last executing test programs: 14.001542638s ago: executing program 1 (id=171): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x700, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="4400000070000100000000000000000007000000", @ANYRES32=r1, @ANYBLOB="0c0001800800010003000100100001800c0004800800020000000000100001"], 0x44}}, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'bridge0\x00', 0x0}) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="580000001000010400"/20, @ANYRES32=r4, @ANYBLOB="0000000000800200380012800b0001006272696467650000280002800c002300fbffffffffffffff05002400000000010500240001000000060027"], 0x58}}, 0x0) (fail_nth: 2) 13.381672479s ago: executing program 4 (id=174): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000280)={0x0, &(0x7f0000000480)}) open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89001) prlimit64(0x0, 0xe, &(0x7f0000000140), 0x0) sched_setscheduler(0x0, 0x0, &(0x7f0000000240)) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) ioctl$SNDCTL_DSP_SETFMT(0xffffffffffffffff, 0xc0045005, &(0x7f0000000000)) io_uring_setup(0x3253, &(0x7f0000000580)={0x0, 0x0, 0x20, 0x203, 0x10000001, 0x0, r0}) fcntl$lock(0xffffffffffffffff, 0x25, 0x0) syz_emit_ethernet(0x46, &(0x7f0000000380)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd6064cdd800100000fe0000000000007bae020000c0bd0000000000000000060000000000000000001f00c2"], 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0) r1 = syz_open_dev$vbi(&(0x7f0000000000), 0x3, 0x2) write(r1, &(0x7f0000000040), 0x0) ioctl$VIDIOC_S_CTRL(r1, 0xc008561c, &(0x7f0000000080)={0xf0f046}) write(r1, &(0x7f0000000600)="1c00000016009b8a140000003b9b301fd6df191cdc826569f2a3000000006752a10000005bc0ebbfff0768a84fe46e6e0b793da68cf4489fcfde557647cf24e362623aa9b0fa73485894224ac5c4c8fb78c1711416fb0775d3c3a977314d970dfc6623a48633a458cdebc4aa9ef8446c6f470487313afb16aaebb592cd52fc511b816a2ca68257731145687e6b537cab482ae646b28521a9e8460470a2ba2f68808fcbd3f2575eae548c5c4183155a40708722ed655d37acf9133c090f4a5dbfd470d65cda2a191945a6c3584cea4e8baeb0c6a241b7663a74b1b6e55c5dcd07ba2bcea3e83489cb41e000483298fdc1d1c0ce89d8a3aea4905aa875c8b614e2c403ce9c439e8057423e3c00"/279, 0x5195656059eb066d) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000240)={@cgroup=r2, 0xffffffffffffffff, 0x2b, 0x0, 0x4000}, 0x10) fcntl$lock(0xffffffffffffffff, 0x0, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f00000004c0)='./binderfs2/custom0\x00', 0x0, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x1, 0x2, 0x3a0, 0x5}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f0000000080), &(0x7f0000000140), 0x1800, r3}, 0x38) bpf$MAP_GET_NEXT_KEY(0x15, &(0x7f0000000200)={r3, &(0x7f0000000240), &(0x7f0000000840)=""/238}, 0x20) socket$qrtr(0x2a, 0x2, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="280000000203010400000000ffffffff000000000800010001"], 0x28}, 0x1, 0x0, 0x0, 0x40}, 0x0) 13.315701922s ago: executing program 1 (id=175): bpf$MAP_CREATE(0x0, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_all\x00', 0x275a, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000001) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000003680)='sched_switch\x00', r4}, 0x10) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x5c831, 0xffffffffffffffff, 0x0) r5 = io_uring_setup(0x1693, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x20}) io_uring_register$IORING_REGISTER_BUFFERS(r5, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r5, 0x10, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)=[{0x0}], 0x0, 0x1}, 0x20) r6 = socket$packet(0x11, 0x3, 0x300) process_madvise(r0, &(0x7f0000000500)=[{&(0x7f0000000240)}, {&(0x7f0000000280)="29bd", 0x2}, {&(0x7f0000000340)="c7d171d147cda0421576d48d4766d8706503726a66cf5b61c61920747ec38c3b58f285bf6e46e2a7b4a17feeec2513539df284d7e0c91c873f9ec1f728ec127b83f6fef2d1db92cbb6a15cc362f6a5777c28b3d51bcd9a51d8233b1a57e7c77250eb380fc1c00689dc2b00a90631477fdb64b0b22cc5fe273d13050a0649530e007167a90a30eb92fcf2b1567c57826a5665bf673ba1f78a91828effbc15661d6a3cc0517ca456f5659beb10c12095447813c915c4fbe4526864cd0110c52d31f9e805269f27ee502344ce8a3fb6d87c23fe7b103be1504b4376d7d0", 0xdc}, {&(0x7f0000000440)="a8f77739b1a01879e08ebb5d1c6deb39a51ee476b424d5e78272e8b0495241215df3334db3ef1a3ff677b8ea9c7ed89dd753c9d6765632970db403d5d83d8cf4b9798aac2a2ba3c33d87a7019cb46074626392bf2146578fc12a7fe0aeeeb06c35ec21bbf3c4c5fb1063af26bf8cfc6bc4f95152b99d5633af48eb42fc630d6bc85690", 0x83}], 0x4, 0x10, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'xfrm0\x00', 0x0}) sendto$packet(r6, 0x0, 0x0, 0x8000, &(0x7f0000000140)={0x11, 0x0, r7, 0x1, 0xfc, 0x6, @multicast}, 0x14) socket$nl_route(0x10, 0x3, 0x0) syz_open_dev$video(0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) openat$sysctl(0xffffffffffffff9c, 0x0, 0x1, 0x0) getpid() 11.116462014s ago: executing program 1 (id=178): setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000140), 0x4) mkdirat(0xffffffffffffffff, 0x0, 0x7) mkdirat(0xffffffffffffff9c, 0x0, 0x0) syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a82300000904000002ca744d00090503034d00ff99090805", @ANYRES32], &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]}) r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) read$char_usb(r0, &(0x7f0000000280)=""/239, 0xef) write$char_usb(r0, &(0x7f0000000240)="96", 0x1) r1 = syz_usb_connect$cdc_ecm(0x2, 0x61, &(0x7f0000000000)={{0x12, 0x1, 0x201, 0x2, 0x0, 0x0, 0x20, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x4f, 0x1, 0x1, 0x0, 0x80, 0xf7, [{{0x9, 0x4, 0x0, 0x2, 0x2, 0x2, 0x6, 0x0, 0x46, {{0xa, 0x24, 0x6, 0x0, 0x0, "b42759b964"}, {0x5, 0x24, 0x0, 0x4}, {0xd, 0x24, 0xf, 0x1, 0x401, 0x2d, 0x9, 0x2}, [@ncm={0x6, 0x24, 0x1a, 0x1, 0xa}]}, {[{{0x9, 0x5, 0x81, 0x3, 0x40, 0x40, 0x1, 0x6}}], {{0x9, 0x5, 0x82, 0x2, 0x400, 0xce, 0x0, 0x4}}, {{0x9, 0x5, 0x3, 0x2, 0x8, 0xe3, 0xe, 0xa}}}}}]}}]}}, &(0x7f0000000200)={0xa, &(0x7f0000000080)={0xa, 0x6, 0x201, 0x9, 0x9, 0x2, 0x20, 0x1}, 0x2f, &(0x7f0000000100)={0x5, 0xf, 0x2f, 0x3, [@wireless={0xb, 0x10, 0x1, 0x8, 0x3c, 0x2, 0x74, 0x6, 0x1}, @ss_container_id={0x14, 0x10, 0x4, 0x2, "e1a0ae4aa7dbaaec8177803efdc83ed2"}, @wireless={0xb, 0x10, 0x1, 0xc, 0x46, 0xd5, 0x3, 0x4, 0x83}]}, 0x3, [{0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x280b}}, {0x93, &(0x7f0000000380)=@string={0x93, 0x3, "2e30bda30a7a730e3ffada81276177451bdcd263fed4532b9a71562bd47e54af40bfb61a8c3f28e8b7191d8312def747fff25af17a39e7e57f2e01c8a34dea2046e47dafd02ea10e71e556cc748c6e6761cfa48219a5ce6bf7e48ddff61b89754edb26ec6910a5e288f5e024ebacc08ae123af4cc82213d7adbd36d4a305bc51f59e25c82b2df8c40c8a5ad31021370033"}}, {0x4, &(0x7f00000001c0)=@lang_id={0x4, 0x3, 0x81a}}]}) syz_usb_disconnect(r1) 10.40593739s ago: executing program 4 (id=181): setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r0, &(0x7f0000000580)=[{&(0x7f0000000640)=""/102396, 0xfffffd6e}, {&(0x7f0000019740)=""/242}], 0x2, 0x0, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r1, 0x0, 0x0) sendmsg$IPSET_CMD_LIST(r1, 0x0, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) syz_io_uring_setup(0x3ed9, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000100), 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff) openat$sndseq(0xffffffffffffff9c, 0x0, 0x20002) sched_setscheduler(0x0, 0x1, 0x0) r2 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0) unshare(0x2a020400) ioctl$SNDRV_CTL_IOCTL_TLV_READ(r2, 0xc008551a, 0x0) getpid() sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) unshare(0x0) socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x2, &(0x7f00000001c0)=[{}, {}]}) 9.002338381s ago: executing program 4 (id=185): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x8fa, 0x0, 0x1, 0x7, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x1, 0x200000}, 0x48) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={0xffffffffffffffff, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0xa, 0x4, &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x80, &(0x7f0000000380)=[{}, {}, {}], 0x18, 0x10, &(0x7f00000003c0), &(0x7f0000000400), 0x8, 0x20, 0x8, 0x8, &(0x7f0000000440)}}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r2, 0x26, &(0x7f0000000000)) fcntl$lock(r2, 0x7, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x2}) fcntl$lock(r2, 0x6, &(0x7f0000000440)={0x0, 0x0, 0x82}) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) r4 = dup(r3) ioctl$KDFONTOP_SET_DEF(r4, 0x4b72, &(0x7f0000000400)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000000040), 0x4) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000a80)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000100850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465cbf188ef10871b81ac7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6cd87cef9000000a39c15a7ef365cc27dfeac7b9b0e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19ea2eb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc089a9813c1efa26001b3f486ebfaae85c4d0b96778478ae5355e6f923b11056969f486f80a35f7f2339704fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d0000000000000000000000004e1fa60acabcf0553910ca2e5ea499fd5889dde9261f0848a5b8af657bfc96049308e8953431b269053627a1523551c160c813969925a892d266792352ec0204596a37ce8d6d260b32239bddbce2e79f93cb5a0ad897adb53b397d07c50f84b74f2605a565ee149016aa75ea31c0087dcd821b47c8b36efc6da4fb2ea7f1f36c85856b73ac9872babc62149699b6b8c796a79d833eb4b5ca668d430db5653a2b3c5b87e17ca1"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r6, 0x18000000000002a0, 0x2f9, 0xffffca88, &(0x7f0000000040)="b90103600040f000009e0ff008001fffffe100004000632f77fb7f0200017f020001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f00000005c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x8}}, './file0\x00'}) r8 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000600)={0x0, 0x1, 0x18}, 0xc) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000006c0)={{0xffffffffffffffff, 0xffffffffffffffff}, &(0x7f0000000640), &(0x7f0000000680)='%+9llu \x00'}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0x7, &(0x7f0000000080)=@raw=[@generic={0x6, 0x5, 0xd, 0xffff, 0x4}, @map_val={0x18, 0x3, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0x1fe}, @cb_func={0x18, 0xb, 0x4, 0x0, 0x3}, @exit, @jmp={0x5, 0x0, 0x0, 0x5, 0x9, 0x30, 0xfffffffffffffffc}], &(0x7f00000000c0)='syzkaller\x00', 0xe, 0x6e, &(0x7f0000000100)=""/110, 0x41100, 0x10, '\x00', 0x0, 0x36, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x4, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x1, 0xc, 0x721bfb44, 0x1c1}, 0x10, r1, r2, 0x4, &(0x7f0000000700)=[r4, 0xffffffffffffffff, r7, r8, r9], &(0x7f0000000740)=[{0x1, 0x3, 0xe, 0x7}, {0x0, 0x2, 0x2, 0xb}, {0x4, 0x3, 0x3, 0x9}, {0x3, 0x2, 0x4, 0x5}], 0x10, 0x6}, 0x90) r10 = io_uring_setup(0x2ad5, &(0x7f00000001c0)) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r11 = io_uring_setup(0x1de0, &(0x7f0000000440)) r12 = io_uring_register$IORING_REGISTER_PERSONALITY(r11, 0x9, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r11, 0x1b, 0x20000038, r12) close(r10) ioctl$TCSETSW2(0xffffffffffffffff, 0x5425, 0x0) 8.133727731s ago: executing program 4 (id=188): bpf$MAP_CREATE(0x0, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_all\x00', 0x275a, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000001) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000003680)='sched_switch\x00', r4}, 0x10) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x5c831, 0xffffffffffffffff, 0x0) r5 = io_uring_setup(0x1693, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x20}) io_uring_register$IORING_REGISTER_BUFFERS(r5, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r5, 0x10, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)=[{0x0}], 0x0, 0x1}, 0x20) r6 = socket$packet(0x11, 0x3, 0x300) process_madvise(r0, &(0x7f0000000500)=[{&(0x7f0000000240)}, {&(0x7f0000000280)="29bd", 0x2}, {&(0x7f0000000340)="c7d171d147cda0421576d48d4766d8706503726a66cf5b61c61920747ec38c3b58f285bf6e46e2a7b4a17feeec2513539df284d7e0c91c873f9ec1f728ec127b83f6fef2d1db92cbb6a15cc362f6a5777c28b3d51bcd9a51d8233b1a57e7c77250eb380fc1c00689dc2b00a90631477fdb64b0b22cc5fe273d13050a0649530e007167a90a30eb92fcf2b1567c57826a5665bf673ba1f78a91828effbc15661d6a3cc0517ca456f5659beb10c12095447813c915c4fbe4526864cd0110c52d31f9e805269f27ee502344ce8a3fb6d87c23fe7b103be1504b4376d7d0", 0xdc}, {&(0x7f0000000440)="a8f77739b1a01879e08ebb5d1c6deb39a51ee476b424d5e78272e8b0495241215df3334db3ef1a3ff677b8ea9c7ed89dd753c9d6765632970db403d5d83d8cf4b9798aac2a2ba3c33d87a7019cb46074626392bf2146578fc12a7fe0aeeeb06c35ec21bbf3c4c5fb1063af26bf8cfc6bc4f95152b99d5633af48eb42fc630d6bc85690", 0x83}], 0x4, 0x10, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'xfrm0\x00', 0x0}) sendto$packet(r6, 0x0, 0x0, 0x8000, &(0x7f0000000140)={0x11, 0x0, r7, 0x1, 0xfc, 0x6, @multicast}, 0x14) socket$nl_route(0x10, 0x3, 0x0) syz_open_dev$video(0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) openat$sysctl(0xffffffffffffff9c, 0x0, 0x1, 0x0) getpid() 8.047039118s ago: executing program 2 (id=189): connect$inet(0xffffffffffffffff, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0xff}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000580)=[@text16={0x10, &(0x7f0000000780)="6766c744240066000000f30f01f96766c744240600000000670f011c24ba2100ecba6100ec66b8684b258a66efbafc0c66b87400000066ef0f01d6660f0d9e0a0065660fe460700f0017baf80c66b8ce395c8a66efbafc0cec0f32", 0x5b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 7.106622007s ago: executing program 1 (id=191): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$VIDIOC_ENUM_FMT(r1, 0xc0405602, &(0x7f0000000200)={0x0, 0x8, 0x0, "b904d552ac30c2bd00ea4a12178f22d916094e01a507bbf068d54f70689ff0eb"}) memfd_create(&(0x7f00000024c0)='\x9d#\x00\xe6Z\x00\xafq%\xa5\x83\xa6\xb5\x00\x83y\xf3\xb2\xe6b\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x17?&^\xe1Ob\xe1Y\xd6\xeb\x91\x83;\xeb\xf1\xd0\xe3\xe5\x19T\xff\x01\x00\x00\xe2\x9f\xd9\xae\xcf>/\x05V%$6\x9fU\x86\xbe\xcbx\x00\x00\x00\x15\x00\x00\x00\xa1\xa2\xe0g\x98\xbf*\xa2c\x12.\xb7\xbe`\'\xcb\xb6\xaf\xb2\xae\xda\xa9\xf6\x92\xaf4\xb5|W\r0{\xdc\xa0D\x93.\xf25\x957\xec\xfb\xe6|\\\xe4h\xfc\x14\x06\xb5\xaa\xe6\x05\xe4\xc3\x90\x91\x98\x15\xec\xdb\xaa\t9\x11\xb4\x84$&0\xdd\x19\x86\x90\xbe\xd7\xdc\n\xcbC\x15\xfcp\x11\xdai\f{a?\xd0\xe1{\x84\xb5\x82q\x19\xacS\x88|\x99\xfd\x9eS\x80\xcb\x14G\xfa\xff\xff\xff\xff\xff\xff\xff\xcd\xf0%\x97!\x97.A\x84\x1d\xc2\x86\x89{\xba\xe3J\xc2t\x96\xf8\xb1\xd2\x168\xbf`$\xbf\xca\xea\xa3\x83\x8e-k\x12\xdf\xb9q\xb6Pr\xd4\xb5X\\\xdbD\n\x03G\x00\x04\x00\x00\xbc\xac\x18\xba\x9d\xce\xb3%QF\x03\b\x9dh\xfd\x91\xea\xce\x06\a\xba`\t\xef{h\xb0\xc0:\x8f|\x8f\x06\xf8\x83\x87+nM\x11\x1c\xb0*8\v\x1e\xcf\x03\xd3\xe8,?\x87\x84\\/y\xed\x01#?\xab\x1c\x11\x00\xc5\x8d\x82\x9c\xd6B[\xc9\x00\xf5]\x81\xf3\xfd\x06M\xbe\xf9\xba\x9em\xe9\"\x03\x933P\xa3\xcc\x9b\f\xa7\x8f\x91O\xc9\xb9\x10M\x8b\xd0\xc0\xb8L\xbd\x1c4\xb59\x988\tgC\xbc\xe0\xc5\xf4\xe0E%\xd9\xd8w\x00k\x042Y\xdc\xc5\xe59\xa95\xd1m\xd8hCuZYi\x10D\xb9\xe6\xff\x04K%yH\xe5W\xfb\x82\xac\x19,\\D\x91T\xfd\x9c\xb8\x8b\x88\xa5\xcc\x8fI\x00\xf0\xc9%\n\xa7\xd6\x0f:\xb0\xf5?\xc3\x88\x1e\xbb-\xa6\xecA\x92\xaf\xa4Xl\v\xa5\xca\v|\xe2L\xac\x80\xc7\x15\x96fh\x83\x15\xc7\xea\xd5\xe8\x89W\x11\xd7oC\xe4\x06\xa8[O\xe6\x1d=\x87\x93\x0f\x87I\xdf\xb1\xeb\x89\x11.\x01\x00\r`\x1e8\x94\xb7\xbc\xc3\xad\xf1\x92/(A=A\x8b\xa5I\xd7\xd3#\xb0\x89\x9e5\x12\xa4\x9a\va\xdf\xf4\xea\xc6\xc7\x10g\x1d\xd5\xb0\xbb\xd2\xfc]fC\x8d\x0f\xa6q\x0f\xef\x90\xfe\x94k\xf1\x98\xfa\xbbb\xb1\x00\x99\xf7\xfd\'\xae\x906\xe0\xaa\xdbtWWH\xa4L\xb5po,\xdfN\x0f8\t\xe7X_H\xd4\xe3\xb2,oj\xac\xd7\xbd\xd0\xadW\x1f<\xd0s\xa8\x1f(\x00/ \xe4]@\xf7mA\xe8\xd1\xf4:\xb3\xeb\x81\xb9\x018\x1c\x95%o\x13\xa4\xad\xd8\xf9\xd2\x95\xa8\x81\xbe\xbc\xa6\x14_o\xfb\xdaL\xcb\xda\x9a\xec\xce\xd18&\xfbG\xa1\f\xf4\xd5u\xb0xE)j\x1b\xecL\xa1\xdc\xabUiN\xdet\xc7Q\xe6\xa4\x99-\xba\x16\xe5\xba!\xbdCI#\x03', 0x0) openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) r2 = socket(0x840000000002, 0x3, 0x100) connect$inet(r2, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB="4800000010004b0400000000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000042800128008000100677265001c00028006000e00010000000600030080000000"], 0x48}}, 0x0) 7.104885619s ago: executing program 2 (id=192): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000002c0)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000380)={0xe, 0x18, 0xfa00, @id_afonly={0x0, r1, 0x0, 0x2, 0x2}}, 0x20) (fail_nth: 2) 7.09367851s ago: executing program 4 (id=193): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bind$unix(0xffffffffffffffff, &(0x7f0000000200)=@abs, 0x6e) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000900)=[@in={0x2, 0x4e23, @loopback}, @in6={0xa, 0x0, 0x0, @loopback}], 0x2c) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c) sendto$inet6(r2, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) writev(r2, &(0x7f0000000540)=[{&(0x7f0000000500)='y', 0x8980}], 0x1) 6.163011698s ago: executing program 2 (id=195): openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) io_setup(0x3, &(0x7f00000003c0)=0x0) syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00') io_submit(r0, 0x0, &(0x7f0000000140)) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000580)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd70a5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c707647fa8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa60e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b0a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000f841b35af2e300"/3601], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r1}, 0x10) io_getevents(r0, 0x100, 0x0, &(0x7f0000000300), &(0x7f0000000340)) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) rt_sigprocmask(0x0, &(0x7f0000000480), 0x0, 0x8) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, 0x0, 0x0, 0x0, 0x0) capset(0x0, 0x0) openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz0\x00', 0x200002, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newtaction={0x48, 0x1e, 0x20, 0x0, 0x0, {}, [{0x34, 0x1, [@m_xt={0x30, 0x1, 0x0, 0x0, {{0x7}, {0x4}, {0x6, 0x6, "ef50"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2}}}}]}]}, 0x48}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3c0000001000"/20, @ANYRES32=0x0, @ANYBLOB="d9fdeaedf8578b97f39300000000000000001c001280d652152236620900010200000000000000000c000280080002"], 0x3c}}, 0x0) r2 = socket$kcm(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000000000000000800001000000018000180140002006e657464657673696d300000000000000800040000000000"], 0x34}}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) r4 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0) ioctl$SNDCTL_DSP_CHANNELS(r4, 0xc0045006, &(0x7f0000000100)=0x6) ioctl$SNDCTL_DSP_SPEED(r4, 0xc0045002, &(0x7f00000003c0)=0x4) ioctl$SNDCTL_DSP_SETFRAGMENT(r4, 0xc004500a, &(0x7f0000000040)) write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000500)={0xa00, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003b000b05d25a806c8c6394f90224fc60100005000a000200053582c137153e37000c0180fc0b10000500", 0x33fe0}], 0x1}, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001440)={0xffffffffffffffff, 0x0, 0xe, 0x0, &(0x7f0000000440)="ffcf000000000000d20f00004a5a", 0x0, 0x8, 0x0, 0xfffffffffffffee0, 0x3b, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x44) r5 = openat$smackfs_netlabel(0xffffffffffffff9c, &(0x7f0000001640), 0x2, 0x0) write$smackfs_netlabel(r5, &(0x7f0000000000)=ANY=[@ANYBLOB='-0000000000000062410.00000000000000000003.00000000000800028916.000/0000000000000003.'], 0x6f) 6.159535205s ago: executing program 1 (id=196): r0 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'sit0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000100)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=@ipv6_newnexthop={0x40, 0x68, 0x1, 0x0, 0x0, {}, [@NHA_ENCAP_TYPE={0x6, 0x7, 0x8}, @NHA_ENCAP={0x18, 0x8, 0x0, 0x1, @LWTUNNEL_IP6_DST={0x14, 0x2, @private0}}, @NHA_OIF={0x8, 0x5, r1}]}, 0x40}}, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r4 = getpid() prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r7 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$SOUND_MIXER_READ_RECSRC(r7, 0x80044dff, &(0x7f0000000180)) socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_io_uring_setup(0x16d2, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000040)=0x0, &(0x7f0000000140)=0x0) r11 = socket(0x80000000000000a, 0x2, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r11, 0xc60b, 0x0, 0x0, 0xa, 0x1}) r12 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r12, &(0x7f00000001c0)=ANY=[@ANYBLOB='/'], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r12, 0x0) syz_io_uring_submit(r9, r10, &(0x7f0000000000)=@IORING_OP_MKDIRAT={0x25, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}) io_uring_enter(r8, 0x2d7e, 0x0, 0x0, 0x0, 0x0) sendmsg$IPVS_CMD_GET_DEST(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000200)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0103000000000000000008000000140001800800050000001100040001"], 0x28}}, 0x0) 5.745986883s