last executing test programs: 4.698963152s ago: executing program 1 (id=756): r0 = socket$nl_generic(0x10, 0x3, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe76, 0x0, 0x0, 0x0}, 0x94) r1 = inotify_init() r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) write$sequencer(r2, &(0x7f00000000c0)=[@t={0x81, 0x8, 0x0, 0x0, @generic}], 0x8) socket$l2tp(0x2, 0x2, 0x73) r3 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x18, 0x3, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0xfffffffc}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_exit\x00', r4}, 0x18) move_mount(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x262) socket$rxrpc(0x21, 0x2, 0xa) ioctl$IOCTL_VMCI_VERSION2(r3, 0x7a7, &(0x7f0000000040)=0x90000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, &(0x7f0000000000)={@local}) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r3, 0x7a8, &(0x7f0000000540)={{@hyper, 0x5}, @hyper, 0x9}) socket$l2tp(0x2, 0x2, 0x73) close_range(r1, 0xffffffffffffffff, 0x0) r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000080)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010028700000dbdf25176fdfa3651c0f2bd0000000440006803c00040067636d28616573290000000000000000000000000000000000000000000000001400000096557917d5d82cebae935e436de1ace2fe62c0790400030000"], 0x58}}, 0x4004) 4.698385s ago: executing program 1 (id=757): sendmsg$kcm(0xffffffffffffffff, 0x0, 0x48085) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r2 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_ADD_MFC(r2, 0x29, 0xcc, &(0x7f0000000000)={{0xa, 0x0, 0x0, @private0, 0x809}, {0xa, 0x8, 0x0, @empty}, 0x2, {[0x0, 0x1, 0xfffffffe, 0x0, 0xffffffff]}}, 0x5c) setsockopt$MRT6_ADD_MFC(r2, 0x29, 0xcc, &(0x7f00000001c0)={{0xa, 0x0, 0x0, @remote}, {0xa, 0x4e22, 0x0, @mcast1}}, 0x5c) setsockopt$MRT6_FLUSH(r2, 0x29, 0xd4, &(0x7f00000000c0)=0x7, 0x4) r3 = syz_io_uring_setup(0xa17, &(0x7f0000000200)={0x0, 0xcc75, 0x400, 0x3, 0x4}, &(0x7f0000000140)=0x0, &(0x7f0000000280)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x1c, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f9ffffffb703000000080000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r6}, 0x18) r7 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r7, &(0x7f0000000140)={0x28, 0x0, 0x0, @host}, 0x10) connect$unix(0xffffffffffffffff, 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) r8 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r8, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYRES32=r4], 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x40815) sendmsg$IPSET_CMD_DESTROY(r1, &(0x7f0000000340)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000380)={&(0x7f0000000580)=ANY=[], 0x60}, 0x1, 0x0, 0x0, 0x4}, 0x20004000) r9 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=ANY=[@ANYBLOB="1400000034000900000000000040000002000000337d5645aca7d415fc5d36c6f3d5ddbb85308fad9c4c0ec6067adf10c29981b2154b1ecfd06d202db59cc6d248bfc53345e8a8f26c8074fb45dac42f2a75e1c1c7c9915a1be9956db11a6c0fc06163c2429ea6f474df708460d2fa27"], 0x14}, 0x1, 0x0, 0x0, 0x4841}, 0x4000010) r10 = syz_io_uring_setup(0x2c7f, &(0x7f00000000c0)={0x0, 0x10, 0x0, 0x3, 0x8f, 0x0, r3}, &(0x7f0000000500), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_FILES(r10, 0x2, &(0x7f0000000300)=[0xffffffffffffffff], 0x1) io_uring_enter(r10, 0x47f6, 0x0, 0x0, 0x0, 0x0) 3.790065524s ago: executing program 0 (id=759): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$inet6_mtu(r0, 0x29, 0x4e, &(0x7f0000000400)=0x2, 0x4) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @multicast2}}, 0x1c) sched_setscheduler(0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000300)={{{@in6=@initdev, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@initdev}, 0x0, @in=@initdev}}, &(0x7f0000000000)=0xe4) mount(&(0x7f0000000080)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f00000000c0)='vfat\x00', 0xa08410, 0x0) r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000180), 0x40000, 0x0) read$FUSE(r3, &(0x7f0000000640)={0x2020, 0x0, 0x0, 0x0}, 0x2020) r5 = socket(0x10, 0x803, 0x0) r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r7 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, r8, {0x0, 0xfff3}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) r9 = socket(0x400000000010, 0x3, 0x0) r10 = socket$unix(0x1, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r9, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@newtfilter={0x8c, 0x2c, 0xd27, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r11, {0x5, 0xfff3}, {}, {0x7}}, [@filter_kind_options=@f_matchall={{0xd}, {0x58, 0x2, [@TCA_MATCHALL_ACT={0x54, 0x2, [@m_skbedit={0x50, 0x1, 0x0, 0x0, {{0xc}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x6fe2}, @TCA_SKBEDIT_PARMS={0x18, 0x2, {0xb380, 0x4, 0x0, 0xd87, 0x6}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x3}}}}]}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x10}, 0x0) setresuid(r4, r4, r4) setreuid(r2, r4) read$msr(r1, &(0x7f0000019380)=""/102400, 0x19000) r12 = syz_open_procfs(0x0, &(0x7f0000000200)='net/ipv6_route\x00') pread64(r12, &(0x7f000001a240)=""/102400, 0xfffffffffffffe4c, 0x2) brk(0xb8) 3.520191899s ago: executing program 1 (id=761): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000440), 0xffffffffffffffff) sendmsg$NL802154_CMD_GET_WPAN_PHY(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002bbd6000fbe2f8250100000a08000300", @ANYRES32=0x0], 0x28}, 0x1, 0x0, 0x0, 0x804}, 0x40) syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2) r2 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) socket$kcm(0x29, 0x0, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000002540), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f, 0x4}}, 0x20) syz_emit_ethernet(0x66, &(0x7f0000000340)=ANY=[@ANYBLOB="bbbbbbbbbbbb0180c200000008004500005800000000002f9078000000e0e000c800b48065580000000010000800000086dd080088be000000001000000088f7ffff00000000080022eb00000000200000f1e5ffffff00000000000000000800655800000000"], 0x0) write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r3, &(0x7f0000000280)={0x15, 0x110, 0xfa00, {r4, 0x0, 0x0, 0x30, 0x0, @in={0x1b, 0xfffc, @local}, @ib={0x1b, 0x0, 0x0, {}, 0x0, 0x1, 0x4}}}, 0x118) getsockopt$netrom_NETROM_IDLE(r2, 0x103, 0x7, 0x0, &(0x7f0000000040)) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'}) r5 = socket$qrtr(0x2a, 0x2, 0x0) dup(r5) r6 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r8, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x3, 0x4, 0x0, 0xb49, 0x2c, 0x8, 0x0, 0x3}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) madvise(&(0x7f000003e000/0x3000)=nil, 0x3000, 0x14) r9 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) ioctl$sock_ifreq(r9, 0x8910, &(0x7f0000000000)={'vlan0\x00', @ifru_ivalue=0x8}) ioctl$sock_netdev_private(r8, 0x89fb, &(0x7f00000005c0)="19f373fa9f0585d499677c3cad6ef8a6467181882dbb494a010ef9375a362506e6af664668576524274375da4ca4275d4e8f677d2b3534f000283c61082e5c23b3de29631497aa473581094f9f4e1ba41e5adc94d29361b16741b21e19fae72250920dc178dc8b182e79b628ceca17399fa85276eeddadbed83f04186aa11f82d38e599d0afc2d8f99b345dade1f0c") mount$fuse(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000800), 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r6, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESOCT=r3]) socket$inet_sctp(0x2, 0x1, 0x84) 3.519785994s ago: executing program 2 (id=762): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00'}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) syz_emit_ethernet(0x2e, &(0x7f0000000180)={@local, @dev, @void, {@ipv4={0x800, @igmp={{0x6, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x1, 0x2, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast2, {[@ra={0x94, 0x4, 0x1}]}}, {0x16, 0x0, 0x0, @loopback}}}}}, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'bridge0\x00'}) sendmsg$nl_route(r3, 0x0, 0x0) sendmsg$nl_route(r2, 0x0, 0x0) ioctl$TCSETS(r1, 0x5402, 0x0) unshare(0x6a040000) r5 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqn(r5, 0x0, 0x20, 0x0, 0x37) ioctl$PPPOEIOCSFWD(0xffffffffffffffff, 0x80047453, 0x0) unshare(0x16000400) r6 = syz_io_uring_setup(0x110, &(0x7f00000003c0)={0x0, 0xfad6, 0x100, 0x3, 0x3}, &(0x7f00000001c0), &(0x7f0000000040)) r7 = syz_open_procfs(0x0, &(0x7f0000000040)='net/if_inet6\x00') io_uring_register$IORING_REGISTER_EVENTFD(r6, 0x4, &(0x7f0000000040)=r7, 0x1) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000940)=ANY=[@ANYBLOB="300300002400010026bd7000fedbdf251f0300800c00010002"], 0x330}], 0x1}, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0x8) ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f00000002c0)=0x7e) syz_io_uring_setup(0xef4, &(0x7f0000000300)={0x0, 0x1001c2a, 0x10100, 0x2, 0x0, 0x0, r1}, &(0x7f0000000140), 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee7, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, &(0x7f0000000100), 0x0, 0x8, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x4c) syz_open_procfs(0x0, 0x0) 2.498651099s ago: executing program 2 (id=763): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x60004fbd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = dup2(r0, r1) sendmmsg$inet(r2, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000a00)="316f825a3d29f96a2093a917017b4cd30000000000000035ed313e19d6dd", 0x1e}], 0x1}}, {{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000002c0)="0eb1325c89f9adf45fee768467d013e887e116775db7b44fa483fc57939c8790104b7844ebbd6fd934425ece922fdfc5d29ee0ef8adae941", 0x38}], 0x1}}, {{0x0, 0x0, &(0x7f0000000d40)=[{&(0x7f0000000f00)="a98d4e3a568df934a791f3de6053c132988cee1cc6c9a9f19fdd0ea14e220604c56f8447bcaa8e3f28d830e464cc63d147375e45b30ae7eb959ce21da0792b7bf8e4117719192aaf4d6895d384a38b49b3860da547e9597019ddc4ae127f035dd6e51695d9192b0f2b37c672c9971f2c74f38e", 0x73}], 0x1}}], 0x3, 0x0) 2.489830261s ago: executing program 2 (id=764): openat$sysctl(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/vm/compact_memory\x00', 0x1, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000740)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = io_uring_setup(0x58e1, &(0x7f0000000440)={0x0, 0x61d6, 0x4000, 0x1, 0x258}) r4 = syz_io_uring_setup(0x487, &(0x7f00000000c0)={0x0, 0x9010, 0x100, 0x4, 0x165, 0x0, r3}, &(0x7f0000000000)=0x0, 0x0) io_uring_register$IORING_REGISTER_PBUF_RING(r4, 0x16, &(0x7f0000000140)={&(0x7f0000001000)={[{0x0, 0x5, 0x3, 0x700}]}, 0x1, 0x1}, 0x1) syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r5, 0x0, &(0x7f00000002c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x20, 0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x60, 0x1, {0x1}}) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000) io_uring_enter(r4, 0x3517, 0x173d, 0x47, 0x0, 0x0) r7 = syz_open_dev$sndctrl(&(0x7f0000002b80), 0x1, 0x8000) ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r7, 0xc2c45513, &(0x7f0000002e00)={{0x8, 0x7, 0x3, 0x1ff, 'syz0\x00', 0x7f}, 0x0, [0x8, 0x8, 0x1000, 0x0, 0xb3d, 0xffffffff, 0x5, 0x901, 0xbbf, 0x7, 0x15b, 0x7, 0x5944, 0x5, 0x7, 0x4a7, 0x9, 0x5, 0xb, 0x3, 0x2c, 0x400, 0x40, 0x10000000, 0x6, 0x0, 0xffffffff, 0x800, 0x3, 0x3, 0x4, 0x6, 0x6, 0xfff, 0x3ff, 0x1, 0x5, 0x3, 0x5, 0x9, 0x7, 0x7fff, 0xffff8000, 0x80000001, 0xe, 0x0, 0x2, 0x0, 0xe, 0x4, 0x9, 0x5, 0x400, 0x40, 0x9, 0xfffff647, 0x8, 0x4, 0x5, 0x0, 0x9, 0x9, 0x5, 0x8, 0x98, 0xbe, 0x1, 0xa, 0x7, 0x80000000, 0x81, 0x10001, 0x2, 0x80000001, 0x69d, 0xb, 0x3, 0x1, 0x8, 0x9, 0x7, 0x9, 0x1, 0x3, 0x1, 0xffff, 0x6, 0x8, 0x7ff, 0x4, 0xef, 0xff, 0x6, 0x3, 0xf86, 0x589f, 0x3, 0x9, 0x895, 0xfff, 0x9, 0x89, 0x0, 0x1, 0xe0b2, 0x9, 0xfffff561, 0xe, 0x3, 0x3, 0xfffffffa, 0x3, 0x2, 0x1, 0x2ba, 0x1, 0xe, 0x0, 0xf, 0x2, 0xf2, 0x80000004, 0x0, 0x7, 0x2, 0x7, 0x6, 0x100]}) 2.427278202s ago: executing program 3 (id=765): socket$packet(0x11, 0x3, 0x300) r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0xc, &(0x7f0000000240)=@assoc_value={0x0}, &(0x7f0000000080)=0x8) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r2) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000200)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_TRIGGER_SCAN(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="050000000000000000002100000008000300", @ANYRES32=r4, @ANYBLOB="10007d80", @ANYRES32=r2, @ANYRESDEC=r1], 0x2c}, 0x1, 0x0, 0x0, 0x440c0}, 0x0) 2.426884539s ago: executing program 0 (id=766): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), 0xffffffffffffffff) r2 = syz_open_dev$amidi(&(0x7f0000000140), 0x2, 0x181) ioctl$SNDRV_RAWMIDI_IOCTL_INFO(r2, 0x40045731, &(0x7f0000001000)) sendmsg$ETHTOOL_MSG_LINKMODES_GET(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x14, r1, 0x28543634fae43ad, 0x0, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x20000054}, 0x0) 2.357373566s ago: executing program 3 (id=767): openat$cdrom(0xffffff9c, &(0x7f0000000400), 0x101000, 0x0) socket$kcm(0x10, 0x3, 0x10) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0xb, 0x6, 0x5004, 0x7, 0x1}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xd, &(0x7f0000000280)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x50}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2000000}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x101102, 0x0) r2 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0x1054bd, 0x0, 0x2002, 0x6d}, &(0x7f0000000000)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) r5 = syz_open_dev$video4linux(&(0x7f0000000080), 0x200000000000, 0x0) r6 = socket$kcm(0x10, 0x2, 0x0) ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r6, 0x8982, &(0x7f0000000400)={0x0, 'batadv0\x00', {0x5}}) r7 = socket$nl_route(0x10, 0x3, 0x0) r8 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r8, 0x8933, &(0x7f0000000040)={'batadv0\x00', 0x0}) sendmsg$nl_route(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=@setlink={0x3c, 0x13, 0x1, 0x0, 0x0, {}, [@IFLA_MASTER={0x8, 0xa, r9}, @IFLA_ALT_IFNAME={0x14, 0x35, 'dummy0\x00'}]}, 0x3c}}, 0x0) ioctl$SIOCSIFMTU(0xffffffffffffffff, 0x8922, &(0x7f0000000080)={'dummy0\x00'}) ioctl$VIDIOC_ENUMSTD(0xffffffffffffffff, 0xc0485619, 0x0) syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r5}) io_uring_enter(r2, 0x47f6, 0x0, 0x22, 0x0, 0x0) 2.318486429s ago: executing program 1 (id=768): pipe(&(0x7f0000000080)) socket$inet_udp(0x2, 0x2, 0x0) socket$inet6(0xa, 0x2, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r1, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = socket$inet6_mptcp(0xa, 0x1, 0x106) r3 = syz_io_uring_setup(0x8d2, &(0x7f0000000240)={0x0, 0x0, 0x1000, 0x2}, &(0x7f0000000040)=0x0, &(0x7f0000000080)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_SENDMSG={0x9, 0x40, 0x0, r2, 0x0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0, 0x20000044}) io_uring_enter(r3, 0x47ba, 0x3e80, 0x0, 0x0, 0x0) 2.316709172s ago: executing program 0 (id=769): sendmsg$kcm(0xffffffffffffffff, 0x0, 0x48085) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r2 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_ADD_MFC(r2, 0x29, 0xcc, &(0x7f0000000000)={{0xa, 0x0, 0x0, @private0, 0x809}, {0xa, 0x8, 0x0, @empty}, 0x2, {[0x0, 0x1, 0xfffffffe, 0x0, 0xffffffff]}}, 0x5c) setsockopt$MRT6_ADD_MFC(r2, 0x29, 0xcc, &(0x7f00000001c0)={{0xa, 0x0, 0x0, @remote}, {0xa, 0x4e22, 0x0, @mcast1}}, 0x5c) setsockopt$MRT6_FLUSH(r2, 0x29, 0xd4, &(0x7f00000000c0)=0x7, 0x4) r3 = syz_io_uring_setup(0xa17, &(0x7f0000000200)={0x0, 0xcc75, 0x400, 0x3, 0x4}, &(0x7f0000000140)=0x0, &(0x7f0000000280)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x1c, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f9ffffffb703000000080000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r6}, 0x18) r7 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r7, &(0x7f0000000140)={0x28, 0x0, 0x0, @host}, 0x10) connect$unix(0xffffffffffffffff, 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) r8 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r8, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYRES32=r4], 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x40815) sendmsg$IPSET_CMD_DESTROY(r1, &(0x7f0000000340)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000380)={&(0x7f0000000580)=ANY=[], 0x60}, 0x1, 0x0, 0x0, 0x4}, 0x20004000) r9 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=ANY=[@ANYBLOB="1400000034000900000000000040000002000000337d5645aca7d415fc5d36c6f3d5ddbb85308fad9c4c0ec6067adf10c29981b2154b1ecfd06d202db59cc6d248bfc53345e8a8f26c8074fb45dac42f2a75e1c1c7c9915a1be9956db11a6c0fc06163c2429ea6f474df708460d2fa27"], 0x14}, 0x1, 0x0, 0x0, 0x4841}, 0x4000010) r10 = syz_io_uring_setup(0x2c7f, &(0x7f00000000c0)={0x0, 0x10, 0x0, 0x3, 0x8f, 0x0, r3}, &(0x7f0000000500), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_FILES(r10, 0x2, &(0x7f0000000300)=[0xffffffffffffffff], 0x1) io_uring_enter(r10, 0x47f6, 0x0, 0x0, 0x0, 0x0) 2.190170691s ago: executing program 3 (id=770): r0 = syz_io_uring_setup(0x82e, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=0x0, &(0x7f0000000080)=0x0) io_uring_register$IORING_REGISTER_PBUF_RING(r0, 0x16, &(0x7f0000000380)={&(0x7f0000001000)={[{0x0}, {0x0}, {0x0}, {0x0}]}, 0x4}, 0x1) r3 = socket(0x10, 0x3, 0x0) r4 = socket$kcm(0x29, 0x0, 0x0) recvmsg$kcm(r4, &(0x7f0000000740)={&(0x7f0000000640)=@nfc, 0x80, &(0x7f0000000180)=[{&(0x7f00000006c0)=""/115, 0x73}, {&(0x7f0000002000)=""/4096, 0x1000}], 0x2}, 0x40000023) syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_SEND={0x1a, 0x20, 0x0, r3, 0x0, 0x0, 0x0, 0x200440c0, 0x1}) io_uring_enter(r0, 0x27e2, 0x0, 0x0, 0x0, 0x0) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='loginuid\x00') bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000080)={&(0x7f0000000280)="187fbf1600e8f2327df65c097549f5754c16f242e0843d6bb8e3cb55d4888a53350f8ba15ce8c98edffb90593030d9203979173f87b427aefeeb277138a645fe04217cab0ce57bc11bea2e8e1aeae9bec8340cd3d61b", &(0x7f0000000400)=""/185, &(0x7f00000004c0)="4e8e7901077de344dca91b94451bfb55e9bd8d8e172b919e7f166170ca3a32b4b4a8cc20fdb90dfe8c42a9c39678f184bf499b8c9fdf43bd0c1746822648a6262f897394b252a9557dbbdc87d40edf1ccfc62fcdf9c01b58e01734f65bae5e98f0e88840af660e9627aba8fa004194cd293f3e0d797ffcf6154107de16a431bdc675ee368b3722f207fbc9", &(0x7f0000000580)="2c7391ccfa0a781249475001f4a478d65f470aceed778a8a55b7269ef286f9816befab6f538e58c9c25ef4897dad650f469db0009002b8f3cc510690725fc45f6c82b233eb9851b8a425999f6e27515ef139c1f522e3c6f41423cfdc1eee65feaacfef59cc75ee8d61f6311c7a77a41542c39764b02fb6e3b2221137e38ec6c2d387dc8cc53c4bf31212edb04f416a4e357a2ec9a2", 0x2, r5}, 0x38) read$watch_queue(r5, 0x0, 0x0) r6 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$apparmor_exec(r6, &(0x7f00000001c0)={'exec ', ':\x00~\x14-\x90\x14\x05\x00\x8fQhj\x1b\x04\xe5\x8d\xa1\xc2\xaa-\xc7gD#\x03\x1c\xee\xaa\xdd\x80\x9e/\x19{S\x15\xfe\xbaO\xae\xa1z,\xde-\x8fKN\x86g\x9b\xe4\xfe\xae/\x90\xd8^O\x86\x81\x84\xabq\xeb\x8b;F\xe9\xee\xc8\xd1\xb4Q\x05\x14\xe7\xa9c(0D7[\xccB\xe1Y\x99\x05\xae\xba\x00\xc4\b1\x84\xd6\b\xb0\xf0\x9a\x98\x85;\xffUq9:\xaf\xa2\x83\x88d\xc0\xe5\xcfF\x144}\x02\xb9\xb1\x85\x7fx\xe6\'\x8c\x898\'ej\xde;+\n1\xd4\x15\xf9Q\xacw\xcfS\xed\x80\fkt\xed\xdb|\x10\xbd\xbe\xf1\x94\x99\xe1?