last executing test programs: 3.676052344s ago: executing program 0 (id=1467): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYBLOB="0000000000000000b7050000"], 0x0, 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x3, 0x1006}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) r2 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (fail_nth: 8) ioctl$CDROM_SEND_PACKET(r2, 0x5393, &(0x7f0000000100)={"4689d4c4841a41c9e4641d9d", &(0x7f0000000000)="bb", 0x20000, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0}) r3 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, &(0x7f0000000840)=0x2ad, 0x4) bind$inet(r3, &(0x7f0000000380)={0x2, 0x0, @local}, 0x10) connect$inet(r3, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r3, &(0x7f0000007fc0), 0x800001d, 0x0) bind$netlink(0xffffffffffffffff, 0x0, 0x0) r4 = socket$inet6(0xa, 0x6, 0x0) recvmsg(r4, &(0x7f0000000980)={&(0x7f00000004c0)=@can, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000540)=""/201, 0xc9}, {&(0x7f0000000680)=""/219, 0xdb}, {&(0x7f0000000780)=""/175, 0xaf}], 0x3, &(0x7f0000000900)=""/79, 0x4f}, 0x0) bind$inet6(r4, &(0x7f000047b000)={0xa, 0x404e20, 0x0, @empty}, 0x1c) listen(r4, 0x20000001) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) recvmmsg(0xffffffffffffffff, &(0x7f0000009380)=[{{0x0, 0x0, 0x0}}], 0x1, 0x2, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$TCXONC(r0, 0x80045440, 0x3) 2.992026075s ago: executing program 3 (id=1470): syz_open_procfs(0x0, 0x0) r0 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040), &(0x7f00000000c0)=0x8) r1 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000080)={'vxcan1\x00', <r2=>0x0}) recvmmsg(r1, &(0x7f0000000340), 0x0, 0x63, 0x0) connect$can_bcm(r1, &(0x7f0000000300)={0x1d, r2}, 0x10) sendmsg$can_bcm(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000480)=ANY=[@ANYBLOB="05"], 0x48}}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f00000000c0)={'vxcan1\x00', <r5=>0x0}) sendmsg$nl_route_sched(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r5}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0) r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]}) close_range(r6, 0xffffffffffffffff, 0x0) 2.905013255s ago: executing program 3 (id=1472): r0 = socket(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010411feffffff00000000000000", @ANYRES32=r3], 0x3c}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{}, 0x0, 0x0, 0x9, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x8001}}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x40800}, 0x0) 2.789396761s ago: executing program 3 (id=1473): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000540)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128\x00'}, 0x58) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff}) write$binfmt_elf64(r1, &(0x7f0000000000)=ANY=[], 0x10132) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x10, &(0x7f0000000240)=ANY=[@ANYBLOB, @ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x8, 0xb1, &(0x7f0000000140)=""/177, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000740)=0x2) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000002c0), 0x13f}}, 0x20) r5 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000240), &(0x7f0000000280)=0x5) r6 = socket$inet6_udplite(0xa, 0x2, 0x88) connect$inet6(r6, &(0x7f000000b0c0)={0xa, 0x0, 0x0, @mcast2, 0x20}, 