24558] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1065.034719][T24558] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1065.034727][T24558] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 1065.034736][T24558] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1065.034756][T24558] [ 1065.130334][ C2] hpet: Lost 5 RTC interrupts [ 1065.134538][ T1998] usb 7-1: new high-speed USB device number 81 using dummy_hcd [ 1065.169737][T24560] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5) [ 1065.172533][T24560] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 1065.175987][T24560] vhci_hcd vhci_hcd.0: Device attached [ 1065.180348][T24561] usbip_core: unknown command [ 1065.182427][T24561] vhci_hcd: unknown pdu 774857321 [ 1065.184400][T24561] usbip_core: unknown command [ 1065.186686][ T12] vhci_hcd: stop threads [ 1065.188435][ T12] vhci_hcd: release socket [ 1065.190333][ T12] vhci_hcd: disconnect device [ 1065.190813][T15161] usb 10-1: Using ep0 maxpacket: 16 [ 1065.252903][T24563] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4928'. [ 1065.301917][ T1998] usb 7-1: Using ep0 maxpacket: 8 [ 1065.308212][ T1998] usb 7-1: config index 0 descriptor too short (expected 301, got 45) [ 1065.315051][ T1998] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1065.319426][ T1998] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 1065.331805][T24566] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4928'. [ 1065.333298][ T1998] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 1065.343791][T15161] usb 10-1: config 0 has an invalid interface number: 8 but max is 0 [ 1065.349647][ T1998] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1065.354925][ T1998] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 1065.358444][ T1998] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1065.830679][T15161] usb 10-1: config 0 has no interface number 0 [ 1065.832997][T15161] usb 10-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 1065.836517][T15161] usb 10-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 1065.965929][T15161] usb 10-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 1065.969790][T15161] usb 10-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 1065.973488][T15161] usb 10-1: Product: syz [ 1065.974810][ T1998] usb 7-1: GET_CAPABILITIES returned 0 [ 1065.975297][T15161] usb 10-1: SerialNumber: syz [ 1065.977578][ T1998] usbtmc 7-1:16.0: can't read capabilities [ 1065.983323][ T1998] usb 7-1: USB disconnect, device number 81 [ 1065.994884][T15161] usb 10-1: config 0 descriptor?? [ 1066.013385][T15161] cm109 10-1:0.8: invalid payload size 0, expected 4 [ 1066.022019][T15161] input: CM109 USB driver as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.8/input/input40 [ 1066.375300][T15161] ------------[ cut here ]------------ [ 1066.378480][T15161] URB ffff888024b9f100 submitted while active [ 1066.381617][T15161] WARNING: CPU: 0 PID: 15161 at drivers/usb/core/urb.c:379 usb_submit_urb+0x152b/0x1790 [ 1066.385426][T15161] Modules linked in: [ 1066.387706][T15161] CPU: 0 UID: 0 PID: 15161 Comm: kworker/0:0 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 