ago: executing program 3 (id=197): socket$kcm(0x10, 0x0, 0x0) (async) socket$kcm(0x10, 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) (async) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c) (async) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000580)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB="54010000100000000000000000000000ac1414bb000000000000000000000000e0000001", @ANYBLOB="ac1414000000000000000000000000000000000000000000fe8000000000000000000000000000aa000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000048000200656362286369706865725f6e756c6c290000000000000000000000000000000000000000000000000000000000000000000000001c"], 0x154}}, 0x0) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000540), 0x3c) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r2, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c) (async) connect$inet6(r2, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f0000000040), 0x4) setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f00000000c0)=@gcm_128={{}, "0ebf7092ad673ffb", "9e0d86b216b0b852c3d1189681c87e55", "650fd85f", "8efb21bdde8f46e5"}, 0x28) setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x11a, 0x2, &(0x7f0000000b80)=@gcm_256={{0x303}, "76f7bc3e4ae1c84c", "af193cff4810ba5ac120d096eb00b40752095b429e514ca312c52e3a08756735", "5d362ced", "bc3a20b10f4ad11e"}, 0x38) close(r2) (async) close(r2) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000140)=@ccm_128={{0x304}, "8e44c05dfd57e5b3", "591f44ef0756020a9e1d86882c0348a6", "a29f817c", "51eb071129f5da07"}, 0x28) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r6, @ANYBLOB="1f003300d000000008021100000108021100000050505050505000001502", @ANYRES8=r4], 0x3c}}, 0x0) (async) sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r6, @ANYBLOB="1f003300d000000008021100000108021100000050505050505000001502", @ANYRES8=r4], 0x3c}}, 0x0) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, 0x0, 0x0) (async) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0xa02000000000000, 0x60, &(0x7f0000000000)={'filter\x00', 0x2, 0x4, 0x400, 0x210, 0x0, 0x0, 0x318, 0x318, 0x318, 0x7fffffe, 0x0, {[{{@arp={@remote, @remote, 0x0, 0x0, 0x0, 0x0, {@mac=@local}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_macvtap\x00', 'veth1_to_hsr\x00'}, 0xc0, 0x108, 0x71000000, {0x15b}}, @unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00'}}}, {{@uncond, 0xc0, 0x108}, @unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00'}}}, {{@uncond, 0xc0, 0x108}, @unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x0, 'syz0\x00'}}}], {{'\x00', 0xc0, 0xe8, 0x0, {0x1d000000}}, {0x28}}}}, 0x450) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) (async) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) dup(r9) (async) r10 = dup(r9) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r10, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_MSRS(r10, 0x4008ae89, &(0x7f0000000240)=ANY=[@ANYBLOB="01000000000000008504"]) sendmsg$NL80211_CMD_GET_MPATH(r3, &(0x7f0000000500)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000004c0)={&(0x7f0000000640)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="00032cbd7000ffdbdf25150000000c009900030000002b0000000a001a0008021100000000000a00060008021100000100000a001a0008021100000000000a000600ffffffffffff00000a000600ffffffffffff0000"], 0x5c}, 0x1, 0x0, 0x0, 0x4004}, 0x4048000) 5.151096653s ago: executing program 0 (id=198): munmap(&(0x7f0000002000/0x1000)=nil, 0x1000) chdir(&(0x7f0000000540)='./cgroup\x00') r0 = open(&(0x7f0000000180)='.\x00', 0x0, 0x0) getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8) (fail_nth: 2) 5.042553453s ago: executing program 2 (id=199): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x8fa, 0x0, 0x1, 0x7, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x1, 0x200000}, 0x48) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={0xffffffffffffffff, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0xa, 0x4, &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x80, &(0x7f0000000380)=[{}, {}, {}], 0x18, 0x10, &(0x7f00000003c0), &(0x7f0000000400), 0x8, 0x20, 0x8, 0x8, &(0x7f0000000440)}}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r2, 0x26, &(0x7f0000000000)) fcntl$lock(r2, 0x7, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x2}) fcntl$lock(r2, 0x6, &(0x7f0000000440)={0x0, 0x0, 0x82}) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) r4 = dup(r3) ioctl$KDFONTOP_SET_DEF(r4, 0x4b72, &(0x7f0000000400)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000000040), 0x4) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000a80)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000100850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465cbf188ef10871b81ac7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6cd87cef9000000a39c15a7ef365cc27dfeac7b9b0e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19ea2eb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc089a9813c1efa26001b3f486ebfaae85c4d0b96778478ae5355e6f923b11056969f486f80a35f7f2339704fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d0000000000000000000000004e1fa60acabcf0553910ca2e5ea499fd5889dde9261f0848a5b8af657bfc96049308e8953431b269053627a1523551c160c813969925a892d266792352ec0204596a37ce8d6d260b32239bddbce2e79f93cb5a0ad897adb53b397d07c50f84b74f2605a565ee149016aa75ea31c0087dcd821b47c8b36efc6da4fb2ea7f1f36c85856b73ac9872babc62149699b6b8c796a79d833eb4b5ca668d430db5653a2b3c5b87e17ca1"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r6, 0x18000000000002a0, 0x2f9, 0xffffca88, &(0x7f0000000040)="b90103600040f000009e0ff008001fffffe100004000632f77fb7f0200017f020001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f00000005c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x8}}, './file0\x00'}) r8 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000600)={0x0, 0x1, 0x18}, 0xc) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000006c0)={{0xffffffffffffffff, 0xffffffffffffffff}, &(0x7f0000000640), &(0x7f0000000680)='%+9llu \x00'}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0x7, &(0x7f0000000080)=@raw=[@generic={0x6, 0x5, 0xd, 0xffff, 0x4}, @map_val={0x18, 0x3, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0x1fe}, @cb_func={0x18, 0xb, 0x4, 0x0, 0x3}, @exit, @jmp={0x5, 0x0, 0x0, 0x5, 0x9, 0x30, 0xfffffffffffffffc}], &(0x7f00000000c0)='syzkaller\x00', 0xe, 0x6e, &(0x7f0000000100)=""/110, 0x41100, 0x10, '\x00', 0x0, 0x36, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x4, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x1, 0xc, 0x721bfb44, 0x1c1}, 0x10, r1, r2, 0x4, &(0x7f0000000700)=[r4, 0xffffffffffffffff, r7, r8, r9], &(0x7f0000000740)=[{0x1, 0x3, 0xe, 0x7}, {0x0, 0x2, 0x2, 0xb}, {0x4, 0x3, 0x3, 0x9}, {0x3, 0x2, 0x4, 0x5}], 0x10, 0x6}, 0x90) r10 = io_uring_setup(0x2ad5, &(0x7f00000001c0)) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r11 = io_uring_setup(0x1de0, &(0x7f0000000440)) r12 = io_uring_register$IORING_REGISTER_PERSONALITY(r11, 0x9, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r11, 0x1b, 0x20000038, r12) close(r10) ioctl$TCSETSW2(0xffffffffffffffff, 0x5425, 0x0) 4.732007736s ago: executing program 3 (id=200): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = dup(r0) ioctl$DRM_IOCTL_ADD_CTX(r1, 0xc0086420, 0x0) 4.636082748s ago: executing program 0 (id=201): connect$inet6(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10) socket$netlink(0x10, 0x3, 0x0) bind$tipc(0xffffffffffffffff, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x41, 0x0, 0x7}}, 0x10) r4 = syz_io_uring_setup(0x10d, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x4}, &(0x7f0000000240)=0x0, &(0x7f0000000140)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0}) io_uring_enter(r4, 0x47f5, 0x0, 0x0, 0x0, 0x0) 4.588366242s ago: executing program 3 (id=202): mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x10, 0xffffffffffffffff, 0x0) ioprio_set$uid(0x3, 0x0, 0x6400) dup(0xffffffffffffffff) mkdirat(0xffffffffffffffff, 0x0, 0x20) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x0, 0x0, 0x0, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000240)='GPL\x00', 0xc47a, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) socket(0x0, 0x0, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) mkdir(&(0x7f0000000740)='./file0\x00', 0x0) add_key$fscrypt_v1(0x0, 0x0, &(0x7f00000001c0)={0x0, "28d7b07d54891881fe02c1203fe49696b9f26f2da4149683f065714f8a61d1f32c99064bbd27b2aa77459cff33a3a98350f1af9d51ed5bef3d63520d260804d0"}, 0x48, 0xfffffffffffffffd) setsockopt$ARPT_SO_SET_REPLACE(r3, 0x0, 0x60, &(0x7f0000000500)={'filter\x00', 0x4, 0x4, 0x400, 0x0, 0x210, 0x108, 0x318, 0x318, 0x318, 0x7fffffe, 0x0, {[{{@arp={@initdev={0xac, 0x1e, 0x0, 0x0}, @loopback, 0x0, 0x0, 0x0, 0x0, {@mac=@link_local}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'netpci0\x00', 'pimreg0\x00'}, 0xc0, 0x108, 0x0, {0x3ed}}, @unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x7fff, 'syz0\x00'}}}, {{@arp={@rand_addr, @loopback, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'gretap0\x00', 'bridge_slave_0\x00'}, 0xc0, 0x108}, @unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz1\x00'}}}, {{@arp={@remote, @broadcast, 0x0, 0x0, 0x0, 0x0, {}, {@mac}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_to_bridge\x00', 'lo\x00'}, 0xc0, 0x108}, @unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x8400, 'syz0\x00'}}}], {{'\x00', 0xc0, 0xe8}, {0x28, '\x00', 0x2}}}}, 0x450) openat$binder_debug(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r4 = syz_open_dev$sndpcmc(&(0x7f0000000a00), 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_STATUS64(r4, 0x80984120, &(0x7f0000000a40)) socket$inet_smc(0x2b, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f00000001c0)=0x7) getpid() 3.759496553s ago: executing program 2 (id=203): bpf$MAP_CREATE(0x0, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_all\x00', 0x275a, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000001) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000003680)='sched_switch\x00', r4}, 0x10) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x5c831, 0xffffffffffffffff, 0x0) r5 = io_uring_setup(0x1693, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x20}) io_uring_register$IORING_REGISTER_BUFFERS(r5, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r5, 0x10, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)=[{0x0}], 0x0, 0x1}, 0x20) r6 = socket$packet(0x11, 0x3, 0x300) process_madvise(r0, &(0x7f0000000500)=[{&(0x7f0000000240)}, {&(0x7f0000000280)="29bd", 0x2}, {&(0x7f0000000340)="c7d171d147cda0421576d48d4766d8706503726a66cf5b61c61920747ec38c3b58f285bf6e46e2a7b4a17feeec2513539df284d7e0c91c873f9ec1f728ec127b83f6fef2d1db92cbb6a15cc362f6a5777c28b3d51bcd9a51d8233b1a57e7c77250eb380fc1c00689dc2b00a90631477fdb64b0b22cc5fe273d13050a0649530e007167a90a30eb92fcf2b1567c57826a5665bf673ba1f78a91828effbc15661d6a3cc0517ca456f5659beb10c12095447813c915c4fbe4526864cd0110c52d31f9e805269f27ee502344ce8a3fb6d87c23fe7b103be1504b4376d7d0", 0xdc}, {&(0x7f0000000440)="a8f77739b1a01879e08ebb5d1c6deb39a51ee476b424d5e78272e8b0495241215df3334db3ef1a3ff677b8ea9c7ed89dd753c9d6765632970db403d5d83d8cf4b9798aac2a2ba3c33d87a7019cb46074626392bf2146578fc12a7fe0aeeeb06c35ec21bbf3c4c5fb1063af26bf8cfc6bc4f95152b99d5633af48eb42fc630d6bc85690", 0x83}], 0x4, 0x10, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'xfrm0\x00', 0x0}) sendto$packet(r6, 0x0, 0x0, 0x8000, &(0x7f0000000140)={0x11, 0x0, r7, 0x1, 0xfc, 0x6, @multicast}, 0x14) socket$nl_route(0x10, 0x3, 0x0) syz_open_dev$video(0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) openat$sysctl(0xffffffffffffff9c, 0x0, 0x1, 0x0) getpid() 3.686406536s ago: executing program 0 (id=204): landlock_restrict_self(0xffffffffffffffff, 0x0) landlock_restrict_self(0xffffffffffffffff, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r0, &(0x7f0000000040)='T', 0x1, 0x0, &(0x7f0000000280)={0xa, 0x0, 0x0, @dev, 0x1}, 0x1c) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000040)=@allocspi={0xf8, 0x16, 0x1, 0x0, 0x0, {{{@in, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x33}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0xa}, 0x5, 0x5}}, 0xf8}}, 0x0) 2.785345637s ago: executing program 3 (id=205): openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8f}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000380)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) fcntl$setown(r0, 0x8, r1) socket(0x0, 0x1, 0x0) syz_io_uring_setup(0x360b, &(0x7f0000001040), &(0x7f0000000340), 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e21, @local}, 0x10) openat$audio1(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) r4 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x5c928c36, 0x2) ioctl$vim2m_VIDIOC_STREAMOFF(r4, 0x40045612, &(0x7f0000000240)=0x2) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) chdir(&(0x7f00000003c0)='./bus\x00') r5 = creat(&(0x7f0000000000)='./file0\x00', 0x0) write$binfmt_script(r5, &(0x7f0000000180), 0xb) 2.457760619s ago: executing program 0 (id=206): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$VIDIOC_ENUM_FMT(r1, 0xc0405602, &(0x7f0000000200)={0x0, 0x8, 0x0, "b904d552ac30c2bd00ea4a12178f22d916094e01a507bbf068d54f70689ff0eb"}) memfd_create(&(0x7f00000024c0)='\x9d#\x00\xe6Z\x00\xafq%\xa5\x83\xa6\xb5\x00\x83y\xf3\xb2\xe6b\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x17?&^\xe1Ob\xe1Y\xd6\xeb\x91\x83;\xeb\xf1\xd0\xe3\xe5\x19T\xff\x01\x00\x00\xe2\x9f\xd9\xae\xcf>/\x05V%$6\x9fU\x86\xbe\xcbx\x00\x00\x00\x15\x00\x00\x00\xa1\xa2\xe0g\x98\xbf*\xa2c\x12.\xb7\xbe`\'\xcb\xb6\xaf\xb2\xae\xda\xa9\xf6\x92\xaf4\xb5|W\r0{\xdc\xa0D\x93.\xf25\x957\xec\xfb\xe6|\\\xe4h\xfc\x14\x06\xb5\xaa\xe6\x05\xe4\xc3\x90\x91\x98\x15\xec\xdb\xaa\t9\x11\xb4\x84$&0\xdd\x19\x86\x90\xbe\xd7\xdc\n\xcbC\x15\xfcp\x11\xdai\f{a?\xd0\xe1{\x84\xb5\x82q\x19\xacS\x88|\x99\xfd\x9eS\x80\xcb\x14G\xfa\xff\xff\xff\xff\xff\xff\xff\xcd\xf0%\x97!\x97.A\x84\x1d\xc2\x86\x89{\xba\xe3J\xc2t\x96\xf8\xb1\xd2\x168\xbf`$\xbf\xca\xea\xa3\x83\x8e-k\x12\xdf\xb9q\xb6Pr\xd4\xb5X\\\xdbD\n\x03G\x00\x04\x00\x00\xbc\xac\x18\xba\x9d\xce\xb3%QF\x03\b\x9dh\xfd\x91\xea\xce\x06\a\xba`\t\xef{h\xb0\xc0:\x8f|\x8f\x06\xf8\x83\x87+nM\x11\x1c\xb0*8\v\x1e\xcf\x03\xd3\xe8,?\x87\x84\\/y\xed\x01#?\xab\x1c\x11\x00\xc5\x8d\x82\x9c\xd6B[\xc9\x00\xf5]\x81\xf3\xfd\x06M\xbe\xf9\xba\x9em\xe9\"\x03\x933P\xa3\xcc\x9b\f\xa7\x8f\x91O\xc9\xb9\x10M\x8b\xd0\xc0\xb8L\xbd\x1c4\xb59\x988\tgC\xbc\xe0\xc5\xf4\xe0E%\xd9\xd8w\x00k\x042Y\xdc\xc5\xe59\xa95\xd1m\xd8hCuZYi\x10D\xb9\xe6\xff\x04K%yH\xe5W\xfb\x82\xac\x19,\\D\x91T\xfd\x9c\xb8\x8b\x88\xa5\xcc\x8fI\x00\xf0\xc9%\n\xa7\xd6\x0f:\xb0\xf5?\xc3\x88\x1e\xbb-\xa6\xecA\x92\xaf\xa4Xl\v\xa5\xca\v|\xe2L\xac\x80\xc7\x15\x96fh\x83\x15\xc7\xea\xd5\xe8\x89W\x11\xd7oC\xe4\x06\xa8[O\xe6\x1d=\x87\x93\x0f\x87I\xdf\xb1\xeb\x89\x11.\x01\x00\r`\x1e8\x94\xb7\xbc\xc3\xad\xf1\x92/(A=A\x8b\xa5I\xd7\xd3#\xb0\x89\x9e5\x12\xa4\x9a\va\xdf\xf4\xea\xc6\xc7\x10g\x1d\xd5\xb0\xbb\xd2\xfc]fC\x8d\x0f\xa6q\x0f\xef\x90\xfe\x94k\xf1\x98\xfa\xbbb\xb1\x00\x99\xf7\xfd\'\xae\x906\xe0\xaa\xdbtWWH\xa4L\xb5po,\xdfN\x0f8\t\xe7X_H\xd4\xe3\xb2,oj\xac\xd7\xbd\xd0\xadW\x1f<\xd0s\xa8\x1f(\x00/ \xe4]@\xf7mA\xe8\xd1\xf4:\xb3\xeb\x81\xb9\x018\x1c\x95%o\x13\xa4\xad\xd8\xf9\xd2\x95\xa8\x81\xbe\xbc\xa6\x14_o\xfb\xdaL\xcb\xda\x9a\xec\xce\xd18&\xfbG\xa1\f\xf4\xd5u\xb0xE)j\x1b\xecL\xa1\xdc\xabUiN\xdet\xc7Q\xe6\xa4\x99-\xba\x16\xe5\xba!\xbdCI#\x03', 0x0) openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) r2 = socket(0x840000000002, 0x3, 0x100) connect$inet(r2, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB="4800000010004b0400000000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000042800128008000100677265001c00028006000e00010000000600030080000000"], 0x48}}, 0x0) 2.45667628s ago: executing program 2 (id=207): socket$packet(0x11, 0x2, 0x300) socket$inet6(0xa, 0x4, 0x0) openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) utimensat(0xffffffffffffff9c, 0x0, &(0x7f0000000080)={{}, {0x0, 0xfffffffffffffffe}}, 0x84fbc4cbec5461f8) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0x2, 0x4}, 0x48) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f00000006c0)={&(0x7f0000000580)=""/241, 0x210000, 0x0, 0x5, 0x1}, 0x20) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0) r2 = dup(0xffffffffffffffff) r3 = creat(&(0x7f0000000300)='./file1\x00', 0x0) r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r4, 0xaf01, 0x0) r5 = eventfd(0x0) ioctl$VHOST_SET_VRING_BASE(r3, 0x4008af12, &(0x7f0000000200)={0x1, 0x7b}) ioctl$VHOST_SET_LOG_FD(r4, 0x4004af07, &(0x7f0000000240)=r5) ioctl$VHOST_SET_VRING_KICK(r4, 0x4008af20, &(0x7f0000000740)={0x3, r3}) ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f00000001c0)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/71, 0x0}) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r6, &(0x7f0000015640)=""/102400, 0x19000) ioctl$VHOST_SET_MEM_TABLE(r4, 0x4008af03, &(0x7f0000000680)) ioctl$VHOST_VSOCK_SET_RUNNING(r4, 0x4004af61, &(0x7f0000000000)=0x1) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r2, 0x0) write$binfmt_script(r2, &(0x7f0000000280)={'#! ', './file0/file0', [{0x20, '/\xf4'}, {0x20, 'Q\x84\xf6ui\xfa\xf5\x16i\x859o\xe5\x13\xd5gV\x04\x00\x98\xb0\bQ+\xe2G\xa1\x1e\x01\xa9\xd6w\xdf\xa6\x9d\xcc<\x86\xfd\x18\x99\x19\xed\xc2\xdc\xf4\xbdV\xfeF)T\xb6\xc6\v`\xbf\xec2\xf5\x12R\xa1\x18\x9a<\x8fx\xf4\xcc\x18\xfc\xdb\x0e\xe7\xde^\x88vN\xe0\xe4P\x1dj\xd6&7\x7f\xe82\x92w\x12\t\xff\x19$\x93\xd5\xa4\xe2}\x9aA9p\xffk0\x8c\xc3\xae[n1\xb4\xd7\xe6\xa4\xc2\x86M\x83\x1d\xd7\x84\xa4\x85n(\xd3\x95\x82\xe0\xff\x89=\xe6\xceM\x12'}, {0x20, '/dev/nullb0\x00'}, {0x20, '\x9e\xc8\xb2\x17\xa1;\x85\x1e\xa3'}, {0x20, '+{[{#'}, {0x20, '\t\x00\x00\x00\x00\x00\x00\x00\xb2%}\x88\xd0\xfd\xa3\xf7i\x00!\x00J\xd1\xa7\xb1\xb1\xae\x1b\xb4\xf2\x985\xe6M5Px\xbe\x00'/47}, {}, {0x20, '\xfe]\xe9a<$\x01)\xa3\x03D%\x06\xf9}iv\xfc\xe0\xc7s\xc1\xa5c\xa4\xfd\xb8\xea\xe5\x9a\x82w\xc6\\]\x8cB\xfb\xea\xbd\xe3\x8c@\x8aqX\xcd\xf5?\xe6\xa2z\xbdPF_\x01K5\xbf\xc0\x83=\xa9]S\xe2`\x02j;\xce\x8a\x9fY\xdc\x90L\x1f\x9cS\x83\xb4\xc3\xfb\xe9$\x80\xbd\x85\x8bu-a\x9a\xb3\xb0{\xed\xcc\xdd\xeeG\xeb\x98\xb2\xfa\xc8\xa1\x04\xd5N\x9f\xda\x95\xf8\x8c\x92v\xf3\xf6I\xeb6\xe9`\xcbt\x0f`\xb3dl\x0f\x8e\x93\x10\x97n@\xc4\xcb\xc6\x80\x17O\x8dM#x\xe2\xe9T\xda\x1d\xe6\xb1\x1b\x06\x89\x94Q\xcb\x8f\x92N\xade\xf9l\xca\x81\xd3\xd1\x84`6\xed\x98\x9a\x90:\x13\xdb\x8f\x87\xd6\xe8w\xfdb\x17}\x14*z\x98\xb3\x96\x9dW\xa7\x81\x0e\x11Q3\xc2\xbfx\x94\xbb\x13\x9b\xd2\xec/\xfac^\xa2\x8e8\xbeM\x11\xcb\x89P\xba\xd9E}\xe4\xa7M~?\xbdiMh\xce\xb2\b\x9d\xf0\xbd\xc5\xa7=A\xc9\xf6\x9c\\\x9c\xf0\xaa=\xb7\x83\x80\x10.%\t\xed\xb6\xacP\"\a\xc6\x8a\xf6GB\xd2a\x83\xa4\xa4\x1bRO\x1a\xe2N\xe6\xc8\xf2Cm\xb0\xe7\xeb\xcf\xc3\xba\xbd\xf4\xde\x8aZ@\xcd\xc9\xcbLJi8\x04q+\xf9x\xeas\xb2\xa1D\xd5\xc7\xfa\x919\x93_\xc7/:R2\xc5\xc0\xb4\"\x85\xe8THI$\xe5\xac\xb7\x13\xb2\xa5\x93\xbf\x83g5.