\x10\xda\xc7\xed['}, 0xb0) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x801, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x4c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7, 0x0, 0x8}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x25}, @NFTA_SET_DATA_TYPE={0x8, 0x6, 0x1, 0x0, 0xffffff00}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x38}]}, @NFT_MSG_NEWSETELEM={0x38, 0xc, 0xa, 0x101, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0xc, 0x3, 0x0, 0x1, [{0x8, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0x4}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xcc}}, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) connect(r5, &(0x7f0000000100)=@in6={0xa, 0x4e22, 0x4, @private0={0xfc, 0x0, '\x00', 0x1}}, 0x80) openat$fuse(0xffffff9c, &(0x7f0000000040), 0x2, 0x0) 2.03015296s ago: executing program 3 (id=771): socketpair$unix(0x1, 0x2, 0x0, 0x0) mq_open(&(0x7f0000000080)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x42, 0x0, 0x0) r0 = getpid() sched_setaffinity(0x0, 0x14, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f0000000300)=@file={0x0, './file0\x00'}, 0x6e) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$USBDEVFS_ALLOW_SUSPEND(0xffffffffffffffff, 0x5522) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2) syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) r3 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2) ioctl$VIDIOC_S_INPUT(r3, 0xc0045627, &(0x7f0000000100)=0x3) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r3, 0xc0845657, &(0x7f0000000200)={0x0, @bt={0xa02, 0x870, 0x1, 0x2, 0xd59f80, 0x19f2, 0x3f, 0x19ef, 0x3, 0x8, 0x2800, 0x6, 0x2, 0xba2, 0x5, 0x30, {0x8, 0xffffffff}, 0xd0, 0x9}}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x10, 0x800000, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xffffffff, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x10000000}}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x40000) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) openat$udambuf(0xffffff9c, 0x0, 0x2) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r4 = getpid() sched_setaffinity(0x0, 0x14, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@file={0x1, './file0\x00'}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2) socket$alg(0x26, 0x5, 0x0) 1.599994996s ago: executing program 0 (id=772): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x1, 0x0, 0x2, 0x2}}, 0x20) r1 = syz_io_uring_setup(0x120a, &(0x7f0000000140)={0x0, 0x1e91, 0x2, 0x3, 0x127}, &(0x7f00000001c0), &(0x7f0000000200)) io_uring_register$IORING_UNREGISTER_PERSONALITY(r1, 0xa, 0x2000000, 0x0) connect$netrom(0xffffffffffffffff, &(0x7f0000000300)={{0x6, @null}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @default, @bcast, @null, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast]}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socket$kcm(0x10, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121) r3 = dup(r2) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000b80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x1) write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c) socket(0x15, 0x5, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) unshare(0x20020680) r4 = syz_io_uring_setup(0x10b, &(0x7f00000000c0)={0x0, 0x0, 0x1000, 0x1, 0x200000c}, &(0x7f0000000240)=0x0, &(0x7f0000000280)=0x0) socket$inet6_tcp(0xa, 0x1, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) socket$inet_tcp(0x2, 0x1, 0x0) syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_LINKAT={0x27, 0x48, 0x0, 0xffffffffffffffff, &(0x7f0000000340)='./file0/../file0\x00', &(0x7f0000000380)='./file0/../file0\x00', 0xffffffffffffffff, 0x0, 0x1}) io_uring_enter(r4, 0x47f9, 0x0, 0x0, 0x0, 0x0) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x200000d, 0x12, 0xffffffffffffffff, 0xb9343000) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e) 1.346787437s ago: executing program 1 (id=773): mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) munlockall() prctl$PR_SCHED_CORE(0x3e, 0xffffffff, 0x0, 0x2, 0x0) setsockopt$MRT_ADD_MFC(0xffffffffffffffff, 0x0, 0xcc, 0x0, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f00000002c0), 0x2, 0x141101) r3 = dup(r2) write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c) r4 = userfaultfd(0x80001) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000000140)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) mmap$IORING_OFF_CQ_RING(&(0x7f0000696000/0x12000)=nil, 0x12000, 0x2000001, 0x80010, r3, 0x8000000) madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19) r5 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f0000000100)={&(0x7f0000000180)=""/59, 0x304000, 0x800, 0x0, 0x1}, 0x1c) ioctl$UFFDIO_COPY(r4, 0xc028aa05, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000/0x3000)=nil, 0x3000}) r6 = socket$packet(0x11, 0x3, 0x300) r7 = socket$inet_sctp(0x2, 0x1, 0x84) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000001c0), 0x30002, &(0x7f0000000380)=ANY=[@ANYRES8, @ANYRES64=r3, @ANYBLOB="2c71f70dc62e7e46d68a9d1c3fdeee7c71f2f0ec0c283c30a29070c0bd7dea48628d06ffdf32c075dabbc64d11aba7d2f5a6514bfe3194a24a0763a0f49c0c4424"]) getsockopt$inet_sctp_SCTP_MAX_BURST(r7, 0x84, 0xc, &(0x7f0000000240)=@assoc_value, &(0x7f0000000080)=0x8) setsockopt$sock_int(r6, 0x1, 0x12, &(0x7f0000000140)=0xbf, 0x4) r8 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r8) ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000200)={'wlan1\x00'}) r9 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r9, 0x10e, 0xc, &(0x7f0000000040)={0x80, 0x80000, 0x19, 0x3}, 0x10) sendmsg$nl_route(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000940)={&(0x7f00000000c0)=ANY=[@ANYBLOB="180000001600010000000200000000000a0000ff"], 0x18}}, 0x0) 1.346449285s ago: executing program 3 (id=774): r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000000740)="d7ffffff1200e7ef1ed9ba0e00000000", 0x10, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r2 = dup(r1) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) r3 = socket$inet(0x2, 0x3, 0x4) setsockopt$inet_opts(r3, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f00000000c0)='ip6_vti0\x00', 0x10) connect$inet(r3, &(0x7f0000000080)={0x2, 0x4e20, @private=0xa010100}, 0x10) r4 = syz_io_uring_setup(0x219a, &(0x7f0000000500)={0x0, 0x5760, 0x800, 0x0, 0x1e1}, &(0x7f0000000300), &(0x7f0000000440)) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0200000004000000080000000100000080", @ANYRES64=r4, @ANYRES16, @ANYRES32=r0, @ANYRES8=0x0], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r5}, 0x4) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000100)='dctcp\x00', 0x6) bind$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @private1, 0x4}, 0x1c) sendmmsg$inet(r3, &(0x7f0000000f40)=[{{&(0x7f0000000040)={0x2, 0x0, @broadcast}, 0x10, 0x0}}], 0x68000, 0xe000) 1.082051946s ago: executing program 2 (id=775): capset(&(0x7f00000004c0)={0x20071026}, &(0x7f0000000500)={0xff, 0x2000, 0x3, 0x4, 0x0, 0x3ce}) (async) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="280000000906010200000000000000000200ffff090002007b797a31000000000500f8ff06000000"], 0x28}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080) (async) socket$inet6_sctp(0xa, 0x5, 0x84) (async) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0) (async) prctl$PR_SCHED_CORE(0x3e, 0x6, 0x0, 0x1, 0x0) prlimit64(0x0, 0x8, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x3, &(0x7f00000000c0)=0x6) (async) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000140), 0x84200, 0x0) (async) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) (async) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000000a636000000007fffffff8500000050000000850000000f000000"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) (async) madvise(&(0x7f000039c000/0x3000)=nil, 0x3000, 0x4) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x4005, 0x7, &(0x7f0000006680)) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv2(r2, 0x0, 0x0, 0x0, 0x0, 0x0) (async) personality(0x2000000) (async) socket$vsock_stream(0x28, 0x1, 0x0) (async) r3 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_LOOPBACK(r3, 0x65, 0x3, 0x0, 0x0) (async) r4 = openat$nvme_fabrics(0xffffff9c, 0x0, 0x20a83, 0x0) connect$unix(r4, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e21}, 0x6e) (async) syz_io_uring_submit(0x0, 0x0, 0x0) syz_open_dev$sndpcmc(&(0x7f0000000240), 0x57, 0x200002) (async) r5 = socket(0x10, 0x3, 0x0) sendmsg$nl_generic(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000004200010a00"], 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x0) (async) sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x8080) 873.623666ms ago: executing program 2 (id=776): socket$inet6_tcp(0xa, 0x1, 0x0) socket$alg(0x26, 0x5, 0x0) openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) bpf$BPF_GET_MAP_INFO(0x3, 0x0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x4008840) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_ERR_FILTER(r3, 0x65, 0x7, &(0x7f00000001c0)=0x100000, 0x4) setsockopt$CAN_RAW_FD_FRAMES(r3, 0x65, 0x5, &(0x7f0000000000)=0x1, 0x4) write$UHID_INPUT(r2, &(0x7f0000002080)={0xfc, {"a2336848149e516d4b5e071887f70e09d038e7ff7fc6e5539b0d500a8b089b3f383563030890e0879b0a71c6e70a9b334a959b669a242f0a0af3988f7ef319520100ffe8d178708c523c921b1b3e31070d0773090acd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9903f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928d28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f2730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b81305c038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849cd9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484539ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1f93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb8843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b2804563407308c58c89d9e99c81769177e6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463373b4b87c9050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e080000007ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e3933ed07c2b8081c128ad2706f48261ff07000000000000613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59500000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) r4 = socket$alg(0x26, 0x5, 0x0) bind$alg(r4, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58) r5 = accept4(r4, 0x0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f00000001c0)="00940a37", 0x4) sendto$unix(r5, &(0x7f0000000440)="36d9a32e92c131d730b1abaedb51eb66fd2d5b1f7eda4f0e859fdaf294bad70673813533d8bf1c6a77b65a7afdc01b29e73571071a68d5def5d7df839810da130b9348f4d9d407eb478d5bfb298c552a498271af70914e14ba9476fd2a0e47984c25ea20afab3064a748add27a7149e9c4705475bda2ecec9ec30214f28c5e16fd3f50f604f20232c534409e52bff64fc6ca0f5e254083aec2794b7216e002e87caf3d0fa7d04ff9e3b03e81595a04979594ff6ea888bf13de8e8f74c6178e31e47593732ae1a501ad3641d423195a788efdb643f50a8c8b9794a62f7b8dfa0fa7da9d391b92ce2a7f9fe0f9d584a3775f", 0x703d59595f6742a8, 0x800, 0x0, 0x0) recvfrom(r5, &(0x7f00000030c0)=""/4117, 0xffffffffffffffbf, 0x1, 0x0, 0xffffffffffffffb5) sendmsg$802154_raw(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)="eb", 0x1}, 0x1, 0x0, 0x0, 0x8008040}, 0x30008080) sendmmsg$alg(r5, &(0x7f0000002a40)=[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40004}], 0x1, 0x0) ioprio_set$uid(0x3, 0x0, 0x6500) sched_setattr(0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x4, 0x200000005c831, 0xffffffffffffffff, 0x0) 454.010632ms ago: executing program 3 (id=777): getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000cc0)=@deltfilter={0xdc, 0x2d, 0x300, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x1, 0xffe0}, {0x0, 0x6}, {0x2cb95bbc91d71546, 0x9}}, [@TCA_CHAIN={0x8, 0xb, 0xb}, @TCA_CHAIN={0x8, 0xb, 0x9}, @filter_kind_options=@f_flower={{0xb}, {0x1c, 0x2, [@TCA_FLOWER_KEY_ENC_UDP_DST_PORT={0x6}, @TCA_FLOWER_KEY_SCTP_DST_MASK={0x6}, @TCA_FLOWER_KEY_CT_STATE={0x6, 0x5b, 0x63a}]}}, @TCA_RATE={0x6, 0x5, {0x3, 0x8c}}, @TCA_RATE={0x6, 0x5, {0x0, 0x2}}, @filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_MPLS_LABEL={0x8, 0x46, 0xe19}]}}, @TCA_CHAIN={0x8}, @TCA_CHAIN={0x8, 0xb, 0x80000000}, @filter_kind_options=@f_bpf={{0x8}, {0x40, 0x2, [@TCA_BPF_FD={0x8}, @TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x8}, @TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x8}, @TCA_BPF_FD={0x8}, @TCA_BPF_FLAGS_GEN={0x8}, @TCA_BPF_FD={0x8}, @TCA_BPF_NAME={0x2f, 0x7, './file1\x00'}]}}]}, 0xdc}, 0x1, 0x0, 0x0, 0x804}, 0x2002c810) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000a02000/0x1000)=nil, 0x1000, 0xb635773f05ebbee1, 0x40010, 0xffffffffffffffff, 0x0) socket$igmp6(0xa, 0x3, 0x2) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SET_MM(0x23, 0xa, &(0x7f00002d5000/0x2000)=nil) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='environ\x00') preadv(r3, &(0x7f0000001400)=[{&(0x7f0000000040)=""/113, 0x200000b1}], 0x1, 0xc002a0, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x9, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r6 = dup(r5) write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c) r7 = syz_io_uring_setup(0x23a, &(0x7f0000000480)={0x0, 0x8000d67a, 0x0, 0x0, 0x10000000, 0x0, r3}, &(0x7f0000000280)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r8, r9, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r5, 0x0, 0x0, 0x0, {}, 0x1}) io_uring_enter(r7, 0x2ded, 0x4000, 0x0, 0x0, 0x0) r10 = socket(0x1e, 0x1, 0x0) connect$tipc(r10, &(0x7f0000000000)=@name={0x1e, 0x2, 0x1, {{0x1, 0x1}}}, 0x10) r11 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000400)=ANY=[@ANYBLOB='!\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 \x00\x00\x00\x00\x00\x00', @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00o', @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x13, r11, 0x0) 130.454524ms ago: executing program 0 (id=778): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x3, 0xc, &(0x7f0000000140)=@framed={{0x18, 0x2, 0x0, 0x0, 0xfffffff6, 0x0, 0x0, 0x0, 0xfffffffc}, [@call={0x85, 0x0, 0x0, 0x2e}, @printk={@d, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x17}}]}, &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x2f, 0xffffffff, 0x0, 0x0, 0x0, 0x0}, 0x48) 81.124397ms ago: executing program 0 (id=779): r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000000740)="d7ffffff1200e7ef1ed9ba0e00000000", 0x10, 0x0, 0x0, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r2 = dup(r1) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) r3 = socket$inet(0x2, 0x3, 0x4) setsockopt$inet_opts(r3, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f00000000c0)='ip6_vti0\x00', 0x10) connect$inet(r3, &(0x7f0000000080)={0x2, 0x4e20, @private=0xa010100}, 0x10) add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="020000000400000004000000080000001c000000", @ANYRES32, @ANYBLOB="3c0000002000000078c84a0f26002d86000000000079a60b", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) io_uring_enter(0xffffffffffffffff, 0x1, 0x2, 0x1, 0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000100)='dctcp\x00', 0x6) socket$nl_route(0x10, 0x3, 0x0) sendto$inet6(r4, &(0x7f0000000240)="d1", 0x1, 0x800, 0x0, 0x0) sendmmsg$inet(r3, &(0x7f0000000f40)=[{{&(0x7f0000000040)={0x2, 0x0, @broadcast}, 0x10, 0x0}}], 0x68000, 0xe000) 276.499µs ago: executing program 1 (id=780): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bond_slave_1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="4000001f1000010025bd7000fadbdf2700000000", @ANYRES32=r2, @ANYBLOB="d380fb0000000200200012800f000100626f6e645f736c61766500000c0005"], 0x40}, 0x1, 0x0, 0x0, 0x40000}, 0x0) 0s ago: executing program 2 (id=781): pipe(&(0x7f0000000080)) socket$inet_udp(0x2, 0x2, 0x0) socket$inet6(0xa, 0x2, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r1, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = socket$inet6_mptcp(0xa, 0x1, 0x106) r3 = syz_io_uring_setup(0x8d2, &(0x7f0000000240)={0x0, 0x0, 0x1000, 0x2}, &(0x7f0000000040)=0x0, &(0x7f0000000080)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_SENDMSG={0x9, 0x40, 0x0, r2, 0x0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0, 0x20000044}) io_uring_enter(r3, 0x47ba, 0x3e80, 0x0, 0x0, 0x0) 0s ago: executing program 1 (id=782): r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0) ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, 0x0) ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f00000000c0)={'pcl812\x00', [0x4f27, 0xfe, 0x10000, 0x0, 0x3, 0xcc7, 0x8, 0x1, 0xa, 0x100, 0x2, 0x8, 0x1db, 0x2, 0x6, 0x101, 0x1, 0x87, 0x3, 0x40000003, 0x2, 0x100002, 0xf27, 0x5, 0xb, 0xe69, 0x3c, 0x8, 0x6, 0x0, 0xfffffff8]}) kernel console output (not intermixed with test programs): 0: Interface activated: batadv_slave_1 [ 49.433439][ T5967] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.436842][ T5967] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.438099][ T6045] ======================================================= [ 49.438099][ T6045] WARNING: The mand mount option has been deprecated and [ 49.438099][ T6045] and is ignored by this kernel. Remove the mand [ 49.438099][ T6045] option from the mount to silence this warning. [ 49.438099][ T6045] ======================================================= [ 49.443079][ T5967] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.457551][ T5967] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.467352][ T40] audit: type=1326 audit(1753015381.101:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6046 comm="syz.2.3" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 49.475969][ T40] audit: type=1326 audit(1753015381.101:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6046 comm="syz.2.3" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 49.486446][ T40] audit: type=1326 audit(1753015381.111:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6046 comm="syz.2.3" exe="/syz-executor" sig=0 arch=40000003 syscall=321 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 49.495414][ T40] audit: type=1326 audit(1753015381.111:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6046 comm="syz.2.3" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 49.506130][ T40] audit: type=1326 audit(1753015381.111:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6046 comm="syz.2.3" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 49.515298][ T40] audit: type=1326 audit(1753015381.111:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6046 comm="syz.2.3" exe="/syz-executor" sig=0 arch=40000003 syscall=39 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 49.521177][ T5958] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 49.524720][ T40] audit: type=1326 audit(1753015381.111:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6046 comm="syz.2.3" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 49.537484][ T40] audit: type=1326 audit(1753015381.111:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6046 comm="syz.2.3" exe="/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 49.545745][ T40] audit: type=1326 audit(1753015381.111:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6046 comm="syz.2.3" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 49.546291][ T5958] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 49.554709][ T40] audit: type=1326 audit(1753015381.111:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6046 comm="syz.2.3" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 49.585499][ T5958] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.588328][ T5958] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.591264][ T5958] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.595560][ T5958] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.611061][ T80] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.617767][ T80] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.653317][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.657134][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.704119][ T1139] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.707311][ T1139] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.739650][ T1139] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.742767][ T1139] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.980058][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 50.043541][ T6071] netlink: 72 bytes leftover after parsing attributes in process `syz.3.8'. [ 50.095162][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 50.212434][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 50.212436][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 50.212697][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 50.215614][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 50.219181][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 