1066.393522][T15161] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1066.398825][T15161] Workqueue: usb_hub_wq hub_event [ 1066.401089][T15161] RIP: 0010:usb_submit_urb+0x152b/0x1790 [ 1066.404008][T15161] Code: fd eb cb bb fe ff ff ff e9 70 f3 ff ff e8 dd 2c 89 fa c6 05 7a ca 5f 09 01 90 48 c7 c7 e0 1f 73 8c 48 89 de e8 56 7d 48 fa 90 <0f> 0b 90 90 e9 b6 fe ff ff bb f8 ff ff ff e9 40 f3 ff ff 48 89 ef SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 1066.414387][T15161] RSP: 0018:ffffc90021fc6e98 EFLAGS: 00010286 [ 1066.417915][T15161] RAX: 0000000000000000 RBX: ffff888024b9f100 RCX: ffffffff817ab108 [ 1066.422119][T15161] RDX: ffff888024a20000 RSI: ffffffff817ab115 RDI: 0000000000000001 [ 1066.426252][T15161] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 [ 1066.430500][T15161] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888078d3d010 [ 1066.434066][T15161] R13: ffff888078d3d0a0 R14: ffff888078d3d050 R15: 0000000000000000 [ 1066.437805][T15161] FS: 0000000000000000(0000) GS:ffff888097520000(0000) knlGS:0000000000000000 [ 1066.442524][T15161] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1066.446809][T15161] CR2: 000000002f70bffc CR3: 0000000054145000 CR4: 0000000000352ef0 [ 1066.452478][T15161] DR0: ffffffffffffffff DR1: 000000000000008d DR2: 0000000020000008 [ 1066.457540][T15161] DR3: 0000000000007fff DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 1066.470676][T15161] Call Trace: [ 1066.472018][T15161] [ 1066.473312][T15161] ? _raw_spin_unlock_irqrestore+0x61/0x80 [ 1066.475761][T15161] cm109_input_open+0x271/0x480 [ 1066.477980][T15161] input_open_device+0x230/0x390 [ 1066.480162][T15161] ? __pfx_cm109_input_open+0x10/0x10 [ 1066.482972][T15161] kbd_connect+0x103/0x160 [ 1066.484929][T15161] input_attach_handler.isra.0+0x184/0x260 [ 1066.487427][T15161] input_register_device+0xa84/0x1130 [ 1066.489779][T15161] cm109_usb_probe+0x122f/0x17c0 [ 1066.491977][T15161] usb_probe_interface+0x303/0x9c0 [ 1066.494876][T15161] ? __pfx_usb_probe_interface+0x10/0x10 [ 1066.497187][T15161] really_probe+0x23e/0xa90 [ 1066.499510][T15161] __driver_probe_device+0x1de/0x440 [ 1066.502297][T15161] driver_probe_device+0x4c/0x1b0 [ 1066.504663][T15161] __device_attach_driver+0x1df/0x310 [ 1066.506944][T15161] ? __pfx___device_attach_driver+0x10/0x10 [ 1066.509713][T15161] bus_for_each_drv+0x156/0x1e0 [ 1066.511764][T15161] ? __pfx_bus_for_each_drv+0x10/0x10 [ 1066.516836][T15161] ? lockdep_hardirqs_on+0x7c/0x110 [ 1066.519098][T15161] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1066.521807][T15161] __device_attach+0x1e4/0x4b0 [ 1066.524569][T15161] ? __pfx___device_attach+0x10/0x10 [ 1066.528038][T15161] ? do_raw_spin_unlock+0x172/0x230 [ 1066.530517][T15161] bus_probe_device+0x17f/0x1c0 [ 1066.533261][T15161] device_add+0x1148/0x1a70 [ 1066.535303][T15161] ? __pfx_device_add+0x10/0x10 [ 1066.537400][T15161] ? preempt_schedule_thunk+0x16/0x30 [ 1066.539734][T15161] usb_set_configuration+0x1187/0x1e20 [ 1066.542657][T15161] ? __pfx_usb_generic_driver_probe+0x10/0x10 [ 1066.545891][T15161] usb_generic_driver_probe+0xb1/0x110 [ 