\xb9\xd0\x89\xef\x8f\r\xa2\xfe\x90\x1b\xc8['}]}, 0x263) ioctl$BLKRRPART(r2, 0x125f, 0x0) 1.213173855s ago: executing program 3 (id=208): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x4000008100008f}, 0x0) sched_setscheduler(0x0, 0x0, &(0x7f0000000080)) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0) r2 = socket(0x3e, 0x2, 0x100) setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000280)={0x3}, 0x10) r3 = syz_open_dev$vim2m(&(0x7f0000000100), 0x9aa3, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r3, 0xc100565c, &(0x7f0000000440)={0x0, 0x3, 0x4, {0x13eaae128419b319, @sdr={0x31435750, 0x80000001}}, 0x1ff}) sendmsg$nl_generic(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="200000001200010a00c4485f1fb091ae92b0"], 0x26}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x0, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], 0x0}, 0x90) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000400), r4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(0x0, r7, 0x0) bind$inet6(r5, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c) listen(r1, 0x200) syz_emit_ethernet(0x1e, &(0x7f0000000540)={@local, @remote, @void, {@can={0xc, {{0x2, 0x1, 0x0, 0x1}, 0x7, 0x1, 0x0, 0x0, "5e7ceede238d92d4"}}}}, 0x0) r8 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r8, &(0x7f0000000000)=[{&(0x7f0000000100)="58000000140019234083feff040d8c560a06580200ff0000000000000020ffff00000000000064009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100070c100000000200ffffffff", 0x58}], 0x1) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x12, 0xffffffffffffffff, 0x0) ftruncate(0xffffffffffffffff, 0xc17a) 1.10764134s ago: executing program 4 (id=209): openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) io_setup(0x3, &(0x7f00000003c0)=0x0) syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00') io_submit(r0, 0x0, &(0x7f0000000140)) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000580)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd70a5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c707647fa8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa60e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b0a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000f841b35af2e300"/3601], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r1}, 0x10) io_getevents(r0, 0x100, 0x0, &(0x7f0000000300), &(0x7f0000000340)) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) rt_sigprocmask(0x0, &(0x7f0000000480), 0x0, 0x8) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, 0x0, 0x0, 0x0, 0x0) capset(0x0, 0x0) openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz0\x00', 0x200002, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newtaction={0x48, 0x1e, 0x20, 0x0, 0x0, {}, [{0x34, 0x1, [@m_xt={0x30, 0x1, 0x0, 0x0, {{0x7}, {0x4}, {0x6, 0x6, "ef50"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2}}}}]}]}, 0x48}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3c0000001000"/20, @ANYRES32=0x0, @ANYBLOB="d9fdeaedf8578b97f39300000000000000001c001280d652152236620900010200000000000000000c000280080002"], 0x3c}}, 0x0) r2 = socket$kcm(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000000000000000800001000000018000180140002006e657464657673696d300000000000000800040000000000"], 0x34}}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) r4 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0) ioctl$SNDCTL_DSP_CHANNELS(r4, 0xc0045006, &(0x7f0000000100)=0x6) ioctl$SNDCTL_DSP_SPEED(r4, 0xc0045002, &(0x7f00000003c0)=0x4) ioctl$SNDCTL_DSP_SETFRAGMENT(r4, 0xc004500a, &(0x7f0000000040)) write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000500)={0xa00, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003b000b05d25a806c8c6394f90224fc60100005000a000200053582c137153e37000c0180fc0b10000500", 0x33fe0}], 0x1}, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001440)={0xffffffffffffffff, 0x0, 0xe, 0x0, &(0x7f0000000440)="ffcf000000000000d20f00004a5a", 0x0, 0x8, 0x0, 0xfffffffffffffee0, 0x3b, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x44) r5 = openat$smackfs_netlabel(0xffffffffffffff9c, &(0x7f0000001640), 0x2, 0x0) write$smackfs_netlabel(r5, &(0x7f0000000000)=ANY=[@ANYBLOB='-0000000000000062410.00000000000000000003.00000000000800028916.000/0000000000000003.'], 0x6f) 723.746437ms ago: executing program 3 (id=210): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000280)={0x0, &(0x7f0000000480)}) open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89001) prlimit64(0x0, 0xe, &(0x7f0000000140), 0x0) sched_setscheduler(0x0, 0x0, &(0x7f0000000240)) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) ioctl$SNDCTL_DSP_SETFMT(0xffffffffffffffff, 0xc0045005, &(0x7f0000000000)) io_uring_setup(0x3253, &(0x7f0000000580)={0x0, 0x0, 0x20, 0x203, 0x10000001, 0x0, r0}) fcntl$lock(0xffffffffffffffff, 0x25, 0x0) syz_emit_ethernet(0x46, &(0x7f0000000380)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd6064cdd800100000fe0000000000007bae020000c0bd0000000000000000060000000000000000001f00c2"], 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0) r1 = syz_open_dev$vbi(&(0x7f0000000000), 0x3, 0x2) write(r1, &(0x7f0000000040), 0x0) ioctl$VIDIOC_S_CTRL(r1, 0xc008561c, &(0x7f0000000080)={0xf0f046}) write(r1, &(0x7f0000000600)="1c00000016009b8a140000003b9b301fd6df191cdc826569f2a3000000006752a10000005bc0ebbfff0768a84fe46e6e0b793da68cf4489fcfde557647cf24e362623aa9b0fa73485894224ac5c4c8fb78c1711416fb0775d3c3a977314d970dfc6623a48633a458cdebc4aa9ef8446c6f470487313afb16aaebb592cd52fc511b816a2ca68257731145687e6b537cab482ae646b28521a9e8460470a2ba2f68808fcbd3f2575eae548c5c4183155a40708722ed655d37acf9133c090f4a5dbfd470d65cda2a191945a6c3584cea4e8baeb0c6a241b7663a74b1b6e55c5dcd07ba2bcea3e83489cb41e000483298fdc1d1c0ce89d8a3aea4905aa875c8b614e2c403ce9c439e8057423e3c00"/279, 0x5195656059eb066d) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000240)={@cgroup=r2, 0xffffffffffffffff, 0x2b, 0x0, 0x4000}, 0x10) fcntl$lock(0xffffffffffffffff, 0x0, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f00000004c0)='./binderfs2/custom0\x00', 0x0, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x1, 0x2, 0x3a0, 0x5}, 0x48) bpf$MAP_GET_NEXT_KEY(0x15, &(0x7f0000000200)={r3, &(0x7f0000000240), &(0x7f0000000840)=""/238}, 0x20) bind$inet6(0xffffffffffffffff, &(0x7f0000000440)={0xa, 0x4e22, 0x0, @private2={0xfc, 0x2, '\x00', 0x1}, 0x2}, 0xfc26) socket$qrtr(0x2a, 0x2, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="280000000203010400000000ffffffff000000000800010001"], 0x28}, 0x1, 0x0, 0x0, 0x40}, 0x0) 473.262158ms ago: executing program 0 (id=211): r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) add_key(&(0x7f0000001180)='big_key\x00', 0x0, &(0x7f00000011c0)="3d571a1c96a84dfecfcc602f01a5f9ff27e61409f13994f08022396fc51056aa9660263c0c2adc31f81fa47b1aadbdfa329c334fbb04b295c9ddef20cedaac6d2c7634eb18f462ff6ff7cf5450d7c9377fdbd3fffff0967647328cbdad7cf43f386d246f20b1d8fc77932aa78a65f8dd299af07dccd11a2baacf5236ecaa369914cd51fb14450381b74eafb98e0141c2137699303fdb0d22afa144185942cd546c1b1a96f7d206e410083621747a4b203d0b785a68a4a99c218c75c32b159dc01df7be69fc76a7b0c148ee2fec0639891bed299bcd76f46c36ff916d12dcd93ee936ac365b7cd4c138bc04f0e309c65cd6a453fba30360d85fd2720330742a8787305112f4f6469bc44ac92130f0290927fc36a02f46c1e0fe313b0223632915e3b8e77e5cfddffdbec1445fc9cea5d70bbc504e27651531b7e06dfff0d5ef2a713f1f781702c4bd0a40f5fa1fab9260f5a1c5be3344b9298fd24699ca9a151a6f12f713ebf3f73d2cb51c82b472487ca7a19d887105182a8f76075b23846c036d9ea4b98008af9d6c897eee727e4a2dcd6f06c6b04bab46b7a5e3dd4ab0bd07aad752da4d4601f572a74fff97c8e4f5e4c3c9550515ae8fddc5eac678d9d1f4dd813eca0fc645044d6c806b02faec229b5b011a18c5c8b0aea7e180ac1ef2eb7c4a3a19f9d67d951798b6ad0720cea25e588c0c2da52527825d598385377b9407579a086170240f308b088d7302b5c66b474faf0cbd91d6c475fae8ce9ba1e62119784ee7afa8e6d26990cf28e918ae768f75613a9d6dd4c77e2442d5c47f3cc828dbfe41b0c45a47f5e71c50ceddedf31857f9e9115f1a461fe643eaa22ad0b810be5b66804389f5ef02473ec39a3c01841ce84d7fe477606624e1920b1cdfddcedeaab24d36114933f22208e07e9f9fa0ee5fbd329e787b5ca94dc81fec77a4025a1ebb124a1b3e87f934b414e73ce27dd751cae3bc4827fe65fc7b8b071d630932e907dd122623076c742b70b7fa8fcefe0b9c29f2efd49fa36c15389301f0ed5616601c4680fe5e606f81eee10561167a79f506f82d365cb110efd4753bbe78ee84df338a362fb87fcdfed158b9a080b202ad0b0c469ca64f33a211c3d2bd2ab14b26b36e531fb3a4e7ef0724bdd34bb545c4dc1bdee564d7a2ab012801e423c5d1dd0f5fa690cb6f084c9b2156e11b237e02a189242db9f917907b55641e452b4bf030ac23651041163413ab52ccefb0eda2286141ba31f226ab68d97df5e80379e62d7ca239a5c5eeb037e3289b2e1d0510c77fedf1b733e2f7f80bf0debf18056182f0a9b87056c9f95b80e11869c08d63743cd9ee8520c3cfca2f574fd991c245c221e9fd43801a6fc408afbe0191a3ee1f08a19c2a628ff99873249933877f134bc75e78528d15eb60666170f6b306610c63fd25e23cab203ef58bddb4f0c8bff6fb6ad4865b48d8d4ca5afe87cef3998ec367fb197ff7a7cfc6353ade4ac2c9f20f59b21d11512d8e345f2dbf45ca11ee641dfa00335106e2f2a1070d65ae1b417233779b11dec37aa48659712ff2760336e104e94ff43fc73028ae7b2485ee26b1b9af36466d1a4541c1ac6df53709820670995ff80fb1d6facc6c443d989c4a0f34ab4a001a10c3174f0d6a493e17530144215ee79ab33073ab50762c5fb5d422c6e3d9d384b1d4e5fe0935b80217c09c36c99fb4406b232b38f1d7c5270da6fd32c8f1cc5e87690630db6bc2de422a39814f222512268ca3e67e9dab43f1243151d58e4c6b70773713c5879345b1b2c342bb229f5634d7d70a63ca156e19ab27a2851e17f0c0077ad809b506bbac7b3f23693a83d7d4e0f12e633070d5d1acb4e66e678eab685fca550438eae7ebbbe1e3f8568a278ac190244c83d5a6e7576e637b5b70b43fe7e754b882865ab5146ea88f29ab01b338b562ff48f60f260039669983b74dc69780d0a9617dd190fb6d4e5fff69e97ede18ffeb5db91beb77d525233e46e816d693cd18218a0174b829f49882edac1c38c4fb73d23b274d76f9921090663336d48654c674f52e003ff85080dcf164ff07390444", 0x5c1, r0) (fail_nth: 2) 430.823184ms ago: executing program 1 (id=212): openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15) getrandom(&(0x7f0000000040)=""/25, 0x21, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000007c0), r0) sendmsg$BATADV_CMD_GET_HARDIF(0xffffffffffffffff, &(0x7f00000008c0)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000840)={&(0x7f0000000800)={0x34, r1, 0x200, 0x70bd2d, 0x25dfdbfe, {}, [@BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x2}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x2}]}, 0x34}, 0x1, 0x0, 0x0, 0x1}, 0x40) setxattr$trusted_overlay_opaque(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), &(0x7f0000000340), 0x2, 0x1) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$TIPC_NL_LINK_GET(r0, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="00042dbd7000ffdbdf2508000000140000570700"/34], 0x28}}, 0x4041080) syz_genetlink_get_family_id$team(&(0x7f0000000280), r0) r3 = socket(0x2, 0x80805, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r6, 0x4008ae90, &(0x7f0000000000)=ANY=[@ANYBLOB="010000000000000001"]) r7 = dup(r6) ioctl$KVM_SET_VCPU_EVENTS(r7, 0x4400ae8f, &(0x7f0000000040)) r8 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r8, &(0x7f0000000280)={0xa, 0x4e23, 0x0, @remote, 0x800}, 0x1c) sendto$inet6(r8, &(0x7f00000002c0)="9e", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_RECVNXTINFO(r8, 0x84, 0x21, 0x0, 0x0) listen(r3, 0x5) sendmmsg(r3, &(0x7f0000000c80)=[{{&(0x7f0000000900)=@l2tp={0x2, 0x0, @remote, 0x1}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=']', 0x1}], 0x1}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="2000b9bce65c230a8e7b9cea17000510"], 0x20}}], 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000000040), 0xffffffffffffffff) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r3, 0x84009422, &(0x7f0000000380)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct}}) 0s ago: executing program 0 (id=213): mkdir(&(0x7f00000020c0)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f00000003c0)='./bus\x00') pwrite64(0xffffffffffffffff, &(0x7f0000000000)='2', 0x1, 0xfed2) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.157' (ED25519) to the list of known hosts. [ 53.159669][ T5201] cgroup: Unknown subsys name 'net' [ 53.336091][ T5201] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 54.670067][ T5201] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 58.669898][ T5223] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 58.678712][ T5223] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 58.682990][ T5224] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 58.688293][ T5223] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 58.701329][ T5223] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 58.709072][ T5223] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 58.709143][ T5224] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 58.717172][ T5223] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 58.732923][ T5223] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 58.737299][ T5231] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 58.741364][ T5223] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 58.747550][ T5224] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 58.755076][ T5223] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 58.764175][ T5231] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 58.776942][ T5223] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 58.777065][ T5224] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 58.784255][ T5223] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 58.792401][ T5231] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 58.800915][ T5223] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 58.806531][ T5224] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 58.813191][ T5223] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 58.819889][ T5231] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 58.833457][ T5224] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 58.841881][ T5231] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 58.848536][ T5223] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 58.849534][ T5231] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 58.863922][ T5231] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 58.863929][ T5223] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 58.873889][ T5233] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 58.878817][ T5231] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 59.336193][ T5214] chnl_net:caif_netlink_parms(): no params data found [ 59.453970][ T5212] chnl_net:caif_netlink_parms(): no params data found [ 59.615854][ T5211] chnl_net:caif_netlink_parms(): no params data found [ 59.627726][ T5214] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.636323][ T5214] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.643813][ T5214] bridge_slave_0: entered allmulticast mode [ 59.650807][ T5214] bridge_slave_0: entered promiscuous mode [ 59.693971][ T5212] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.702784][ T5212] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.710149][ T5212] bridge_slave_0: entered allmulticast mode [ 59.716902][ T5212] bridge_slave_0: entered promiscuous mode [ 59.729063][ T5214] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.736149][ T5214] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.743989][ T5214] bridge_slave_1: entered allmulticast mode [ 59.751165][ T5214] bridge_slave_1: entered promiscuous mode [ 59.770295][ T5213] chnl_net:caif_netlink_parms(): no params data found [ 59.794776][ T5212] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.802505][ T5212] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.809856][ T5212] bridge_slave_1: entered allmulticast mode [ 59.816572][ T5212] bridge_slave_1: entered promiscuous mode [ 59.845659][ T5214] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 59.890866][ T5225] chnl_net:caif_netlink_parms(): no params data found [ 59.903377][ T5214] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 59.935512][ T5212] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 59.973452][ T5212] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 60.056908][ T5212] team0: Port device team_slave_0 added [ 60.067288][ T5212] team0: Port device team_slave_1 added [ 60.076527][ T5214] team0: Port device team_slave_0 added [ 60.136484][ T5214] team0: Port device team_slave_1 added [ 60.153015][ T5213] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.162889][ T5213] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.170566][ T5213] bridge_slave_0: entered allmulticast mode [ 60.177298][ T5213] bridge_slave_0: entered promiscuous mode [ 60.185151][ T5211] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.192428][ T5211] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.199885][ T5211] bridge_slave_0: entered allmulticast mode [ 60.206584][ T5211] bridge_slave_0: entered promiscuous mode [ 60.217786][ T5212] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 60.224850][ T5212] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 60.250793][ T5212] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 60.264326][ T5212] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 60.271329][ T5212] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 60.297369][ T5212] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 60.317351][ T5213] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.328207][ T5213] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.335373][ T5213] bridge_slave_1: entered allmulticast mode [ 60.342944][ T5213] bridge_slave_1: entered promiscuous mode [ 60.357384][ T5211] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.365005][ T5211] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.372521][ T5211] bridge_slave_1: entered allmulticast mode [ 60.380850][ T5211] bridge_slave_1: entered promiscuous mode [ 60.400831][ T5214] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 60.407796][ T5214] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 60.434299][ T5214] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 60.477199][ T5214] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 60.484914][ T5214] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 60.511291][ T5214] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 60.531790][ T5213] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 60.544097][ T5213] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 60.572844][ T5225] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.580094][ T5225] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.587399][ T5225] bridge_slave_0: entered allmulticast mode [ 60.594377][ T5225] bridge_slave_0: entered promiscuous mode [ 60.641281][ T5211] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 60.650820][ T5225] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.659465][ T5225] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.666654][ T5225] bridge_slave_1: entered allmulticast mode [ 60.674106][ T5225] bridge_slave_1: entered promiscuous mode [ 60.698158][ T5212] hsr_slave_0: entered promiscuous mode [ 60.704504][ T5212] hsr_slave_1: entered promiscuous mode [ 60.717843][ T5213] team0: Port device team_slave_0 added [ 60.726747][ T5213] team0: Port device team_slave_1 added [ 60.735730][ T5211] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 60.822597][ T5225] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 60.851602][ T5211] team0: Port device team_slave_0 added [ 60.858276][ T5213] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 60.865233][ T5213] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 60.894163][ T5213] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 60.910707][ T5214] hsr_slave_0: entered promiscuous mode [ 60.917544][ T5214] hsr_slave_1: entered promiscuous mode [ 60.919018][ T4607] Bluetooth: hci2: command tx timeout [ 60.923706][ T5228] Bluetooth: hci0: command tx timeout [ 60.935540][ T5214] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 60.943516][ T5214] Cannot create hsr debugfs directory [ 60.951575][ T5225] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 60.975074][ T5211] team0: Port device team_slave_1 added [ 60.984660][ T5213] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 60.991712][ T5213] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.017791][ T5228] Bluetooth: hci3: command tx timeout [ 61.018528][ T5228] Bluetooth: hci4: command tx timeout [ 61.023565][ T4607] Bluetooth: hci1: command tx timeout [ 61.029362][ T5213] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 61.146926][ T5225] team0: Port device team_slave_0 added [ 61.169141][ T5211] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 61.176287][ T5211] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.206046][ T5211] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 61.221858][ T5213] hsr_slave_0: entered promiscuous mode [ 61.228881][ T5213] hsr_slave_1: entered promiscuous mode [ 61.235002][ T5213] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 61.243388][ T5213] Cannot create hsr debugfs directory [ 61.251314][ T5225] team0: Port device team_slave_1 added [ 61.269645][ T5211] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 61.276604][ T5211] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.303114][ T5211] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 61.380383][ T5225] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 61.387346][ T5225] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.413350][ T5225] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 61.425882][ T5225] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 61.432956][ T5225] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.460786][ T5225] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 61.598828][ T5211] hsr_slave_0: entered promiscuous mode [ 61.605221][ T5211] hsr_slave_1: entered promiscuous mode [ 61.611555][ T5211] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 61.619306][ T5211] Cannot create hsr debugfs directory [ 61.640883][ T5225] hsr_slave_0: entered promiscuous mode [ 61.647105][ T5225] hsr_slave_1: entered promiscuous mode [ 61.653562][ T5225] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 61.661148][ T5225] Cannot create hsr debugfs directory [ 61.854629][ T5212] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 61.866845][ T5212] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 61.900565][ T5212] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 61.916200][ T5212] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 62.018236][ T5213] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 62.043005][ T5213] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 62.065959][ T5213] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 62.088408][ T5213] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 62.139985][ T5214] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 62.157352][ T5214] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 62.168431][ T5214] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 62.209750][ T5214] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 62.292112][ T5212] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.304707][ T5225] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 62.315450][ T5225] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 62.343529][ T5225] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 