50.228377][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 50.273993][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 50.318976][ T53] IPVS: starting estimator thread 0... [ 50.323113][ T5972] Bluetooth: hci3: command tx timeout [ 50.325021][ T5972] Bluetooth: hci1: command tx timeout [ 50.326765][ T5972] Bluetooth: hci0: command tx timeout [ 50.402832][ T5972] Bluetooth: hci2: command tx timeout [ 50.472423][ T6074] IPVS: using max 43 ests per chain, 103200 per kthread [ 50.903130][ T6071] syz.3.8 (6071) used greatest stack depth: 20248 bytes left [ 51.041246][ T6090] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12'. [ 51.097344][ T6092] tipc: Started in network mode [ 51.099854][ T6092] tipc: Node identity 2e75bf1f34c6, cluster identity 4711 [ 51.102843][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 51.103622][ T6092] tipc: Enabled bearer , priority 0 [ 51.111161][ T6092] syzkaller0: entered promiscuous mode [ 51.113532][ T6092] syzkaller0: entered allmulticast mode [ 51.123522][ T6092] tipc: Resetting bearer [ 51.129553][ T6091] tipc: Resetting bearer [ 51.136988][ T6091] tipc: Disabling bearer [ 51.455565][ T6098] trusted_key: encrypted_key: insufficient parameters specified [ 52.402417][ T5973] Bluetooth: hci0: command tx timeout [ 52.403365][ T5972] Bluetooth: hci1: command tx timeout [ 52.404188][ T5964] Bluetooth: hci3: command tx timeout [ 52.482911][ T5973] Bluetooth: hci2: command tx timeout [ 52.647850][ T6126] tipc: Started in network mode [ 52.649591][ T6126] tipc: Node identity fa25381ba9ea, cluster identity 4711 [ 52.652449][ T6126] tipc: Enabled bearer , priority 0 [ 52.660930][ T6126] tipc: Resetting bearer [ 52.668924][ T6125] tipc: Disabling bearer [ 53.015711][ T6138] serio: Serial port ptm0 [ 53.123546][ T6147] netlink: 4 bytes leftover after parsing attributes in process `syz.1.30'. [ 53.549784][ T6152] netlink: 'syz.2.35': attribute type 4 has an invalid length. [ 54.074137][ T6164] netlink: 'syz.1.40': attribute type 1 has an invalid length. [ 54.483694][ T5973] Bluetooth: hci1: command tx timeout [ 54.492538][ T5973] Bluetooth: hci0: command tx timeout [ 54.492553][ T5964] Bluetooth: hci3: command tx timeout [ 54.506097][ T6174] Zero length message leads to an empty skb [ 54.564967][ T5973] Bluetooth: hci2: command tx timeout [ 55.718572][ T6195] netlink: 'syz.2.50': attribute type 4 has an invalid length. [ 58.948515][ T6257] netlink: 'syz.1.67': attribute type 4 has an invalid length. [ 61.442895][ T6305] netlink: 'syz.2.78': attribute type 4 has an invalid length. [ 62.686728][ T6322] netlink: 72 bytes leftover after parsing attributes in process `syz.3.85'. [ 62.690905][ T6322] netlink: 4 bytes leftover after parsing attributes in process `syz.3.85'. [ 62.826101][ T6326] tipc: Started in network mode [ 62.828275][ T6326] tipc: Node identity d69ff04f70fe, cluster identity 4711 [ 62.831916][ T6326] tipc: Enabled bearer , priority 0 [ 62.839174][ T6326] syzkaller0: entered promiscuous mode [ 62.841509][ T6326] syzkaller0: entered allmulticast mode [ 62.859049][ T6326] tipc: Resetting bearer [ 62.871881][ T6325] tipc: Resetting bearer [ 62.890777][ T6325] tipc: Disabling bearer [ 63.037100][ T1140] Bluetooth: hci4: Frame reassembly failed (-90) [ 63.040390][ T6332] Bluetooth: hci4: Frame reassembly failed (-84) [ 63.043905][ T6332] Bluetooth: hci4: Frame reassembly failed (-84) [ 63.046250][ T6332] Bluetooth: hci4: Frame reassembly failed (-84) [ 63.588137][ T6342] syzkaller0: entered promiscuous mode [ 63.590436][ T6342] syzkaller0: entered allmulticast mode [ 63.901075][ T6348] tipc: Enabled bearer , priority 0 [ 63.905550][ T6348] syzkaller0: entered promiscuous mode [ 63.907376][ T6348] syzkaller0: entered allmulticast mode [ 63.922152][ T6348] tipc: Resetting bearer [ 63.926857][ T6347] tipc: Resetting bearer [ 63.936873][ T6347] tipc: Disabling bearer [ 64.074441][ T6361] syzkaller0: entered promiscuous mode [ 64.077230][ T6361] syzkaller0: entered allmulticast mode [ 64.425134][ T6368] input: syz1 as /devices/virtual/input/input5 [ 65.042382][ T5973] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 65.042862][ T5964] Bluetooth: hci4: command 0x1003 tx timeout [ 65.072093][ T6332] mkiss: ax0: crc mode is auto. [ 65.345633][ T6383] input: syz1 as /devices/virtual/input/input6 [ 66.305815][ T6399] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 66.313936][ T6399] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 66.688078][ T6412] syzkaller0: entered promiscuous mode [ 66.690458][ T6412] syzkaller0: entered allmulticast mode [ 66.716737][ T6414] x_tables: duplicate underflow at hook 2 [ 67.810037][ T6439] tipc: Enabled bearer , priority 0 [ 67.813833][ T6439] syzkaller0: entered promiscuous mode [ 67.815922][ T6439] syzkaller0: entered allmulticast mode [ 67.826186][ T6439] tipc: Resetting bearer [ 67.829975][ T6438] tipc: Resetting bearer [ 67.841149][ T6438] tipc: Disabling bearer [ 67.841763][ T6441] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 67.846538][ T6441] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 68.046786][ T6447] syzkaller0: entered promiscuous mode [ 68.048552][ T6447] syzkaller0: entered allmulticast mode [ 68.184626][ T6458] fuse: Bad value for 'fd' [ 69.148568][ T6481] trusted_key: encrypted_key: insufficient parameters specified [ 70.599464][ T6525] tipc: Enabled bearer , priority 0 [ 70.603953][ T6525] syzkaller0: entered promiscuous mode [ 70.605755][ T6525] syzkaller0: entered allmulticast mode [ 70.617089][ T6525] tipc: Resetting bearer [ 70.621768][ T6524] tipc: Resetting bearer [ 70.629871][ T6524] tipc: Disabling bearer [ 70.643128][ T6527] trusted_key: encrypted_key: insufficient parameters specified [ 70.723381][ T836] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 70.723408][ T5964] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 70.729401][ T5964] Bluetooth: hci1: Injecting HCI hardware error event [ 70.735515][ T5964] Bluetooth: hci1: hardware error 0x00 [ 70.806875][ T1418] ieee802154 phy0 wpan0: encryption failed: -22 [ 70.809902][ T1418] ieee802154 phy1 wpan1: encryption failed: -22 [ 70.872370][ T836] usb 5-1: Using ep0 maxpacket: 16 [ 70.880686][ T836] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 70.885680][ T836] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 70.888884][ T836] usb 5-1: Product: syz [ 70.890802][ T836] usb 5-1: Manufacturer: syz [ 70.893722][ T836] usb 5-1: SerialNumber: syz [ 70.907195][ T836] r8152-cfgselector 5-1: Unknown version 0x0000 [ 70.910372][ T836] r8152-cfgselector 5-1: config 0 descriptor?? [ 71.107803][ T6535] netlink: 4 bytes leftover after parsing attributes in process `syz.1.168'. [ 71.179708][ T6538] netlink: 4 bytes leftover after parsing attributes in process `syz.1.168'. [ 72.413501][ T5973] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 72.437705][ T6510] mkiss: ax0: crc mode is auto. [ 72.477570][ T836] r8152-cfgselector 5-1: Unknown version 0x0000 [ 72.481702][ T836] r8152-cfgselector 5-1: bad CDC descriptors [ 72.497606][ T836] r8152-cfgselector 5-1: USB disconnect, device number 2 [ 72.812448][ T5964] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 72.974698][ T6580] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 72.983474][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 73.029847][ T6584] mkiss: ax0: crc mode is auto. [ 73.081682][ T10] IPVS: starting estimator thread 0... [ 73.172347][ T6589] IPVS: using max 43 ests per chain, 103200 per kthread [ 73.301400][ T5959] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 73.319083][ T6586] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 73.472391][ T6586] usb 6-1: Using ep0 maxpacket: 16 [ 73.479341][ T6586] usb 6-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 73.483302][ T5959] usb 8-1: Using ep0 maxpacket: 16 [ 73.485580][ T6586] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 73.488997][ T6586] usb 6-1: Product: syz [ 73.490762][ T6586] usb 6-1: Manufacturer: syz [ 73.493456][ T6586] usb 6-1: SerialNumber: syz [ 73.498864][ T5959] usb 8-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 73.502798][ T5959] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 73.506764][ T5959] usb 8-1: Product: syz [ 73.508682][ T5959] usb 8-1: Manufacturer: syz [ 73.510879][ T5959] usb 8-1: SerialNumber: syz [ 73.514142][ T6586] r8152-cfgselector 6-1: Unknown version 0x0000 [ 73.516920][ T6586] r8152-cfgselector 6-1: config 0 descriptor?? [ 73.524021][ T5959] r8152-cfgselector 8-1: Unknown version 0x0000 [ 73.528400][ T5959] r8152-cfgselector 8-1: config 0 descriptor?? [ 73.737937][ T5959] r8152-cfgselector 8-1: Unknown version 0x0000 [ 73.741298][ T5959] r8152-cfgselector 8-1: bad CDC descriptors [ 73.748922][ T5959] r8152-cfgselector 8-1: USB disconnect, device number 2 [ 74.340180][ T6609] netlink: 4 bytes leftover after parsing attributes in process `syz.3.194'. [ 74.396276][ T6613] netlink: 4 bytes leftover after parsing attributes in process `syz.3.194'. [ 74.559143][ T6615] input: syz1 as /devices/virtual/input/input7 [ 75.042373][ T5973] Bluetooth: hci4: command 0x1003 tx timeout [ 75.045201][ T5964] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 75.058849][ T6582] mkiss: ax0: crc mode is auto. [ 75.071739][ T6586] r8152-cfgselector 6-1: Unknown version 0x0000 [ 75.074170][ T6586] r8152-cfgselector 6-1: bad CDC descriptors [ 75.081862][ T6586] r8152-cfgselector 6-1: USB disconnect, device number 2 [ 75.842489][ T54] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 75.901139][ T40] kauditd_printk_skb: 34 callbacks suppressed [ 75.901153][ T40] audit: type=1326 audit(1753015407.531:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6641 comm="syz.0.206" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 75.906927][ T6642] netlink: 4 bytes leftover after parsing attributes in process `syz.0.206'. [ 75.910797][ T40] audit: type=1326 audit(1753015407.531:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6641 comm="syz.0.206" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 75.921330][ T40] audit: type=1326 audit(1753015407.531:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6641 comm="syz.0.206" exe="/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 75.932616][ T40] audit: type=1326 audit(1753015407.541:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6641 comm="syz.0.206" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 75.940103][ T40] audit: type=1326 audit(1753015407.541:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6641 comm="syz.0.206" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 75.948301][ T40] audit: type=1326 audit(1753015407.541:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6641 comm="syz.0.206" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 75.955900][ T40] audit: type=1326 audit(1753015407.541:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6641 comm="syz.0.206" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 75.962940][ T40] audit: type=1326 audit(1753015407.541:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6641 comm="syz.0.206" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 75.970043][ T6643] netlink: 4 bytes leftover after parsing attributes in process `syz.0.206'. [ 75.971536][ T40] audit: type=1326 audit(1753015407.541:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6641 comm="syz.0.206" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 75.981426][ T40] audit: type=1326 audit(1753015407.541:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6641 comm="syz.0.206" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 76.012482][ T54] usb 8-1: Using ep0 maxpacket: 16 [ 76.018095][ T54] usb 8-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 76.021946][ T54] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 76.025566][ T54] usb 8-1: Product: syz [ 76.027192][ T54] usb 8-1: Manufacturer: syz [ 76.028762][ T54] usb 8-1: SerialNumber: syz [ 76.034300][ T54] r8152-cfgselector 8-1: Unknown version 0x0000 [ 76.036376][ T54] r8152-cfgselector 8-1: config 0 descriptor?? [ 77.602389][ T5973] Bluetooth: hci4: command 0x1003 tx timeout [ 77.602400][ T5964] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 77.621948][ T6633] mkiss: ax0: crc mode is auto. [ 77.635151][ T54] r8152-cfgselector 8-1: Unknown version 0x0000 [ 77.637456][ T54] r8152-cfgselector 8-1: bad CDC descriptors [ 77.650664][ T54] r8152-cfgselector 8-1: USB disconnect, device number 3 [ 77.689859][ T6649] netlink: 8 bytes leftover after parsing attributes in process `syz.0.208'. [ 78.113783][ T6658] x_tables: duplicate underflow at hook 2 [ 78.844439][ T6669] trusted_key: encrypted_key: insufficient parameters specified [ 79.334283][ T6691] trusted_key: encrypted_key: insufficient parameters specified [ 79.651803][ T6703] tipc: Enabled bearer , priority 0 [ 79.655842][ T6703] syzkaller0: entered promiscuous mode [ 79.658879][ T6703] syzkaller0: entered allmulticast mode [ 79.667027][ T6703] tipc: Resetting bearer [ 79.670167][ T6702] tipc: Resetting bearer [ 79.679567][ T6702] tipc: Disabling bearer [ 80.947391][ T6738] netlink: 4 bytes leftover after parsing attributes in process `syz.3.240'. [ 80.956304][ T6736] trusted_key: encrypted_key: insufficient parameters specified [ 81.005661][ T6739] netlink: 4 bytes leftover after parsing attributes in process `syz.3.240'. [ 81.152963][ T838] cfg80211: failed to load regulatory.db [ 81.227651][ T6741] tipc: Started in network mode [ 81.229948][ T6741] tipc: Node identity 1eb49ca3f427, cluster identity 4711 [ 81.237264][ T6741] tipc: Enabled bearer , priority 0 [ 81.242768][ T6741] syzkaller0: entered promiscuous mode [ 81.245185][ T6741] syzkaller0: entered allmulticast mode [ 81.258520][ T6741] tipc: Resetting bearer [ 81.280493][ T6740] tipc: Resetting bearer [ 81.294187][ T6740] tipc: Disabling bearer [ 81.974922][ T6757] trusted_key: encrypted_key: insufficient parameters specified [ 82.307161][ T6761] fuse: Bad value for 'fd' [ 82.542124][ T40] kauditd_printk_skb: 12 callbacks suppressed [ 82.542136][ T40] audit: type=1326 audit(1753015414.171:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6772 comm="syz.0.254" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 82.552447][ T40] audit: type=1326 audit(1753015414.171:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6772 comm="syz.0.254" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 82.559123][ T40] audit: type=1326 audit(1753015414.181:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6772 comm="syz.0.254" exe="/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 82.565277][ T6775] trusted_key: encrypted_key: insufficient parameters specified [ 82.567662][ T40] audit: type=1326 audit(1753015414.181:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6772 comm="syz.0.254" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 82.578225][ T40] audit: type=1326 audit(1753015414.181:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6772 comm="syz.0.254" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 82.587128][ T40] audit: type=1326 audit(1753015414.181:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6772 comm="syz.0.254" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 82.594536][ T40] audit: type=1326 audit(1753015414.181:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6772 comm="syz.0.254" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 82.604151][ T40] audit: type=1326 audit(1753015414.181:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6772 comm="syz.0.254" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 82.613249][ T40] audit: type=1326 audit(1753015414.181:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6772 comm="syz.0.254" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 82.622111][ T40] audit: type=1326 audit(1753015414.181:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6772 comm="syz.0.254" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 82.938657][ T6779] fuse: Bad value for 'fd' [ 83.220625][ T6784] trusted_key: encrypted_key: insufficient parameters specified [ 83.361263][ T6789] fuse: Bad value for 'fd' [ 83.395442][ T6791] fuse: Bad value for 'fd' [ 83.468293][ T6797] tipc: Enabled bearer , priority 0 [ 83.471298][ T6797] syzkaller0: entered promiscuous mode [ 83.473713][ T6797] syzkaller0: entered allmulticast mode [ 83.481265][ T6797] tipc: Resetting bearer [ 83.488205][ T6794] tipc: Resetting bearer [ 83.498818][ T6794] tipc: Disabling bearer [ 83.505471][ T6801] fuse: Bad value for 'fd' [ 83.660313][ T6806] x_tables: duplicate underflow at hook 2 [ 83.719976][ T6811] fuse: Bad value for 'fd' [ 84.122053][ T6006] IPVS: starting estimator thread 0... [ 84.214095][ T6818] IPVS: using max 41 ests per chain, 98400 per kthread [ 85.090336][ T6829] trusted_key: encrypted_key: insufficient parameters specified [ 85.146741][ T6841] netlink: 4 bytes leftover after parsing attributes in process `syz.2.279'. [ 85.204051][ T6843] netlink: 4 bytes leftover after parsing attributes in process `syz.2.279'. [ 85.211094][ T6842] trusted_key: encrypted_key: insufficient parameters specified [ 85.446951][ T6846] trusted_key: encrypted_key: insufficient parameters specified [ 85.666717][ T6849] trusted_key: encrypted_key: insufficient parameters specified [ 85.872204][ T6855] trusted_key: encrypted_key: insufficient parameters specified [ 86.055787][ T6861] netlink: 16 bytes leftover after parsing attributes in process `syz.2.286'. [ 86.103223][ T10] IPVS: starting estimator thread 0... [ 86.202509][ T6864] IPVS: using max 43 ests per chain, 103200 per kthread [ 86.300010][ T6872] trusted_key: encrypted_key: insufficient parameters specified [ 86.333977][ T6873] trusted_key: encrypted_key: insufficient parameters specified [ 86.812507][ T10] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 86.989975][ T10] usb 6-1: config index 0 descriptor too short (expected 45, got 36) [ 86.998111][ T10] usb 6-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config [ 87.008486][ T10] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 87.018730][ T10] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 87.021556][ T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 87.032590][ T10] usb 6-1: rejected 1 configuration due to insufficient available bus power [ 87.047114][ T10] usb 6-1: no configuration chosen from 1 choice [ 87.171816][ T6891] fuse: Unknown parameter 'grou00000000000000000000' [ 87.369996][ T6895] overlayfs: missing 'lowerdir' [ 87.473067][ T6898] trusted_key: encrypted_key: insufficient parameters specified [ 88.345425][ T6929] trusted_key: encrypted_key: insufficient parameters specified [ 88.685888][ T6936] veth0_to_hsr: entered promiscuous mode [ 88.687808][ T6936] veth0_to_hsr: left promiscuous mode [ 88.725352][ T6942] FAULT_INJECTION: forcing a failure. [ 88.725352][ T6942] name failslab, interval 1, probability 0, space 0, times 1 [ 88.730246][ T6942] CPU: 2 UID: 0 PID: 6942 Comm: syz.2.316 Not tainted 6.16.0-rc6-syzkaller-00281-gf4a40a4282f4 #0 PREEMPT(full) [ 88.730260][ T6942] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 88.730266][ T6942] Call Trace: [ 88.730270][ T6942] [ 88.730275][ T6942] dump_stack_lvl+0x16c/0x1f0 [ 88.730290][ T6942] should_fail_ex+0x512/0x640 [ 88.730301][ T6942] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 88.730318][ T6942] should_failslab+0xc2/0x120 [ 88.730330][ T6942] __kmalloc_cache_noprof+0x6a/0x3e0 [ 88.730345][ T6942] ? device_add+0xccc/0x1a70 [ 88.730361][ T6942] device_add+0xccc/0x1a70 [ 88.730374][ T6942] ? rcu_is_watching+0x12/0xc0 [ 88.730385][ T6942] ? __pfx_device_add+0x10/0x10 [ 88.730402][ T6942] device_create_groups_vargs+0x1f8/0x270 [ 88.730418][ T6942] device_create+0xed/0x130 [ 88.730432][ T6942] ? __pfx_device_create+0x10/0x10 [ 88.730446][ T6942] ? do_init_timer+0xc9/0x110 [ 88.730458][ T6942] ? ieee80211_roc_setup+0x136/0x270 [ 88.730469][ T6942] ? ieee80211_alloc_hw_nm+0x231/0x2260 [ 88.730483][ T6942] mac80211_hwsim_new_radio+0x369/0x54d0 [ 88.730501][ T6942] ? __asan_memset+0x23/0x50 [ 88.730517][ T6942] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 88.730532][ T6942] hwsim_new_radio_nl+0xb51/0x12c0 [ 88.730544][ T6942] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 88.730559][ T6942] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 88.730575][ T6942] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 88.730592][ T6942] genl_family_rcv_msg_doit+0x209/0x2f0 [ 88.730607][ T6942] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 88.730621][ T6942] ? trace_cap_capable+0x18d/0x200 [ 88.730637][ T6942] ? bpf_lsm_capable+0x9/0x10 [ 88.730652][ T6942] ? security_capable+0x7e/0x260 [ 88.730664][ T6942] ? ns_capable+0xd7/0x110 [ 88.730676][ T6942] genl_rcv_msg+0x55c/0x800 [ 88.730691][ T6942] ? __pfx_genl_rcv_msg+0x10/0x10 [ 88.730705][ T6942] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 88.730720][ T6942] netlink_rcv_skb+0x158/0x420 [ 88.730732][ T6942] ? __pfx_genl_rcv_msg+0x10/0x10 [ 88.730752][ T6942] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 88.730769][ T6942] ? netlink_deliver_tap+0x1ae/0xd30 [ 88.730788][ T6942] genl_rcv+0x28/0x40 [ 88.730805][ T6942] netlink_unicast+0x58a/0x850 [ 88.730818][ T6942] ? __pfx_netlink_unicast+0x10/0x10 [ 88.730834][ T6942] netlink_sendmsg+0x8d1/0xdd0 [ 88.730848][ T6942] ? __pfx_netlink_sendmsg+0x10/0x10 [ 88.730863][ T6942] ? __import_iovec+0x1dd/0x650 [ 88.730891][ T6942] ____sys_sendmsg+0xa95/0xc70 [ 88.730910][ T6942] ? __pfx_____sys_sendmsg+0x10/0x10 [ 88.730926][ T6942] ? get_compat_msghdr+0x11a/0x170 [ 88.730942][ T6942] ___sys_sendmsg+0x134/0x1d0 [ 88.730954][ T6942] ? __pfx____sys_sendmsg+0x10/0x10 [ 88.730971][ T6942] ? find_held_lock+0x2b/0x80 [ 88.730990][ T6942] __sys_sendmsg+0x16d/0x220 [ 88.731002][ T6942] ? __pfx___sys_sendmsg+0x10/0x10 [ 88.731018][ T6942] ? rcu_is_watching+0x12/0xc0 [ 88.731030][ T6942] __do_fast_syscall_32+0x7c/0x3a0 [ 88.731043][ T6942] do_fast_syscall_32+0x32/0x80 [ 88.731054][ T6942] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 88.731067][ T6942] RIP: 0023:0xf70ae579 [ 88.731076][ T6942] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 88.731086][ T6942] RSP: 002b:00000000f509e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 88.731095][ T6942] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000140 [ 88.731101][ T6942] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 88.731107][ T6942] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 88.731112][ T6942] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 88.731118][ T6942] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 88.731130][ T6942] [ 89.362741][ T6957] tipc: Enabled bearer , priority 0 [ 89.375260][ T6957] syzkaller0: entered promiscuous mode [ 89.377028][ T6957] syzkaller0: entered allmulticast mode [ 89.381027][ T6958] trusted_key: encrypted_key: insufficient parameters specified [ 89.429912][ T6956] tipc: Resetting bearer [ 89.503757][ T6956] tipc: Disabling bearer [ 89.630834][ T838] usb 6-1: USB disconnect, device number 3 [ 89.670515][ T6965] fuse: Unknown parameter 'grou00000000000000000000' [ 89.688242][ T6963] x_tables: duplicate underflow at hook 2 [ 89.795136][ T6969] trusted_key: encrypted_key: insufficient parameters specified [ 90.084270][ T6981] fuse: Unknown parameter 'group_i00000000000000000000' [ 90.224333][ T6989] tipc: Enabled bearer , priority 0 [ 90.228088][ T6989] syzkaller0: entered promiscuous mode [ 90.230727][ T6989] syzkaller0: entered allmulticast mode [ 90.244592][ T6988] tipc: Resetting bearer [ 90.261666][ T6988] tipc: Disabling bearer [ 90.452348][ T6006] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 90.614428][ T6006] usb 6-1: config index 0 descriptor too short (expected 45, got 36) [ 90.621067][ T6006] usb 6-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config [ 90.628855][ T6006] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 90.635542][ T6006] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 90.639122][ T6006] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 90.649829][ T6006] usb 6-1: rejected 1 configuration due to insufficient available bus power [ 90.654214][ T6006] usb 6-1: no configuration chosen from 1 choice [ 91.057786][ T7006] trusted_key: encrypted_key: insufficient parameters specified [ 91.730594][ T7016] fuse: Unknown parameter 'group_i00000000000000000000' [ 91.946922][ T7020] tipc: Enabled bearer , priority 0 [ 91.950002][ T7020] syzkaller0: entered promiscuous mode [ 91.952123][ T7020] syzkaller0: entered allmulticast mode [ 91.962867][ T7019] tipc: Resetting bearer [ 91.977711][ T7019] tipc: Disabling bearer [ 92.122100][ T7033] 9pnet_fd: Insufficient options for proto=fd [ 92.134940][ T7036] fuse: Unknown parameter 'user_i00000000000000000000' [ 92.185587][ T7040] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 92.197423][ T7038] FAULT_INJECTION: forcing a failure. [ 92.197423][ T7038] name failslab, interval 1, probability 0, space 0, times 0 [ 92.201534][ T7038] CPU: 3 UID: 0 PID: 7038 Comm: syz.0.351 Not tainted 6.16.0-rc6-syzkaller-00281-gf4a40a4282f4 #0 PREEMPT(full) [ 92.201557][ T7038] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 92.201567][ T7038] Call Trace: [ 92.201573][ T7038] [ 92.201579][ T7038] dump_stack_lvl+0x16c/0x1f0 [ 92.201601][ T7038] should_fail_ex+0x512/0x640 [ 92.201618][ T7038] ? __kmalloc_noprof+0xbf/0x510 [ 92.201637][ T7038] ? __d_alloc+0x640/0xaa0 [ 92.201654][ T7038] should_failslab+0xc2/0x120 [ 92.201673][ T7038] __kmalloc_noprof+0xd2/0x510 [ 92.201690][ T7038] ? __d_alloc+0x31/0xaa0 [ 92.201711][ T7038] __d_alloc+0x640/0xaa0 [ 92.201732][ T7038] d_alloc+0x4a/0x1e0 [ 92.201758][ T7038] d_alloc_parallel+0xe3/0x12e0 [ 92.201786][ T7038] ? kasan_save_stack+0x42/0x60 [ 92.201801][ T7038] ? kasan_save_stack+0x33/0x60 [ 92.201815][ T7038] ? kasan_save_track+0x14/0x30 [ 92.201830][ T7038] ? kasan_save_free_info+0x3b/0x60 [ 92.201852][ T7038] ? __kasan_slab_free+0x51/0x70 [ 92.201867][ T7038] ? kfree+0x2b4/0x4d0 [ 92.201889][ T7038] ? map_id_range_up+0x2ce/0x3b0 [ 92.201915][ T7038] ? __pfx_d_alloc_parallel+0x10/0x10 [ 92.201940][ T7038] ? lockdep_init_map_type+0x5c/0x280 [ 92.201965][ T7038] ? lockdep_init_map_type+0x5c/0x280 [ 92.201993][ T7038] __lookup_slow+0x193/0x460 [ 92.202015][ T7038] ? __pfx___lookup_slow+0x10/0x10 [ 92.202041][ T7038] ? compaction_alloc+0x2bb0/0x4220 [ 92.202071][ T7038] ? compaction_alloc+0x2bb0/0x4220 [ 92.202094][ T7038] ? d_lookup+0xe7/0x190 [ 92.202120][ T7038] lookup_one_unlocked+0xd4/0x120 [ 92.202144][ T7038] lookup_one_positive_unlocked+0x24/0xc0 [ 92.202168][ T7038] ovl_lookup_index+0x20d/0x800 [ 92.202209][ T7038] ? __pfx_ovl_lookup_index+0x10/0x10 [ 92.202232][ T7038] ? trace_kmalloc+0x2b/0xd0 [ 92.202261][ T7038] ovl_lookup+0x98f/0x21a0 [ 92.202294][ T7038] ? __pfx_ovl_lookup+0x10/0x10 [ 92.202317][ T7038] ? d_alloc_parallel+0x6ae/0x12e0 [ 92.202344][ T7038] ? mark_lock+0x32d/0x610 [ 92.202383][ T7038] ? lockdep_init_map_type+0x5c/0x280 [ 92.202413][ T7038] __lookup_slow+0x24e/0x460 [ 92.202436][ T7038] ? __pfx___lookup_slow+0x10/0x10 [ 92.202478][ T7038] ? lookup_fast+0x156/0x610 [ 92.202507][ T7038] walk_component+0x353/0x5b0 [ 92.202534][ T7038] path_lookupat+0x142/0x6d0 [ 92.202564][ T7038] filename_lookup+0x224/0x5f0 [ 92.202583][ T7038] ? __pfx_filename_lookup+0x10/0x10 [ 92.202626][ T7038] ? getname_flags.part.0+0x1c5/0x550 [ 92.202655][ T7038] user_path_at+0x3a/0x60 [ 92.202672][ T7038] __ia32_sys_mount+0x1fb/0x310 [ 92.202692][ T7038] ? __pfx___ia32_sys_mount+0x10/0x10 [ 92.202714][ T7038] ? rcu_is_watching+0x12/0xc0 [ 92.202737][ T7038] __do_fast_syscall_32+0x7c/0x3a0 [ 92.202763][ T7038] do_fast_syscall_32+0x32/0x80 [ 92.202781][ T7038] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 92.202802][ T7038] RIP: 0023:0xf70be579 [ 92.202815][ T7038] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 92.202830][ T7038] RSP: 002b:00000000f50ae55c EFLAGS: 00000296 ORIG_RAX: 0000000000000015 [ 92.202846][ T7038] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000080000000 [ 92.202856][ T7038] RDX: 0000000000000000 RSI: 0000000000014000 RDI: 0000000000000000 [ 92.202865][ T7038] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 92.202874][ T7038] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 92.202883][ T7038] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 92.202905][ T7038] [ 92.369915][ T7038] overlayfs: failed inode index lookup (ino=509, key=00fb2100011c01df56c66d4b87a9d65963332e32ad8e268f47fd01000000000000, err=-12); [ 92.369915][ T7038] overlayfs: mount with '-o index=off' to disable inodes index. [ 93.171857][ T7061] fuse: Unknown parameter 'user_i00000000000000000000' [ 93.228501][ T54] usb 6-1: USB disconnect, device number 4 [ 93.245313][ T7065] tipc: Enabled bearer , priority 0 [ 93.250191][ T7065] tipc: Resetting bearer [ 93.257791][ T7064] tipc: Disabling bearer [ 93.278135][ T7067] 9pnet_fd: Insufficient options for proto=fd [ 93.378677][ T40] kauditd_printk_skb: 52 callbacks suppressed [ 93.378687][ T40] audit: type=1326 audit(1753015425.011:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7074 comm="syz.0.362" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 93.390926][ T40] audit: type=1326 audit(1753015425.011:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7074 comm="syz.0.362" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 93.406438][ T40] audit: type=1326 audit(1753015425.011:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7074 comm="syz.0.362" exe="/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 93.418873][ T40] audit: type=1326 audit(1753015425.011:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7074 comm="syz.0.362" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 93.442967][ T40] audit: type=1326 audit(1753015425.011:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7074 comm="syz.0.362" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 93.462303][ T40] audit: type=1326 audit(1753015425.011:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7074 comm="syz.0.362" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 93.470394][ T40] audit: type=1326 audit(1753015425.011:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7074 comm="syz.0.362" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 93.479910][ T40] audit: type=1326 audit(1753015425.011:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7074 comm="syz.0.362" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 93.488809][ T40] audit: type=1326 audit(1753015425.011:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7074 comm="syz.0.362" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 93.497309][ T40] audit: type=1326 audit(1753015425.011:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7074 comm="syz.0.362" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 94.200741][ T7097] fuse: Unknown parameter 'user_i00000000000000000000' [ 94.224597][ T6030] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 94.238724][ T7099] 9pnet_fd: Insufficient options for proto=fd [ 94.329373][ T7105] tipc: Enabled bearer , priority 0 [ 94.335695][ T7105] tipc: Resetting bearer [ 94.383755][ T6030] usb 8-1: config index 0 descriptor too short (expected 45, got 36) [ 94.386492][ T6030] usb 8-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config [ 94.389837][ T6030] usb 8-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21 [ 94.394527][ T6030] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 94.397539][ T6030] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 94.401925][ T6030] usb 8-1: config 0 descriptor?? [ 94.411918][ T7104] tipc: Disabling bearer [ 94.420312][ T6030] usbhid 8-1:0.0: couldn't find an input interrupt endpoint [ 95.422601][ T7125] netlink: 16 bytes leftover after parsing attributes in process `syz.2.377'. [ 95.425479][ T7125] netlink: 16 bytes leftover after parsing attributes in process `syz.2.377'. [ 96.220794][ T7136] tipc: Enabled bearer , priority 0 [ 96.224992][ T7136] tipc: Resetting bearer [ 96.230309][ T7135] tipc: Disabling bearer [ 96.510273][ T7139] trusted_key: encrypted_key: insufficient parameters specified [ 97.482649][ T10] usb 8-1: USB disconnect, device number 4 [ 97.982608][ T7161] syzkaller0: entered promiscuous mode [ 97.984910][ T7161] syzkaller0: entered allmulticast mode [ 98.307638][ T7170] fuse: Unknown parameter '0x0000000000000004' [ 98.559760][ T7176] trusted_key: encrypted_key: insufficient parameters specified [ 99.217311][ T7184] Invalid logical block size (256) [ 99.228366][ T7187] netlink: 24 bytes leftover after parsing attributes in process `syz.2.400'. [ 99.235445][ T7188] fuse: Bad value for 'fd' [ 99.281704][ T7190] overlayfs: failed to get inode (-116) [ 99.284679][ T7193] fuse: Unknown parameter '0x0000000000000004' [ 99.285105][ T7190] overlayfs: failed to get inode (-116) [ 99.321882][ T7197] netlink: 848 bytes leftover after parsing attributes in process `syz.0.408'. [ 99.325407][ T7197] netlink: 848 bytes leftover after parsing attributes in process `syz.0.408'. [ 99.336358][ T7197] usb usb8: usbfs: process 7197 (syz.0.408) did not claim interface 0 before use [ 99.340012][ T7198] syzkaller0: entered promiscuous mode [ 99.341442][ T7197] netlink: 16 bytes leftover after parsing attributes in process `syz.0.408'. [ 99.341640][ T7198] syzkaller0: entered allmulticast mode [ 99.412769][ T7206] netlink: 20 bytes leftover after parsing attributes in process `syz.0.411'. [ 100.261836][ T7218] trusted_key: encrypted_key: insufficient parameters specified [ 100.511531][ T7222] fuse: Bad value for 'fd' [ 101.820082][ T7257] fuse: Bad value for 'fd' [ 102.175781][ T40] kauditd_printk_skb: 13 callbacks suppressed [ 102.175791][ T40] audit: type=1326 audit(1753015433.811:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7262 comm="syz.3.433" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff4579 code=0x7ffc0000 [ 102.184834][ T40] audit: type=1326 audit(1753015433.811:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7262 comm="syz.3.433" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff4579 code=0x7ffc0000 [ 102.191974][ T40] audit: type=1326 audit(1753015433.811:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7262 comm="syz.3.433" exe="/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf7ff4579 code=0x7ffc0000 [ 102.199364][ T40] audit: type=1326 audit(1753015433.811:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7262 comm="syz.3.433" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff4579 code=0x7ffc0000 [ 102.206456][ T40] audit: type=1326 audit(1753015433.811:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7262 comm="syz.3.433" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff4579 code=0x7ffc0000 [ 102.213209][ T40] audit: type=1326 audit(1753015433.811:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7262 comm="syz.3.433" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf7ff4579 code=0x7ffc0000 [ 102.220136][ T40] audit: type=1326 audit(1753015433.811:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7262 comm="syz.3.433" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff4579 code=0x7ffc0000 [ 102.227371][ T40] audit: type=1326 audit(1753015433.811:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7262 comm="syz.3.433" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff4579 code=0x7ffc0000 [ 102.234474][ T40] audit: type=1326 audit(1753015433.811:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7262 comm="syz.3.433" exe="/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf7ff4579 code=0x7ffc0000 [ 102.241270][ T40] audit: type=1326 audit(1753015433.811:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7262 comm="syz.3.433" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff4579 code=0x7ffc0000 [ 102.445929][ T7265] binder: BC_ATTEMPT_ACQUIRE not supported [ 102.448518][ T7265] binder: 7264:7265 ioctl c0306201 800001c0 returned -22 [ 102.645833][ T7267] fuse: Bad value for 'fd' [ 102.837575][ T7281] FAULT_INJECTION: forcing a failure. [ 102.837575][ T7281] name failslab, interval 1, probability 0, space 0, times 0 [ 102.841864][ T7281] CPU: 3 UID: 0 PID: 7281 Comm: syz.3.440 Not tainted 6.16.0-rc6-syzkaller-00281-gf4a40a4282f4 #0 PREEMPT(full) [ 102.841878][ T7281] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 102.841884][ T7281] Call Trace: [ 102.841888][ T7281] [ 102.841892][ T7281] dump_stack_lvl+0x16c/0x1f0 [ 102.841906][ T7281] should_fail_ex+0x512/0x640 [ 102.841918][ T7281] ? __kmalloc_cache_node_noprof+0x5a/0x420 [ 102.841930][ T7281] should_failslab+0xc2/0x120 [ 102.841942][ T7281] __kmalloc_cache_node_noprof+0x6d/0x420 [ 102.841952][ T7281] ? __get_vm_area_node+0x101/0x330 [ 102.841968][ T7281] __get_vm_area_node+0x101/0x330 [ 102.841983][ T7281] __vmalloc_node_range_noprof+0x271/0x14b0 [ 102.841998][ T7281] ? bpf_prog_calc_tag+0x110/0x700 [ 102.842012][ T7281] ? unwind_get_return_address+0x59/0xa0 [ 102.842028][ T7281] ? arch_stack_walk+0xa6/0x100 [ 102.842040][ T7281] ? bpf_prog_calc_tag+0x110/0x700 [ 102.842056][ T7281] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 102.842075][ T7281] ? bpf_prog_calc_tag+0x110/0x700 [ 102.842088][ T7281] __vmalloc_node_noprof+0xad/0xf0 [ 102.842102][ T7281] ? bpf_prog_calc_tag+0x110/0x700 [ 102.842116][ T7281] bpf_prog_calc_tag+0x110/0x700 [ 102.842131][ T7281] ? __pfx_bpf_prog_calc_tag+0x10/0x10 [ 102.842145][ T7281] ? __sort_r+0x4d/0x660 [ 102.842160][ T7281] ? __pfx_cmp_subprogs+0x10/0x10 [ 102.842169][ T7281] ? sort+0x97/0xd0 [ 102.842180][ T7281] resolve_pseudo_ldimm64+0xd3/0x1a90 [ 102.842202][ T7281] ? find_containing_subprog+0x175/0x1d0 [ 102.842216][ T7281] ? __pfx_resolve_pseudo_ldimm64+0x10/0x10 [ 102.842226][ T7281] ? check_subprogs+0x5e2/0x850 [ 102.842240][ T7281] bpf_check+0x610c/0xb4f0 [ 102.842252][ T7281] ? __mutex_trylock_common+0xe9/0x250 [ 102.842276][ T7281] ? __pfx_bpf_check+0x10/0x10 [ 102.842290][ T7281] ? css_rstat_updated+0x9d/0xd30 [ 102.842303][ T7281] ? __lock_acquire+0xb8a/0x1c90 [ 102.842323][ T7281] ? find_held_lock+0x2b/0x80 [ 102.842334][ T7281] ? rcu_is_watching+0x12/0xc0 [ 102.842345][ T7281] ? ktime_get_with_offset+0x26e/0x3b0 [ 102.842358][ T7281] ? __asan_memset+0x23/0x50 [ 102.842373][ T7281] ? bpf_obj_name_cpy+0x14a/0x1a0 [ 102.842390][ T7281] bpf_prog_load+0xe41/0x2490 [ 102.842408][ T7281] ? __pfx_bpf_prog_load+0x10/0x10 [ 102.842436][ T7281] __sys_bpf+0x4d1a/0x4ea0 [ 102.842447][ T7281] ? __pfx___sys_bpf+0x10/0x10 [ 102.842456][ T7281] ? ksys_write+0x190/0x250 [ 102.842468][ T7281] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 102.842487][ T7281] ? fput+0x70/0xf0 [ 102.842499][ T7281] ? ksys_write+0x1ac/0x250 [ 102.842507][ T7281] ? __pfx_ksys_write+0x10/0x10 [ 102.842519][ T7281] __ia32_sys_bpf+0x76/0xe0 [ 102.842529][ T7281] __do_fast_syscall_32+0x7c/0x3a0 [ 102.842541][ T7281] do_fast_syscall_32+0x32/0x80 [ 102.842552][ T7281] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 102.842565][ T7281] RIP: 0023:0xf7ff4579 [ 102.842573][ T7281] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 102.842583][ T7281] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 102.842592][ T7281] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000640 [ 102.842598][ T7281] RDX: 0000000000000094 RSI: 0000000000000000 RDI: 0000000000000000 [ 102.842604][ T7281] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 102.842609][ T7281] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 102.842615][ T7281] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 102.842627][ T7281] [ 102.961675][ T7281] syz.3.440: vmalloc error: size 64, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 102.965842][ T7281] CPU: 3 UID: 0 PID: 7281 Comm: syz.3.440 Not tainted 6.16.0-rc6-syzkaller-00281-gf4a40a4282f4 #0 PREEMPT(full) [ 102.965867][ T7281] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 102.965874][ T7281] Call Trace: [ 102.965878][ T7281] [ 102.965882][ T7281] dump_stack_lvl+0x16c/0x1f0 [ 102.965896][ T7281] warn_alloc+0x248/0x3a0 [ 102.965908][ T7281] ? __pfx_warn_alloc+0x10/0x10 [ 102.965918][ T7281] ? rcu_is_watching+0x12/0xc0 [ 102.965929][ T7281] ? trace_kmalloc+0x2b/0xd0 [ 102.965941][ T7281] ? __kmalloc_cache_node_noprof+0x272/0x420 [ 102.965953][ T7281] ? __kasan_kmalloc+0x8a/0xb0 [ 102.965963][ T7281] ? __get_vm_area_node+0x208/0x330 [ 102.965980][ T7281] __vmalloc_node_range_noprof+0xb2d/0x14b0 [ 102.965995][ T7281] ? unwind_get_return_address+0x59/0xa0 [ 102.966012][ T7281] ? arch_stack_walk+0xa6/0x100 [ 102.966024][ T7281] ? bpf_prog_calc_tag+0x110/0x700 [ 102.966041][ T7281] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 102.966061][ T7281] ? bpf_prog_calc_tag+0x110/0x700 [ 102.966073][ T7281] __vmalloc_node_noprof+0xad/0xf0 [ 102.966087][ T7281] ? bpf_prog_calc_tag+0x110/0x700 [ 102.966101][ T7281] bpf_prog_calc_tag+0x110/0x700 [ 102.966116][ T7281] ? __pfx_bpf_prog_calc_tag+0x10/0x10 [ 102.966130][ T7281] ? __sort_r+0x4d/0x660 [ 102.966145][ T7281] ? __pfx_cmp_subprogs+0x10/0x10 [ 102.966155][ T7281] ? sort+0x97/0xd0 [ 102.966166][ T7281] resolve_pseudo_ldimm64+0xd3/0x1a90 [ 102.966176][ T7281] ? find_containing_subprog+0x175/0x1d0 [ 102.966188][ T7281] ? __pfx_resolve_pseudo_ldimm64+0x10/0x10 [ 102.966199][ T7281] ? check_subprogs+0x5e2/0x850 [ 102.966212][ T7281] bpf_check+0x610c/0xb4f0 [ 102.966224][ T7281] ? __mutex_trylock_common+0xe9/0x250 [ 102.966247][ T7281] ? __pfx_bpf_check+0x10/0x10 [ 102.966262][ T7281] ? css_rstat_updated+0x9d/0xd30 [ 102.966274][ T7281] ? __lock_acquire+0xb8a/0x1c90 [ 102.966294][ T7281] ? find_held_lock+0x2b/0x80 [ 102.966306][ T7281] ? rcu_is_watching+0x12/0xc0 [ 102.966315][ T7281] ? ktime_get_with_offset+0x26e/0x3b0 [ 102.966329][ T7281] ? __asan_memset+0x23/0x50 [ 102.966343][ T7281] ? bpf_obj_name_cpy+0x14a/0x1a0 [ 102.966359][ T7281] bpf_prog_load+0xe41/0x2490 [ 102.966377][ T7281] ? __pfx_bpf_prog_load+0x10/0x10 [ 102.966405][ T7281] __sys_bpf+0x4d1a/0x4ea0 [ 102.966415][ T7281] ? __pfx___sys_bpf+0x10/0x10 [ 102.966424][ T7281] ? ksys_write+0x190/0x250 [ 102.966436][ T7281] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 102.966456][ T7281] ? fput+0x70/0xf0 [ 102.966467][ T7281] ? ksys_write+0x1ac/0x250 [ 102.966476][ T7281] ? __pfx_ksys_write+0x10/0x10 [ 102.966488][ T7281] __ia32_sys_bpf+0x76/0xe0 [ 102.966498][ T7281] __do_fast_syscall_32+0x7c/0x3a0 [ 102.966509][ T7281] do_fast_syscall_32+0x32/0x80 [ 102.966520][ T7281] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 102.966532][ T7281] RIP: 0023:0xf7ff4579 [ 102.966541][ T7281] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 102.966550][ T7281] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 102.966559][ T7281] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000640 [ 102.966565][ T7281] RDX: 0000000000000094 RSI: 0000000000000000 RDI: 0000000000000000 [ 102.966571][ T7281] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 102.966576][ T7281] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 102.966582][ T7281] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 102.966594][ T7281] [ 102.966974][ T7281] Mem-Info: [ 103.092358][ T7281] active_anon:9346 inactive_anon:0 isolated_anon:0 [ 103.092358][ T7281] active_file:11313 inactive_file:39283 isolated_file:0 [ 103.092358][ T7281] unevictable:1768 dirty:633 writeback:0 [ 103.092358][ T7281] slab_reclaimable:10196 slab_unreclaimable:53206 [ 103.092358][ T7281] mapped:28920 shmem:5306 pagetables:1160 [ 103.092358][ T7281] sec_pagetables:296 bounce:0 [ 103.092358][ T7281] kernel_misc_reclaimable:0 [ 103.092358][ T7281] free:43022 free_pcp:10677 free_cma:0 [ 103.110385][ T7281] Node 0 active_anon:5592kB inactive_anon:0kB active_file:12kB inactive_file:13124kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:7976kB dirty:8kB writeback:0kB shmem:3920kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:8112kB pagetables:1404kB sec_pagetables:1112kB all_unreclaimable? yes Balloon:0kB [ 103.124533][ T7281] Node 1 active_anon:31792kB inactive_anon:0kB active_file:45240kB inactive_file:144008kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:107704kB dirty:2524kB writeback:0kB shmem:17304kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:5156kB pagetables:3236kB sec_pagetables:72kB all_unreclaimable? no Balloon:0kB [ 103.140284][ T7281] Node 0 DMA free:2684kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:368kB local_pcp:0kB free_cma:0kB [ 103.152559][ T7281] lowmem_reserve[]: 0 289 289 289 289 [ 103.154834][ T7281] Node 0 DMA32 free:18248kB boost:6144kB min:19364kB low:22668kB high:25972kB reserved_highatomic:4096KB free_highatomic:1320KB active_anon:5592kB inactive_anon:0kB active_file:12kB inactive_file:13124kB unevictable:3536kB writepending:8kB present:1032196kB managed:296000kB mlocked:0kB bounce:0kB free_pcp:14984kB local_pcp:3624kB free_cma:0kB [ 103.169124][ T7281] lowmem_reserve[]: 0 0 0 0 0 [ 103.171096][ T7281] Node 1 DMA32 free:151156kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:31792kB inactive_anon:0kB active_file:45240kB inactive_file:144008kB unevictable:3536kB writepending:2524kB present:1048432kB managed:948284kB mlocked:0kB bounce:0kB free_pcp:27364kB local_pcp:5640kB free_cma:0kB [ 103.185390][ T7281] lowmem_reserve[]: 0 0 0 0 0 [ 103.190005][ T7281] Node 0 DMA: 31*4kB (U) 12*8kB (U) 4*16kB (U) 15*32kB (UE) 2*64kB (U) 0*128kB 1*256kB (E) 1*512kB (E) 1*1024kB (E) 0*2048kB 0*4096kB = 2684kB [ 103.196565][ T7281] Node 0 DMA32: 690*4kB (UH) 8*8kB (UH) 16*16kB (UH) 240*32kB (UH) 77*64kB (UH) 12*128kB (UE) 4*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 18248kB [ 103.203294][ T7281] Node 1 DMA32: 247*4kB (UM) 1055*8kB (UME) 479*16kB (UME) 360*32kB (UME) 292*64kB (UME) 39*128kB (UME) 20*256kB (UME) 11*512kB (UME) 4*1024kB (UME) 5*2048kB (UM) 18*4096kB (UM) = 151108kB [ 103.210392][ T7281] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 103.214331][ T7281] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 103.217823][ T7281] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 103.221211][ T7281] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 103.224791][ T7281] 55870 total pagecache pages [ 103.226778][ T7281] 0 pages in swap cache [ 103.228540][ T7281] Free swap = 124996kB [ 103.229979][ T7281] Total swap = 124996kB [ 103.231356][ T7281] 524155 pages RAM [ 103.232687][ T7281] 0 pages HighMem/MovableOnly [ 103.234165][ T7281] 209244 pages reserved [ 103.235449][ T7281] 0 pages cma reserved [ 103.319360][ T7285] overlayfs: failed to get inode (-116) [ 103.321932][ T7285] overlayfs: failed to get inode (-116) [ 103.939624][ T7293] binder: BC_ATTEMPT_ACQUIRE not supported [ 103.942505][ T7293] binder: 7292:7293 ioctl c0306201 800001c0 returned -22 [ 104.191431][ T7297] netlink: 20 bytes leftover after parsing attributes in process `syz.3.446'. [ 104.280624][ T7299] FAULT_INJECTION: forcing a failure. [ 104.280624][ T7299] name failslab, interval 1, probability 0, space 0, times 0 [ 104.286731][ T7299] CPU: 3 UID: 0 PID: 7299 Comm: syz.3.447 Not tainted 6.16.0-rc6-syzkaller-00281-gf4a40a4282f4 #0 PREEMPT(full) [ 104.286752][ T7299] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 104.286761][ T7299] Call Trace: [ 104.286767][ T7299] [ 104.286773][ T7299] dump_stack_lvl+0x16c/0x1f0 [ 104.286795][ T7299] should_fail_ex+0x512/0x640 [ 104.286811][ T7299] ? __kmalloc_noprof+0xbf/0x510 [ 104.286830][ T7299] ? io_cache_alloc_new+0x45/0xf0 [ 104.286846][ T7299] should_failslab+0xc2/0x120 [ 104.286865][ T7299] __kmalloc_noprof+0xd2/0x510 [ 104.286887][ T7299] io_cache_alloc_new+0x45/0xf0 [ 104.286911][ T7299] __io_prep_rw+0x21d/0x1000 [ 104.286935][ T7299] ? __pfx___io_prep_rw+0x10/0x10 [ 104.286954][ T7299] ? mark_held_locks+0x49/0x80 [ 104.286976][ T7299] ? __pfx___io_alloc_req_refill+0x10/0x10 [ 104.287003][ T7299] io_prep_rw+0x24/0x220 [ 104.287026][ T7299] io_prep_writev+0x23/0xa0 [ 104.287047][ T7299] io_submit_sqes+0x835/0x2580 [ 104.287083][ T7299] __do_sys_io_uring_enter+0xd6a/0x1630 [ 104.287111][ T7299] ? __fget_files+0x20e/0x3c0 [ 104.287127][ T7299] ? __pfx___do_sys_io_uring_enter+0x10/0x10 [ 104.287153][ T7299] ? fput+0x70/0xf0 [ 104.287172][ T7299] ? ksys_write+0x1ac/0x250 [ 104.287188][ T7299] ? __pfx_ksys_write+0x10/0x10 [ 104.287205][ T7299] ? rcu_is_watching+0x12/0xc0 [ 104.287226][ T7299] __do_fast_syscall_32+0x7c/0x3a0 [ 104.287245][ T7299] do_fast_syscall_32+0x32/0x80 [ 104.287261][ T7299] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 104.287280][ T7299] RIP: 0023:0xf7ff4579 [ 104.287292][ T7299] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 104.287307][ T7299] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 00000000000001aa [ 104.287322][ T7299] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000000040f9 [ 104.287332][ T7299] RDX: 0000000000000217 RSI: 00000000000000a5 RDI: 0000000000000000 [ 104.287341][ T7299] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 104.287351][ T7299] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 104.287359][ T7299] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 104.287378][ T7299] [ 104.474868][ T7303] fuse: Bad value for 'fd' [ 104.524568][ T7305] x_tables: duplicate underflow at hook 2 [ 105.214610][ T837] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 105.897597][ T7349] fuse: Invalid rootmode [ 115.383497][ T40] kauditd_printk_skb: 16 callbacks suppressed [ 115.383509][ T40] audit: type=1326 audit(1753015447.021:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7384 comm="syz.3.465" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7ff4579 code=0x0 [ 115.495065][ T7390] trusted_key: encrypted_key: insufficient parameters specified [ 116.575057][ T7409] trusted_key: encrypted_key: insufficient parameters specified [ 117.227564][ T7418] x_tables: duplicate underflow at hook 2 [ 117.278765][ T7419] netlink: 132 bytes leftover after parsing attributes in process `syz.2.473'. [ 117.440096][ T40] audit: type=1326 audit(1753015449.071:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7423 comm="syz.0.476" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 117.459100][ T40] audit: type=1326 audit(1753015449.071:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7423 comm="syz.0.476" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 117.481414][ T40] audit: type=1326 audit(1753015449.091:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7423 comm="syz.0.476" exe="/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 117.503596][ T40] audit: type=1326 audit(1753015449.091:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7423 comm="syz.0.476" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 117.515171][ T7424] netlink: 892 bytes leftover after parsing attributes in process `syz.0.476'. [ 117.515421][ T40] audit: type=1326 audit(1753015449.091:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7423 comm="syz.0.476" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 117.528498][ T40] audit: type=1326 audit(1753015449.111:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7423 comm="syz.0.476" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 117.560592][ T40] audit: type=1326 audit(1753015449.111:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7423 comm="syz.0.476" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 117.571390][ T40] audit: type=1326 audit(1753015449.111:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7423 comm="syz.0.476" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 117.572105][ T7427] netlink: 892 bytes leftover after parsing attributes in process `syz.0.476'. [ 117.582439][ T40] audit: type=1326 audit(1753015449.111:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7423 comm="syz.0.476" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 117.605525][ T7429] x_tables: duplicate underflow at hook 2 [ 117.963310][ T7433] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5) [ 117.965448][ T7433] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 117.969517][ T7433] vhci_hcd vhci_hcd.0: Device attached [ 117.985338][ T7433] fuse: Bad value for 'fd' [ 118.232372][ T6586] usb 40-1: SetAddress Request (2) to port 0 [ 118.234607][ T6586] usb 40-1: new SuperSpeed USB device number 2 using vhci_hcd [ 118.289249][ T7438] trusted_key: encrypted_key: insufficient parameters specified [ 118.700950][ T7445] trusted_key: encrypted_key: insufficient parameters specified [ 118.952335][ T7434] vhci_hcd: connection reset by peer [ 118.956827][ T80] vhci_hcd: stop threads [ 118.961406][ T80] vhci_hcd: release socket [ 118.968508][ T80] vhci_hcd: disconnect device [ 119.468992][ T7460] nfs: Deprecated parameter 'nointr' [ 119.598329][ T7462] loop6: detected capacity change from 0 to 524287999 [ 120.188563][ T7471] FAULT_INJECTION: forcing a failure. [ 120.188563][ T7471] name failslab, interval 1, probability 0, space 0, times 0 [ 120.194023][ T7471] CPU: 0 UID: 0 PID: 7471 Comm: syz.3.489 Not tainted 6.16.0-rc6-syzkaller-00281-gf4a40a4282f4 #0 PREEMPT(full) [ 120.194037][ T7471] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 120.194044][ T7471] Call Trace: [ 120.194048][ T7471] [ 120.194052][ T7471] dump_stack_lvl+0x16c/0x1f0 [ 120.194067][ T7471] should_fail_ex+0x512/0x640 [ 120.194079][ T7471] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 120.194092][ T7471] should_failslab+0xc2/0x120 [ 120.194104][ T7471] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 120.194115][ T7471] ? prepare_creds+0x2c/0x7d0 [ 120.194134][ T7471] prepare_creds+0x2c/0x7d0 [ 120.194150][ T7471] join_session_keyring+0x17/0x340 [ 120.194166][ T7471] lookup_user_key+0xe3f/0x1300 [ 120.194183][ T7471] ? __pfx_lookup_user_key+0x10/0x10 [ 120.194201][ T7471] ? __pfx_lookup_user_key_possessed+0x10/0x10 [ 120.194222][ T7471] __do_sys_add_key+0x256/0x470 [ 120.194235][ T7471] ? __pfx___do_sys_add_key+0x10/0x10 [ 120.194246][ T7471] ? ksys_write+0x1ac/0x250 [ 120.194258][ T7471] ? rcu_is_watching+0x12/0xc0 [ 120.194272][ T7471] __do_fast_syscall_32+0x7c/0x3a0 [ 120.194284][ T7471] do_fast_syscall_32+0x32/0x80 [ 120.194296][ T7471] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 120.194309][ T7471] RIP: 0023:0xf7ff4579 [ 120.194317][ T7471] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 120.194327][ T7471] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 000000000000011e [ 120.194337][ T7471] RAX: ffffffffffffffda RBX: 0000000080000040 RCX: 0000000000000000 [ 120.194344][ T7471] RDX: 00000000800000c0 RSI: 000000000000000d RDI: 00000000fffffffd [ 120.194350][ T7471] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 120.194356][ T7471] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 120.194361][ T7471] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 120.194374][ T7471] [ 120.279905][ T5959] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 120.438631][ T7480] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7) [ 120.440999][ T7480] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 120.444630][ T7480] vhci_hcd vhci_hcd.0: Device attached [ 120.448701][ T7480] FAULT_INJECTION: forcing a failure. [ 120.448701][ T7480] name failslab, interval 1, probability 0, space 0, times 0 [ 120.452758][ T7480] CPU: 1 UID: 0 PID: 7480 Comm: syz.0.493 Not tainted 6.16.0-rc6-syzkaller-00281-gf4a40a4282f4 #0 PREEMPT(full) [ 120.452782][ T7480] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 120.452789][ T7480] Call Trace: [ 120.452793][ T7480] [ 120.452797][ T7480] dump_stack_lvl+0x16c/0x1f0 [ 120.452811][ T7480] should_fail_ex+0x512/0x640 [ 120.452825][ T7480] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 120.452838][ T7480] should_failslab+0xc2/0x120 [ 120.452850][ T7480] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 120.452861][ T7480] ? __alloc_skb+0x2b2/0x380 [ 120.452874][ T7480] __alloc_skb+0x2b2/0x380 [ 120.452883][ T7480] ? __pfx___alloc_skb+0x10/0x10 [ 120.452893][ T7480] ? __nla_validate_parse+0x600/0x2880 [ 120.452910][ T7480] ovs_dp_cmd_new+0x167/0xe60 [ 120.452930][ T7480] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 120.452948][ T7480] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 120.452964][ T7480] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 120.452981][ T7480] genl_family_rcv_msg_doit+0x209/0x2f0 [ 120.452996][ T7480] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 120.453010][ T7480] ? trace_cap_capable+0x18d/0x200 [ 120.453026][ T7480] ? bpf_lsm_capable+0x9/0x10 [ 120.453040][ T7480] ? security_capable+0x7e/0x260 [ 120.453053][ T7480] ? ns_capable+0xd7/0x110 [ 120.453066][ T7480] genl_rcv_msg+0x55c/0x800 [ 120.453081][ T7480] ? __pfx_genl_rcv_msg+0x10/0x10 [ 120.453095][ T7480] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 120.453115][ T7480] netlink_rcv_skb+0x158/0x420 [ 120.453127][ T7480] ? __pfx_genl_rcv_msg+0x10/0x10 [ 120.453141][ T7480] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 120.453159][ T7480] ? netlink_deliver_tap+0x1ae/0xd30 [ 120.453173][ T7480] genl_rcv+0x28/0x40 [ 120.453185][ T7480] netlink_unicast+0x58a/0x850 [ 120.453199][ T7480] ? __pfx_netlink_unicast+0x10/0x10 [ 120.453215][ T7480] netlink_sendmsg+0x8d1/0xdd0 [ 120.453229][ T7480] ? __pfx_netlink_sendmsg+0x10/0x10 [ 120.453242][ T7480] ? __import_iovec+0x1dd/0x650 [ 120.453257][ T7480] ____sys_sendmsg+0xa95/0xc70 [ 120.453272][ T7480] ? __pfx_____sys_sendmsg+0x10/0x10 [ 120.453284][ T7480] ? get_compat_msghdr+0x11a/0x170 [ 120.453301][ T7480] ___sys_sendmsg+0x134/0x1d0 [ 120.453313][ T7480] ? __pfx____sys_sendmsg+0x10/0x10 [ 120.453330][ T7480] ? find_held_lock+0x2b/0x80 [ 120.453350][ T7480] __sys_sendmsg+0x16d/0x220 [ 120.453360][ T7480] ? __pfx___sys_sendmsg+0x10/0x10 [ 120.453377][ T7480] ? rcu_is_watching+0x12/0xc0 [ 120.453390][ T7480] __do_fast_syscall_32+0x7c/0x3a0 [ 120.453402][ T7480] do_fast_syscall_32+0x32/0x80 [ 120.453413][ T7480] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 120.453425][ T7480] RIP: 0023:0xf70be579 [ 120.453433][ T7480] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 120.453442][ T7480] RSP: 002b:00000000f508d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 120.453452][ T7480] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000080000040 [ 120.453458][ T7480] RDX: 000000000000c010 RSI: 0000000000000000 RDI: 0000000000000000 [ 120.453463][ T7480] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 120.453469][ T7480] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 120.453474][ T7480] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 120.453493][ T7480] [ 120.459375][ T5959] usb 6-1: config index 0 descriptor too short (expected 45, got 36) [ 120.576347][ T5959] usb 6-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config [ 120.580052][ T5959] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21 [ 120.584294][ T5959] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 120.587307][ T5959] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 120.653780][ T5959] usb 6-1: config 0 descriptor?? [ 120.680783][ T5959] usbhid 6-1:0.0: couldn't find an input interrupt endpoint [ 120.692668][ T837] usb 37-1: new high-speed USB device number 2 using vhci_hcd [ 121.202569][ T7482] vhci_hcd: connection reset by peer [ 121.205999][ T1140] vhci_hcd: stop threads [ 121.222333][ T1140] vhci_hcd: release socket [ 121.224791][ T1140] vhci_hcd: disconnect device [ 121.801588][ T7500] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7) [ 121.803784][ T7500] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 121.805028][ T7503] overlay: Unknown parameter 'fscontext' [ 121.807835][ T7500] vhci_hcd vhci_hcd.0: Device attached [ 121.884149][ T40] kauditd_printk_skb: 15 callbacks suppressed [ 121.884165][ T40] audit: type=1804 audit(1753015453.481:204): pid=7503 