0x1c) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10) r7 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg$alg(r7, &(0x7f000000ae00)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x4}], 0x1, 0x8010) r8 = openat$vimc1(0xffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$VIDIOC_ENUMAUDIO(r8, 0xc0345641, &(0x7f00000000c0)={0x6, "c4ab2ea21b5c0bdf8b3ea662a72ede0319e2a3af2d7c48d289b87ed285080d11", 0x2, 0x1}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r7) sendmsg$kcm(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000005c0)="e7d58021895c29331660cc8c8700ab504fa6dfe7193120601b54de34aacad8bbd7d39d52926b6ee1904f974642e9e3fdad9eab86b55bfd7d598b52b32f8699c58ac34d7138be540d74ff22ac5964dd62bc33c6d58e2969fcc554bfd7210d36a34ebb9e2537f2f11246fee57217f66a739b32e9a5208e111e84b9e3a6aa73ae22139a88886053933c4362d9b68c35eb9b69973ffe16c25d7007ecfc8a9879cbfd05df763581e855c46f00b7e0f8026ca105b0a1f13b2827a19acf703a9715d85a18184f464c0c1c0d4a232647115b6782981368ddefdd70b8121e95cd8738499732f055e1d79121ce8c8b50506b2fdc08e4aee340b22d37a13a968ae3a4a9127af96ea4e1437617a8e53770b23528e3766012e9343b311b4dc67ed2bae27ac5dc9c531ea6236572ddb0e5cf56c0acd02cd2ed8aaf06c41148f408b65f3786fe505c20a46abdd2e8dffb5aeaf0be425d404622063e7d8a7ec7bbd7060d0725505d21e778c82dc2f5d889ec51ef8614745ad4496c0260c4b3c756edc4c270980d98823445dd3529aa1d8e11e7397c289a63c808561ba95abeeb45050089f644cb3210164e4c01470d2a7ce6c361bec405711bf690ce0e3fd6b0a9393c8f667de53ac02d5f7e36599ddb7433c4bb6c796639b98f89cf473f7ffa079fdc696f6bb8bc0e7b93822f4e26c794fb914577bac744c4a7429fe3b548f6abc7c9d73d8914ba0caf8987f955a326a81c2d54ac8fec0a47a25a50ee49d7fd6157c8d9f4e1ed15100868569c0bd9d7e92b2c3e8d87c0525bc0217c8e90b8fe1def146f736a6596361f6670a3a83b61b8b2c0104cd03230f8244a9542d58ce9e264e05a54aa5c4516c743909ba7be942788648d0eb3759f0401cf92f94d22112d6820fbba5fd04b2d719bfe6ecfa64316ed3306ab5495bb372ebbfb3832a703a9e1c417c015ee252715798fd9fe6733eb68b159edd3a78765d6ebdd756a44d37e3bbde46ef568532cb91cc8c1ff521dae8eab5486d1f1806ca9d3800d4877229558da6f2f1a9c79d34218ea22db7cc35de056699f5a0722534d79a9448cbe2eb3918629bf42b7cc233bddc388387ab7f762a7c1daaa2a196aada1c5b020f73df51956c46a85e9042297e9a65d0b572221879eda355b63852878e557340dc4ebf67ff8b377d61ff343b1a1f90eaf5e44896e407f9e507249451a5f199dda4976f7429564ba5f4a2c9f9d068d0c597e7120521716833820bc5800fb7fc1b7f48413fa424607d38f12f222a7f3f86b2bd3f6fcbee0a88b8ba238b721a2c380189a4bcd4d6a8caaa4f2dbdb9879cd2111a35e94d183591d5535472d54f71a57c5230af176b97f3e31c86fdd9e189f6b43cebfd02b44f8e24f3c9c99bc7c8c74c7a80a73501cec936a74b5b28609a9b76506337c925698ca7d64812a5dc144e1c6c2c95d694cae6a8c1738a29a7bf152b73b1476f244eec4b4d2c3b40aeb025fe823f034f20e3fc0e4ea47ca2cd71e4efb6c70bad5c33ed0bea394ac6631e6dc055ec1fdf10d46ed187101bbfb14a55ad459e787c56f6e3e1be49a855085ae56a60a0b53457d09b30a7ff9cfa2586e4001f293249742f3a66a92cff9edf4d7e457e0c8e92c0bf7704d31c4c056988a9a8fdeb04038cfcec826ead3149f3583b06948c20b6c324b0e21c2c19e28c54affe1d04d0cde9a3abfdb9d162670db4f590af3073fee262eb5636cfc8bbeef9ed8ecedab6f7e846cf4de36ca3f709766c27c7136e0cce5a3c82e7dae38972a4c32b8dd963d79fc70824ea1a271adbf3b50bb0fe7f893526b86efa579fbba37c0ac14b12a7ab7572055f1f2ed237f0fe535253676d25b61395618e18cdf7ccceb547c97b19c8878e0304050941b4a391f967091c44b2a04deda4992e6ac96890c63a0623f176790684d106bbf7a6440a1648987ea6db184b2250b3e207748d9bd290d9d6cb3141f2834cd752d9a945279657df70ceae901c7ddab