62.375233][ T5225] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 62.402327][ T5212] 8021q: adding VLAN 0 to HW filter on device team0 [ 62.460560][ T5211] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 62.474824][ T5211] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 62.493149][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.500522][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 62.524212][ T5267] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.531392][ T5267] bridge0: port 2(bridge_slave_1) entered forwarding state [ 62.544190][ T5211] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 62.569485][ T5211] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 62.593466][ T5213] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.676407][ T5213] 8021q: adding VLAN 0 to HW filter on device team0 [ 62.724154][ T1849] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.731485][ T1849] bridge0: port 1(bridge_slave_0) entered forwarding state [ 62.781320][ T5214] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.792868][ T1849] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.800049][ T1849] bridge0: port 2(bridge_slave_1) entered forwarding state [ 62.903229][ T5214] 8021q: adding VLAN 0 to HW filter on device team0 [ 62.925732][ T5225] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.962074][ T5267] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.969860][ T5267] bridge0: port 1(bridge_slave_0) entered forwarding state [ 62.980553][ T5267] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.987628][ T5267] bridge0: port 2(bridge_slave_1) entered forwarding state [ 62.998765][ T4607] Bluetooth: hci2: command tx timeout [ 63.006313][ T5213] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 63.016857][ T4607] Bluetooth: hci0: command tx timeout [ 63.078823][ T4607] Bluetooth: hci1: command tx timeout [ 63.089924][ T4607] Bluetooth: hci4: command tx timeout [ 63.095370][ T4607] Bluetooth: hci3: command tx timeout [ 63.100584][ T5211] 8021q: adding VLAN 0 to HW filter on device bond0 [ 63.113534][ T5225] 8021q: adding VLAN 0 to HW filter on device team0 [ 63.195917][ T5268] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.203111][ T5268] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.222948][ T5211] 8021q: adding VLAN 0 to HW filter on device team0 [ 63.250988][ T5268] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.258201][ T5268] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.292311][ T5212] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 63.312565][ T5268] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.319828][ T5268] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.415163][ T5268] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.422399][ T5268] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.492753][ T5213] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 63.596023][ T5212] veth0_vlan: entered promiscuous mode [ 63.633564][ T5212] veth1_vlan: entered promiscuous mode [ 63.737567][ T5212] veth0_macvtap: entered promiscuous mode [ 63.806032][ T5212] veth1_macvtap: entered promiscuous mode [ 63.856750][ T5212] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 63.897280][ T5214] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 63.939210][ T5212] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 64.000144][ T5212] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.014636][ T5212] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.025133][ T5212] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.036413][ T5212] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.093074][ T5225] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 64.136063][ T5214] veth0_vlan: entered promiscuous mode [ 64.174500][ T5213] veth0_vlan: entered promiscuous mode [ 64.203140][ T5214] veth1_vlan: entered promiscuous mode [ 64.223958][ T5211] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 64.268533][ T2572] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 64.275449][ T5213] veth1_vlan: entered promiscuous mode [ 64.284582][ T2572] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 64.352845][ T2572] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 64.367323][ T2572] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 64.386192][ T5225] veth0_vlan: entered promiscuous mode [ 64.426097][ T5225] veth1_vlan: entered promiscuous mode [ 64.456000][ T5214] veth0_macvtap: entered promiscuous mode [ 64.542691][ T5214] veth1_macvtap: entered promiscuous mode [ 64.573367][ T5213] veth0_macvtap: entered promiscuous mode [ 64.585383][ T5299] FAULT_INJECTION: forcing a failure. [ 64.585383][ T5299] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 64.601524][ T5299] CPU: 0 UID: 0 PID: 5299 Comm: syz.2.3 Not tainted 6.11.0-rc1-syzkaller-00233-g948752d2e010 #0 [ 64.611989][ T5299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 64.614027][ T5225] veth0_macvtap: entered promiscuous mode [ 64.622047][ T5299] Call Trace: [ 64.631091][ T5299] [ 64.633018][ T5225] veth1_macvtap: entered promiscuous mode [ 64.634017][ T5299] dump_stack_lvl+0x241/0x360 [ 64.644413][ T5299] ? __pfx_dump_stack_lvl+0x10/0x10 [ 64.649638][ T5299] ? __pfx__printk+0x10/0x10 [ 64.651939][ T5225] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 64.654245][ T5299] should_fail_ex+0x3b0/0x4e0 [ 64.667261][ T5225] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.669390][ T5299] prepare_alloc_pages+0x1da/0x5d0 [ 64.669424][ T5299] __alloc_pages_noprof+0x166/0x6c0 [ 64.669449][ T5299] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 64.669488][ T5299] alloc_pages_mpol_noprof+0x3e8/0x680 [ 64.669515][ T5299] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 64.669546][ T5299] vma_alloc_folio_noprof+0x12e/0x230 [ 64.684941][ T5225] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 64.689599][ T5299] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 64.689636][ T5299] folio_prealloc+0x31/0x170 [ 64.689660][ T5299] handle_pte_fault+0x2530/0x6eb0 [ 64.689695][ T5299] ? mark_lock+0x9a/0x350 [ 64.689723][ T5299] ? __pfx_handle_pte_fault+0x10/0x10 [ 64.689770][ T5299] ? mt_find+0x226/0x850 [ 64.701828][ T5225] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 64.706843][ T5299] ? __pfx_lock_release+0x10/0x10 [ 64.706882][ T5299] handle_mm_fault+0xf70/0x1880 [ 64.712771][ T5225] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.719412][ T5299] ? __pfx_handle_mm_fault+0x10/0x10 [ 64.719453][ T5299] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 64.719482][ T5299] ? lock_mm_and_find_vma+0x9c/0x2f0 [ 64.719503][ T5299] exc_page_fault+0x2b9/0x8c0 [ 64.719531][ T5299] asm_exc_page_fault+0x26/0x30 [ 64.719566][ T5299] RIP: 0010:rep_movs_alternative+0x33/0x70 [ 64.719586][ T5299] Code: 40 83 f9 08 73 21 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 48 8b 06 <48> 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb [ 64.728790][ T5225] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 64.730031][ T5299] RSP: 0018:ffffc90003f1faf0 EFLAGS: 00050212 [ 64.739342][ T5225] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.744718][ T5299] RAX: 0000800000000001 RBX: 000000002000af90 RCX: 0000000000000010 [ 64.744734][ T5299] RDX: 0000000000000000 RSI: ffffc90003f1fbc0 RDI: 000000002000af80 [ 64.744746][ T5299] RBP: ffffc90003f1fc90 R08: ffffc90003f1fbcf R09: 1ffff920007e3f79 [ 64.744759][ T5299] R10: dffffc0000000000 R11: fffff520007e3f7a R12: 0000000000000010 [ 64.749710][ T5225] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.759350][ T5299] R13: dffffc0000000000 R14: 000000002000af80 R15: ffffc90003f1fbc0 [ 64.759383][ T5299] _copy_to_user+0x86/0xb0 [ 64.759411][ T5299] inotify_read+0x56c/0x9a0 [ 64.759430][ T5299] ? __lock_acquire+0x137a/0x2040 [ 64.759463][ T5299] ? __pfx_inotify_read+0x10/0x10 [ 64.759487][ T5299] ? __pfx_woken_wake_function+0x10/0x10 [ 64.759513][ T5299] ? bpf_lsm_file_permission+0x9/0x10 [ 64.759536][ T5299] ? security_file_permission+0x7f/0xa0 [ 64.759562][ T5299] ? rw_verify_area+0x520/0x6b0 [ 64.759587][ T5299] ? __pfx_inotify_read+0x10/0x10 [ 64.759614][ T5299] vfs_read+0x204/0xbc0 [ 64.759633][ T5299] ? __pfx_lock_release+0x10/0x10 [ 64.759660][ T5299] ? __mutex_unlock_slowpath+0x21d/0x750 [ 64.759685][ T5299] ? __pfx_vfs_read+0x10/0x10 [ 64.759706][ T5299] ? __fget_files+0x29/0x470 [ 64.759729][ T5299] ? __fget_files+0x3f6/0x470 [ 64.759747][ T5299] ? __fget_files+0x29/0x470 [ 64.759779][ T5299] ksys_read+0x1a0/0x2c0 [ 64.759804][ T5299] ? __pfx_ksys_read+0x10/0x10 [ 64.759824][ T5299] ? do_syscall_64+0x100/0x230 [ 64.759852][ T5299] ? do_syscall_64+0xb6/0x230 [ 64.759879][ T5299] do_syscall_64+0xf3/0x230 [ 64.759901][ T5299] ? clear_bhb_loop+0x35/0x90 [ 64.759921][ T5299] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 64.769924][ T5225] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.779537][ T5299] RIP: 0033:0x7f230a3779f9 [ 64.779570][ T5299] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 64.779583][ T5299] RSP: 002b:00007f230b1d2048 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 64.779610][ T5299] RAX: ffffffffffffffda RBX: 00007f230a505f80 RCX: 00007f230a3779f9 [ 64.779623][ T5299] RDX: 0000000000002020 RSI: 000000002000af80 RDI: 0000000000000004 [ 64.779635][ T5299] RBP: 00007f230b1d20a0 R08: 0000000000000000 R09: 0000000000000000 [ 64.779646][ T5299] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 64.779657][ T5299] R13: 000000000000000b R14: 00007f230a505f80 R15: 00007ffff06093f8 [ 64.779683][ T5299] [ 65.106197][ T5225] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.112020][ T5231] Bluetooth: hci2: command tx timeout [ 65.120415][ T4607] Bluetooth: hci0: command tx timeout [ 65.126938][ T5211] veth0_vlan: entered promiscuous mode [ 65.154684][ T5214] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 65.167729][ T4607] Bluetooth: hci3: command tx timeout [ 65.173246][ T4607] Bluetooth: hci4: command tx timeout [ 65.178774][ T5231] Bluetooth: hci1: command tx timeout [ 65.180846][ T5214] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.221217][ T5214] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 65.232579][ T5214] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.245583][ T5214] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 65.256833][ T5213] veth1_macvtap: entered promiscuous mode [ 65.275893][ T5303] FAULT_INJECTION: forcing a failure. [ 65.275893][ T5303] name failslab, interval 1, probability 0, space 0, times 1 [ 65.292929][ T5214] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 65.305282][ T5214] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.315738][ T5303] CPU: 0 UID: 0 PID: 5303 Comm: syz.2.7 Not tainted 6.11.0-rc1-syzkaller-00233-g948752d2e010 #0 [ 65.326154][ T5303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 65.336210][ T5303] Call Trace: [ 65.339492][ T5303] [ 65.342424][ T5303] dump_stack_lvl+0x241/0x360 [ 65.347100][ T5303] ? __pfx_dump_stack_lvl+0x10/0x10 [ 65.352291][ T5303] ? __pfx__printk+0x10/0x10 [ 65.356873][ T5303] ? kmem_cache_alloc_node_noprof+0x49/0x320 [ 65.362849][ T5303] ? __pfx___might_resched+0x10/0x10 [ 65.368142][ T5303] should_fail_ex+0x3b0/0x4e0 [ 65.372846][ T5303] should_failslab+0xac/0x100 [ 65.377527][ T5303] ? __alloc_skb+0x1c3/0x440 [ 65.382110][ T5303] kmem_cache_alloc_node_noprof+0x71/0x320 [ 65.387909][ T5303] __alloc_skb+0x1c3/0x440 [ 65.392325][ T5303] ? __pfx___alloc_skb+0x10/0x10 [ 65.397250][ T5303] ? netlink_autobind+0xd6/0x2f0 [ 65.402181][ T5303] ? netlink_autobind+0x2b0/0x2f0 [ 65.407199][ T5303] netlink_sendmsg+0x638/0xcb0 [ 65.411961][ T5303] ? __pfx_netlink_sendmsg+0x10/0x10 [ 65.417238][ T5303] ? __import_iovec+0x536/0x820 [ 65.422079][ T5303] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 65.427353][ T5303] ? security_socket_sendmsg+0x87/0xb0 [ 65.432803][ T5303] ? __pfx_netlink_sendmsg+0x10/0x10 [ 65.438088][ T5303] __sock_sendmsg+0x221/0x270 [ 65.442773][ T5303] ____sys_sendmsg+0x525/0x7d0 [ 65.447529][ T5303] ? __pfx_____sys_sendmsg+0x10/0x10 [ 65.452811][ T5303] __sys_sendmsg+0x2b0/0x3a0 [ 65.457393][ T5303] ? __pfx___sys_sendmsg+0x10/0x10 [ 65.462584][ T5303] ? vfs_write+0x7c4/0xc90 [ 65.467010][ T5303] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 65.473328][ T5303] ? do_syscall_64+0x100/0x230 [ 65.478096][ T5303] ? do_syscall_64+0xb6/0x230 [ 65.482794][ T5303] do_syscall_64+0xf3/0x230 [ 65.487307][ T5303] ? clear_bhb_loop+0x35/0x90 [ 65.488091][ T5214] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 65.491965][ T5303] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 65.491995][ T5303] RIP: 0033:0x7f230a3779f9 [ 65.502608][ T5214] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.508238][ T5303] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 65.508256][ T5303] RSP: 002b:00007f230b1d2048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 65.508277][ T5303] RAX: ffffffffffffffda RBX: 00007f230a505f80 RCX: 00007f230a3779f9 [ 65.508289][ T5303] RDX: 0000000000000000 RSI: 0000000020004380 RDI: 0000000000000003 [ 65.508300][ T5303] RBP: 00007f230b1d20a0 R08: 0000000000000000 R09: 0000000000000000 [ 65.508311][ T5303] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 65.508322][ T5303] R13: 000000000000000b R14: 00007f230a505f80 R15: 00007ffff06093f8 [ 65.520263][ T5214] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 65.522499][ T5303] [ 65.635226][ T5211] veth1_vlan: entered promiscuous mode [ 65.653626][ T5213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 65.668250][ T5213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.679253][ T5213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 65.689934][ T5213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.699809][ T5213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 65.711483][ T5213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.724066][ T5213] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 65.734041][ T5214] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.742955][ T5214] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.752698][ T5214] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.761512][ T5214] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.792100][ T5213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 65.803132][ T5213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.816815][ T5213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 65.827565][ T5213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.837624][ T5213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 65.848196][ T5213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.859756][ T5213] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 65.883710][ T5213] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.893337][ T5213] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.902883][ T5213] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.912406][ T5213] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.931334][ T5273] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 66.017886][ T5211] veth0_macvtap: entered promiscuous mode [ 66.044848][ T5211] veth1_macvtap: entered promiscuous mode [ 66.051068][ T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.060170][ T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.118537][ T5273] usb 3-1: Using ep0 maxpacket: 32 [ 66.129989][ T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.135313][ T5273] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 66.137812][ T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.157767][ T5273] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 66.175478][ T1119] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.177992][ T5273] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 66.188278][ T1119] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.197032][ T5211] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.212000][ T5273] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 66.226271][ T5211] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.239142][ T5211] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.253493][ T5273] usb 3-1: config 0 descriptor?? [ 66.261012][ T5211] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.265366][ T5273] hub 3-1:0.0: USB hub found [ 66.273996][ T5211] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.287263][ T5211] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.297505][ T5211] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.310051][ T5211] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.322459][ T5211] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 66.350711][ T5211] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.363043][ T5211] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.376142][ T5211] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.386773][ T5211] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.396752][ T5211] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.407516][ T5211] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.417391][ T5211] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.428997][ T5211] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.442215][ T5211] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 66.476519][ T5273] hub 3-1:0.0: 1 port detected [ 66.482713][ T5211] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.495804][ T5211] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.505354][ T5211] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.514588][ T5211] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.530553][ T1119] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.555826][ T1119] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.616504][ T1119] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.632510][ T1119] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.699575][ T2559] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.722927][ T2559] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.932317][ T5273] usb 3-1: USB disconnect, device number 2 [ 66.965482][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.977379][ T2559] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.000022][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.248365][ T5231] Bluetooth: hci0: command tx timeout [ 67.254306][ T4607] Bluetooth: hci2: command tx timeout [ 67.260366][ T4607] Bluetooth: hci1: command tx timeout [ 67.266259][ T5231] Bluetooth: hci4: command tx timeout [ 67.275111][ T4607] Bluetooth: hci3: command tx timeout [ 67.389942][ T2559] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.829986][ T5315] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4'. [ 67.844586][ T5317] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 67.874435][ T5315] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 67.916141][ T5321] capability: warning: `syz.4.5' uses deprecated v2 capabilities in a way that may be insecure [ 68.366253][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 68.798837][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 68.918525][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 69.008555][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 69.158389][ T5315] warning: `syz.3.4' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 69.248440][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 69.348979][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 69.389055][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 69.448453][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 69.529001][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 69.593542][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 69.912528][ T5346] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.14'. [ 70.075785][ T5353] FAULT_INJECTION: forcing a failure. [ 70.075785][ T5353] name failslab, interval 1, probability 0, space 0, times 0 [ 70.088552][ T5353] CPU: 1 UID: 0 PID: 5353 Comm: syz.4.15 Not tainted 6.11.0-rc1-syzkaller-00233-g948752d2e010 #0 [ 70.099037][ T5353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 70.109085][ T5353] Call Trace: [ 70.112350][ T5353] [ 70.115436][ T5353] dump_stack_lvl+0x241/0x360 [ 70.120112][ T5353] ? __pfx_dump_stack_lvl+0x10/0x10 [ 70.125297][ T5353] ? __pfx__printk+0x10/0x10 [ 70.129900][ T5353] ? __pfx_lock_acquire+0x10/0x10 [ 70.134939][ T5353] should_fail_ex+0x3b0/0x4e0 [ 70.140134][ T5353] ? __sigqueue_alloc+0x42e/0x540 [ 70.145146][ T5353] should_failslab+0xac/0x100 [ 70.149808][ T5353] ? __sigqueue_alloc+0x42e/0x540 [ 70.154817][ T5353] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 70.160177][ T5353] __sigqueue_alloc+0x42e/0x540 [ 70.165012][ T5353] __send_signal_locked+0x22f/0xdc0 [ 70.170192][ T5353] ? __lock_task_sighand+0x29/0x2d0 [ 70.175545][ T5353] group_send_sig_info+0x292/0x310 [ 70.180639][ T5353] ? __pfx_group_send_sig_info+0x10/0x10 [ 70.186261][ T5353] bpf_send_signal_common+0x2dd/0x430 [ 70.191639][ T5353] ? __pfx_bpf_send_signal_common+0x10/0x10 [ 70.197559][ T5353] ? bpf_trace_run4+0x244/0x590 [ 70.202394][ T5353] bpf_send_signal_thread+0x16/0x20 [ 70.207591][ T5353] bpf_prog_16ecb682114cf56a+0x22/0x2a [ 70.213075][ T5353] bpf_trace_run4+0x334/0x590 [ 70.217745][ T5353] ? __pfx_bpf_trace_run4+0x10/0x10 [ 70.222933][ T5353] ? get_mm_memcg_path+0x288/0x380 [ 70.228041][ T5353] __mmap_lock_do_trace_acquire_returned+0x286/0x2f0 [ 70.234722][ T5353] ? __pfx_lock_acquire+0x10/0x10 [ 70.239751][ T5353] ? __pfx___mmap_lock_do_trace_acquire_returned+0x10/0x10 [ 70.246983][ T5353] ? __pfx_down_read_trylock+0x10/0x10 [ 70.252429][ T5353] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 70.258403][ T5353] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 70.264721][ T5353] lock_mm_and_find_vma+0x213/0x2f0 [ 70.269906][ T5353] exc_page_fault+0x1bf/0x8c0 [ 70.274576][ T5353] asm_exc_page_fault+0x26/0x30 [ 70.279420][ T5353] RIP: 0010:rep_movs_alternative+0x30/0x70 [ 70.285210][ T5353] Code: f9 40 73 40 83 f9 08 73 21 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 [ 70.304806][ T5353] RSP: 0018:ffffc9000426fd30 EFLAGS: 00050202 [ 70.310874][ T5353] RAX: ffffffff84a7a401 RBX: 000000002000008c RCX: 000000000000000c [ 70.318846][ T5353] RDX: 0000000000000001 RSI: 0000000020000080 RDI: ffffc9000426fda0 [ 70.326800][ T5353] RBP: ffffc9000426fed8 R08: ffffc9000426fdab R09: 1ffff9200084dfb5 [ 70.334757][ T5353] R10: dffffc0000000000 R11: fffff5200084dfb6 R12: 0000000020000080 [ 70.342711][ T5353] R13: ffffc9000426fda0 R14: ffffc9000426fda0 R15: 000000000000000c [ 70.350693][ T5353] ? _copy_from_user+0x41/0xe0 [ 70.355563][ T5353] _copy_from_user+0x8c/0xe0 [ 70.360234][ T5353] __sys_bpf+0x1a4/0x810 [ 70.364463][ T5353] ? __pfx___sys_bpf+0x10/0x10 [ 70.369216][ T5353] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 70.375188][ T5353] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 70.381503][ T5353] ? do_syscall_64+0x100/0x230 [ 70.386255][ T5353] __x64_sys_bpf+0x7c/0x90 [ 70.390658][ T5353] do_syscall_64+0xf3/0x230 [ 70.395145][ T5353] ? clear_bhb_loop+0x35/0x90 [ 70.399811][ T5353] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 70.405706][ T5353] RIP: 0033:0x7f94719779f9 [ 70.410132][ T5353] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 70.429818][ T5353] RSP: 002b:00007f947279b048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 70.438418][ T5353] RAX: ffffffffffffffda RBX: 00007f9471b05f80 RCX: 00007f94719779f9 [ 70.446370][ T5353] RDX: 000000000000000c RSI: 0000000020000080 RDI: 0000000000000023 [ 70.454322][ T5353] RBP: 00007f947279b0a0 R08: 0000000000000000 R09: 0000000000000000 [ 70.462293][ T5353] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 70.470274][ T5353] R13: 000000000000000b R14: 00007f9471b05f80 R15: 00007fff4db44ae8 [ 70.478264][ T5353] [ 70.648340][ T46] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 70.879693][ T46] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 70.896596][ T46] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 70.920873][ T46] usb 4-1: config 0 descriptor?? [ 70.950816][ T46] cp210x 4-1:0.0: cp210x converter detected [ 71.022670][ T5266] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 71.443128][ T5266] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 71.478941][ T5266] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 71.557447][ T5266] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 72.028493][ T1270] ieee802154 phy0 wpan0: encryption failed: -22 [ 72.039332][ T1270] ieee802154 phy1 wpan1: encryption failed: -22 [ 72.068385][ T5266] usb 5-1: New USB device found, idVendor=044e, idProduct=120b, bcdDevice= 0.00 [ 72.120414][ T5266] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 72.147734][ T5266] usb 5-1: config 0 descriptor?? [ 72.284295][ T5346] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 72.436023][ T5346] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 72.461675][ T46] cp210x 4-1:0.0: failed to get vendor val 0x000e size 3: -121 [ 73.702668][ T5363] netlink: 256 bytes leftover after parsing attributes in process `syz.4.16'. [ 73.740340][ T46] cp210x 4-1:0.0: failed to get vendor val 0x3711 size 2: -71 [ 73.752198][ T46] cp210x 4-1:0.0: GPIO initialisation failed: -71 [ 73.782106][ T46] usb 4-1: cp210x converter now attached to ttyUSB0 [ 73.811523][ T46] usb 4-1: USB disconnect, device number 2 [ 73.833509][ T46] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 73.845827][ T46] cp210x 4-1:0.0: device disconnected [ 73.906672][ T5266] usbhid 5-1:0.0: can't add hid device: -71 [ 73.943309][ T5266] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 73.991050][ T5266] usb 5-1: USB disconnect, device number 2 [ 76.012871][ T29] audit: type=1326 audit(1722663152.894:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5408 comm="syz.0.29" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd0b7779f9 code=0x7ffc0000 [ 76.173503][ T4668] udevd (4668) used greatest stack depth: 18928 bytes left [ 76.228566][ T29] audit: type=1326 audit(1722663152.894:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5408 comm="syz.0.29" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdd0b7779f9 code=0x7ffc0000 [ 76.340892][ T29] audit: type=1326 audit(1722663152.894:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5408 comm="syz.0.29" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd0b7779f9 code=0x7ffc0000 [ 76.364149][ T29] audit: type=1326 audit(1722663152.934:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5408 comm="syz.0.29" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdd0b7779f9 code=0x7ffc0000 [ 76.418406][ T29] audit: type=1326 audit(1722663152.984:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5408 comm="syz.0.29" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd0b7779f9 code=0x7ffc0000 [ 76.469228][ T29] audit: type=1326 audit(1722663152.984:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5408 comm="syz.0.29" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fdd0b76e9a7 code=0x7ffc0000 [ 76.623083][ T46] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 76.648334][ T29] audit: type=1326 audit(1722663152.984:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5408 comm="syz.0.29" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdd0b713349 code=0x7ffc0000 [ 77.686938][ T940] cfg80211: failed to load regulatory.db [ 77.756948][ T29] audit: type=1326 audit(1722663152.984:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5408 comm="syz.0.29" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fdd0b76e9a7 code=0x7ffc0000 [ 77.802532][ T46] usb 2-1: Using ep0 maxpacket: 8 [ 77.942625][ T46] usb 2-1: config 129 has an invalid interface number: 25 but max is 3 [ 77.954572][ T29] audit: type=1326 audit(1722663152.984:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5408 comm="syz.0.29" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdd0b713349 code=0x7ffc0000 [ 77.976064][ T46] usb 2-1: config 129 has an invalid interface number: 253 but max is 3 [ 78.848195][ T46] usb 2-1: config 129 has an invalid interface number: 106 but max is 3 [ 78.856760][ T46] usb 2-1: config 129 has an invalid interface number: 241 but max is 3 [ 78.887659][ T46] usb 2-1: config 129 has no interface number 0 [ 78.894097][ T29] audit: type=1326 audit(1722663152.984:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5408 comm="syz.0.29" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fdd0b76e9a7 code=0x7ffc0000 [ 78.925120][ T46] usb 2-1: config 129 has no interface number 1 [ 78.942277][ T46] usb 2-1: config 129 has no interface number 2 [ 78.950346][ T46] usb 2-1: config 129 has no interface number 3 [ 78.957690][ T46] usb 2-1: config 129 interface 25 altsetting 0 endpoint 0xC has invalid maxpacket 1024, setting to 64 [ 79.828962][ T46] usb 2-1: config 129 interface 25 altsetting 0 endpoint 0x9 has invalid maxpacket 1023, setting to 64 [ 80.020380][ T46] usb 2-1: config 129 interface 25 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 80.033534][ T46] usb 2-1: config 129 interface 25 altsetting 0 endpoint 0xF has invalid maxpacket 391, setting to 64 [ 80.053795][ T46] usb 2-1: config 129 interface 25 altsetting 0 has a duplicate endpoint with address 0xC, skipping [ 80.077230][ T46] usb 2-1: config 129 interface 253 altsetting 185 has a duplicate endpoint with address 0x6, skipping [ 80.110105][ T46] usb 2-1: config 129 interface 253 altsetting 185 has a duplicate endpoint with address 0xA, skipping [ 80.150578][ T46] usb 2-1: config 129 interface 253 altsetting 185 has a duplicate endpoint with address 0x2, skipping [ 80.212895][ T46] usb 2-1: config 129 interface 106 altsetting 6 has a duplicate endpoint with address 0x8, skipping [ 80.246747][ T46] usb 2-1: config 129 interface 106 altsetting 6 endpoint 0x7 has an invalid bInterval 251, changing to 11 [ 80.276484][ T46] usb 2-1: config 129 interface 106 altsetting 6 has a duplicate endpoint with address 0xA, skipping [ 80.296781][ T46] usb 2-1: config 129 interface 106 altsetting 6 endpoint 0xD has invalid maxpacket 1023, setting to 64 [ 80.308255][ T1849] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 80.329500][ T46] usb 2-1: config 129 interface 106 altsetting 6 has a duplicate endpoint with address 0x6, skipping [ 80.356075][ T46] usb 2-1: config 129 interface 106 altsetting 6 bulk endpoint 0xE has invalid maxpacket 8 [ 80.368168][ T46] usb 2-1: config 129 interface 106 altsetting 6 endpoint 0x4 has an invalid bInterval 61, changing to 7 [ 80.379450][ T25] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 80.387541][ T46] usb 2-1: config 129 interface 106 altsetting 6 has a duplicate endpoint with address 0x6, skipping [ 80.400283][ T46] usb 2-1: config 129 interface 106 altsetting 6 has a duplicate endpoint with address 0xC, skipping [ 80.414624][ T46] usb 2-1: config 129 interface 106 altsetting 6 has a duplicate endpoint with address 0x8C, skipping [ 80.427218][ T46] usb 2-1: config 129 interface 106 altsetting 6 has a duplicate endpoint with address 0x4, skipping [ 80.439294][ T46] usb 2-1: config 129 interface 106 altsetting 6 has a duplicate endpoint with address 0x4, skipping [ 80.451922][ T46] usb 2-1: config 129 interface 241 altsetting 6 has a duplicate endpoint with address 0xD, skipping [ 80.464264][ T46] usb 2-1: config 129 interface 253 has no altsetting 0 [ 80.471558][ T46] usb 2-1: config 129 interface 106 has no altsetting 0 [ 80.480210][ T46] usb 2-1: config 129 interface 241 has no altsetting 0 [ 80.511391][ T1849] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 80.529893][ T46] usb 2-1: string descriptor 0 read error: -71 [ 80.536220][ T46] usb 2-1: New USB device found, idVendor=2c7c, idProduct=0125, bcdDevice=d5.e2 [ 80.548164][ T1849] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 80.572572][ T46] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 80.580860][ T1849] usb 5-1: New USB device found, idVendor=046d, idProduct=c294, bcdDevice= 0.00 [ 80.592986][ T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 80.604826][ T1849] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 80.615924][ T46] usb 2-1: can't set config #129, error -71 [ 80.623228][ T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 80.636998][ T5457] FAULT_INJECTION: forcing a failure. [ 80.636998][ T5457] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 80.655811][ T1849] usb 5-1: config 0 descriptor?? [ 80.661188][ T46] usb 2-1: USB disconnect, device number 2 [ 80.668440][ T5457] CPU: 0 UID: 0 PID: 5457 Comm: syz.3.42 Not tainted 6.11.0-rc1-syzkaller-00233-g948752d2e010 #0 [ 80.669692][ T25] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 80.678950][ T5457] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 80.678967][ T5457] Call Trace: [ 80.678976][ T5457] [ 80.678983][ T5457] dump_stack_lvl+0x241/0x360 [ 80.679015][ T5457] ? __pfx_dump_stack_lvl+0x10/0x10 [ 80.699273][ T25] usb 1-1: New USB device found, idVendor=044e, idProduct=120b, bcdDevice= 0.00 [ 80.701785][ T5457] ? __pfx__printk+0x10/0x10 [ 80.701827][ T5457] should_fail_ex+0x3b0/0x4e0 [ 80.705094][ T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 80.707995][ T5457] strncpy_from_user+0x36/0x2e0 [ 80.708029][ T5457] bpf_raw_tp_link_attach+0x21d/0x6e0 [ 80.708057][ T5457] ? __pfx_bpf_raw_tp_link_attach+0x10/0x10 [ 80.716187][ T25] usb 1-1: config 0 descriptor?? [ 80.717911][ T5457] bpf_raw_tracepoint_open+0x1c2/0x240 [ 80.717949][ T5457] __sys_bpf+0x3c0/0x810 [ 80.717972][ T5457] ? __pfx___sys_bpf+0x10/0x10 [ 80.718002][ T5457] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 80.718028][ T5457] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 80.718052][ T5457] ? do_syscall_64+0x100/0x230 [ 80.718080][ T5457] __x64_sys_bpf+0x7c/0x90 [ 80.718101][ T5457] do_syscall_64+0xf3/0x230 [ 80.718125][ T5457] ? clear_bhb_loop+0x35/0x90 [ 80.718147][ T5457] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 80.718172][ T5457] RIP: 0033:0x7f45f9d779f9 [ 80.718191][ T5457] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 80.718205][ T5457] RSP: 002b:00007f45faaee048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 80.718223][ T5457] RAX: ffffffffffffffda RBX: 00007f45f9f05f80 RCX: 00007f45f9d779f9 [ 80.718235][ T5457] RDX: 0000000000000010 RSI: 0000000020000200 RDI: 0000000000000011 [ 80.718247][ T5457] RBP: 00007f45faaee0a0 R08: 0000000000000000 R09: 0000000000000000 [ 80.718259][ T5457] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 80.718271][ T5457] R13: 000000000000000b R14: 00007f45f9f05f80 R15: 00007ffee1faba28 [ 80.718296][ T5457] [ 81.572821][ T46] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 81.628567][ T1849] logitech 0003:046D:C294.0001: unknown main item tag 0x0 [ 81.647891][ T1849] logitech 0003:046D:C294.0001: hidraw0: USB HID v0.00 Device [HID 046d:c294] on usb-dummy_hcd.4-1/input0 [ 81.659830][ T1849] logitech 0003:046D:C294.0001: no inputs found [ 81.683815][ T5449] netlink: 256 bytes leftover after parsing attributes in process `syz.0.38'. [ 81.736479][ T25] usbhid 1-1:0.0: can't add hid device: -71 [ 81.743870][ T25] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 81.756314][ T25] usb 1-1: USB disconnect, device number 2 [ 82.612457][ T46] usb 2-1: Using ep0 maxpacket: 16 [ 82.625898][ T46] usb 2-1: New USB device found, idVendor=23a7, idProduct=fedc, bcdDevice=e0.0b [ 82.637207][ T46] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 82.653644][ T46] usb 2-1: Product: syz [ 82.678131][ T46] usb 2-1: Manufacturer: syz [ 82.691222][ T46] usb 2-1: SerialNumber: syz [ 82.701877][ T46] usb 2-1: config 0 descriptor?? [ 82.741741][ T25] usb 5-1: USB disconnect, device number 3 [ 82.847587][ T5264] libceph: connect (1)[c::]:6789 error -101 [ 82.858780][ T5264] libceph: mon0 (1)[c::]:6789 connect error [ 83.872706][ T940] libceph: connect (1)[c::]:6789 error -101 [ 83.888164][ T940] libceph: mon0 (1)[c::]:6789 connect error [ 83.967586][ T5493] capability: warning: `syz.0.50' uses 32-bit capabilities (legacy support in use) [ 84.648723][ T5479] ceph: No mds server is up or the cluster is laggy [ 84.665361][ T940] libceph: connect (1)[c::]:6789 error -101 [ 84.675408][ T940] libceph: mon0 (1)[c::]:6789 connect error [ 84.720954][ T46] usb 2-1: Quirk or no altset; falling back to MIDI 1.0 [ 84.750072][ T46] usb 2-1: MIDIStreaming interface descriptor not found [ 84.927632][ T46] usb 2-1: USB disconnect, device number 3 [ 85.217828][ T5516] netlink: 201412 bytes leftover after parsing attributes in process `syz.3.52'. [ 85.239376][ T5516] netlink: zone id is out of range [ 85.265123][ T5516] netlink: zone id is out of range [ 85.266041][ T5524] FAULT_INJECTION: forcing a failure. [ 85.266041][ T5524] name failslab, interval 1, probability 0, space 0, times 0 [ 85.409243][ T5524] CPU: 0 UID: 0 PID: 5524 Comm: syz.2.56 Not tainted 6.11.0-rc1-syzkaller-00233-g948752d2e010 #0 [ 85.419759][ T5524] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 85.429798][ T5524] Call Trace: [ 85.433063][ T5524] [ 85.435980][ T5524] dump_stack_lvl+0x241/0x360 [ 85.440652][ T5524] ? __pfx_dump_stack_lvl+0x10/0x10 [ 85.445833][ T5524] ? __pfx__printk+0x10/0x10 [ 85.450409][ T5524] ? kmem_cache_alloc_node_noprof+0x49/0x320 [ 85.454800][ T5516] netlink: zone id is out of range [ 85.456373][ T5524] ? __pfx___might_resched+0x10/0x10 [ 85.456406][ T5524] should_fail_ex+0x3b0/0x4e0 [ 85.471422][ T5524] should_failslab+0xac/0x100 [ 85.476089][ T5524] ? __alloc_skb+0x1c3/0x440 [ 85.480663][ T5524] kmem_cache_alloc_node_noprof+0x71/0x320 [ 85.486464][ T5524] __alloc_skb+0x1c3/0x440 [ 85.490870][ T5524] ? __pfx___alloc_skb+0x10/0x10 [ 85.495793][ T5524] ? netlink_autobind+0xd6/0x2f0 [ 85.500711][ T5524] ? netlink_autobind+0x2b0/0x2f0 [ 85.505720][ T5524] netlink_sendmsg+0x638/0xcb0 [ 85.510480][ T5524] ? __pfx_netlink_sendmsg+0x10/0x10 [ 85.515774][ T5524] ? __import_iovec+0x536/0x820 [ 85.520650][ T5524] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 85.520841][ T5526] netlink: 'syz.0.55': attribute type 1 has an invalid length. [ 85.525934][ T5524] ? security_socket_sendmsg+0x87/0xb0 [ 85.525963][ T5524] ? __pfx_netlink_sendmsg+0x10/0x10 [ 85.544330][ T5524] __sock_sendmsg+0x221/0x270 [ 85.549004][ T5524] ____sys_sendmsg+0x525/0x7d0 [ 85.553760][ T5524] ? __pfx_____sys_sendmsg+0x10/0x10 [ 85.559041][ T5524] __sys_sendmmsg+0x3b2/0x740 [ 85.563712][ T5524] ? __pfx___sys_sendmmsg+0x10/0x10 [ 85.568922][ T5524] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 85.574809][ T5524] ? ksys_write+0x23e/0x2c0 [ 85.579301][ T5524] ? __pfx_lock_release+0x10/0x10 [ 85.584316][ T5524] ? vfs_write+0x7c4/0xc90 [ 85.588725][ T5524] ? __mutex_unlock_slowpath+0x21d/0x750 [ 85.594348][ T5524] ? __pfx_vfs_write+0x10/0x10 [ 85.599113][ T5524] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 85.605088][ T5524] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 85.611404][ T5524] ? do_syscall_64+0x100/0x230 [ 85.616166][ T5524] __x64_sys_sendmmsg+0xa0/0xb0 [ 85.621007][ T5524] do_syscall_64+0xf3/0x230 [ 85.625504][ T5524] ? clear_bhb_loop+0x35/0x90 [ 85.630166][ T5524] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.636058][ T5524] RIP: 0033:0x7f230a3779f9 [ 85.640460][ T5524] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 85.660052][ T5524] RSP: 002b:00007f230b1d2048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 85.668455][ T5524] RAX: ffffffffffffffda RBX: 00007f230a505f80 RCX: 00007f230a3779f9 [ 85.676419][ T5524] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000004 [ 85.684379][ T5524] RBP: 00007f230b1d20a0 R08: 0000000000000000 R09: 0000000000000000 [ 85.692333][ T5524] R10: 0000000001000000 R11: 0000000000000246 R12: 0000000000000001 [ 85.700290][ T5524] R13: 000000000000000b R14: 00007f230a505f80 R15: 00007ffff06093f8 [ 85.708276][ T5524] [ 85.763351][ T5516] netlink: zone id is out of range [ 85.802610][ T5516] netlink: zone id is out of range [ 86.028082][ T5516] netlink: zone id is out of range [ 86.201170][ T5516] netlink: zone id is out of range [ 86.228485][ T5516] netlink: zone id is out of range [ 86.233645][ T5516] netlink: zone id is out of range [ 86.508166][ T5516] netlink: zone id is out of range [ 87.118318][ T5535] FAULT_INJECTION: forcing a failure. [ 87.118318][ T5535] name failslab, interval 1, probability 0, space 0, times 0 [ 87.131072][ T5535] CPU: 0 UID: 0 PID: 5535 Comm: syz.2.58 Not tainted 6.11.0-rc1-syzkaller-00233-g948752d2e010 #0 [ 87.141588][ T5535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 87.151654][ T5535] Call Trace: [ 87.154940][ T5535] [ 87.157877][ T5535] dump_stack_lvl+0x241/0x360 [ 87.162574][ T5535] ? __pfx_dump_stack_lvl+0x10/0x10 [ 87.167786][ T5535] ? __pfx__printk+0x10/0x10 [ 87.172390][ T5535] ? __kmalloc_cache_noprof+0x44/0x2c0 [ 87.177865][ T5535] ? __pfx___might_resched+0x10/0x10 [ 87.183163][ T5535] should_fail_ex+0x3b0/0x4e0 [ 87.187854][ T5535] should_failslab+0xac/0x100 [ 87.192546][ T5535] ? alloc_pipe_info+0xeb/0x4d0 [ 87.197410][ T5535] __kmalloc_cache_noprof+0x6c/0x2c0 [ 87.202722][ T5535] alloc_pipe_info+0xeb/0x4d0 [ 87.207426][ T5535] splice_direct_to_actor+0xaac/0xc90 [ 87.212846][ T5535] ? __pfx_direct_splice_actor+0x10/0x10 [ 87.218503][ T5535] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 87.224398][ T5535] ? __fget_files+0x29/0x470 [ 87.228983][ T5535] ? __pfx_lock_release+0x10/0x10 [ 87.234005][ T5535] do_splice_direct+0x28c/0x3e0 [ 87.238860][ T5535] ? __pfx_do_splice_direct+0x10/0x10 [ 87.244226][ T5535] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 87.250108][ T5535] ? security_file_permission+0x7f/0xa0 [ 87.255649][ T5535] ? rw_verify_area+0x1d2/0x6b0 [ 87.260497][ T5535] do_sendfile+0x56d/0xe20 [ 87.264913][ T5535] ? __pfx_do_sendfile+0x10/0x10 [ 87.269851][ T5535] __se_sys_sendfile64+0x17c/0x1e0 [ 87.274960][ T5535] ? __pfx___se_sys_sendfile64+0x10/0x10 [ 87.280586][ T5535] ? do_syscall_64+0x100/0x230 [ 87.285347][ T5535] ? do_syscall_64+0xb6/0x230 [ 87.290021][ T5535] do_syscall_64+0xf3/0x230 [ 87.294521][ T5535] ? clear_bhb_loop+0x35/0x90 [ 