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.496" name="/newroot/126/bus/bus" dev="tmpfs" ino=705 res=1 errno=0 [ 122.585395][ T7501] vhci_hcd: connection closed [ 122.591796][ T1139] vhci_hcd: stop threads [ 122.660171][ T1139] vhci_hcd: release socket [ 122.668419][ T1139] vhci_hcd: disconnect device [ 122.995142][ T6030] usb 6-1: USB disconnect, device number 5 [ 123.053297][ T7515] FAULT_INJECTION: forcing a failure. [ 123.053297][ T7515] name failslab, interval 1, probability 0, space 0, times 0 [ 123.067348][ T7515] CPU: 1 UID: 0 PID: 7515 Comm: syz.2.500 Not tainted 6.16.0-rc6-syzkaller-00281-gf4a40a4282f4 #0 PREEMPT(full) [ 123.067365][ T7515] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 123.067371][ T7515] Call Trace: [ 123.067374][ T7515] [ 123.067378][ T7515] dump_stack_lvl+0x16c/0x1f0 [ 123.067393][ T7515] should_fail_ex+0x512/0x640 [ 123.067404][ T7515] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 123.067422][ T7515] should_failslab+0xc2/0x120 [ 123.067434][ T7515] __kmalloc_cache_noprof+0x6a/0x3e0 [ 123.067449][ T7515] ? subflow_create_ctx+0x9b/0x2c0 [ 123.067463][ T7515] subflow_create_ctx+0x9b/0x2c0 [ 123.067474][ T7515] subflow_ulp_init+0xc3/0x4d0 [ 123.067489][ T7515] tcp_set_ulp+0x326/0x7f0 [ 123.067504][ T7515] mptcp_subflow_create_socket+0x361/0xed0 [ 123.067520][ T7515] ? __pfx_mptcp_subflow_create_socket+0x10/0x10 [ 123.067534][ T7515] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 123.067551][ T7515] __mptcp_nmpc_sk+0x182/0x7d0 [ 123.067566][ T7515] ? __pfx___mptcp_nmpc_sk+0x10/0x10 [ 123.067579][ T7515] ? register_lock_class+0x41/0x4c0 [ 123.067597][ T7515] mptcp_connect+0x7d/0xaf0 [ 123.067612][ T7515] __inet_stream_connect+0x917/0xf60 [ 123.067631][ T7515] ? __pfx___inet_stream_connect+0x10/0x10 [ 123.067646][ T7515] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 123.067663][ T7515] ? __pfx_inet_stream_connect+0x10/0x10 [ 123.067678][ T7515] ? __local_bh_enable_ip+0xa4/0x120 [ 123.067691][ T7515] ? __pfx_inet_stream_connect+0x10/0x10 [ 123.067705][ T7515] inet_stream_connect+0x57/0xa0 [ 123.067721][ T7515] __sys_connect_file+0x141/0x1a0 [ 123.067738][ T7515] __sys_connect+0x13b/0x160 [ 123.067753][ T7515] ? __pfx___sys_connect+0x10/0x10 [ 123.067779][ T7515] ? handle_mm_fault+0x1d0/0xd10 [ 123.067801][ T7515] ? __pfx_ksys_write+0x10/0x10 [ 123.067814][ T7515] __ia32_sys_connect+0x71/0xb0 [ 123.067828][ T7515] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 123.067840][ T7515] __do_fast_syscall_32+0x7c/0x3a0 [ 123.067853][ T7515] do_fast_syscall_32+0x32/0x80 [ 123.067863][ T7515] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 123.067876][ T7515] RIP: 0023:0xf70ae579 [ 123.067884][ T7515] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 123.067894][ T7515] RSP: 002b:00000000f509e55c EFLAGS: 00000296 ORIG_RAX: 000000000000016a [ 123.067904][ T7515] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080004cc0 [ 123.067910][ T7515] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000000 [ 123.067916][ T7515] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 123.067921][ T7515] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 123.067927][ T7515] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 123.067940][ T7515] [ 123.282421][ T6586] usb 40-1: device descriptor read/8, error -110 [ 123.376644][ T7532] 9pnet_fd: Insufficient options for proto=fd [ 123.683346][ T6586] usb usb40-port1: attempt power cycle [ 123.862338][ T6593] usb 7-1: new low-speed USB device number 2 using dummy_hcd [ 123.957076][ T7537] bridge0: port 3(vlan2) entered blocking state [ 123.959468][ T7537] bridge0: port 3(vlan2) entered disabled state [ 123.961696][ T7537] vlan2: entered allmulticast mode [ 123.963662][ T7537] dummy0: entered allmulticast mode [ 123.972475][ T7537] vlan2: entered promiscuous mode [ 123.974306][ T7537] dummy0: entered promiscuous mode [ 123.992378][ T6593] usb 7-1: device descriptor read/64, error -71 [ 123.996797][ T7539] random: crng reseeded on system resumption [ 124.108035][ T7547] trusted_key: encrypted_key: insufficient parameters specified [ 124.232405][ T6593] usb 7-1: new low-speed USB device number 3 using dummy_hcd [ 124.262757][ T6586] usb usb40-port1: unable to enumerate USB device [ 124.272648][ T54] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 124.362350][ T6593] usb 7-1: device descriptor read/64, error -71 [ 124.458466][ T7554] fuse: Unknown parameter 'user_i00000000000000000000' [ 124.472767][ T6593] usb usb7-port1: attempt power cycle [ 124.478540][ T54] usb 5-1: config index 0 descriptor too short (expected 45, got 36) [ 124.482461][ T54] usb 5-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config [ 124.486873][ T54] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21 [ 124.491457][ T54] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 124.494812][ T54] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 124.503520][ T54] usb 5-1: config 0 descriptor?? [ 124.507978][ T54] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 124.812432][ T6593] usb 7-1: new low-speed USB device number 4 using dummy_hcd [ 124.832920][ T6593] usb 7-1: device descriptor read/8, error -71 [ 125.072337][ T6593] usb 7-1: new low-speed USB device number 5 using dummy_hcd [ 125.093388][ T6593] usb 7-1: device descriptor read/8, error -71 [ 125.203318][ T6593] usb usb7-port1: unable to enumerate USB device [ 125.832428][ T837] vhci_hcd: vhci_device speed not set [ 126.888351][ T7584] tipc: Enabling of bearer rejected, failed to enable media [ 127.042515][ T836] usb 5-1: USB disconnect, device number 3 [ 127.227697][ T7595] FAULT_INJECTION: forcing a failure. [ 127.227697][ T7595] name failslab, interval 1, probability 0, space 0, times 0 [ 127.232531][ T7595] CPU: 3 UID: 0 PID: 7595 Comm: syz.3.524 Not tainted 6.16.0-rc6-syzkaller-00281-gf4a40a4282f4 #0 PREEMPT(full) [ 127.232546][ T7595] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 127.232552][ T7595] Call Trace: [ 127.232557][ T7595] [ 127.232562][ T7595] dump_stack_lvl+0x16c/0x1f0 [ 127.232577][ T7595] should_fail_ex+0x512/0x640 [ 127.232590][ T7595] ? io_alloc_ocqe+0x7e/0x610 [ 127.232601][ T7595] should_failslab+0xc2/0x120 [ 127.232614][ T7595] __kmalloc_noprof+0xd2/0x510 [ 127.232628][ T7595] io_alloc_ocqe+0x7e/0x610 [ 127.232639][ T7595] ? io_cqe_cache_refill+0x221/0x2c0 [ 127.232659][ T7595] __io_submit_flush_completions+0x9b3/0x17f0 [ 127.232678][ T7595] io_submit_sqes+0x9eb/0x2580 [ 127.232702][ T7595] __do_sys_io_uring_enter+0xd6a/0x1630 [ 127.232720][ T7595] ? __fget_files+0x20e/0x3c0 [ 127.232730][ T7595] ? __pfx___do_sys_io_uring_enter+0x10/0x10 [ 127.232748][ T7595] ? fput+0x70/0xf0 [ 127.232760][ T7595] ? ksys_write+0x1ac/0x250 [ 127.232770][ T7595] ? __pfx_ksys_write+0x10/0x10 [ 127.232781][ T7595] ? rcu_is_watching+0x12/0xc0 [ 127.232794][ T7595] __do_fast_syscall_32+0x7c/0x3a0 [ 127.232807][ T7595] do_fast_syscall_32+0x32/0x80 [ 127.232819][ T7595] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 127.232832][ T7595] RIP: 0023:0xf7ff4579 [ 127.232840][ T7595] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 127.232850][ T7595] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 00000000000001aa [ 127.232860][ T7595] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000002d3e [ 127.232867][ T7595] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 127.232873][ T7595] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 127.232879][ T7595] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 127.232885][ T7595] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 127.232898][ T7595] [ 128.220683][ T7618] trusted_key: encrypted_key: insufficient parameters specified [ 128.482447][ T837] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 128.637268][ T837] usb 7-1: config index 0 descriptor too short (expected 45, got 36) [ 128.640288][ T837] usb 7-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config [ 128.644812][ T837] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21 [ 128.652345][ T837] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 128.657001][ T837] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 128.662359][ T837] usb 7-1: config 0 descriptor?? [ 128.668922][ T837] usbhid 7-1:0.0: couldn't find an input interrupt endpoint [ 128.719238][ T7626] tipc: Enabling of bearer rejected, failed to enable media [ 128.922936][ T7635] trusted_key: encrypted_key: insufficient parameters specified [ 129.250045][ T7639] trusted_key: encrypted_key: insufficient parameters specified [ 129.369075][ T7641] fuse: Bad value for 'user_id' [ 129.371014][ T7641] fuse: Bad value for 'user_id' [ 130.517470][ T7651] trusted_key: encrypted_key: insufficient parameters specified [ 131.167730][ T7665] fuse: Unknown parameter 'user_id00000000000000000000' [ 131.240959][ T7666] trusted_key: encrypted_key: insufficient parameters specified [ 131.403295][ T24] usb 7-1: USB disconnect, device number 6 [ 131.457254][ T7671] x_tables: duplicate underflow at hook 2 [ 131.536681][ T7674] trusted_key: encrypted_key: insufficient parameters specified [ 132.254605][ T1418] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.257729][ T1418] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.348584][ T7686] fuse: Bad value for 'user_id' [ 132.350988][ T7686] fuse: Bad value for 'user_id' [ 132.409030][ T7691] netlink: 100 bytes leftover after parsing attributes in process `syz.2.553'. [ 132.417490][ T7691] wireguard0: entered promiscuous mode [ 132.419581][ T7691] wireguard0: entered allmulticast mode [ 132.922099][ T7698] FAULT_INJECTION: forcing a failure. [ 132.922099][ T7698] name failslab, interval 1, probability 0, space 0, times 0 [ 132.928055][ T7698] CPU: 3 UID: 0 PID: 7698 Comm: syz.0.554 Not tainted 6.16.0-rc6-syzkaller-00281-gf4a40a4282f4 #0 PREEMPT(full) [ 132.928073][ T7698] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 132.928080][ T7698] Call Trace: [ 132.928085][ T7698] [ 132.928090][ T7698] dump_stack_lvl+0x16c/0x1f0 [ 132.928107][ T7698] should_fail_ex+0x512/0x640 [ 132.928119][ T7698] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 132.928134][ T7698] should_failslab+0xc2/0x120 [ 132.928178][ T7698] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 132.928198][ T7698] ? __pmd_alloc+0xbf/0x930 [ 132.928217][ T7698] __pmd_alloc+0xbf/0x930 [ 132.928231][ T7698] ? __pud_alloc+0x526/0x750 [ 132.928248][ T7698] __handle_mm_fault+0xaac/0x5490 [ 132.928271][ T7698] ? __pfx___handle_mm_fault+0x10/0x10 [ 132.928302][ T7698] handle_mm_fault+0x589/0xd10 [ 132.928323][ T7698] __get_user_pages+0x589/0x3b80 [ 132.928347][ T7698] ? __pfx___get_user_pages+0x10/0x10 [ 132.928369][ T7698] get_user_pages_remote+0x258/0xb20 [ 132.928389][ T7698] ? __pfx_get_user_pages_remote+0x10/0x10 [ 132.928404][ T7698] ? __pfx_vma_link+0x10/0x10 [ 132.928422][ T7698] get_arg_page+0xf4/0x310 [ 132.928446][ T7698] ? __pfx_get_arg_page+0x10/0x10 [ 132.928463][ T7698] ? up_write+0x1b2/0x520 [ 132.928484][ T7698] copy_string_kernel+0x180/0x510 [ 132.928506][ T7698] do_execveat_common.isra.0+0x2ed/0x610 [ 132.928528][ T7698] __ia32_compat_sys_execveat+0xe0/0x120 [ 132.928541][ T7698] __do_fast_syscall_32+0x7c/0x3a0 [ 132.928556][ T7698] do_fast_syscall_32+0x32/0x80 [ 132.928569][ T7698] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 132.928584][ T7698] RIP: 0023:0xf70be579 [ 132.928597][ T7698] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 132.928608][ T7698] RSP: 002b:00000000f508d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000166 [ 132.928620][ T7698] RAX: ffffffffffffffda RBX: 000000000000000c RCX: 0000000080000000 [ 132.928627][ T7698] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000 [ 132.928634][ T7698] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 132.928641][ T7698] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 132.928647][ T7698] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 132.928662][ T7698] [ 133.058726][ T7703] Bluetooth: MGMT ver 1.23 [ 133.130721][ T40] audit: type=1326 audit(1753015464.761:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7706 comm="syz.1.556" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 133.141908][ T7707] netlink: 860 bytes leftover after parsing attributes in process `syz.1.556'. [ 133.158310][ T40] audit: type=1326 audit(1753015464.761:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7706 comm="syz.1.556" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 133.168964][ T40] audit: type=1326 audit(1753015464.761:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7706 comm="syz.1.556" exe="/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 133.186907][ T40] audit: type=1326 audit(1753015464.761:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7706 comm="syz.1.556" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 133.202282][ T40] audit: type=1326 audit(1753015464.761:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7706 comm="syz.1.556" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 133.212566][ T40] audit: type=1326 audit(1753015464.761:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7706 comm="syz.1.556" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 133.214716][ T7708] netlink: 860 bytes leftover after parsing attributes in process `syz.1.556'. [ 133.219562][ T40] audit: type=1326 audit(1753015464.761:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7706 comm="syz.1.556" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 133.243476][ T40] audit: type=1326 audit(1753015464.761:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7706 comm="syz.1.556" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 133.250896][ T40] audit: type=1326 audit(1753015464.761:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7706 comm="syz.1.556" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 133.261168][ T40] audit: type=1326 audit(1753015464.761:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7706 comm="syz.1.556" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 133.446181][ T7718] trusted_key: encrypted_key: insufficient parameters specified [ 134.087796][ T7731] batman_adv: batadv0: Adding interface: dummy0 [ 134.090407][ T7731] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 134.101173][ T7731] batman_adv: batadv0: Interface activated: dummy0 [ 134.114395][ T7735] fuse: Bad value for 'user_id' [ 134.115965][ T7735] fuse: Bad value for 'user_id' [ 134.120446][ T7731] batadv0: mtu less than device minimum [ 134.124860][ T7731] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 134.130618][ T7731] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 134.135874][ T7731] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 134.141283][ T7731] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 134.146956][ T7731] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 134.152034][ T7731] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 134.157768][ T7731] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 134.162623][ T24] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 134.162956][ T7731] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 134.171517][ T7731] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 134.312458][ T24] usb 7-1: Using ep0 maxpacket: 8 [ 134.316890][ T24] usb 7-1: config index 0 descriptor too short (expected 301, got 45) [ 134.320080][ T24] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 134.324244][ T24] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 134.328404][ T24] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 134.332440][ T24] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 134.337729][ T24] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 134.341691][ T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 134.432364][ T6586] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 134.551561][ T24] usb 7-1: usb_control_msg returned -32 [ 134.554047][ T24] usbtmc 7-1:16.0: can't read capabilities [ 134.704600][ T6586] usb 8-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 134.708013][ T6586] usb 8-1: config 27 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 134.713832][ T6586] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 134.717879][ T6586] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 134.759502][ T6586] usb 8-1: Quirk or no altset; falling back to MIDI 1.0 [ 135.047622][ T6586] snd-usb-audio 8-1:27.0: probe with driver snd-usb-audio failed with error -2 [ 136.044712][ T7754] vlan2: entered allmulticast mode [ 136.397768][ T7761] trusted_key: encrypted_key: insufficient parameters specified [ 136.409531][ T7762] xt_CT: You must specify a L4 protocol and not use inversions on it [ 136.826001][ T6006] usb 7-1: USB disconnect, device number 7 [ 136.994567][ T7767] trusted_key: encrypted_key: insufficient parameters specified [ 137.183887][ T24] usb 8-1: USB disconnect, device number 5 [ 138.420092][ T7782] fuse: Bad value for 'fd' [ 138.551445][ T7789] tipc: Enabled bearer , priority 0 [ 138.557988][ T7789] tipc: Resetting bearer [ 138.563643][ T7788] tipc: Disabling bearer [ 138.836923][ T7795] lo speed is unknown, defaulting to 1000 [ 138.839089][ T7795] lo speed is unknown, defaulting to 1000 [ 138.844684][ T7795] lo speed is unknown, defaulting to 1000 [ 138.858256][ T7795] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 138.877746][ T7795] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 139.033644][ T7795] lo speed is unknown, defaulting to 1000 [ 139.036768][ T7795] lo speed is unknown, defaulting to 1000 [ 139.039355][ T7795] lo speed is unknown, defaulting to 1000 [ 139.041820][ T7795] lo speed is unknown, defaulting to 1000 [ 139.130424][ T7799] FAULT_INJECTION: forcing a failure. [ 139.130424][ T7799] name failslab, interval 1, probability 0, space 0, times 0 [ 139.134411][ T7799] CPU: 2 UID: 0 PID: 7799 Comm: syz.3.583 Not tainted 6.16.0-rc6-syzkaller-00281-gf4a40a4282f4 #0 PREEMPT(full) [ 139.134425][ T7799] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 139.134431][ T7799] Call Trace: [ 139.134435][ T7799] [ 139.134439][ T7799] dump_stack_lvl+0x16c/0x1f0 [ 139.134454][ T7799] should_fail_ex+0x512/0x640 [ 139.134464][ T7799] ? __kmalloc_noprof+0xbf/0x510 [ 139.134476][ T7799] ? copy_splice_read+0x1a8/0xba0 [ 139.134489][ T7799] should_failslab+0xc2/0x120 [ 139.134501][ T7799] __kmalloc_noprof+0xd2/0x510 [ 139.134514][ T7799] copy_splice_read+0x1a8/0xba0 [ 139.134531][ T7799] ? __pfx_copy_splice_read+0x10/0x10 [ 139.134547][ T7799] ? look_up_lock_class+0x59/0x150 [ 139.134559][ T7799] ? lockdep_init_map_type+0x5c/0x280 [ 139.134574][ T7799] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 139.134585][ T7799] ? __pfx_filemap_splice_read+0x10/0x10 [ 139.134598][ T7799] do_splice_read+0x2bd/0x370 [ 139.134614][ T7799] splice_direct_to_actor+0x2a1/0xa30 [ 139.134629][ T7799] ? __pfx_direct_splice_actor+0x10/0x10 [ 139.134647][ T7799] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 139.134661][ T7799] ? get_pid_task+0xfc/0x250 [ 139.134678][ T7799] do_splice_direct+0x174/0x240 [ 139.134693][ T7799] ? __pfx_do_splice_direct+0x10/0x10 [ 139.134708][ T7799] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 139.134723][ T7799] ? bpf_lsm_file_permission+0x9/0x10 [ 139.134736][ T7799] ? security_file_permission+0x71/0x210 [ 139.134752][ T7799] ? rw_verify_area+0xcf/0x680 [ 139.134767][ T7799] do_sendfile+0xb06/0xe50 [ 139.134785][ T7799] ? __pfx_do_sendfile+0x10/0x10 [ 139.134800][ T7799] ? __fget_files+0x20e/0x3c0 [ 139.134813][ T7799] __ia32_compat_sys_sendfile+0x1e5/0x220 [ 139.134824][ T7799] ? ksys_write+0x1ac/0x250 [ 139.134833][ T7799] ? __pfx___ia32_compat_sys_sendfile+0x10/0x10 [ 139.134847][ T7799] ? rcu_is_watching+0x12/0xc0 [ 139.134860][ T7799] __do_fast_syscall_32+0x7c/0x3a0 [ 139.134872][ T7799] do_fast_syscall_32+0x32/0x80 [ 139.134882][ T7799] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 139.134896][ T7799] RIP: 0023:0xf7ff4579 [ 139.134903][ T7799] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 139.134913][ T7799] RSP: 002b:00000000f50f555c EFLAGS: 00000296 ORIG_RAX: 00000000000000bb [ 139.134923][ T7799] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 000000000000000a [ 139.134930][ T7799] RDX: 0000000000000000 RSI: 00000000ffffffff RDI: 0000000000000000 [ 139.134936][ T7799] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 139.134941][ T7799] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 139.134947][ T7799] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 139.134959][ T7799] [ 139.256672][ T7794] 9pnet_virtio: no channels available for device syz [ 140.201308][ T7811] trusted_key: encrypted_key: insufficient parameters specified [ 140.774933][ T7829] FAULT_INJECTION: forcing a failure. [ 140.774933][ T7829] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 140.780120][ T7829] CPU: 1 UID: 0 PID: 7829 Comm: syz.0.591 Not tainted 6.16.0-rc6-syzkaller-00281-gf4a40a4282f4 #0 PREEMPT(full) [ 140.780152][ T7829] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 140.780163][ T7829] Call Trace: [ 140.780167][ T7829] [ 140.780171][ T7829] dump_stack_lvl+0x16c/0x1f0 [ 140.780186][ T7829] should_fail_ex+0x512/0x640 [ 140.780202][ T7829] _copy_from_user+0x2e/0xd0 [ 140.780214][ T7829] copy_from_sockptr_offset+0x15c/0x1b0 [ 140.780232][ T7829] ? __alloc_frozen_pages_noprof+0x294/0x23f0 [ 140.780244][ T7829] ? __pfx_copy_from_sockptr_offset+0x10/0x10 [ 140.780263][ T7829] compat_do_replace+0x1c4/0x3c0 [ 140.780279][ T7829] ? __pfx_compat_do_replace+0x10/0x10 [ 140.780293][ T7829] ? __pfx_aa_get_newest_label+0x10/0x10 [ 140.780308][ T7829] ? rcu_is_watching+0x12/0xc0 [ 140.780324][ T7829] ? bpf_lsm_capable+0x9/0x10 [ 140.780338][ T7829] ? security_capable+0x7e/0x260 [ 140.780353][ T7829] do_ipt_set_ctl+0x55d/0xa60 [ 140.780367][ T7829] ? nf_sockopt_find.constprop.0+0x222/0x290 [ 140.780384][ T7829] ? __pfx_do_ipt_set_ctl+0x10/0x10 [ 140.780398][ T7829] ? lockdep_hardirqs_on+0x7c/0x110 [ 140.780408][ T7829] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 140.780423][ T7829] ? __pfx_do_ip_setsockopt+0x10/0x10 [ 140.780441][ T7829] ? nf_sockopt_find.constprop.0+0x222/0x290 [ 140.780455][ T7829] nf_setsockopt+0x8d/0xf0 [ 140.780469][ T7829] ip_setsockopt+0xcb/0xf0 [ 140.780484][ T7829] tcp_setsockopt+0xa4/0x100 [ 140.780496][ T7829] smc_setsockopt+0x1b6/0xa00 [ 140.780509][ T7829] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 140.780529][ T7829] ? __pfx_smc_setsockopt+0x10/0x10 [ 140.780545][ T7829] ? __pfx_smc_setsockopt+0x10/0x10 [ 140.780559][ T7829] do_sock_setsockopt+0xf3/0x1d0 [ 140.780573][ T7829] __sys_setsockopt+0x120/0x1a0 [ 140.780585][ T7829] __ia32_sys_setsockopt+0xbc/0x160 [ 140.780595][ T7829] ? lockdep_hardirqs_on+0x7c/0x110 [ 140.780604][ T7829] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 140.780615][ T7829] __do_fast_syscall_32+0x7c/0x3a0 [ 140.780627][ T7829] do_fast_syscall_32+0x32/0x80 [ 140.780640][ T7829] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 140.780653][ T7829] RIP: 0023:0xf70be579 [ 140.780662][ T7829] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 140.780671][ T7829] RSP: 002b:00000000f506c55c EFLAGS: 00000296 ORIG_RAX: 000000000000016e [ 140.780681][ T7829] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000000000 [ 140.780688][ T7829] RDX: 0000000000000040 RSI: 0000000080003240 RDI: 00000000000005b4 [ 140.780694][ T7829] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 140.780699][ T7829] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 140.780705][ T7829] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 140.780718][ T7829] [ 141.273584][ T7839] netlink: 'syz.3.594': attribute type 1 has an invalid length. [ 141.277980][ T7839] netlink: 244 bytes leftover after parsing attributes in process `syz.3.594'. [ 141.329698][ T40] kauditd_printk_skb: 14 callbacks suppressed [ 141.329715][ T40] audit: type=1326 audit(1753015472.961:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7840 comm="syz.2.595" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 141.337819][ T7841] netlink: 4 bytes leftover after parsing attributes in process `syz.2.595'. [ 141.346189][ T40] audit: type=1326 audit(1753015472.961:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7840 comm="syz.2.595" exe="/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 141.355762][ T40] audit: type=1326 audit(1753015472.961:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7840 comm="syz.2.595" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 141.366070][ T40] audit: type=1326 audit(1753015472.961:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7840 comm="syz.2.595" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 141.374959][ T40] audit: type=1326 audit(1753015472.961:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7840 comm="syz.2.595" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 141.384382][ T40] audit: type=1326 audit(1753015472.961:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7840 comm="syz.2.595" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 141.391246][ T40] audit: type=1326 audit(1753015472.961:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7840 comm="syz.2.595" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 141.399057][ T40] audit: type=1326 audit(1753015472.971:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7840 comm="syz.2.595" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 141.406780][ T40] audit: type=1326 audit(1753015472.971:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7840 comm="syz.2.595" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 141.417660][ T7842] netlink: 4 bytes leftover after parsing attributes in process `syz.2.595'. [ 141.422369][ T40] audit: type=1326 audit(1753015472.971:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7840 comm="syz.2.595" exe="/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 141.453828][ T7844] x_tables: duplicate underflow at hook 2 [ 142.442139][ T7862] netlink: 20 bytes leftover after parsing attributes in process `syz.1.601'. [ 142.470208][ T7864] FAULT_INJECTION: forcing a failure. [ 142.470208][ T7864] name failslab, interval 1, probability 0, space 0, times 0 [ 142.475701][ T7864] CPU: 3 UID: 0 PID: 7864 Comm: syz.2.603 Not tainted 6.16.0-rc6-syzkaller-00281-gf4a40a4282f4 #0 PREEMPT(full) [ 142.475716][ T7864] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 142.475722][ T7864] Call Trace: [ 142.475726][ T7864] [ 142.475731][ T7864] dump_stack_lvl+0x16c/0x1f0 [ 142.475745][ T7864] should_fail_ex+0x512/0x640 [ 142.475756][ T7864] ? fs_reclaim_acquire+0xae/0x150 [ 142.475772][ T7864] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 142.475782][ T7864] should_failslab+0xc2/0x120 [ 142.475794][ T7864] __kmalloc_noprof+0xd2/0x510 [ 142.475807][ T7864] tomoyo_realpath_from_path+0xc2/0x6e0 [ 142.475819][ T7864] ? tomoyo_profile+0x47/0x60 [ 142.475831][ T7864] tomoyo_path_number_perm+0x245/0x580 [ 142.475845][ T7864] ? tomoyo_path_number_perm+0x237/0x580 [ 142.475860][ T7864] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 142.475887][ T7864] ? find_held_lock+0x2b/0x80 [ 142.475898][ T7864] ? hook_file_ioctl_common+0x145/0x410 [ 142.475914][ T7864] ? __fget_files+0x20e/0x3c0 [ 142.475923][ T7864] ? fput+0x70/0xf0 [ 142.475937][ T7864] security_file_ioctl_compat+0x9b/0x240 [ 142.475953][ T7864] __ia32_compat_sys_ioctl+0xc3/0x370 [ 142.475969][ T7864] __do_fast_syscall_32+0x7c/0x3a0 [ 142.475981][ T7864] do_fast_syscall_32+0x32/0x80 [ 142.475992][ T7864] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 142.476005][ T7864] RIP: 0023:0xf70ae579 [ 142.476013][ T7864] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 142.476023][ T7864] RSP: 002b:00000000f509e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 142.476033][ T7864] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c040565f [ 142.476039][ T7864] RDX: 0000000080000940 RSI: 0000000000000000 RDI: 0000000000000000 [ 142.476045][ T7864] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 142.476051][ T7864] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 142.476078][ T7864] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 142.476095][ T7864] [ 142.476100][ T7864] ERROR: Out of memory at tomoyo_realpath_from_path. [ 142.631268][ T7866] input: syz0 as /devices/virtual/input/input9 [ 143.520476][ T7879] netlink: 8 bytes leftover after parsing attributes in process `syz.2.607'. [ 143.561408][ T7883] x_tables: duplicate underflow at hook 2 [ 143.577083][ T7885] netlink: 8 bytes leftover after parsing attributes in process `syz.2.607'. [ 143.611442][ T7884] batman_adv: batadv0: Adding interface: dummy0 [ 143.613962][ T7884] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 143.623034][ T7884] batman_adv: batadv0: Interface activated: dummy0 [ 143.631408][ T7884] net_ratelimit: 10 callbacks suppressed [ 143.631420][ T7884] batadv0: mtu less than device minimum [ 143.638286][ T7884] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 143.642571][ T7884] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 143.646597][ T7884] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 143.651927][ T7884] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 143.656551][ T7884] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 143.660601][ T7884] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 143.665022][ T7884] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 143.669713][ T7884] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 143.674072][ T7884] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 145.871017][ T7932] netlink: 8 bytes leftover after parsing attributes in process `syz.1.621'. [ 145.942802][ T7933] netlink: 8 bytes leftover after parsing attributes in process `syz.1.621'. [ 146.030799][ T7935] x_tables: duplicate underflow at hook 2 [ 146.459100][ T7942] trusted_key: encrypted_key: insufficient parameters specified [ 147.399290][ T7953] warning: `syz.2.628' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 147.867141][ T7967] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 148.413028][ T40] kauditd_printk_skb: 53 callbacks suppressed [ 148.413044][ T40] audit: type=1326 audit(1753015480.051:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7974 comm="syz.2.635" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 148.416417][ T7975] netlink: 8 bytes leftover after parsing attributes in process `syz.2.635'. [ 148.425107][ T40] audit: type=1326 audit(1753015480.051:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7974 comm="syz.2.635" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 148.434749][ T40] audit: type=1326 audit(1753015480.051:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7974 comm="syz.2.635" exe="/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 148.443491][ T40] audit: type=1326 audit(1753015480.051:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7974 comm="syz.2.635" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 148.450931][ T40] audit: type=1326 audit(1753015480.051:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7974 comm="syz.2.635" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 148.458324][ T40] audit: type=1326 audit(1753015480.051:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7974 comm="syz.2.635" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 148.466207][ T40] audit: type=1326 audit(1753015480.051:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7974 comm="syz.2.635" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 148.473718][ T40] audit: type=1326 audit(1753015480.051:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7974 comm="syz.2.635" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 148.483922][ T40] audit: type=1326 audit(1753015480.051:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7974 comm="syz.2.635" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 148.485485][ T7976] netlink: 8 bytes leftover after parsing attributes in process `syz.2.635'. [ 148.491687][ T40] audit: type=1326 audit(1753015480.051:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7974 comm="syz.2.635" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 148.781845][ T7985] x_tables: duplicate underflow at hook 2 [ 149.369680][ T7996] netlink: 20 bytes leftover after parsing attributes in process `syz.2.642'. [ 149.387199][ T7997] ptrace attach of "/syz-executor exec"[5958] was attempted by "/syz-executor exec"[7997] [ 149.417769][ T7997] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 149.420171][ T7997] overlayfs: failed to set xattr on upper [ 149.421941][ T7997] overlayfs: ...falling back to redirect_dir=nofollow. [ 149.424320][ T7997] overlayfs: ...falling back to index=off. [ 149.426544][ T7997] overlayfs: ...falling back to uuid=null. [ 149.429416][ T7997] overlayfs: maximum fs stacking depth exceeded [ 149.637998][ T8008] batman_adv: batadv0: Adding interface: dummy0 [ 149.642402][ T8008] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 149.655727][ T8008] batman_adv: batadv0: Interface activated: dummy0 [ 149.666829][ T8008] net_ratelimit: 10 callbacks suppressed [ 149.666844][ T8008] batadv0: mtu less than device minimum [ 149.671515][ T8008] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 149.675662][ T8008] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 149.679935][ T8008] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 149.683683][ T8008] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 149.687391][ T8008] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 149.691674][ T8008] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 149.695919][ T8008] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 149.699712][ T8008] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 149.703672][ T8008] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 149.725175][ T8015] netlink: 4 bytes leftover after parsing attributes in process `syz.0.650'. [ 149.728517][ T8015] netlink: 4 bytes leftover after parsing attributes in process `syz.0.650'. [ 149.732806][ T8015] netlink: 4 bytes leftover after parsing attributes in process `syz.0.650'. [ 149.742418][ T8015] netlink: 4 bytes leftover after parsing attributes in process `syz.0.650'. [ 149.746611][ T8015] netlink: 4 bytes leftover after parsing attributes in process `syz.0.650'. [ 149.750421][ T8015] netlink: 4 bytes leftover after parsing attributes in process `syz.0.650'. [ 149.756198][ T8015] netlink: 4 bytes leftover after parsing attributes in process `syz.0.650'. [ 149.891852][ T5973] Bluetooth: hci4: sending frame failed (-49) [ 149.895812][ T5964] Bluetooth: hci4: Opcode 0x1003 failed: -49 [ 150.580537][ T8028] xt_CT: You must specify a L4 protocol and not use inversions on it [ 150.603577][ T8028] 9pnet: p9_errstr2errno: server reported unknown error pA;KZ44/@qk [ 150.836129][ T8038] x_tables: duplicate underflow at hook 2 [ 150.896782][ T8039] FAULT_INJECTION: forcing a failure. [ 150.896782][ T8039] name failslab, interval 1, probability 0, space 0, times 0 [ 150.918570][ T8039] CPU: 1 UID: 0 PID: 8039 Comm: syz.3.656 Not tainted 6.16.0-rc6-syzkaller-00281-gf4a40a4282f4 #0 PREEMPT(full) [ 150.918589][ T8039] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 150.918595][ T8039] Call Trace: [ 150.918600][ T8039] [ 150.918604][ T8039] dump_stack_lvl+0x16c/0x1f0 [ 150.918620][ T8039] should_fail_ex+0x512/0x640 [ 150.918632][ T8039] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 150.918646][ T8039] should_failslab+0xc2/0x120 [ 150.918673][ T8039] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 150.918687][ T8039] ? __alloc_skb+0x2b2/0x380 [ 150.918700][ T8039] __alloc_skb+0x2b2/0x380 [ 150.918710][ T8039] ? __pfx___alloc_skb+0x10/0x10 [ 150.918722][ T8039] ? __igmp_group_dropped+0x26a/0xe80 [ 150.918739][ T8039] inet_ifmcaddr_notify+0xc7/0x1c0 [ 150.918752][ T8039] ? __pfx_inet_ifmcaddr_notify+0x10/0x10 [ 150.918771][ T8039] __ip_mc_dec_group+0x442/0x5b0 [ 150.918786][ T8039] ip_mc_leave_group+0x29c/0x510 [ 150.918802][ T8039] do_ip_setsockopt+0x1943/0x3130 [ 150.918821][ T8039] ? __pfx_do_ip_setsockopt+0x10/0x10 [ 150.918843][ T8039] ? aa_sk_perm+0x2f4/0xb10 [ 150.918864][ T8039] ip_setsockopt+0x59/0xf0 [ 150.918883][ T8039] udp_setsockopt+0x7d/0xd0 [ 150.918899][ T8039] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 150.918917][ T8039] do_sock_setsockopt+0xf3/0x1d0 [ 150.918935][ T8039] __sys_setsockopt+0x120/0x1a0 [ 150.918950][ T8039] __ia32_sys_setsockopt+0xbc/0x160 [ 150.918961][ T8039] ? lockdep_hardirqs_on+0x7c/0x110 [ 150.918973][ T8039] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 150.918986][ T8039] __do_fast_syscall_32+0x7c/0x3a0 [ 150.919001][ T8039] do_fast_syscall_32+0x32/0x80 [ 150.919014][ T8039] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 150.919029][ T8039] RIP: 0023:0xf7ff4579 [ 150.919040][ T8039] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 150.919052][ T8039] RSP: 002b:00000000f50d455c EFLAGS: 00000296 ORIG_RAX: 000000000000016e [ 150.919064][ T8039] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000000000000 [ 150.919072][ T8039] RDX: 0000000000000024 RSI: 0000000080000440 RDI: 000000000000000c [ 150.919079][ T8039] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 150.919086][ T8039] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 150.919092][ T8039] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 150.919108][ T8039] [ 151.970192][ T8069] trusted_key: encrypted_key: insufficient parameters specified [ 152.057003][ T8072] trusted_key: encrypted_key: insufficient parameters specified [ 152.362846][ T8077] trusted_key: encrypted_key: insufficient parameters specified [ 152.618549][ T837] libceph: connect (1)[c::]:6789 error -101 [ 152.621927][ T837] libceph: mon0 (1)[c::]:6789 connect error [ 152.705645][ T8083] ceph: No mds server is up or the cluster is laggy [ 152.850488][ T8092] ip6tnl1: entered promiscuous mode [ 152.856325][ T8092] ip6tnl1: entered allmulticast mode [ 152.859033][ T8092] team0: Device ip6tnl1 is of different type [ 153.126328][ T8103] Driver unsupported XDP return value 0 on prog (id 110) dev N/A, expect packet loss! [ 153.376615][ T8112] trusted_key: encrypted_key: insufficient parameters specified [ 155.471423][ T8144] trusted_key: encrypted_key: insufficient parameters specified [ 155.695067][ T8148] trusted_key: encrypted_key: insufficient parameters specified [ 156.155253][ T8151] x_tables: duplicate underflow at hook 2 [ 156.252712][ T8166] netlink: 'syz.0.694': attribute type 1 has an invalid length. [ 156.255524][ T8166] __nla_validate_parse: 49 callbacks suppressed [ 156.255534][ T8166] netlink: 216 bytes leftover after parsing attributes in process `syz.0.694'. [ 156.308289][ T8169] vlan0: entered promiscuous mode [ 156.326953][ T8169] team0: Port device vlan0 added [ 156.353373][ T8169] RDS: rds_bind could not find a transport for ::ffff:172.30.1.3, load rds_tcp or rds_rdma? [ 156.997924][ T8157] loop8: detected capacity change from 0 to 7 [ 157.014151][ T7469] Dev loop8: unable to read RDB block 7 [ 157.016841][ T7469] loop8: AHDI p1 p2 p3 [ 157.018539][ T7469] loop8: partition table partially beyond EOD, truncated [ 157.029089][ T7469] loop8: p1 start 1601398130 is beyond EOD, truncated [ 157.031366][ T7469] loop8: p2 start 1702059890 is beyond EOD, truncated [ 157.357430][ T8183] Bluetooth: received HCILL_WAKE_UP_ACK in state 2 [ 157.360562][ T1140] Bluetooth: hci4: Frame reassembly failed (-84) [ 157.645371][ T8191] netlink: 'syz.1.702': attribute type 1 has an invalid length. [ 157.649382][ T8191] netlink: 244 bytes leftover after parsing attributes in process `syz.1.702'. [ 157.653129][ T8191] NCSI netlink: No device for ifindex 0 [ 157.709366][ T8198] team_slave_0: entered promiscuous mode [ 157.711731][ T8198] team_slave_1: entered promiscuous mode [ 157.716055][ T8198] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 157.725562][ T8193] bridge0: port 2(bridge_slave_1) entered disabled state [ 157.734039][ T8200] netlink: 8 bytes leftover after parsing attributes in process `syz.3.706'. [ 157.789100][ T8206] syzkaller0: entered promiscuous mode [ 157.791695][ T8206] syzkaller0: entered allmulticast mode [ 157.836125][ T8207] trusted_key: encrypted_key: insufficient parameters specified [ 158.020975][ T8210] trusted_key: encrypted_key: insufficient parameters specified [ 159.276292][ T8226] x_tables: duplicate underflow at hook 2 [ 159.362365][ T5964] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 159.439089][ T8230] genirq: Flags mismatch irq 4. 