8c29b8a04b002f06786866c361675af575aaaa178aa54f86855da8f4b0a6eebb6a9b740daee5e2f4f3b6038b0b82be5866dc21b8c5a09476d813e27098fa84ec7a3a1cb47d35cecb2b461e55715e4e71bb6cf80a7fa6925dffe7edb68658fb07d159723268039195736df5c174702e6b6735d0da5aab64cd04abe3a806a615742a7c3beb7ae14df31aa3b97cec70c1bc37d2cef2d48f85cf1fa3a0333696511e61cf8b3c1f7b2903e506a11654448993b47b485c0840b2fd870a02b8740c4aa4f6031b24f4f1859ca40d57a1c3ce5b3ecabc446eda6ad32569bfa96415faf564480e59f55692599f9efeddb2a04967f8cef22b624b38a64cfed15ec154df0c1f153f5972b2a075d2eeb1e1ad27d286813f388fe98727058dc8765974094f7fccf631a5bfbde579a86e0d221862efc1d255efecfabc048bec0046fc8194be8d3d51357e7a2606a18709fdaa25643f6417bb7428118b618dae941472294de2ab7f367bc291951935700d3f20bd854e7ee5dae5f8a7b6186cda587eda270c8392f12c065d95255a8c341a10897ee3c681b28a51ed163ad4eb41fa5992dfaaa2d32eb9c391bd90ad7b737b8e22259f2b7487e8a04023a3e2f89b3ac5d387b91c720641ed1273a83bf89093c584ff29f65bec4768b0db6044ad95849da1a90d49be00b8c6767c2e877f8550e37701846bece7516c8e69db8bb88f1570593fecf7614984ad6ff74ea0b53efe9a59d7a184205db3308a92924911069739dce68b011c1867eccf19f6ebc868cde0deeadc565feb8c7196e561226f0193dbbfa7cb88fa00f2cc38c5b8e5122959b35b1ca9c88b026aeccad1f38c839893f3e6acec41eaf14074157311ba670516fad8d490a8d7212ae1934d36e4a0bbceb634d0637309e9804ff3a78d990d60915b09e5aacbdbf9cd4dbe2335bad06548fd81227868b2fbeda6056a4b08a0168719af033ef9138e9ab1ce1064230a7b5a6945a87d9a3245e15ad3a82635776b092f8747f8e887d93b11c86d1e0c08fd3c776d8aa53e6a856983532bbcad38c7383d198e1acf06f6d386b84b0bb4569e28f017ad97d5894db7dda8ade4058f9e96b786ad83758a16c4cc097737019d3d490153cee4ec291760cf557e8418e5b514eedb9fb4e73fe7d4ac5ba983c91031287644f4e4d1bba8f9e667ec78bac10d00718e5ff03380c8f21d2f84fe5f3211fab875affcb6e7a042c45e7c72685e724a75a00e7e72c32a2ad05d9c9b1648307c706fe1240f75ce52cfa05133b08d0ec8f0cf96bf24455ed96d49b0ac19850ea68ddc9ea337092c2e4cc7e429d741d962f222e562dd7f6e7016b790cbd8b7342bfa42fce6ea794a095d42642a9a9418bb7b26caf7fc800c2bd90289c0930fd0eae35794cb8ad9b4df98a7edc7ab41230dc6f6515127f1f5d657998e00a7ef3321ca1dc330edfdbfba654449f88727d22d4a16b7d80b5d71eef7014c8fdca0c9646a3e40caf57bcc03d73fb2b330913102ce007cc53fd9707f11aab5c331ad6a52b598e9e973e8f8ad4b288930034e60159f78c95fd0b80d14874f4378314ad77d59b07a56517c047661147e24b49d31ab548f17331c149bd1cc57f0c5836ff5ac265b2b0f9b8b2b17f9e95388637f15115b5a4b3883fa013fe8b50173a2b220ea87989b1eba24382b12320195bf42dec201a986672f3a7319f81ebb71ac6fd5cd499f0f274dcebfe28589c94b33decd2f03cfd3a5bd0ba32c9dab7949ca5563ceef4b8a3d00e5015b1e", 0xa61}], 0x1, 0x0, 0x0, 0x7400}, 0x0) 2.136210709s ago: executing program 1 (id=1474): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = syz_open_dev$radio(&(0x7f0000001680), 0x2, 0x2) r2 = epoll_create1(0x80000) ioctl$VHOST_SET_VRING_BUSYLOOP_TIMEOUT(0xffffffffffffffff, 0x4008af23, &(0x7f0000000000)={0x1, 0x1ff}) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000002380)={0x40000015}) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)={0x48, 0x2, 0x6, 0x1, 0x6000000, 0x0, {0x0, 0xf}, [@IPSET_ATTR_TYPENAME={0xe, 0x3, 'bitmap:ip\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x2}]}, 0x48}}, 0x4000) 2.135889429s ago: executing program 1 (id=1475): iopl(0x2) r0 = socket$packet(0x11, 0x2, 0x300) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) membarrier(0x2, 0x0) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x0, 0x0, 0x40000000}, 