87.299189][ T5535] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 87.305078][ T5535] RIP: 0033:0x7f230a3779f9 [ 87.309487][ T5535] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 87.329087][ T5535] RSP: 002b:00007f230b1d2048 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 87.337492][ T5535] RAX: ffffffffffffffda RBX: 00007f230a505f80 RCX: 00007f230a3779f9 [ 87.345460][ T5535] RDX: 0000000000000000 RSI: 000000000000000c RDI: 000000000000000d [ 87.353422][ T5535] RBP: 00007f230b1d20a0 R08: 0000000000000000 R09: 0000000000000000 [ 87.361386][ T5535] R10: 0000000100000002 R11: 0000000000000246 R12: 0000000000000001 [ 87.369345][ T5535] R13: 000000000000000b R14: 00007f230a505f80 R15: 00007ffff06093f8 [ 87.377320][ T5535] [ 89.291522][ T5307] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 89.501378][ T5307] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 89.527117][ T5307] usb 3-1: language id specifier not provided by device, defaulting to English [ 89.555921][ T5307] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 89.576554][ T5307] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 89.596539][ T5307] usb 3-1: Product: syz [ 89.602254][ T5307] usb 3-1: Manufacturer: ᪌ጵ域ᑗ렺䛐㆓鐵琏旂〷쒨鏥ꠙ삺놱ꪙ㋟퍮х跶㞓븧㙲쒍⻻⽂鱍峩ⱺ쌉 [ 89.668026][ T5307] usb 3-1: SerialNumber: syz [ 90.320797][ T5572] netlink: 'syz.0.69': attribute type 1 has an invalid length. [ 91.171947][ T940] usb 3-1: USB disconnect, device number 3 [ 91.406034][ T5581] 9pnet_fd: Insufficient options for proto=fd [ 91.460584][ T29] kauditd_printk_skb: 27 callbacks suppressed [ 91.460602][ T29] audit: type=1804 audit(1722663424.340:39): pid=5584 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.2.73" name="/newroot/21/bus/bus" dev="overlay" ino=148 res=1 errno=0 [ 91.466872][ T5581] netlink: 'syz.1.71': attribute type 10 has an invalid length. [ 91.487179][ C0] vkms_vblank_simulate: vblank timer overrun [ 91.607595][ T5581] bond0: (slave bond_slave_0): Releasing backup interface [ 93.717932][ C0] sched: RT throttling activated [ 98.073822][ T5615] team0: Device ipvlan2 is already an upper device of the team interface [ 98.210828][ T5618] FAULT_INJECTION: forcing a failure. [ 98.210828][ T5618] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 98.224083][ T5618] CPU: 0 UID: 0 PID: 5618 Comm: syz.4.80 Not tainted 6.11.0-rc1-syzkaller-00233-g948752d2e010 #0 [ 98.234597][ T5618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 98.244664][ T5618] Call Trace: [ 98.247951][ T5618] [ 98.250890][ T5618] dump_stack_lvl+0x241/0x360 [ 98.255592][ T5618] ? __pfx_dump_stack_lvl+0x10/0x10 [ 98.260803][ T5618] ? __pfx__printk+0x10/0x10 [ 98.265417][ T5618] should_fail_ex+0x3b0/0x4e0 [ 98.270110][ T5618] strncpy_from_user+0x36/0x2e0 [ 98.274977][ T5618] ? kmem_cache_alloc_noprof+0x185/0x2a0 [ 98.280627][ T5618] getname_flags+0xf1/0x540 [ 98.285150][ T5618] do_sys_openat2+0xd2/0x1d0 [ 98.289753][ T5618] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 98.295749][ T5618] ? __pfx_do_sys_openat2+0x10/0x10 [ 98.300957][ T5618] ? __fget_files+0x3f6/0x470 [ 98.305657][ T5618] __x64_sys_open+0x225/0x270 [ 98.310348][ T5618] ? __pfx___x64_sys_open+0x10/0x10 [ 98.315564][ T5618] ? do_syscall_64+0x100/0x230 [ 98.320351][ T5618] ? do_syscall_64+0xb6/0x230 [ 98.325043][ T5618] do_syscall_64+0xf3/0x230 [ 98.329561][ T5618] ? clear_bhb_loop+0x35/0x90 [ 98.334250][ T5618] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 98.340163][ T5618] RIP: 0033:0x7f94719779f9 [ 98.344592][ T5618] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 98.364309][ T5618] RSP: 002b:00007f9472759048 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 98.372758][ T5618] RAX: ffffffffffffffda RBX: 00007f9471b06130 RCX: 00007f94719779f9 [ 98.380835][ T5618] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000100 [ 98.388822][ T5618] RBP: 00007f94727590a0 R08: 0000000000000000 R09: 0000000000000000 [ 98.396976][ T5618] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 98.404954][ T5618] R13: 000000000000006e R14: 00007f9471b06130 R15: 00007fff4db44ae8 [ 98.412951][ T5618] [ 99.839327][ T5632] netlink: 'syz.4.83': attribute type 29 has an invalid length. [ 99.959195][ T5632] netlink: 'syz.4.83': attribute type 29 has an invalid length. [ 100.074934][ T5627] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 100.207450][ T5639] net_ratelimit: 69 callbacks suppressed [ 100.207468][ T5639] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 100.349720][ T5627] usb 2-1: config 0 interface 0 has no altsetting 0 [ 100.394039][ T5627] usb 2-1: New USB device found, idVendor=2040, idProduct=5530, bcdDevice=a8.82 [ 100.421975][ T5647] netlink: 52 bytes leftover after parsing attributes in process `syz.3.88'. [ 100.431168][ T5627] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 100.479074][ T5647] netlink: 12 bytes leftover after parsing attributes in process `syz.3.88'. [ 100.509682][ T5627] usb 2-1: config 0 descriptor?? [ 100.540269][ T5627] smsusb:smsusb_probe: board id=8, interface number 0 [ 100.561551][ T5643] netlink: 12 bytes leftover after parsing attributes in process `syz.4.87'. [ 100.568138][ T5647] netlink: 20 bytes leftover after parsing attributes in process `syz.3.88'. [ 100.579417][ T5627] smsusb:smsusb_probe: Device initialized with return code -19 [ 100.797040][ T5651] netlink: 28 bytes leftover after parsing attributes in process `syz.1.84'. [ 100.845556][ T5651] netlink: 28 bytes leftover after parsing attributes in process `syz.1.84'. [ 101.144235][ T5655] netlink: 'syz.3.89': attribute type 1 has an invalid length. [ 101.822679][ T46] usb 2-1: USB disconnect, device number 4 [ 102.133557][ T5661] program syz.3.92 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 103.400269][ T5266] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 103.571300][ T5680] syz.0.96 uses obsolete (PF_INET,SOCK_PACKET) [ 103.625650][ T5266] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 103.670261][ T5266] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 103.748374][ T5266] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 103.762046][ T5266] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 103.790120][ T5266] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 103.791489][ T5688] FAULT_INJECTION: forcing a failure. [ 103.791489][ T5688] name failslab, interval 1, probability 0, space 0, times 0 [ 103.814192][ T5688] CPU: 1 UID: 0 PID: 5688 Comm: syz.0.98 Not tainted 6.11.0-rc1-syzkaller-00233-g948752d2e010 #0 [ 103.817397][ T5687] netlink: 52 bytes leftover after parsing attributes in process `syz.2.99'. [ 103.824699][ T5688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 103.824717][ T5688] Call Trace: [ 103.824727][ T5688] [ 103.824735][ T5688] dump_stack_lvl+0x241/0x360 [ 103.824767][ T5688] ? __pfx_dump_stack_lvl+0x10/0x10 [ 103.824789][ T5688] ? __pfx__printk+0x10/0x10 [ 103.824813][ T5688] ? fs_reclaim_acquire+0x93/0x140 [ 103.824834][ T5688] ? __pfx___might_resched+0x10/0x10 [ 103.824860][ T5688] should_fail_ex+0x3b0/0x4e0 [ 103.824882][ T5688] ? tomoyo_encode+0x26f/0x540 [ 103.840103][ T5266] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0 [ 103.843659][ T5688] should_failslab+0xac/0x100 [ 103.847048][ T5266] usb 2-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 13 [ 103.849859][ T5688] ? tomoyo_encode+0x26f/0x540 [ 103.849887][ T5688] __kmalloc_noprof+0xd8/0x400 [ 103.849914][ T5688] tomoyo_encode+0x26f/0x540 [ 103.849942][ T5688] tomoyo_realpath_from_path+0x59e/0x5e0 [ 103.849974][ T5688] tomoyo_path_number_perm+0x23a/0x880 [ 103.849999][ T5688] ? tomoyo_path_number_perm+0x208/0x880 [ 103.850021][ T5688] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 103.850077][ T5688] ? __fget_files+0x29/0x470 [ 103.863713][ T5687] netlink: 12 bytes leftover after parsing attributes in process `syz.2.99'. [ 103.864487][ T5688] ? __fget_files+0x3f6/0x470 [ 103.864513][ T5688] ? __fget_files+0x29/0x470 [ 103.864539][ T5688] security_file_ioctl+0x75/0xb0 [ 103.873862][ T5687] netlink: 20 bytes leftover after parsing attributes in process `syz.2.99'. [ 103.874904][ T5688] __se_sys_ioctl+0x47/0x170 [ 103.874932][ T5688] do_syscall_64+0xf3/0x230 [ 103.874958][ T5688] ? clear_bhb_loop+0x35/0x90 [ 103.879874][ T5266] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 103.884361][ T5688] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 103.884396][ T5688] RIP: 0033:0x7fdd0b7779f9 [ 103.884414][ T5688] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 103.884428][ T5688] RSP: 002b:00007fdd0c563048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 103.903440][ T5266] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 103.911775][ T5688] RAX: ffffffffffffffda RBX: 00007fdd0b905f80 RCX: 00007fdd0b7779f9 [ 103.911794][ T5688] RDX: 0000000020000340 RSI: 0000000040505412 RDI: 0000000000000003 [ 103.911805][ T5688] RBP: 00007fdd0c5630a0 R08: 0000000000000000 R09: 0000000000000000 [ 103.911816][ T5688] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 103.911828][ T5688] R13: 000000000000000b R14: 00007fdd0b905f80 R15: 00007ffc8e6c6368 [ 103.911854][ T5688] [ 103.916558][ T5688] ERROR: Out of memory at tomoyo_realpath_from_path. [ 103.932252][ T5266] usb 2-1: Product: syz [ 104.640981][ T5266] usb 2-1: Manufacturer: syz [ 104.645624][ T5266] usb 2-1: SerialNumber: syz [ 104.985608][ T5673] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 104.995238][ T5673] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 105.007468][ T5270] usb 2-1: USB disconnect, device number 5 [ 105.028204][ T46] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 106.025381][ T46] usb 3-1: device descriptor read/64, error -71 [ 106.411744][ T5266] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 106.548141][ T5270] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 106.855814][ T46] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 107.098138][ T46] usb 3-1: device descriptor read/64, error -71 [ 107.258353][ T46] usb usb3-port1: attempt power cycle [ 107.341626][ T5266] usb 1-1: Using ep0 maxpacket: 16 [ 107.362161][ T5266] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 9946, setting to 1024 [ 107.400952][ T5266] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1024 [ 107.449259][ T5266] usb 1-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice= 7.79 [ 107.474869][ T5266] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 107.512578][ T5266] usb 1-1: Product: syz [ 107.524098][ T5266] usb 1-1: Manufacturer: syz [ 107.540332][ T5266] usb 1-1: SerialNumber: syz [ 107.581476][ T5266] usb 1-1: config 0 descriptor?? [ 107.596490][ T5710] raw-gadget.3 gadget.0: fail, usb_ep_enable returned -22 [ 107.691708][ T46] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 107.817812][ T46] usb 3-1: device descriptor read/8, error -71 [ 107.850294][ T5266] usb 1-1: Limiting number of CPorts to U8_MAX [ 107.876206][ T5266] usb 1-1: Not enough endpoints found in device, aborting! [ 107.960355][ T5728] FAULT_INJECTION: forcing a failure. [ 107.960355][ T5728] name failslab, interval 1, probability 0, space 0, times 0 [ 107.992377][ T5728] CPU: 0 UID: 0 PID: 5728 Comm: syz.4.109 Not tainted 6.11.0-rc1-syzkaller-00233-g948752d2e010 #0 [ 108.003005][ T5728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 108.013069][ T5728] Call Trace: [ 108.016464][ T5728] [ 108.019392][ T5728] dump_stack_lvl+0x241/0x360 [ 108.024077][ T5728] ? __pfx_dump_stack_lvl+0x10/0x10 [ 108.029271][ T5728] ? __pfx__printk+0x10/0x10 [ 108.033849][ T5728] ? __kmalloc_noprof+0xb0/0x400 [ 108.038790][ T5728] ? __pfx___might_resched+0x10/0x10 [ 108.044094][ T5728] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 108.050090][ T5728] should_fail_ex+0x3b0/0x4e0 [ 108.054755][ T5728] ? sock_kmalloc+0xd7/0x160 [ 108.059357][ T5728] should_failslab+0xac/0x100 [ 108.064065][ T5728] ? sock_kmalloc+0xd7/0x160 [ 108.068659][ T5728] __kmalloc_noprof+0xd8/0x400 [ 108.073435][ T5728] ? __lock_acquire+0x137a/0x2040 [ 108.078462][ T5728] sock_kmalloc+0xd7/0x160 [ 108.082876][ T5728] af_alg_alloc_areq+0x90/0x260 [ 108.087722][ T5728] skcipher_recvmsg+0x382/0x1230 [ 108.092661][ T5728] ? __pfx_skcipher_recvmsg+0x10/0x10 [ 108.098027][ T5728] ? iovec_from_user+0x1b0/0x240 [ 108.102958][ T5728] ? bpf_lsm_socket_recvmsg+0x9/0x10 [ 108.108232][ T5728] ? security_socket_recvmsg+0x90/0xb0 [ 108.113675][ T5728] ? __pfx_skcipher_recvmsg+0x10/0x10 [ 108.119032][ T5728] sock_recvmsg+0x22f/0x280 [ 108.123530][ T5728] ____sys_recvmsg+0x1db/0x470 [ 108.128287][ T5728] ? __pfx_____sys_recvmsg+0x10/0x10 [ 108.133566][ T5728] do_recvmmsg+0x474/0xae0 [ 108.137981][ T5728] ? __pfx_lock_release+0x10/0x10 [ 108.143011][ T5728] ? __pfx_do_recvmmsg+0x10/0x10 [ 108.147960][ T5728] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 108.153847][ T5728] ? ksys_write+0x23e/0x2c0 [ 108.158349][ T5728] ? __pfx_lock_release+0x10/0x10 [ 108.163363][ T5728] ? vfs_write+0x7c4/0xc90 [ 108.167767][ T5728] ? __mutex_unlock_slowpath+0x21d/0x750 [ 108.173391][ T5728] ? __fget_files+0x3f6/0x470 [ 108.178063][ T5728] __x64_sys_recvmmsg+0x199/0x250 [ 108.183080][ T5728] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 108.188616][ T5728] ? do_syscall_64+0x100/0x230 [ 108.193370][ T5728] ? do_syscall_64+0xb6/0x230 [ 108.198053][ T5728] do_syscall_64+0xf3/0x230 [ 108.202563][ T5728] ? clear_bhb_loop+0x35/0x90 [ 108.207225][ T5728] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 108.213107][ T5728] RIP: 0033:0x7f94719779f9 [ 108.217505][ T5728] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 108.237100][ T5728] RSP: 002b:00007f947279b048 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 108.245514][ T5728] RAX: ffffffffffffffda RBX: 00007f9471b05f80 RCX: 00007f94719779f9 [ 108.253477][ T5728] RDX: 0000000000000001 RSI: 0000000020001440 RDI: 0000000000000004 [ 108.261438][ T5728] RBP: 00007f947279b0a0 R08: 0000000000000000 R09: 0000000000000000 [ 108.269406][ T5728] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 108.277369][ T5728] R13: 000000000000000b R14: 00007f9471b05f80 R15: 00007fff4db44ae8 [ 108.285454][ T5728] [ 108.288685][ C0] vkms_vblank_simulate: vblank timer overrun [ 108.479721][ T5270] usb 1-1: USB disconnect, device number 3 [ 108.558133][ T5738] netlink: 52 bytes leftover after parsing attributes in process `syz.4.112'. [ 108.569678][ T5738] netlink: 12 bytes leftover after parsing attributes in process `syz.4.112'. [ 108.735008][ T5738] netlink: 20 bytes leftover after parsing attributes in process `syz.4.112'. [ 108.762111][ T5726] FAULT_INJECTION: forcing a failure. [ 108.762111][ T5726] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 108.840433][ T5726] CPU: 0 UID: 0 PID: 5726 Comm: syz.3.108 Not tainted 6.11.0-rc1-syzkaller-00233-g948752d2e010 #0 [ 108.851068][ T5726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 108.861679][ T5726] Call Trace: [ 108.861694][ T5726] [ 108.861704][ T5726] dump_stack_lvl+0x241/0x360 [ 108.861737][ T5726] ? __pfx_dump_stack_lvl+0x10/0x10 [ 108.861762][ T5726] ? __pfx__printk+0x10/0x10 [ 108.861788][ T5726] ? __pfx_lock_release+0x10/0x10 [ 108.861821][ T5726] should_fail_ex+0x3b0/0x4e0 [ 108.861845][ T5726] _copy_to_iter+0x1f6/0x1960 [ 108.861869][ T5726] ? preempt_schedule+0xe1/0xf0 [ 108.861891][ T5726] ? preempt_schedule_common+0x84/0xd0 [ 108.861913][ T5726] ? __pfx_preempt_schedule+0x10/0x10 [ 108.861934][ T5726] ? __pfx__copy_to_iter+0x10/0x10 [ 108.861956][ T5726] ? preempt_schedule_thunk+0x1a/0x30 [ 108.861992][ T5726] signalfd_read_iter+0xf6f/0x16b0 [ 108.862030][ T5726] ? signalfd_read_iter+0x879/0x16b0 [ 108.862053][ T5726] ? __pfx_signalfd_read_iter+0x10/0x10 [ 108.862085][ T5726] ? __pfx_default_wake_function+0x10/0x10 [ 108.862112][ T5726] ? bpf_lsm_file_permission+0x9/0x10 [ 108.862135][ T5726] ? security_file_permission+0x7f/0xa0 [ 108.862164][ T5726] vfs_read+0x9bd/0xbc0 [ 108.862182][ T5726] ? __pfx_lock_release+0x10/0x10 [ 108.862210][ T5726] ? __pfx_vfs_read+0x10/0x10 [ 108.862244][ T5726] ksys_read+0x1a0/0x2c0 [ 108.862266][ T5726] ? __pfx_ksys_read+0x10/0x10 [ 108.862283][ T5726] ? do_syscall_64+0x100/0x230 [ 108.862309][ T5726] ? do_syscall_64+0xb6/0x230 [ 108.862333][ T5726] do_syscall_64+0xf3/0x230 [ 108.862355][ T5726] ? clear_bhb_loop+0x35/0x90 [ 108.862376][ T5726] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 108.862400][ T5726] RIP: 0033:0x7f45f9d779f9 [ 109.007444][ T5726] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 109.027055][ T5726] RSP: 002b:00007f45faaee048 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 109.035464][ T5726] RAX: ffffffffffffffda RBX: 00007f45f9f05f80 RCX: 00007f45f9d779f9 [ 109.043426][ T5726] RDX: 00000000fffffef0 RSI: 00000000200008c0 RDI: 0000000000000003 [ 109.051390][ T5726] RBP: 00007f45faaee0a0 R08: 0000000000000000 R09: 0000000000000000 [ 109.059440][ T5726] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 109.067399][ T5726] R13: 000000000000000b R14: 00007f45f9f05f80 R15: 00007ffee1faba28 [ 109.075378][ T5726] [ 109.078542][ C0] vkms_vblank_simulate: vblank timer overrun [ 109.283354][ T5749] netlink: 201412 bytes leftover after parsing attributes in process `syz.4.114'. [ 109.298468][ T5749] netlink: zone id is out of range [ 109.354160][ T5749] netlink: zone id is out of range [ 109.373488][ T5749] netlink: zone id is out of range [ 109.408511][ T5749] netlink: zone id is out of range [ 109.420186][ T5749] netlink: zone id is out of range [ 109.445050][ T5749] netlink: zone id is out of range [ 109.454573][ T5753] netlink: 4 bytes leftover after parsing attributes in process `syz.3.117'. [ 109.648415][ T5749] netlink: zone id is out of range [ 109.648524][ T5753] (unnamed net_device) (uninitialized): Invalid ad_actor_system MAC address. [ 109.683448][ T5749] netlink: zone id is out of range [ 109.708108][ T5749] netlink: zone id is out of range [ 109.717506][ T5753] (unnamed net_device) (uninitialized): option ad_actor_system: invalid value (133) [ 109.730510][ T5749] netlink: zone id is out of range [ 109.777831][ T5761] netlink: 'syz.1.115': attribute type 4 has an invalid length. [ 109.785685][ T5761] netlink: 128124 bytes leftover after parsing attributes in process `syz.1.115'. [ 110.633981][ T5753] Zero length message leads to an empty skb [ 113.122851][ T5787] FAULT_INJECTION: forcing a failure. [ 113.122851][ T5787] name failslab, interval 1, probability 0, space 0, times 0 [ 113.240932][ T5787] CPU: 0 UID: 0 PID: 5787 Comm: syz.0.122 Not tainted 6.11.0-rc1-syzkaller-00233-g948752d2e010 #0 [ 113.251570][ T5787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 113.261635][ T5787] Call Trace: [ 113.264925][ T5787] [ 113.267866][ T5787] dump_stack_lvl+0x241/0x360 [ 113.272564][ T5787] ? __pfx_dump_stack_lvl+0x10/0x10 [ 113.277780][ T5787] ? __pfx__printk+0x10/0x10 [ 113.282385][ T5787] ? kmem_cache_alloc_node_noprof+0x49/0x320 [ 113.288381][ T5787] ? __pfx___might_resched+0x10/0x10 [ 113.293685][ T5787] should_fail_ex+0x3b0/0x4e0 [ 113.298377][ T5787] should_failslab+0xac/0x100 [ 113.303067][ T5787] ? __alloc_skb+0x1c3/0x440 [ 113.307672][ T5787] kmem_cache_alloc_node_noprof+0x71/0x320 [ 113.313498][ T5787] __alloc_skb+0x1c3/0x440 [ 113.317931][ T5787] ? __pfx___alloc_skb+0x10/0x10 [ 113.322894][ T5787] ? netlink_autobind+0xd6/0x2f0 [ 113.327844][ T5787] ? netlink_autobind+0x2b0/0x2f0 [ 113.332892][ T5787] netlink_sendmsg+0x638/0xcb0 [ 113.337773][ T5787] ? __pfx_netlink_sendmsg+0x10/0x10 [ 113.343078][ T5787] ? __import_iovec+0x536/0x820 [ 113.347945][ T5787] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 113.353241][ T5787] ? security_socket_sendmsg+0x87/0xb0 [ 113.358713][ T5787] ? __pfx_netlink_sendmsg+0x10/0x10 [ 113.364010][ T5787] __sock_sendmsg+0x221/0x270 [ 113.368709][ T5787] ____sys_sendmsg+0x525/0x7d0 [ 113.373491][ T5787] ? __pfx_____sys_sendmsg+0x10/0x10 [ 113.378803][ T5787] __sys_sendmsg+0x2b0/0x3a0 [ 113.383409][ T5787] ? __pfx___sys_sendmsg+0x10/0x10 [ 113.388528][ T5787] ? vfs_write+0x7c4/0xc90 [ 113.392994][ T5787] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 113.399338][ T5787] ? do_syscall_64+0x100/0x230 [ 113.404127][ T5787] ? do_syscall_64+0xb6/0x230 [ 113.408823][ T5787] do_syscall_64+0xf3/0x230 [ 113.413346][ T5787] ? clear_bhb_loop+0x35/0x90 [ 113.418048][ T5787] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 113.423962][ T5787] RIP: 0033:0x7fdd0b7779f9 [ 113.428393][ T5787] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 113.448097][ T5787] RSP: 002b:00007fdd0c563048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 113.456525][ T5787] RAX: ffffffffffffffda RBX: 00007fdd0b905f80 RCX: 00007fdd0b7779f9 [ 113.464506][ T5787] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003 [ 113.472481][ T5787] RBP: 00007fdd0c5630a0 R08: 0000000000000000 R09: 0000000000000000 [ 113.480461][ T5787] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 113.488438][ T5787] R13: 000000000000000b R14: 00007fdd0b905f80 R15: 00007ffc8e6c6368 [ 113.496439][ T5787] [ 114.730353][ T5798] netlink: 52 bytes leftover after parsing