00200000 (das16m1) vs. 00200080 (ttyS0) [ 159.597724][ T8235] syzkaller0: entered promiscuous mode [ 159.599462][ T8235] syzkaller0: entered allmulticast mode [ 159.649057][ T8240] bridge0: port 3(vlan2) entered blocking state [ 159.651354][ T8240] bridge0: port 3(vlan2) entered disabled state [ 159.653902][ T8240] vlan2: entered allmulticast mode [ 159.655839][ T8240] dummy0: entered allmulticast mode [ 159.658416][ T8240] vlan2: entered promiscuous mode [ 159.660212][ T8240] dummy0: entered promiscuous mode [ 159.981525][ T8248] bridge0: port 2(bridge_slave_1) entered disabled state [ 160.098192][ T8255] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 160.161185][ T8255] kvm: pic: non byte read [ 160.166389][ T8255] kvm: pic: level sensitive irq not supported [ 160.167124][ T8255] kvm: pic: non byte read [ 160.177752][ T8255] kvm: pic: level sensitive irq not supported [ 160.178103][ T8255] kvm: pic: non byte read [ 160.343783][ T8259] input: syz1 as /devices/virtual/input/input10 [ 160.442320][ T24] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 160.487644][ T8270] syzkaller0: entered promiscuous mode [ 160.490507][ T8270] syzkaller0: entered allmulticast mode [ 160.592328][ T24] usb 7-1: Using ep0 maxpacket: 8 [ 160.596599][ T24] usb 7-1: config index 0 descriptor too short (expected 301, got 45) [ 160.601000][ T24] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 160.604942][ T24] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 160.609196][ T24] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 160.614344][ T24] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 160.620149][ T24] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 160.628018][ T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 160.746222][ T40] kauditd_printk_skb: 29 callbacks suppressed [ 160.746232][ T40] audit: type=1326 audit(1753015492.381:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8279 comm="syz.0.736" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 160.758760][ T40] audit: type=1326 audit(1753015492.391:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8279 comm="syz.0.736" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 160.771090][ T40] audit: type=1326 audit(1753015492.391:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8279 comm="syz.0.736" exe="/syz-executor" sig=0 arch=40000003 syscall=30 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 160.782419][ T40] audit: type=1326 audit(1753015492.391:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8279 comm="syz.0.736" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 160.791268][ T40] audit: type=1326 audit(1753015492.391:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8279 comm="syz.0.736" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 160.800113][ T40] audit: type=1326 audit(1753015492.391:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8279 comm="syz.0.736" exe="/syz-executor" sig=0 arch=40000003 syscall=321 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 160.809604][ T40] audit: type=1326 audit(1753015492.391:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8279 comm="syz.0.736" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 160.819587][ T40] audit: type=1326 audit(1753015492.391:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8279 comm="syz.0.736" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 160.828156][ T40] audit: type=1326 audit(1753015492.391:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8279 comm="syz.0.736" exe="/syz-executor" sig=0 arch=40000003 syscall=224 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 160.836459][ T40] audit: type=1326 audit(1753015492.391:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8279 comm="syz.0.736" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 160.874816][ T24] usb 7-1: usb_control_msg returned -32 [ 160.903361][ T24] usbtmc 7-1:16.0: can't read capabilities [ 161.263399][ T61] usb 7-1: USB disconnect, device number 8 [ 161.897962][ T8305] x_tables: duplicate underflow at hook 2 [ 161.905886][ T8307] netlink: 4 bytes leftover after parsing attributes in process `syz.0.744'. [ 161.977439][ T8311] batman_adv: batadv0: Interface deactivated: dummy0 [ 161.989115][ T8311] vlan2 (unregistering): left allmulticast mode [ 161.991533][ T8311] dummy0 (unregistering): left allmulticast mode [ 161.994656][ T8311] vlan2 (unregistering): left promiscuous mode [ 161.997018][ T8311] dummy0 (unregistering): left promiscuous mode [ 161.999566][ T8311] bridge0: port 3(vlan2) entered disabled state [ 162.006379][ T8311] batman_adv: batadv0: Removing interface: dummy0 [ 162.185522][ T8320] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8) [ 162.188088][ T8320] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 162.191378][ T8320] vhci_hcd vhci_hcd.0: Device attached [ 162.207173][ T8320] 9pnet_fd: Insufficient options for proto=fd [ 162.268286][ T8325] binder: 8317:8325 ioctl 400442c9 80000080 returned -22 [ 162.321414][ T8321] vhci_hcd: connection closed [ 162.338472][ T60] vhci_hcd: stop threads [ 162.342834][ T60] vhci_hcd: release socket [ 162.345127][ T60] vhci_hcd: disconnect device [ 162.402692][ T24] vhci_hcd: vhci_device speed not set [ 162.898468][ T8335] netlink: 8 bytes leftover after parsing attributes in process `syz.1.751'. [ 162.911562][ T8335] netlink: 72 bytes leftover after parsing attributes in process `syz.1.751'. [ 162.917910][ T8336] vivid-002: ================= START STATUS ================= [ 162.920300][ T8336] vivid-002: Radio HW Seek Mode: Bounded [ 162.922144][ T8336] vivid-002: Radio Programmable HW Seek: false [ 162.935374][ T8336] vivid-002: RDS Rx I/O Mode: Block I/O [ 162.937212][ T8336] vivid-002: Generate RBDS Instead of RDS: false [ 162.939359][ T8336] vivid-002: RDS Reception: true [ 162.941020][ T8336] vivid-002: RDS Program Type: 0 inactive [ 162.943094][ T8336] vivid-002: RDS PS Name: inactive [ 162.944859][ T8336] vivid-002: RDS Radio Text: inactive [ 162.946722][ T8336] vivid-002: RDS Traffic Announcement: false inactive [ 162.949507][ T8336] vivid-002: RDS Traffic Program: false inactive [ 162.953536][ T8336] vivid-002: RDS Music: false inactive [ 162.955977][ T8336] vivid-002: ================== END STATUS ================== [ 162.980468][ T8336] netlink: 4 bytes leftover after parsing attributes in process `syz.3.750'. [ 162.992512][ T8336] batman_adv: batadv0: Interface deactivated: dummy0 [ 163.022401][ T8336] batman_adv: batadv0: Removing interface: dummy0 [ 163.110006][ T8339] netlink: 'syz.1.752': attribute type 3 has an invalid length. [ 163.113819][ T8339] netlink: 'syz.1.752': attribute type 1 has an invalid length. [ 163.116382][ T8339] netlink: 220 bytes leftover after parsing attributes in process `syz.1.752'. [ 163.403033][ T837] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 163.512456][ T6586] usb 7-1: new high-speed USB device number 9 using dummy_hcd [ 163.686061][ T6586] usb 7-1: Using ep0 maxpacket: 16 [ 163.689375][ T6586] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 163.694423][ T6586] usb 7-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 163.698418][ T6586] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 163.707248][ T6586] usb 7-1: config 0 descriptor?? [ 163.715934][ T6586] input: bcm5974 as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input11 [ 163.941108][ T837] usb 8-1: config index 0 descriptor too short (expected 45, got 36) [ 163.972536][ T8345] netlink: 'syz.2.754': attribute type 7 has an invalid length. [ 163.978712][ T8345] netlink: 8 bytes leftover after parsing attributes in process `syz.2.754'. [ 164.068489][ T5355] bcm5974 7-1:0.0: could not read from device [ 164.095211][ T8345] bcm5974 7-1:0.0: could not read from device [ 164.154939][ T5355] bcm5974 7-1:0.0: could not read from device [ 164.168392][ T5355] bcm5974 7-1:0.0: could not read from device [ 164.172104][ T6586] usb 7-1: USB disconnect, device number 9 [ 164.281453][ T837] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 164.487023][ T837] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 164.490678][ T837] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 164.495744][ T837] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 164.502407][ T837] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 164.505536][ T837] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 164.513291][ T837] usb 8-1: config 0 descriptor?? [ 164.515343][ T8343] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 164.839524][ T8366] netlink: 12 bytes leftover after parsing attributes in process `syz.1.761'. [ 164.961538][ T8372] lo speed is unknown, defaulting to 1000 [ 165.299551][ T837] usbhid 8-1:0.0: can't add hid device: -71 [ 165.301606][ T837] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 165.308335][ T837] usb 8-1: USB disconnect, device number 6 [ 167.368130][ T8416] capability: warning: `syz.2.775' uses deprecated v2 capabilities in a way that may be insecure [ 168.415519][ T8436] trusted_key: encrypted_key: insufficient parameters specified [ 168.463688][ T8439] ------------[ cut here ]------------ [ 168.465945][ T8439] UBSAN: shift-out-of-bounds in drivers/comedi/drivers/pcl812.c:1152:10 [ 168.468936][ T8439] shift exponent 254 is too large for 32-bit type 'int' [ 168.477153][ T8439] CPU: 2 UID: 0 PID: 8439 Comm: syz.1.782 Not tainted 6.16.0-rc6-syzkaller-00281-gf4a40a4282f4 #0 PREEMPT(full) [ 168.477179][ T8439] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 168.477190][ T8439] Call Trace: [ 168.477196][ T8439] [ 168.477203][ T8439] dump_stack_lvl+0x16c/0x1f0 [ 168.477247][ T8439] __ubsan_handle_shift_out_of_bounds+0x27f/0x420 [ 168.477289][ T8439] pcl812_attach.cold+0x1a/0x1f [ 168.477314][ T8439] comedi_device_attach+0x3b0/0x900 [ 168.477339][ T8439] do_devconfig_ioctl+0x1a7/0x580 [ 168.477363][ T8439] ? __pfx_do_devconfig_ioctl+0x10/0x10 [ 168.477396][ T8439] ? kasan_save_stack+0x42/0x60 [ 168.477414][ T8439] ? kasan_save_stack+0x33/0x60 [ 168.477430][ T8439] ? kasan_save_track+0x14/0x30 [ 168.477444][ T8439] ? kasan_save_free_info+0x3b/0x60 [ 168.477464][ T8439] ? __kasan_slab_free+0x51/0x70 [ 168.477479][ T8439] ? kfree+0x2b4/0x4d0 [ 168.477503][ T8439] ? tomoyo_path_number_perm+0x470/0x580 [ 168.477530][ T8439] comedi_unlocked_ioctl+0x15bb/0x2e90 [ 168.477560][ T8439] ? __pfx_comedi_unlocked_ioctl+0x10/0x10 [ 168.477598][ T8439] ? kasan_quarantine_put+0x10a/0x240 [ 168.477613][ T8439] ? lockdep_hardirqs_on+0x7c/0x110 [ 168.477630][ T8439] ? find_held_lock+0x2b/0x80 [ 168.477647][ T8439] ? tomoyo_path_number_perm+0x295/0x580 [ 168.477673][ T8439] ? tomoyo_path_number_perm+0x18d/0x580 [ 168.477694][ T8439] ? wake_up_q+0x24/0x160 [ 168.477710][ T8439] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 168.477735][ T8439] comedi_compat_ioctl+0x1d0/0x910 [ 168.477758][ T8439] ? __pfx_comedi_compat_ioctl+0x10/0x10 [ 168.477796][ T8439] ? find_held_lock+0x2b/0x80 [ 168.477811][ T8439] ? hook_file_ioctl_common+0x145/0x410 [ 168.477837][ T8439] ? __fget_files+0x20e/0x3c0 [ 168.477850][ T8439] ? __ia32_compat_sys_openat+0xb0/0x210 [ 168.477877][ T8439] ? __pfx_comedi_compat_ioctl+0x10/0x10 [ 168.477900][ T8439] __ia32_compat_sys_ioctl+0x23f/0x370 [ 168.477925][ T8439] __do_fast_syscall_32+0x7c/0x3a0 [ 168.477944][ T8439] do_fast_syscall_32+0x32/0x80 [ 168.477960][ T8439] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 168.477979][ T8439] RIP: 0023:0xf70be579 [ 168.477992][ T8439] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 168.478007][ T8439] RSP: 002b:00000000f50ae55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 168.478022][ T8439] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000040946400 [ 168.478031][ T8439] RDX: 00000000800000c0 RSI: 0000000000000000 RDI: 0000000000000000 [ 168.478040][ T8439] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 168.478049][ T8439] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 168.478063][ T8439] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 168.478083][ T8439] [ 168.478089][ T8439] ---[ end trace ]--- [ 168.588809][ T8439] Kernel panic - not syncing: UBSAN: panic_on_warn set ... [ 168.591683][ T8439] CPU: 2 UID: 0 PID: 8439 Comm: syz.1.782 Not tainted 6.16.0-rc6-syzkaller-00281-gf4a40a4282f4 #0 PREEMPT(full) [ 168.596217][ T8439] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 168.601134][ T8439] Call Trace: [ 168.602942][ T8439] [ 168.604483][ T8439] dump_stack_lvl+0x3d/0x1f0 [ 168.606442][ T8439] panic+0x71c/0x800 [ 168.608126][ T8439] ? __pfx_panic+0x10/0x10 [ 168.610129][ T8439] ? __pfx__printk+0x10/0x10 [ 168.612001][ T8439] check_panic_on_warn+0xab/0xb0 [ 168.613977][ T8439] __ubsan_handle_shift_out_of_bounds+0x2a6/0x420 [ 168.616716][ T8439] pcl812_attach.cold+0x1a/0x1f [ 168.618895][ T8439] comedi_device_attach+0x3b0/0x900 [ 168.621493][ T8439] do_devconfig_ioctl+0x1a7/0x580 [ 168.623955][ T8439] ? __pfx_do_devconfig_ioctl+0x10/0x10 [ 168.626508][ T8439] ? kasan_save_stack+0x42/0x60 [ 168.628414][ T8439] ? kasan_save_stack+0x33/0x60 [ 168.630247][ T8439] ? kasan_save_track+0x14/0x30 [ 168.632220][ T8439] ? kasan_save_free_info+0x3b/0x60 [ 168.634311][ T8439] ? __kasan_slab_free+0x51/0x70 [ 168.636245][ T8439] ? kfree+0x2b4/0x4d0 [ 168.637946][ T8439] ? tomoyo_path_number_perm+0x470/0x580 [ 168.640385][ T8439] comedi_unlocked_ioctl+0x15bb/0x2e90 [ 168.642857][ T8439] ? __pfx_comedi_unlocked_ioctl+0x10/0x10 [ 168.645839][ T8439] ? kasan_quarantine_put+0x10a/0x240 [ 168.648105][ T8439] ? lockdep_hardirqs_on+0x7c/0x110 [ 168.650241][ T8439] ? find_held_lock+0x2b/0x80 [ 168.652267][ T8439] ? tomoyo_path_number_perm+0x295/0x580 [ 168.654803][ T8439] ? tomoyo_path_number_perm+0x18d/0x580 [ 168.657576][ T8439] ? wake_up_q+0x24/0x160 [ 168.659757][ T8439] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 168.662310][ T8439] comedi_compat_ioctl+0x1d0/0x910 [ 168.664515][ T8439] ? __pfx_comedi_compat_ioctl+0x10/0x10 [ 168.666923][ T8439] ? find_held_lock+0x2b/0x80 [ 168.669028][ T8439] ? hook_file_ioctl_common+0x145/0x410 [ 168.671734][ T8439] ? __fget_files+0x20e/0x3c0 [ 168.673869][ T8439] ? __ia32_compat_sys_openat+0xb0/0x210 [ 168.676220][ T8439] ? __pfx_comedi_compat_ioctl+0x10/0x10 [ 168.678593][ T8439] __ia32_compat_sys_ioctl+0x23f/0x370 [ 168.680958][ T8439] __do_fast_syscall_32+0x7c/0x3a0 [ 168.683194][ T8439] do_fast_syscall_32+0x32/0x80 [ 168.685746][ T8439] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 168.688758][ T8439] RIP: 0023:0xf70be579 [ 168.690534][ T8439] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 168.698670][ T8439] RSP: 002b:00000000f50ae55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 168.702720][ T8439] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000040946400 [ 168.706080][ T8439] RDX: 00000000800000c0 RSI: 0000000000000000 RDI: 0000000000000000 [ 168.709298][ T8439] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 168.712489][ T8439] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 168.715530][ T8439] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 168.719373][ T8439] [ 168.721537][ T8439] Kernel Offset: disabled [ 168.723323][ T8439] Rebooting in 86400 seconds.. VM DIAGNOSIS: 12:45:00 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000000 RBX=ffff88802b33a400 RCX=0000000000000001 RDX=0000000000000000 RSI=00000000ffffffff RDI=ffff88802b23a418 RBP=0000000000000001 RSP=ffffc900001d7b40 R8 =0000000000000001 R9 =fffffbfff2152bea R10=ffffffff90a95f57 R11=0000000000000001 R12=ffff88801dae2440 R13=00000000ffffffff R14=ffff88802b23af10 R15=ffff88802b33a400 RIP=ffffffff8b82a085 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88809752d000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000080091000 CR3=0000000023932000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000533991 RBX=0000000000000001 RCX=ffffffff8b82ac69 RDX=0000000000000000 RSI=ffffffff8de29c9b RDI=ffffffff8c155e60 RBP=ffffed1003bdc488 RSP=ffffc9000046fdf8 R8 =0000000000000001 R9 =ffffed1005666645 R10=ffff88802b33322b R11=0000000000000001 R12=0000000000000001 R13=ffff88801dee2440 R14=ffffffff90a95f50 R15=0000000000000000 RIP=ffffffff8b8297cf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88809762d000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000801bf000 CR3=000000002581c000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 EAX=89fa9b64 EBX=ffffffff ECX=89fa9bae EDX=f7424ff4 ESI=f7455078 EDI=f64b5008 EBP=f7f85610 ESP=ffe77010 EIP=f70fe4cc EFL=00000202 [-------] CPL=3 II=0 A20=1 SMM=0 HLT=0 ES =002b 00000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0023 00000000 ffffffff 00c0fb00 DPL=3 CS32 [-RA] SS =002b 00000000 ffffffff 00c0f300 DPL=3 DS [-WA] DS =002b 00000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 00000000 ffffffff 00c00000 GS =0063 57de7440 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 00000000 ffffffff 00c00000 TR =0040 00091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000055aec0569980 CR3=0000000023932000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000000 RBX=0000000000000001 RCX=ffffffff84b6e4bf RDX=ffff888025e98000 RSI=0000000000000000 RDI=0000000000000001 RBP=ffff8880276c8980 RSP=ffffc9000322f288 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000012 R12=ffffc9000322f87a R13=0000000000000000 R14=ffffc9000322f87c R15=ffff88802a823410 RIP=ffffffff81bb4f1b RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f5ad3589300 ffffffff 00c00000 GS =0000 ffff88809782d000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000055aefbfbb000 CR3=00000000290d8000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000001df8a 0000002c00000012 0004000000080024 0000000000280030 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000314 0000001000000000 0000000000000000 0000000000000015 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f74656e2f766564 2f01ffffffffffff ffffe5080180033c 000016ee00000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff df08048003000800 0a08000208000604 71ac0008000c0800 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 020800060270be03 80020880a2d39408 0001000000080606 0127f801f6d1a090 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 d3cbb2a09b040003 a003000000000000 3072656c6c616b7a 797301ffffffffff ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffdf08038003 00040001e0cd8208 0001800201c70800 08004b84006e7574 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0201000000080606 015dde0008003003 0008002803000800 2003020800180350 ZMM25=a205de48a205de48 a205de48a205de48 a205de48a205de48 a205de48a205de48 a205de48a205de48 a205de48a205de48 a205de48a205de48 a205de48a205de48 ZMM26=6ac8d68e6ac8d68e 6ac8d68e6ac8d68e 6ac8d68e6ac8d68e 6ac8d68e6ac8d68e 6ac8d68e6ac8d68e 6ac8d68e6ac8d68e 6ac8d68e6ac8d68e 6ac8d68e6ac8d68e ZMM27=27f2280227f22802 27f2280227f22802 27f2280227f22802 27f2280227f22802 27f2280227f22802 27f2280227f22802 27f2280227f22802 27f2280227f22802 ZMM28=000000600000005f 0000005e0000005d 0000005c0000005b 0000005a00000059 0000005800000057 0000005600000055 0000005400000053 0000005200000051 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=c0070000c0070000 c0070000c0070000 c0070000c0070000 c0070000c0070000 c0070000c0070000 c0070000c0070000 c0070000c0070000 c0070000c0070000