1066.548334][T15161] usb_probe_device+0xef/0x3e0 [ 1066.551129][T15161] ? __pfx_usb_probe_device+0x10/0x10 [ 1066.553501][T15161] really_probe+0x23e/0xa90 [ 1066.555558][T15161] __driver_probe_device+0x1de/0x440 [ 1066.557882][T15161] ? usb_driver_applicable+0x1c7/0x220 [ 1066.560151][T15161] driver_probe_device+0x4c/0x1b0 [ 1066.562633][T15161] __device_attach_driver+0x1df/0x310 [ 1066.564899][T15161] ? __pfx___device_attach_driver+0x10/0x10 [ 1066.567528][T15161] bus_for_each_drv+0x156/0x1e0 [ 1066.569618][T15161] ? __pfx_bus_for_each_drv+0x10/0x10 [ 1066.572118][T15161] ? lockdep_hardirqs_on+0x7c/0x110 [ 1066.574600][T15161] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1066.576994][T15161] __device_attach+0x1e4/0x4b0 [ 1066.579222][T15161] ? __pfx___device_attach+0x10/0x10 [ 1066.581698][T15161] ? do_raw_spin_unlock+0x172/0x230 [ 1066.584095][T15161] bus_probe_device+0x17f/0x1c0 [ 1066.586122][T15161] device_add+0x1148/0x1a70 [ 1066.588014][T15161] ? __pfx_device_add+0x10/0x10 [ 1066.589892][T15161] ? add_device_randomness+0xb7/0xf0 [ 1066.591958][T15161] ? __usb_get_extra_descriptor+0x158/0x1c0 [ 1066.594218][T15161] usb_new_device+0xd07/0x1a20 [ 1066.596029][T15161] ? do_raw_spin_lock+0x12c/0x2b0 [ 1066.598147][T15161] ? __pfx_usb_new_device+0x10/0x10 [ 1066.600893][T15161] ? mark_held_locks+0x49/0x80 [ 1066.602969][T15161] hub_event+0x2eb7/0x4fa0 [ 1066.604908][T15161] ? __pfx_hub_event+0x10/0x10 [ 1066.606984][T15161] ? assoc_array_insert+0xe90/0x3970 [ 1066.609686][T15161] ? rcu_is_watching+0x12/0xc0 [ 1066.612095][T15161] process_one_work+0x9cf/0x1b70 [ 1066.614263][T15161] ? __pfx_hcd_resume_work+0x10/0x10 [ 1066.616797][T15161] ? __pfx_process_one_work+0x10/0x10 [ 1066.619105][T15161] ? assign_work+0x1a0/0x250 [ 1066.621191][T15161] worker_thread+0x6c8/0xf10 [ 1066.623268][T15161] ? __kthread_parkme+0x19e/0x250 [ 1066.625385][T15161] ? __pfx_worker_thread+0x10/0x10 [ 1066.627383][T15161] kthread+0x3c2/0x780 [ 1066.631974][T15161] ? __pfx_kthread+0x10/0x10 [ 1066.634055][T15161] ? rcu_is_watching+0x12/0xc0 [ 1066.636137][T15161] ? __pfx_kthread+0x10/0x10 [ 1066.638148][T15161] ret_from_fork+0x5d7/0x6f0 [ 1066.640116][T15161] ? __pfx_kthread+0x10/0x10 [ 1066.642712][T15161] ret_from_fork_asm+0x1a/0x30 [ 1066.645021][T15161] [ 1066.646403][T15161] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 1066.649422][T15161] CPU: 0 UID: 0 PID: 15161 Comm: kworker/0:0 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 1066.654327][T15161] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1066.658654][T15161] Workqueue: usb_hub_wq hub_event [ 1066.660967][T15161] Call Trace: [ 1066.662743][T15161] [ 1066.664310][T15161] dump_stack_lvl+0x3d/0x1f0 [ 1066.666346][T15161] panic+0x71c/0x800 [ 1066.668056][T15161] ? __pfx_panic+0x10/0x10 [ 1066.669991][T15161] ? show_trace_log_lvl+0x29b/0x3e0 [ 1066.672443][T15161] ? check_panic_on_warn+0x1f/0xb0 [ 1066.674647][T15161] ? usb_submit_urb+0x152b/0x1790 [ 1066.676811][T15161] check_panic_on_warn+0xab/0xb0 [ 1066.678866][T15161] __warn+0xf6/0x3c0 [ 1066.680895][T15161] ? usb_submit_urb+0x152b/0x1790 [ 1066.682972][T15161] report_bug+0x3c3/0x580 [ 