attributes in process `syz.3.124'. [ 114.743886][ T5798] netlink: 12 bytes leftover after parsing attributes in process `syz.3.124'. [ 114.786208][ T5798] netlink: 20 bytes leftover after parsing attributes in process `syz.3.124'. [ 115.414802][ T5808] netlink: 64 bytes leftover after parsing attributes in process `syz.4.127'. [ 116.054711][ T5819] netlink: 'syz.1.129': attribute type 4 has an invalid length. [ 116.062645][ T5819] netlink: 128124 bytes leftover after parsing attributes in process `syz.1.129'. [ 117.189307][ T5826] binder: 5805:5826 ioctl c00c620f 0 returned -14 [ 117.892640][ T29] audit: type=1326 audit(1722663450.790:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5828 comm="syz.0.132" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdd0b7779f9 code=0x0 [ 118.629101][ T5839] xt_CONNSECMARK: invalid mode: 0 [ 119.319561][ T5847] netlink: 12 bytes leftover after parsing attributes in process `syz.1.136'. [ 119.551907][ T5850] netlink: 201412 bytes leftover after parsing attributes in process `syz.2.138'. [ 119.570102][ T5850] net_ratelimit: 69 callbacks suppressed [ 119.570121][ T5850] netlink: zone id is out of range [ 119.608561][ T5850] netlink: zone id is out of range [ 119.635725][ T5850] netlink: zone id is out of range [ 119.643613][ T5850] netlink: zone id is out of range [ 119.649353][ T5850] netlink: zone id is out of range [ 119.655426][ T5850] netlink: zone id is out of range [ 119.660932][ T5850] netlink: zone id is out of range [ 119.666293][ T5850] netlink: zone id is out of range [ 119.674586][ T5850] netlink: zone id is out of range [ 119.679891][ T5850] netlink: zone id is out of range [ 120.379181][ T5865] netlink: 12 bytes leftover after parsing attributes in process `syz.2.142'. [ 120.389395][ T5868] FAULT_INJECTION: forcing a failure. [ 120.389395][ T5868] name failslab, interval 1, probability 0, space 0, times 0 [ 120.488814][ T5868] CPU: 1 UID: 0 PID: 5868 Comm: syz.1.143 Not tainted 6.11.0-rc1-syzkaller-00233-g948752d2e010 #0 [ 120.499461][ T5868] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 120.509539][ T5868] Call Trace: [ 120.512847][ T5868] [ 120.515800][ T5868] dump_stack_lvl+0x241/0x360 [ 120.520523][ T5868] ? __pfx_dump_stack_lvl+0x10/0x10 [ 120.525755][ T5868] ? __pfx__printk+0x10/0x10 [ 120.530380][ T5868] ? kmem_cache_alloc_node_noprof+0x49/0x320 [ 120.536362][ T5868] ? __pfx___might_resched+0x10/0x10 [ 120.541641][ T5868] should_fail_ex+0x3b0/0x4e0 [ 120.546308][ T5868] should_failslab+0xac/0x100 [ 120.550985][ T5868] ? __alloc_skb+0x1c3/0x440 [ 120.555558][ T5868] kmem_cache_alloc_node_noprof+0x71/0x320 [ 120.561362][ T5868] __alloc_skb+0x1c3/0x440 [ 120.565768][ T5868] ? __pfx___alloc_skb+0x10/0x10 [ 120.570688][ T5868] ? netlink_autobind+0xd6/0x2f0 [ 120.575608][ T5868] ? netlink_autobind+0x2b0/0x2f0 [ 120.580630][ T5868] netlink_sendmsg+0x638/0xcb0 [ 120.585401][ T5868] ? __pfx_netlink_sendmsg+0x10/0x10 [ 120.590684][ T5868] ? __import_iovec+0x536/0x820 [ 120.595534][ T5868] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 120.600812][ T5868] ? security_socket_sendmsg+0x87/0xb0 [ 120.606261][ T5868] ? __pfx_netlink_sendmsg+0x10/0x10 [ 120.611536][ T5868] __sock_sendmsg+0x221/0x270 [ 120.616205][ T5868] ____sys_sendmsg+0x525/0x7d0 [ 120.620966][ T5868] ? __pfx_____sys_sendmsg+0x10/0x10 [ 120.626246][ T5868] __sys_sendmsg+0x2b0/0x3a0 [ 120.630827][ T5868] ? __pfx___sys_sendmsg+0x10/0x10 [ 120.635921][ T5868] ? vfs_write+0x7c4/0xc90 [ 120.640343][ T5868] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 120.646656][ T5868] ? do_syscall_64+0x100/0x230 [ 120.651408][ T5868] ? do_syscall_64+0xb6/0x230 [ 120.656074][ T5868] do_syscall_64+0xf3/0x230 [ 120.660563][ T5868] ? clear_bhb_loop+0x35/0x90 [ 120.665223][ T5868] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 120.671125][ T5868] RIP: 0033:0x7fd4315779f9 [ 120.675527][ T5868] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 120.695130][ T5868] RSP: 002b:00007fd43235a048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 120.703527][ T5868] RAX: ffffffffffffffda RBX: 00007fd431705f80 RCX: 00007fd4315779f9 [ 120.711483][ T5868] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 000000000000000a [ 120.719441][ T5868] RBP: 00007fd43235a0a0 R08: 0000000000000000 R09: 0000000000000000 [ 120.727394][ T5868] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 120.735346][ T5868] R13: 000000000000000b R14: 00007fd431705f80 R15: 00007ffd63fea2f8 [ 120.743311][ T5868] [ 121.930344][ T5890] FAULT_INJECTION: forcing a failure. [ 121.930344][ T5890] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 122.109750][ T5890] CPU: 0 UID: 0 PID: 5890 Comm: syz.2.148 Not tainted 6.11.0-rc1-syzkaller-00233-g948752d2e010 #0 [ 122.120392][ T5890] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 122.130495][ T5890] Call Trace: [ 122.133772][ T5890] [ 122.136727][ T5890] dump_stack_lvl+0x241/0x360 [ 122.141408][ T5890] ? __pfx_dump_stack_lvl+0x10/0x10 [ 122.146599][ T5890] ? __pfx__printk+0x10/0x10 [ 122.151190][ T5890] ? snprintf+0xda/0x120 [ 122.155423][ T5890] should_fail_ex+0x3b0/0x4e0 [ 122.160091][ T5890] _copy_to_user+0x2f/0xb0 [ 122.164498][ T5890] simple_read_from_buffer+0xca/0x150 [ 122.169874][ T5890] proc_fail_nth_read+0x1e9/0x250 [ 122.174899][ T5890] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 122.180442][ T5890] ? rw_verify_area+0x520/0x6b0 [ 122.185286][ T5890] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 122.190825][ T5890] vfs_read+0x204/0xbc0 [ 122.194971][ T5890] ? __pfx_lock_release+0x10/0x10 [ 122.199998][ T5890] ? __pfx_vfs_read+0x10/0x10 [ 122.204662][ T5890] ? __fget_files+0x29/0x470 [ 122.209245][ T5890] ? __fget_files+0x3f6/0x470 [ 122.213917][ T5890] ksys_read+0x1a0/0x2c0 [ 122.218165][ T5890] ? __pfx_ksys_read+0x10/0x10 [ 122.222927][ T5890] ? do_syscall_64+0x100/0x230 [ 122.227689][ T5890] ? do_syscall_64+0xb6/0x230 [ 122.232370][ T5890] do_syscall_64+0xf3/0x230 [ 122.236872][ T5890] ? clear_bhb_loop+0x35/0x90 [ 122.241540][ T5890] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 122.247428][ T5890] RIP: 0033:0x7f230a37643c [ 122.251835][ T5890] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8d 02 00 48 [ 122.271430][ T5890] RSP: 002b:00007f230b1d2040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 122.279835][ T5890] RAX: ffffffffffffffda RBX: 00007f230a505f80 RCX: 00007f230a37643c [ 122.287794][ T5890] RDX: 000000000000000f RSI: 00007f230b1d20b0 RDI: 0000000000000003 [ 122.295753][ T5890] RBP: 00007f230b1d20a0 R08: 0000000000000000 R09: 0000000000000000 [ 122.303710][ T5890] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 122.311692][ T5890] R13: 000000000000000b R14: 00007f230a505f80 R15: 00007ffff06093f8 [ 122.319771][ T5890] [ 122.322935][ C0] vkms_vblank_simulate: vblank timer overrun [ 122.830401][ T5897] FAULT_INJECTION: forcing a failure. [ 122.830401][ T5897] name failslab, interval 1, probability 0, space 0, times 0 [ 122.865249][ T5897] CPU: 0 UID: 0 PID: 5897 Comm: syz.2.151 Not tainted 6.11.0-rc1-syzkaller-00233-g948752d2e010 #0 [ 122.875894][ T5897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 122.885972][ T5897] Call Trace: [ 122.889274][ T5897] [ 122.892225][ T5897] dump_stack_lvl+0x241/0x360 [ 122.897022][ T5897] ? __pfx_dump_stack_lvl+0x10/0x10 [ 122.902248][ T5897] ? __pfx__printk+0x10/0x10 [ 122.906866][ T5897] ? kmem_cache_alloc_node_noprof+0x49/0x320 [ 122.912878][ T5897] ? __pfx___might_resched+0x10/0x10 [ 122.918191][ T5897] should_fail_ex+0x3b0/0x4e0 [ 122.922888][ T5897] should_failslab+0xac/0x100 [ 122.927585][ T5897] ? __alloc_skb+0x1c3/0x440 [ 122.932183][ T5897] kmem_cache_alloc_node_noprof+0x71/0x320 [ 122.937990][ T5897] __alloc_skb+0x1c3/0x440 [ 122.942403][ T5897] ? __pfx___alloc_skb+0x10/0x10 [ 122.947331][ T5897] ? netlink_autobind+0xd6/0x2f0 [ 122.952346][ T5897] ? netlink_autobind+0x2b0/0x2f0 [ 122.957449][ T5897] netlink_sendmsg+0x638/0xcb0 [ 122.962217][ T5897] ? __pfx_netlink_sendmsg+0x10/0x10 [ 122.967495][ T5897] ? __import_iovec+0x536/0x820 [ 122.972342][ T5897] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 122.977639][ T5897] ? security_socket_sendmsg+0x87/0xb0 [ 122.983103][ T5897] ? __pfx_netlink_sendmsg+0x10/0x10 [ 122.988391][ T5897] __sock_sendmsg+0x221/0x270 [ 122.993078][ T5897] ____sys_sendmsg+0x525/0x7d0 [ 122.997848][ T5897] ? __pfx_____sys_sendmsg+0x10/0x10 [ 123.003220][ T5897] __sys_sendmmsg+0x3b2/0x740 [ 123.007895][ T5897] ? __pfx___sys_sendmmsg+0x10/0x10 [ 123.013116][ T5897] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 123.019008][ T5897] ? ksys_write+0x23e/0x2c0 [ 123.023502][ T5897] ? __pfx_lock_release+0x10/0x10 [ 123.028527][ T5897] ? vfs_write+0x7c4/0xc90 [ 123.033029][ T5897] ? __mutex_unlock_slowpath+0x21d/0x750 [ 123.038661][ T5897] ? __pfx_vfs_write+0x10/0x10 [ 123.043430][ T5897] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 123.049409][ T5897] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 123.055731][ T5897] ? do_syscall_64+0x100/0x230 [ 123.060494][ T5897] __x64_sys_sendmmsg+0xa0/0xb0 [ 123.065350][ T5897] do_syscall_64+0xf3/0x230 [ 123.069854][ T5897] ? clear_bhb_loop+0x35/0x90 [ 123.074526][ T5897] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 123.080418][ T5897] RIP: 0033:0x7f230a3779f9 [ 123.084827][ T5897] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 123.104430][ T5897] RSP: 002b:00007f230b1d2048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 123.112837][ T5897] RAX: ffffffffffffffda RBX: 00007f230a505f80 RCX: 00007f230a3779f9 [ 123.120802][ T5897] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000004 [ 123.128764][ T5897] RBP: 00007f230b1d20a0 R08: 0000000000000000 R09: 0000000000000000 [ 123.136723][ T5897] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 123.144681][ T5897] R13: 000000000000000b R14: 00007f230a505f80 R15: 00007ffff06093f8 [ 123.152658][ T5897] [ 123.155759][ C0] vkms_vblank_simulate: vblank timer overrun [ 123.663180][ T5910] binder: 5903:5910 ioctl 4018620d 0 returned -22 [ 124.290437][ T5915] overlayfs: failed to resolve './file0': -2 [ 125.067758][ T5924] netlink: 'syz.2.159': attribute type 21 has an invalid length. [ 125.086107][ T5924] netlink: 132 bytes leftover after parsing attributes in process `syz.2.159'. [ 125.647101][ T5924] vlan2: entered promiscuous mode [ 125.653089][ T5924] vlan2: entered allmulticast mode [ 125.658901][ T5924] hsr_slave_1: entered allmulticast mode [ 126.024664][ T5938] FAULT_INJECTION: forcing a failure. [ 126.024664][ T5938] name failslab, interval 1, probability 0, space 0, times 0 [ 126.037449][ T5938] CPU: 1 UID: 0 PID: 5938 Comm: syz.2.160 Not tainted 6.11.0-rc1-syzkaller-00233-g948752d2e010 #0 [ 126.048050][ T5938] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 126.058116][ T5938] Call Trace: [ 126.061402][ T5938] [ 126.064345][ T5938] dump_stack_lvl+0x241/0x360 [ 126.069046][ T5938] ? __pfx_dump_stack_lvl+0x10/0x10 [ 126.074264][ T5938] ? __pfx__printk+0x10/0x10 [ 126.078881][ T5938] ? __kmalloc_cache_node_noprof+0x4c/0x300 [ 126.084789][ T5938] ? __pfx___might_resched+0x10/0x10 [ 126.090091][ T5938] should_fail_ex+0x3b0/0x4e0 [ 126.094782][ T5938] should_failslab+0xac/0x100 [ 126.099474][ T5938] __kmalloc_cache_node_noprof+0x74/0x300 [ 126.105228][ T5938] ? __get_vm_area_node+0x113/0x270 [ 126.110444][ T5938] __get_vm_area_node+0x113/0x270 [ 126.115482][ T5938] __vmalloc_node_range_noprof+0x3bc/0x1460 [ 126.121390][ T5938] ? bpf_prog_alloc_no_stats+0x4d/0x4b0 [ 126.126952][ T5938] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 126.132966][ T5938] ? irqentry_exit+0x63/0x90 [ 126.137584][ T5938] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 126.143938][ T5938] ? bpf_prog_alloc_no_stats+0x4d/0x4b0 [ 126.149493][ T5938] __vmalloc_noprof+0x79/0x90 [ 126.154184][ T5938] ? bpf_prog_alloc_no_stats+0x4d/0x4b0 [ 126.159744][ T5938] bpf_prog_alloc_no_stats+0x4d/0x4b0 [ 126.165127][ T5938] ? bpf_prog_alloc+0x28/0x1b0 [ 126.169903][ T5938] bpf_prog_alloc+0x3a/0x1b0 [ 126.174592][ T5938] bpf_prog_load+0x7f7/0x20f0 [ 126.179302][ T5938] ? __pfx_bpf_prog_load+0x10/0x10 [ 126.184422][ T5938] ? irqentry_exit+0x63/0x90 [ 126.189040][ T5938] ? security_bpf+0x5b/0xb0 [ 126.193561][ T5938] ? bpf_lsm_bpf+0x9/0x10 [ 126.197894][ T5938] ? security_bpf+0x87/0xb0 [ 126.202408][ T5938] __sys_bpf+0x4ee/0x810 [ 126.206665][ T5938] ? __pfx___sys_bpf+0x10/0x10 [ 126.211454][ T5938] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 126.217448][ T5938] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 126.223795][ T5938] ? do_syscall_64+0x100/0x230 [ 126.228581][ T5938] __x64_sys_bpf+0x7c/0x90 [ 126.233017][ T5938] do_syscall_64+0xf3/0x230 [ 126.237534][ T5938] ? clear_bhb_loop+0x35/0x90 [ 126.242220][ T5938] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 126.248127][ T5938] RIP: 0033:0x7f230a3779f9 [ 126.252555][ T5938] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 126.272182][ T5938] RSP: 002b:00007f230b190048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 126.280618][ T5938] RAX: ffffffffffffffda RBX: 00007f230a506130 RCX: 00007f230a3779f9 [ 126.288601][ T5938] RDX: 0000000000000090 RSI: 0000000020000840 RDI: 0000000000000005 [ 126.296667][ T5938] RBP: 00007f230b1900a0 R08: 0000000000000000 R09: 0000000000000000 [ 126.304647][ T5938] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 126.312628][ T5938] R13: 000000000000006e R14: 00007f230a506130 R15: 00007ffff06093f8 [ 126.320607][ T5938] [ 126.324658][ T5938] syz.2.160: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=syz2,mems_allowed=0-1 [ 126.344299][ T5938] CPU: 1 UID: 0 PID: 5938 Comm: syz.2.160 Not tainted 6.11.0-rc1-syzkaller-00233-g948752d2e010 #0 [ 126.354922][ T5938] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 126.364998][ T5938] Call Trace: [ 126.368296][ T5938] [ 126.371239][ T5938] dump_stack_lvl+0x241/0x360 [ 126.375946][ T5938] ? __pfx_dump_stack_lvl+0x10/0x10 [ 126.381172][ T5938] ? __pfx__printk+0x10/0x10 [ 126.385792][ T5938] ? cpuset_print_current_mems_allowed+0x1f/0x350 [ 126.392220][ T5938] ? cpuset_print_current_mems_allowed+0x31e/0x350 [ 126.398723][ T5938] warn_alloc+0x278/0x410 [ 126.403049][ T5938] ? __pfx_warn_alloc+0x10/0x10 [ 126.407891][ T5938] ? __get_vm_area_node+0x113/0x270 [ 126.413092][ T5938] ? __get_vm_area_node+0x261/0x270 [ 126.418291][ T5938] __vmalloc_node_range_noprof+0x3e0/0x1460 [ 126.424195][ T5938] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 126.430267][ T5938] ? irqentry_exit+0x63/0x90 [ 126.434860][ T5938] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 126.441200][ T5938] ? bpf_prog_alloc_no_stats+0x4d/0x4b0 [ 126.446742][ T5938] __vmalloc_noprof+0x79/0x90 [ 126.451416][ T5938] ? bpf_prog_alloc_no_stats+0x4d/0x4b0 [ 126.456958][ T5938] bpf_prog_alloc_no_stats+0x4d/0x4b0 [ 126.462321][ T5938] ? bpf_prog_alloc+0x28/0x1b0 [ 126.467079][ T5938] bpf_prog_alloc+0x3a/0x1b0 [ 126.471666][ T5938] bpf_prog_load+0x7f7/0x20f0 [ 126.476350][ T5938] ? __pfx_bpf_prog_load+0x10/0x10 [ 126.481456][ T5938] ? irqentry_exit+0x63/0x90 [ 126.486052][ T5938] ? security_bpf+0x5b/0xb0 [ 126.490549][ T5938] ? bpf_lsm_bpf+0x9/0x10 [ 126.494869][ T5938] ? security_bpf+0x87/0xb0 [ 126.499366][ T5938] __sys_bpf+0x4ee/0x810 [ 126.503606][ T5938] ? __pfx___sys_bpf+0x10/0x10 [ 126.508375][ T5938] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 126.514353][ T5938] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 126.520679][ T5938] ? do_syscall_64+0x100/0x230 [ 126.525442][ T5938] __x64_sys_bpf+0x7c/0x90 [ 126.529858][ T5938] do_syscall_64+0xf3/0x230 [ 126.534359][ T5938] ? clear_bhb_loop+0x35/0x90 [ 126.539031][ T5938] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 126.544928][ T5938] RIP: 0033:0x7f230a3779f9 [ 126.549338][ T5938] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 126.569022][ T5938] RSP: 002b:00007f230b190048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 126.577428][ T5938] RAX: ffffffffffffffda RBX: 00007f230a506130 RCX: 00007f230a3779f9 [ 126.585392][ T5938] RDX: 0000000000000090 RSI: 0000000020000840 RDI: 0000000000000005 [ 126.593357][ T5938] RBP: 00007f230b1900a0 R08: 0000000000000000 R09: 0000000000000000 [ 126.601321][ T5938] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 126.609371][ T5938] R13: 000000000000006e R14: 00007f230a506130 R15: 00007ffff06093f8 [ 126.617344][ T5938] [ 126.623835][ T5938] Mem-Info: [ 126.627486][ T5938] active_anon:274 inactive_anon:6493 isolated_anon:0 [ 126.627486][ T5938] active_file:4698 inactive_file:35687 isolated_file:0 [ 126.627486][ T5938] unevictable:768 dirty:12 writeback:0 [ 126.627486][ T5938] slab_reclaimable:8886 slab_unreclaimable:93725 [ 126.627486][ T5938] mapped:24419 shmem:4141 pagetables:665 [ 126.627486][ T5938] sec_pagetables:0 bounce:0 [ 126.627486][ T5938] kernel_misc_reclaimable:0 [ 126.627486][ T5938] free:1388780 free_pcp:2316 free_cma:0 [ 126.673070][ T5938] Node 0 active_anon:1096kB inactive_anon:26072kB active_file:18716kB inactive_file:142748kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:97676kB dirty:48kB writeback:0kB shmem:15028kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10088kB pagetables:2760kB sec_pagetables:0kB all_unreclaimable? no [ 126.706235][ T5938] Node 1 active_anon:0kB inactive_anon:0kB active_file:76kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 126.737119][ T5938] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 126.766920][ T5938] lowmem_reserve[]: 0 2563 2565 0 0 [ 126.772272][ T5938] Node 0 DMA32 free:1591520kB boost:0kB min:35036kB low:43792kB high:52548kB reserved_highatomic:0KB active_anon:1092kB inactive_anon:31832kB active_file:17204kB inactive_file:142688kB unevictable:1536kB writepending:48kB present:3129332kB managed:2653296kB mlocked:0kB bounce:0kB free_pcp:3772kB local_pcp:1220kB free_cma:0kB [ 126.802960][ T5938] lowmem_reserve[]: 0 0 1 0 0 [ 126.807707][ T5938] Node 0 Normal free:8kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB active_anon:4kB inactive_anon:40kB active_file:1512kB inactive_file:60kB unevictable:0kB writepending:0kB present:1048576kB managed:1640kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:8kB free_cma:0kB [ 126.836395][ T5938] lowmem_reserve[]: 0 0 0 0 0 [ 126.841216][ T5938] Node 1 Normal free:3947464kB boost:0kB min:54844kB low:68552kB high:82260kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:76kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194304kB managed:4109120kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:4kB free_cma:0kB [ 126.870625][ T5938] lowmem_reserve[]: 0 0 0 0 0 [ 126.877436][ T5938] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 126.890462][ T5938] Node 0 DMA32: 453*4kB (UE) 221*8kB (UME) 53*16kB (U) 45*32kB (UE) 61*64kB (UME) 24*128kB (UME) 4*256kB (UM) 6*512kB (UME) 6*1024kB (UME) 4*2048kB (UME) 379*4096kB (UM) = 1583660kB [ 126.908551][ T5938] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 126.920442][ T5938] Node 1 Normal: 10*4kB (UM) 10*8kB (UM) 9*16kB (UM) 12*32kB (UM) 11*64kB (UM) 7*128kB (UM) 5*256kB (U) 3*512kB (UM) 4*1024kB (U) 1*2048kB (U) 961*4096kB (M) = 3947464kB [ 126.938221][ T5938] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 126.948508][ T5938] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 126.958209][ T5938] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 126.968000][ T5938] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 126.978525][ T5938] 47376 total pagecache pages [ 126.983326][ T5938] 0 pages in swap cache [ 126.987638][ T5938] Free swap = 124436kB [ 126.988112][ T5944] overlayfs: failed to resolve './file1': -2 [ 126.991843][ T5938] Total swap = 124996kB [ 127.002143][ T5938] 2097051 pages RAM [ 127.005928][ T5938] 0 pages HighMem/MovableOnly [ 127.010611][ T5938] 402197 pages reserved [ 127.014742][ T5938] 0 pages cma reserved [ 127.815175][ T5956] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 127.829060][ T5956] xt_CONNSECMARK: invalid mode: 0 [ 127.909187][ T5941] trusted_key: encrypted_key: insufficient parameters specified [ 129.359606][ T5967] overlayfs: failed to resolve './file0': -2 [ 130.115069][ T5972] FAULT_INJECTION: forcing a failure. [ 130.115069][ T5972] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 130.141904][ T5975] FAULT_INJECTION: forcing a failure. [ 130.141904][ T5975] name failslab, interval 1, probability 0, space 0, times 0 [ 130.154862][ T5972] CPU: 1 UID: 0 PID: 5972 Comm: syz.4.169 Not tainted 6.11.0-rc1-syzkaller-00233-g948752d2e010 #0 [ 130.165487][ T5972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 130.175566][ T5972] Call Trace: [ 130.178860][ T5972] [ 130.181812][ T5972] dump_stack_lvl+0x241/0x360 [ 130.186517][ T5972] ? __pfx_dump_stack_lvl+0x10/0x10 [ 130.191734][ T5972] ? __pfx__printk+0x10/0x10 [ 130.196375][ T5972] ? snprintf+0xda/0x120 [ 130.200645][ T5972] should_fail_ex+0x3b0/0x4e0 [ 130.205356][ T5972] _copy_to_user+0x2f/0xb0 [ 130.209886][ T5972] simple_read_from_buffer+0xca/0x150 [ 130.215292][ T5972] proc_fail_nth_read+0x1e9/0x250 [ 130.220340][ T5972] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 130.225913][ T5972] ? rw_verify_area+0x520/0x6b0 [ 130.230790][ T5972] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 130.236364][ T5972] vfs_read+0x204/0xbc0 [ 130.240534][ T5972] ? __pfx_lock_release+0x10/0x10 [ 130.245585][ T5972] ? bpf_prog_attach_check_attach_type+0x331/0x4b0 [ 130.252113][ T5972] ? __pfx_vfs_read+0x10/0x10 [ 130.256799][ T5972] ? bpf_lsm_bpf+0x9/0x10 [ 130.261145][ T5972] ? __fget_files+0x29/0x470 [ 130.265736][ T5972] ? __fget_files+0x3f6/0x470 [ 130.270416][ T5972] ksys_read+0x1a0/0x2c0 [ 130.274659][ T5972] ? __pfx_ksys_read+0x10/0x10 [ 130.279414][ T5972] ? do_syscall_64+0x100/0x230 [ 130.284173][ T5972] ? do_syscall_64+0xb6/0x230 [ 130.288851][ T5972] do_syscall_64+0xf3/0x230 [ 130.293351][ T5972] ? clear_bhb_loop+0x35/0x90 [ 130.298027][ T5972] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 130.303919][ T5972] RIP: 0033:0x7f947197643c [ 130.308329][ T5972] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8d 02 00 48 [ 130.327939][ T5972] RSP: 002b:00007f947279b040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 130.336361][ T5972] RAX: ffffffffffffffda RBX: 00007f9471b05f80 RCX: 00007f947197643c [ 130.344328][ T5972] RDX: 000000000000000f RSI: 00007f947279b0b0 RDI: 0000000000000005 [ 130.352290][ T5972] RBP: 00007f947279b0a0 R08: 0000000000000000 R09: 0000000000000000 [ 130.360252][ T5972] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 130.368225][ T5972] R13: 000000000000000b R14: 00007f9471b05f80 R15: 00007fff4db44ae8 [ 130.376206][ T5972] [ 130.383532][ T5975] CPU: 1 UID: 0 PID: 5975 Comm: syz.1.171 Not tainted 6.11.0-rc1-syzkaller-00233-g948752d2e010 #0 [ 130.394158][ T5975] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 130.404238][ T5975] Call Trace: [ 130.407536][ T5975] [ 130.410488][ T5975] dump_stack_lvl+0x241/0x360 [ 130.415199][ T5975] ? __pfx_dump_stack_lvl+0x10/0x10 [ 130.420423][ T5975] ? __pfx__printk+0x10/0x10 [ 130.425038][ T5975] ? kmem_cache_alloc_node_noprof+0x49/0x320 [ 130.431047][ T5975] ? __pfx___might_resched+0x10/0x10 [ 130.436359][ T5975] should_fail_ex+0x3b0/0x4e0 [ 130.441059][ T5975] should_failslab+0xac/0x100 [ 130.445756][ T5975] ? __alloc_skb+0x1c3/0x440 [ 130.450361][ T5975] kmem_cache_alloc_node_noprof+0x71/0x320 [ 130.456202][ T5975] __alloc_skb+0x1c3/0x440 [ 130.460661][ T5975] ? __pfx___alloc_skb+0x10/0x10 [ 130.465626][ T5975] ? netlink_autobind+0xd6/0x2f0 [ 130.470579][ T5975] ? netlink_autobind+0x2b0/0x2f0 [ 130.475633][ T5975] netlink_sendmsg+0x638/0xcb0 [ 130.480441][ T5975] ? __pfx_netlink_sendmsg+0x10/0x10 [ 130.485758][ T5975] ? __import_iovec+0x536/0x820 [ 130.490646][ T5975] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 130.495954][ T5975] ? security_socket_sendmsg+0x87/0xb0 [ 130.501445][ T5975] ? __pfx_netlink_sendmsg+0x10/0x10 [ 130.506753][ T5975] __sock_sendmsg+0x221/0x270 [ 130.511459][ T5975] ____sys_sendmsg+0x525/0x7d0 [ 130.516256][ T5975] ? __pfx_____sys_sendmsg+0x10/0x10 [ 130.521573][ T5975] __sys_sendmsg+0x2b0/0x3a0 [ 130.526196][ T5975] ? __pfx___sys_sendmsg+0x10/0x10 [ 130.531326][ T5975] ? vfs_write+0x7c4/0xc90 [ 130.535803][ T5975] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 130.542155][ T5975] ? do_syscall_64+0x100/0x230 [ 130.546958][ T5975] ? do_syscall_64+0xb6/0x230 [ 130.551659][ T5975] do_syscall_64+0xf3/0x230 [ 130.554299][ T5977] trusted_key: encrypted_key: insufficient parameters specified [ 130.556170][ T5975] ? clear_bhb_loop+0x35/0x90 [ 130.556199][ T5975] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 130.574389][ T5975] RIP: 0033:0x7fd4315779f9 [ 130.578822][ T5975] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 130.598450][ T5975] RSP: 002b:00007fd43235a048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 130.606898][ T5975] RAX: ffffffffffffffda RBX: 00007fd431705f80 RCX: 00007fd4315779f9 [ 130.614893][ T5975] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000004 [ 130.622877][ T5975] RBP: 00007fd43235a0a0 R08: 0000000000000000 R09: 0000000000000000 [ 130.630851][ T5975] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 130.638825][ T5975] R13: 000000000000000b R14: 00007fd431705f80 R15: 00007ffd63fea2f8 [ 130.646803][ T5975] [ 133.192897][ T1270] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.205396][ T1270] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.369243][ T6003] netlink: 12 bytes leftover after parsing attributes in process `syz.4.174'. [ 133.443469][ T6010] netlink: 4 bytes leftover after parsing attributes in process `syz.3.179'. [ 133.514247][ T6010] netlink: 32 bytes leftover after parsing attributes in process `syz.3.179'. [ 133.749131][ T5307] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 133.939047][ T5307] usb 2-1: Using ep0 maxpacket: 8 [ 134.008660][ T5307] usb 2-1: config 168 descriptor has 1 excess byte, ignoring [ 134.035033][ T5307] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 134.738007][ T5307] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 134.754911][ T5307] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 134.768739][ T5307] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 134.776303][ T6022] netlink: 84 bytes leftover after parsing attributes in process `syz.3.183'. [ 134.799625][ T5307] usb 2-1: config 168 descriptor has 1 excess byte, ignoring [ 134.807060][ T5307] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 134.856998][ T5307] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 134.903391][ T5307] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 134.927499][ T5307] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 134.970749][ T5307] usb 2-1: config 168 descriptor has 1 excess byte, ignoring [ 134.979835][ T5307] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 135.004044][ T5307] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 135.028323][ T5307] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 135.049146][ T5307] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 135.089461][ T5307] usb 2-1: string descriptor 0 read error: -22 [ 135.095787][ T5307] usb 2-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 135.120290][ T5307] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 135.157670][ T5307] adutux 2-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 135.245243][ T5627] usb 1-1: new low-speed USB device number 4 using dummy_hcd [ 135.640669][ T6009] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 135.835966][ T6009] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 136.050279][ T5627] usb 1-1: config index 0 descriptor too short (expected 6427, got 27) [ 136.081067][ T5627] usb 1-1: config 0 has an invalid interface number: 21 but max is 0 [ 136.112814][ T5627] usb 1-1: config 0 has no interface number 0 [ 136.123767][ T1849] usb 2-1: USB disconnect, device number 7 [ 136.150399][ T5627] usb 1-1: config 0 interface 21 altsetting 0 endpoint 0x82 is Bulk; changing to Interrupt [ 136.192360][ T5627] usb 1-1: config 0 interface 21 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 136.206713][ T5627] usb 1-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 136.225803][ T5627] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 136.312999][ T5627] usb 1-1: config 0 descriptor?? [ 136.955667][ T5627] usb 1-1: USB disconnect, device number 4 [ 137.112974][ T6056] FAULT_INJECTION: forcing a failure. [ 137.112974][ T6056] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 137.307261][ T6056] CPU: 0 UID: 0 PID: 6056 Comm: syz.2.192 Not tainted 6.11.0-rc1-syzkaller-00233-g948752d2e010 #0 [ 137.317909][ T6056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 137.327977][ T6056] Call Trace: [ 137.331274][ T6056] [ 137.334213][ T6056] dump_stack_lvl+0x241/0x360 [ 137.338923][ T6056] ? __pfx_dump_stack_lvl+0x10/0x10 [ 137.344140][ T6056] ? __pfx__printk+0x10/0x10 [ 137.348751][ T6056] ? __pfx_lock_release+0x10/0x10 [ 137.353801][ T6056] should_fail_ex+0x3b0/0x4e0 [ 137.358500][ T6056] _copy_from_user+0x2f/0xe0 [ 137.363114][ T6056] ucma_set_option+0xc1/0xe60 [ 137.367831][ T6056] ? __pfx_ucma_set_option+0x10/0x10 [ 137.373162][ T6056] ? __pfx___might_resched+0x10/0x10 [ 137.378561][ T6056] ? __might_fault+0xaa/0x120 [ 137.383258][ T6056] ? __pfx_lock_release+0x10/0x10 [ 137.388313][ T6056] ? __might_fault+0xc6/0x120 [ 137.393011][ T6056] ? __pfx_ucma_set_option+0x10/0x10 [ 137.398314][ T6056] ucma_write+0x2df/0x430 [ 137.402675][ T6056] ? __pfx_ucma_write+0x10/0x10 [ 137.407540][ T6056] ? bpf_lsm_file_permission+0x9/0x10 [ 137.412942][ T6056] ? rw_verify_area+0x1d2/0x6b0 [ 137.417817][ T6056] ? __pfx_ucma_write+0x10/0x10 [ 137.422710][ T6056] vfs_write+0x2a2/0xc90 [ 137.426978][ T6056] ? __pfx_vfs_write+0x10/0x10 [ 137.431762][ T6056] ? __fget_files+0x29/0x470 [ 137.436376][ T6056] ? __fget_files+0x3f6/0x470 [ 137.441070][ T6056] ? __fget_files+0x29/0x470 [ 137.445698][ T6056] ksys_write+0x1a0/0x2c0 [ 137.450055][ T6056] ? __pfx_ksys_write+0x10/0x10 [ 137.454924][ T6056] ? do_syscall_64+0x100/0x230 [ 137.459711][ T6056] ? do_syscall_64+0xb6/0x230 [ 137.464409][ T6056] do_syscall_64+0xf3/0x230 [ 137.468933][ T6056] ? clear_bhb_loop+0x35/0x90 [ 137.473628][ T6056] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 137.479552][ T6056] RIP: 0033:0x7f230a3779f9 [ 137.483983][ T6056] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 137.503700][ T6056] RSP: 002b:00007f230b1d2048 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 137.512140][ T6056] RAX: ffffffffffffffda RBX: 00007f230a505f80 RCX: 00007f230a3779f9 [ 137.520153][ T6056] RDX: 0000000000000020 RSI: 0000000020000380 RDI: 0000000000000003 [ 137.528140][ T6056] RBP: 00007f230b1d20a0 R08: 0000000000000000 R09: 0000000000000000 [ 137.536114][ T6056] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 137.544079][ T6056] R13: 000000000000000b R14: 00007f230a505f80 R15: 00007ffff06093f8 [ 137.552058][ T6056] [ 137.555215][ C0] vkms_vblank_simulate: vblank timer overrun [ 138.166578][ T6067] netlink: 12 bytes leftover after parsing attributes in process `syz.0.194'. [ 138.230455][ T6071] netlink: 164880 bytes leftover after parsing attributes in process `syz.2.195'. [ 138.270652][ T6071] net_ratelimit: 70 callbacks suppressed [ 138.270675][ T6071] openvswitch: netlink: IP tunnel attribute has 3056 unknown bytes. [ 139.022815][ T6090] FAULT_INJECTION: forcing a failure. [ 139.022815][ T6090] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 139.048004][ T6090] CPU: 1 UID: 0 PID: 6090 Comm: syz.0.198 Not tainted 6.11.0-rc1-syzkaller-00233-g948752d2e010 #0 [ 139.058644][ T6090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 139.068709][ T6090] Call Trace: [ 139.071995][ T6090] [ 139.074932][ T6090] dump_stack_lvl+0x241/0x360 [ 139.079639][ T6090] ? __pfx_dump_stack_lvl+0x10/0x10 [ 139.084858][ T6090] ? __pfx__printk+0x10/0x10 [ 139.089475][ T6090] ? snprintf+0xda/0x120 [ 139.093742][ T6090] should_fail_ex+0x3b0/0x4e0 [ 139.098441][ T6090] _copy_to_user+0x2f/0xb0 [ 139.102895][ T6090] simple_read_from_buffer+0xca/0x150 [ 139.108311][ T6090] proc_fail_nth_read+0x1e9/0x250 [ 139.113372][ T6090] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 139.118958][ T6090] ? rw_verify_area+0x520/0x6b0 [ 139.123838][ T6090] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 139.129419][ T6090] vfs_read+0x204/0xbc0 [ 139.133603][ T6090] ? __pfx_lock_release+0x10/0x10 [ 139.138659][ T6090] ? __pfx_vfs_read+0x10/0x10 [ 139.143355][ T6090] ? __fget_files+0x29/0x470 [ 139.147993][ T6090] ? __fget_files+0x3f6/0x470 [ 139.152692][ T6090] ksys_read+0x1a0/0x2c0 [ 139.156953][ T6090] ? __pfx_ksys_read+0x10/0x10 [ 139.161730][ T6090] ? do_syscall_64+0x100/0x230 [ 139.166516][ T6090] ? do_syscall_64+0xb6/0x230 [ 139.171214][ T6090] do_syscall_64+0xf3/0x230 [ 139.175735][ T6090] ? clear_bhb_loop+0x35/0x90 [ 139.180425][ T6090] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 139.186335][ T6090] RIP: 0033:0x7fdd0b77643c [ 139.190756][ T6090] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8d 02 00 48 [ 139.210374][ T6090] RSP: 002b:00007fdd0c563040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 139.218811][ T6090] RAX: ffffffffffffffda RBX: 00007fdd0b905f80 RCX: 00007fdd0b77643c [ 139.226797][ T6090] RDX: 000000000000000f RSI: 00007fdd0c5630b0 RDI: 0000000000000004 [ 139.234790][ T6090] RBP: 00007fdd0c5630a0 R08: 0000000000000000 R09: 0000000000000000 [ 139.242772][ T6090] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 139.250753][ T6090] R13: 000000000000000b R14: 00007fdd0b905f80 R15: 00007ffc8e6c6368 [ 139.258755][ T6090] [ 142.128444][ T6127] overlayfs: failed to resolve './file1': -2 [ 143.652959][ T6146] FAULT_INJECTION: forcing a failure. [ 143.652959][ T6146] name failslab, interval 1, probability 0, space 0, times 0 [ 143.696031][ T6146] CPU: 0 UID: 0 PID: 6146 Comm: syz.0.211 Not tainted 6.11.0-rc1-syzkaller-00233-g948752d2e010 #0 [ 143.699036][ T6143] netlink: 12 bytes leftover after parsing attributes in process `syz.3.210'. [ 143.706644][ T6146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 143.706662][ T6146] Call Trace: [ 143.706672][ T6146] [ 143.706680][ T6146] dump_stack_lvl+0x241/0x360 [ 143.706714][ T6146] ? __pfx_dump_stack_lvl+0x10/0x10 [ 143.706737][ T6146] ? __pfx__printk+0x10/0x10 [ 143.746828][ T6146] ? __kmalloc_node_noprof+0xb7/0x440 [ 143.752228][ T6146] ? __pfx___might_resched+0x10/0x10 [ 143.757521][ T6146] should_fail_ex+0x3b0/0x4e0 [ 143.762208][ T6146] should_failslab+0xac/0x100 [ 143.766879][ T6146] __kmalloc_node_noprof+0xdf/0x440 [ 143.772090][ T6146] ? __kvmalloc_node_noprof+0x72/0x190 [ 143.777567][ T6146] __kvmalloc_node_noprof+0x72/0x190 [ 143.782866][ T6146] __se_sys_add_key+0x270/0x490 [ 143.787722][ T6146] ? __pfx___se_sys_add_key+0x10/0x10 [ 143.793093][ T6146] ? do_syscall_64+0x100/0x230 [ 143.797861][ T6146] ? __x64_sys_add_key+0x20/0xc0 [ 143.802802][ T6146] do_syscall_64+0xf3/0x230 [ 143.807304][ T6146] ? clear_bhb_loop+0x35/0x90 [ 143.811973][ T6146] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 143.817864][ T6146] RIP: 0033:0x7fdd0b7779f9 [ 143.822273][ T6146] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 143.841884][ T6146] RSP: 002b:00007fdd0c563048 EFLAGS: 00000246 ORIG_RAX: 00000000000000f8 [ 143.850300][ T6146] RAX: ffffffffffffffda RBX: 00007fdd0b905f80 RCX: 00007fdd0b7779f9 [ 143.858266][ T6146] RDX: 00000000200011c0 RSI: 0000000000000000 RDI: 0000000020001180 [ 143.866232][ T6146] RBP: 00007fdd0c5630a0 R08: 000000000e486382 R09: 0000000000000000 [ 143.874196][ T6146] R10: 00000000000005c1 R11: 0000000000000246 R12: 0000000000000001 [ 143.882156][ T6146] R13: 000000000000000b R14: 00007fdd0b905f80 R15: 00007ffc8e6c6368 [ 143.890131][ T6146] [ 143.893301][ C0] vkms_vblank_simulate: vblank timer overrun [ 144.103710][ T6147] netlink: 164880 bytes leftover after parsing attributes in process `syz.4.209'. [ 144.113411][ T6147] openvswitch: netlink: IP tunnel attribute has 3056 unknown bytes. [ 144.276767][ T6119] jump_label: Fatal kernel bug, unexpected op at preempt_notifier_register+0x10/0xe0 [ffffffff8163e740] (eb 12 90 48 c7 != 66 90 0f 1f 00)) size:2 type:1 [ 144.296371][ T6119] ------------[ cut here ]------------ [ 144.301997][ T6119] kernel BUG at arch/x86/kernel/jump_label.c:73! [ 144.309130][ T6119] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI [ 144.316076][ T6119] CPU: 0 UID: 0 PID: 6119 Comm: syz.2.207 Not tainted 6.11.0-rc1-syzkaller-00233-g948752d2e010 #0 [ 144.326646][ T6119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 144.336689][ T6119] RIP: 0010:__jump_label_patch+0x463/0x490 [ 144.342489][ T6119] Code: e8 12 82 5f 00 48 c7 c7 20 4f e5 8b 48 8b 0c 24 48 89 ce 48 89 ca 4d 89 e8 4c 8b 4c 24 08 41 54 e8 32 21 76 0a 48 83 c4 08 90 <0f> 0b e8 56 20 79 0a e8 e1 81 5f 00 90 0f 0b e8 d9 81 5f 00 90 0f [ 144.362083][ T6119] RSP: 0018:ffffc900095afa40 EFLAGS: 00010292 [ 144.368145][ T6119] RAX: 0000000000000097 RBX: 0000000000000085 RCX: 9ce089082ef8b500 [ 144.376116][ T6119] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000 [ 144.384076][ T6119] RBP: ffffc900095afb68 R08: ffffffff8173df2c R09: 1ffff920012b5ee8 [ 144.392042][ T6119] R10: dffffc0000000000 R11: fffff520012b5ee9 R12: 0000000000000001 [ 144.400006][ T6119] R13: ffffffff8be56d41 R14: ffffffff92ecb8c0 R15: ffffffff8be56d41 [ 144.408060][ T6119] FS: 0000555584585500(0000) GS:ffff8880b9200000(0000) knlGS:0000000000000000 [ 144.416973][ T6119] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.423631][ T6119] CR2: 000000002004c000 CR3: 000000006794e000 CR4: 00000000003526f0 [ 144.431589][ T6119] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 144.439545][ T6119] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 144.447509][ T6119] Call Trace: [ 144.450789][ T6119] [ 144.453716][ T6119] ? __die_body+0x88/0xe0 [ 144.458032][ T6119] ? die+0xcf/0x110 [ 144.461823][ T6119] ? do_trap+0x15a/0x3a0 [ 144.466053][ T6119] ? __jump_label_patch+0x463/0x490 [ 144.471238][ T6119] ? do_error_trap+0x1dc/0x2c0 [ 144.476021][ T6119] ? __jump_label_patch+0x463/0x490 [ 144.481201][ T6119] ? irqentry_exit+0x63/0x90 [ 144.485783][ T6119] ? __pfx_do_error_trap+0x10/0x10 [ 144.490877][ T6119] ? report_bug+0x3e8/0x500 [ 144.495369][ T6119] ? handle_invalid_op+0x34/0x40 [ 144.500299][ T6119] ? __jump_label_patch+0x463/0x490 [ 144.505500][ T6119] ? exc_invalid_op+0x38/0x50 [ 144.510172][ T6119] ? asm_exc_invalid_op+0x1a/0x20 [ 144.515192][ T6119] ? __wake_up_klogd+0xcc/0x110 [ 144.520040][ T6119] ? __jump_label_patch+0x463/0x490 [ 144.525230][ T6119] ? preempt_notifier_register+0x10/0xe0 [ 144.530905][ T6119] ? __pfx___jump_label_patch+0x10/0x10 [ 144.536452][ T6119] ? preempt_notifier_register+0x10/0xe0 [ 144.542152][ T6119] ? preempt_notifier_register+0x1f/0xe0 [ 144.547763][ T6119] ? preempt_notifier_register+0x12/0xe0 [ 144.553383][ T6119] ? __static_key_slow_dec_cpuslocked+0x21c/0x410 [ 144.559878][ T6119] ? __pfx___mutex_lock+0x10/0x10 [ 144.564902][ T6119] arch_jump_label_transform_queue+0x68/0x100 [ 144.570968][ T6119] __jump_label_update+0x177/0x3a0 [ 144.576075][ T6119] __static_key_slow_dec_cpuslocked+0x250/0x410 [ 144.582308][ T6119] ? __pfx___static_key_slow_dec_cpuslocked+0x10/0x10 [ 144.589058][ T6119] static_key_slow_dec+0x51/0xa0 [ 144.593981][ T6119] kvm_put_kvm+0xf3b/0x1300 [ 144.598473][ T6119] kvm_vm_release+0x46/0x50 [ 144.602952][ T6119] ? __pfx_kvm_vm_release+0x10/0x10 [ 144.608130][ T6119] __fput+0x24a/0x8a0 [ 144.612101][ T6119] task_work_run+0x24f/0x310 [ 144.616672][ T6119] ? __pfx_task_work_run+0x10/0x10 [ 144.621766][ T6119] ? syscall_exit_to_user_mode+0xa3/0x370 [ 144.627559][ T6119] syscall_exit_to_user_mode+0x168/0x370 [ 144.633179][ T6119] do_syscall_64+0x100/0x230 [ 144.637753][ T6119] ? clear_bhb_loop+0x35/0x90 [ 144.642408][ T6119] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 144.648371][ T6119] RIP: 0033:0x7f230a3779f9 [ 144.652769][ T6119] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 144.672446][ T6119] RSP: 002b:00007ffff0609558 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 144.680841][ T6119] RAX: 0000000000000000 RBX: 00007f230a507a80 RCX: 00007f230a3779f9 [ 144.688796][ T6119] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 144.696751][ T6119] RBP: 00007f230a507a80 R08: 0000000000000006 R09: 00007ffff060983f [ 144.704714][ T6119] R10: 00000000003ffb68 R11: 0000000000000246 R12: 00000000000230ad [ 144.712669][ T6119] R13: 00007ffff0609650 R14: 00007ffff0609670 R15: ffffffffffffffff [ 144.720631][ T6119] [ 144.723633][ T6119] Modules linked in: [ 144.727587][ C0] vkms_vblank_simulate: vblank timer overrun [ 144.760125][ T6119] ---[ end trace 0000000000000000 ]--- [ 144.768167][ T6119] RIP: 0010:__jump_label_patch+0x463/0x490 [ 144.774125][ T6119] Code: e8 12 82 5f 00 48 c7 c7 20 4f e5 8b 48 8b 0c 24 48 89 ce 48 89 ca 4d 89 e8 4c 8b 4c 24 08 41 54 e8 32 21 76 0a 48 83 c4 08 90 <0f> 0b e8 56 20 79 0a e8 e1 81 5f 00 90 0f 0b e8 d9 81 5f 00 90 0f [ 144.803055][ T6119] RSP: 0018:ffffc900095afa40 EFLAGS: 00010292 [ 144.809958][ T6119] RAX: 0000000000000097 RBX: 0000000000000085 RCX: 9ce089082ef8b500 [ 144.818535][ T6119] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000 [ 144.850227][ T6119] RBP: ffffc900095afb68 R08: ffffffff8173df2c R09: 1ffff920012b5ee8 [ 144.861965][ T6119] R10: dffffc0000000000 R11: fffff520012b5ee9 R12: 0000000000000001 [ 144.871302][ T6119] R13: ffffffff8be56d41 R14: ffffffff92ecb8c0 R15: ffffffff8be56d41 [ 144.880444][ T6119] FS: 0000555584585500(0000) GS:ffff8880b9200000(0000) knlGS:0000000000000000 [ 144.889737][ T6119] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.905936][ T6119] CR2: 000000002005e000 CR3: 000000006794e000 CR4: 00000000003526f0 [ 144.916123][ T6119] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 144.934596][ T6119] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 144.951288][ T6119] Kernel panic - not syncing: Fatal exception [ 144.957591][ T6119] Kernel Offset: disabled [ 144.961902][ T6119] Rebooting in 86400 seconds..