1066.684704][T15161] ? usb_submit_urb+0x152b/0x1790 [ 1066.686629][T15161] handle_bug+0x184/0x210 [ 1066.688439][T15161] exc_invalid_op+0x17/0x50 [ 1066.690376][T15161] asm_exc_invalid_op+0x1a/0x20 [ 1066.692490][T15161] RIP: 0010:usb_submit_urb+0x152b/0x1790 [ 1066.695234][T15161] Code: fd eb cb bb fe ff ff ff e9 70 f3 ff ff e8 dd 2c 89 fa c6 05 7a ca 5f 09 01 90 48 c7 c7 e0 1f 73 8c 48 89 de e8 56 7d 48 fa 90 <0f> 0b 90 90 e9 b6 fe ff ff bb f8 ff ff ff e9 40 f3 ff ff 48 89 ef [ 1066.704377][T15161] RSP: 0018:ffffc90021fc6e98 EFLAGS: 00010286 [ 1066.706945][T15161] RAX: 0000000000000000 RBX: ffff888024b9f100 RCX: ffffffff817ab108 [ 1066.710245][T15161] RDX: ffff888024a20000 RSI: ffffffff817ab115 RDI: 0000000000000001 [ 1066.713582][T15161] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 [ 1066.717109][T15161] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888078d3d010 [ 1066.721264][T15161] R13: ffff888078d3d0a0 R14: ffff888078d3d050 R15: 0000000000000000 [ 1066.724688][T15161] ? __warn_printk+0x198/0x350 [ 1066.726760][T15161] ? __warn_printk+0x1a5/0x350 [ 1066.728581][T15161] ? usb_submit_urb+0x152a/0x1790 [ 1066.730490][T15161] ? _raw_spin_unlock_irqrestore+0x61/0x80 [ 1066.732700][T15161] cm109_input_open+0x271/0x480 [ 1066.734524][T15161] input_open_device+0x230/0x390 [ 1066.736369][T15161] ? __pfx_cm109_input_open+0x10/0x10 [ 1066.738443][T15161] kbd_connect+0x103/0x160 [ 1066.740160][T15161] input_attach_handler.isra.0+0x184/0x260 [ 1066.742572][T15161] input_register_device+0xa84/0x1130 [ 1066.745046][T15161] cm109_usb_probe+0x122f/0x17c0 [ 1066.747264][T15161] usb_probe_interface+0x303/0x9c0 [ 1066.749484][T15161] ? __pfx_usb_probe_interface+0x10/0x10 [ 1066.751851][T15161] really_probe+0x23e/0xa90 [ 1066.753809][T15161] __driver_probe_device+0x1de/0x440 [ 1066.756270][T15161] driver_probe_device+0x4c/0x1b0 [ 1066.758439][T15161] __device_attach_driver+0x1df/0x310 [ 1066.760795][T15161] ? __pfx___device_attach_driver+0x10/0x10 [ 1066.763250][T15161] bus_for_each_drv+0x156/0x1e0 [ 1066.765330][T15161] ? __pfx_bus_for_each_drv+0x10/0x10 [ 1066.767596][T15161] ? lockdep_hardirqs_on+0x7c/0x110 [ 1066.769805][T15161] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1066.772240][T15161] __device_attach+0x1e4/0x4b0 [ 1066.774282][T15161] ? __pfx___device_attach+0x10/0x10 [ 1066.776453][T15161] ? do_raw_spin_unlock+0x172/0x230 [ 1066.778635][T15161] bus_probe_device+0x17f/0x1c0 [ 1066.780713][T15161] device_add+0x1148/0x1a70 [ 1066.782651][T15161] ? __pfx_device_add+0x10/0x10 [ 1066.784743][T15161] ? preempt_schedule_thunk+0x16/0x30 [ 1066.787094][T15161] usb_set_configuration+0x1187/0x1e20 [ 1066.789436][T15161] ? __pfx_usb_generic_driver_probe+0x10/0x10 [ 1066.791975][T15161] usb_generic_driver_probe+0xb1/0x110 [ 1066.794281][T15161] usb_probe_device+0xef/0x3e0 [ 1066.796327][T15161] ? __pfx_usb_probe_device+0x10/0x10 [ 1066.798650][T15161] really_probe+0x23e/0xa90 [ 1066.800584][T15161] __driver_probe_device+0x1de/0x440 [ 1066.802968][T15161] ? usb_driver_applicable+0x1c7/0x220 [ 1066.805270][T15161] driver_probe_device+0x4c/0x1b0 [ 1066.807561][T15161] __device_attach_driver+0x1df/0x310 [ 1066.809873][T15161] ? __pfx___device_attach_driver+0x10/0x10 [ 1066.812194][T15161] bus_for_each_drv+0x156/0x1e0 [ 1066.814391][T15161] ? __pfx_bus_for_each_drv+0x10/0x10 [ 1066.816726][T15161] ? lockdep_hardirqs_on+0x7c/0x110 [ 1066.818982][T15161] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1066.821549][T15161] __device_attach+0x1e4/0x4b0 [ 1066.823595][T15161] ? __pfx___device_attach+0x10/0x10 [ 1066.825895][T15161] ? do_raw_spin_unlock+0x172/0x230 [ 1066.828108][T15161] bus_probe_device+0x17f/0x1c0 [ 1066.830231][T15161] device_add+0x1148/0x1a70 [ 1066.832173][T15161] ? __pfx_device_add+0x10/0x10 [ 1066.834642][T15161] ? add_device_randomness+0xb7/0xf0 [ 1066.836728][T15161] ? __usb_get_extra_descriptor+0x158/0x1c0 [ 1066.839288][T15161] usb_new_device+0xd07/0x1a20 [ 1066.841356][T15161] ? do_raw_spin_lock+0x12c/0x2b0 [ 1066.843501][T15161] ? __pfx_usb_new_device+0x10/0x10 [ 1066.845736][T15161] ? mark_held_locks+0x49/0x80 [ 1066.847840][T15161] hub_event+0x2eb7/0x4fa0 [ 1066.849826][T15161] ? __pfx_hub_event+0x10/0x10 [ 1066.852120][T15161] ? assoc_array_insert+0xe90/0x3970 [ 1066.855001][T15161] ? rcu_is_watching+0x12/0xc0 [ 1066.857050][T15161] process_one_work+0x9cf/0x1b70 [ 1066.859315][T15161] ? __pfx_hcd_resume_work+0x10/0x10 [ 1066.861614][T15161] ? __pfx_process_one_work+0x10/0x10 [ 1066.864205][T15161] ? assign_work+0x1a0/0x250 [ 1066.866085][T15161] worker_thread+0x6c8/0xf10 [ 1066.867967][T15161] ? __kthread_parkme+0x19e/0x250 [ 1066.869978][T15161] ? __pfx_worker_thread+0x10/0x10 [ 1066.872349][T15161] kthread+0x3c2/0x780 [ 1066.874050][T15161] ? __pfx_kthread+0x10/0x10 [ 1066.875954][T15161] ? rcu_is_watching+0x12/0xc0 [ 1066.877887][T15161] ? __pfx_kthread+0x10/0x10 [ 1066.879564][T15161] ret_from_fork+0x5d7/0x6f0 [ 1066.881493][T15161] ? __pfx_kthread+0x10/0x10 [ 1066.883404][T15161] ret_from_fork_asm+0x1a/0x30 [ 1066.885390][T15161] [ 1066.887449][T15161] Kernel Offset: disabled [ 1066.889199][T15161] Rebooting in 86400 seconds.. VM DIAGNOSIS: 00:23:55 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000033 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85584895 RDI=ffffffff9b0ac980 RBP=ffffffff9b0ac940 RSP=ffffc90021fc6800 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000001 R12=0000000000000000 R13=0000000000000033 R14=ffffffff9b0ac940 R15=ffffffff85584830 RIP=ffffffff855848bf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff888097520000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000002f70bffc CR3=0000000054145000 CR4=00352ef0 DR0=ffffffffffffffff DR1=000000000000008d DR2=0000000020000008 DR3=0000000000007fff DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=00000286c504c58a RBX=ffff88802b323a00 RCX=00000000000006e0 RDX=0000000000000286 RSI=ffff88802b323a00 RDI=0000000000009b8c RBP=0000000000009b8c RSP=ffffc900203dfd80 R8 =0000000000000005 R9 =000000000000003f R10=0000000000000019 R11=0000000000000001 R12=0000000000000001 R13=0000000000000001 R14=0000000000000019 R15=000000f8420c6d00 RIP=ffffffff81680535 RFL=00000003 [------C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff888097620000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000000c380f65 CR3=0000000054145000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000600 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=0000000000000014 RCX=ffffffff84df8226 RDX=ffff888023130000 RSI=ffffffff84df8265 RDI=0000000000000001 RBP=ffffc900035d7330 RSP=ffffc900035d71f0 R8 =0000000000000001 R9 =0000000000000040 R10=0000000000000010 R11=0000000000000001 R12=1ffff920006bae48 R13=0000000000000010 R14=0000000000000001 R15=ffffffff8c15caf1 RIP=ffffffff81bb5f21 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fda14412300 ffffffff 00c00000 GS =0000 ffff888097720000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000056480260d000 CR3=000000005052f000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff83379967 ffffffff8335b612 0000000500000004 0000000600040008 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000001349 ffffffff8337adde ffffffff823eae40 ffffffff84aeebdf ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6c69662f2e01ffff ffffffffffffef08 0d80030a00000083 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 060870fe08080605 0800040500080000 0001000800209008 000fffffffff0201 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000040806018002 0100000008060c01 71d8001000018003 21a0800800080800 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0100000208060601 06bc4008000e8002 0100000008060601 7cb2080804050800 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0205000800000204 014bde0004001184 08000d800201c708 0008004390003065 ZMM24=1edc793d1edc793d 1edc793d1edc793d 1edc793d1edc793d 1edc793d1edc793d 1edc793d1edc793d 1edc793d1edc793d 1edc793d1edc793d 1edc793d1edc793d ZMM25=f8815fcaf8815fca f8815fcaf8815fca f8815fcaf8815fca f8815fcaf8815fca f8815fcaf8815fca f8815fcaf8815fca f8815fcaf8815fca f8815fcaf8815fca ZMM26=5977478059774780 5977478059774780 5977478059774780 5977478059774780 5977478059774780 5977478059774780 5977478059774780 5977478059774780 ZMM27=d27ab33fd27ab33f d27ab33fd27ab33f d27ab33fd27ab33f d27ab33fd27ab33f d27ab33fd27ab33f d27ab33fd27ab33f d27ab33fd27ab33f d27ab33fd27ab33f ZMM28=000001700000016f 0000016e0000016d 0000016c0000016b 0000016a00000169 0000016800000167 0000016600000165 0000016400000163 0000016200000161 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=b83a0000b83a0000 b83a0000b83a0000 b83a0000b83a0000 b83a0000b83a0000 b83a0000b83a0000 b83a0000b83a0000 b83a0000b83a0000 b83a0000b83a0000 info registers vcpu 3 CPU#3 EAX=81af49d5 EBX=00000012 ECX=ffffffff EDX=81af49d5 ESI=f7434ff4 EDI=f7452000 EBP=f7450000 ESP=ffb18648 EIP=f70ee696 EFL=00000286 [--S--P-] CPL=3 II=0 A20=1 SMM=0 HLT=0 ES =002b 00000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0023 00000000 ffffffff 00c0fb00 DPL=3 CS32 [-RA] SS =002b 00000000 ffffffff 00c0f300 DPL=3 DS [-WA] DS =002b 00000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 00000000 ffffffff 00c00000 GS =0063 56a6a440 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 00000000 ffffffff 00c00000 TR =0040 000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000000c3f5826 CR3=0000000070022000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000