0x1c) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'veth0_vlan\x00', <r2=>0x0}) sendto$packet(r0, 0x0, 0x0, 0x4004010, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x18}}, 0x14) 2.051888845s ago: executing program 1 (id=1476): r0 = syz_init_net_socket$llc(0x1a, 0x3, 0x0) getsockopt$llc_int(r0, 0x10c, 0x4, &(0x7f0000000040), &(0x7f00000079c0)=0x4) (async) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) (async) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/block/loop0', 0x0, 0x0) (async) r2 = gettid() ioctl$SNDRV_CTL_IOCTL_ELEM_INFO(r1, 0xc1105511, &(0x7f0000000580)={{0x4, 0x2, 0x1, 0x9, '\x00', 0x3}, 0x3, 0x10000000, 0x3, r2, 0x1, 0x1, 'syz0\x00', &(0x7f0000000200)=['$\xb4-(S.&\\\x00'], 0x9}) (async) symlinkat(&(0x7f0000000280)='./file2\x00', r1, &(0x7f0000000100)='./file2\x00') (async) r3 = socket$inet(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'bond0\x00', <r4=>0x0}) bind$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, 0x14) (async) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket(0x26, 0x803, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) (async) r8 = socket$inet(0x2, 0x3, 0x33) (async) r9 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x14d802, 0x0) r10 = dup(r9) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000002, 0x28011, r10, 0x63) (async) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000c40)=@bpf_ext={0x1c, 0x17, &(0x7f00000006c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffff8}, [@map_idx={0x18, 0xa, 0x5, 0x0, 0x3}, @jmp={0x5, 0x1, 0x9, 0x7, 0x9, 0x8, 0x4}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0x5, 0x0, 0x0, 0x0, 0x652}, @call={0x85, 0x0, 0x0, 0xc5}, @alu={0x7, 0x0, 0xc, 0x6, 0x5}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000001}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}}]}, &(0x7f0000000780)='GPL\x00', 0xff, 0x86, &(0x7f00000007c0)=""/134, 0x41000, 0x8, '\x00', r7, 0x0, r1, 0x8, &(0x7f0000000880)={0x2, 0x4}, 0x8, 0x10, &(0x7f00000008c0)={0x4, 0xa, 0x8, 0x1000}, 0x10, 0x27b70, 0xffffffffffffffff, 0x6, &(0x7f0000000b80)=[r1, r1, r1, r1, r1, r1, r10, r1], &(0x7f0000000bc0)=[{0x4, 0x5, 0xb, 0x5}, {0x5, 0x2, 0x6}, {0x2, 0x2, 0x5, 0x5}, {0x1, 0x5, 0xe, 0x1}, {0x5, 0x4, 0x5, 0xa}, {0x0, 0x2, 0x10, 0xc}], 0x10, 0xc02, @void, @value}, 0x94) (async) getsockopt$inet_mreqsrc(r8, 0x0, 0x53, &(0x7f0000000000)={@dev, @local, @broadcast}, &(0x7f00000000c0)=0xc) sendmsg$nl_route(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRESDEC=r7, @ANYBLOB="0000000000000000140012800c0001006d6163766c616e000400028008000500", @ANYRES16=r1, @ANYRES64=r8, @ANYRESOCT=r8, @ANYBLOB="d45bf2821fc29957e528b096f8e8e1d60fcf548ec5a5c9c59b6d6c4cdcd0b20075e38bef8e17d5e7e7957413c7ec37399767849f3c4acba3b8ae2218d3ec61ee8e549f278eb916b0ba80f520fdc54ceca418149ed76694c5d4d485a534a62b97a0271c899d1495a37eb6b84e1b2d8b002cc062f21dd25fd93a3bd2"], 0x44}}, 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) (async) r11 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) name_to_handle_at(r11, &(0x7f0000000300)='./file0\x00', &(0x7f0000000340)=ANY=[], 0x0, 0x200) (async) r12 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0) mount$fuse(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000000)={{'fd', 0x3d, r12}, 0x2c, {'rootmode', 0x3d, 0x4000}}) read$FUSE(r12, &(0x7f00000021c0)={0x2020, 0x0, <r13=>0x0, <r14=>0x0}, 0x2020) syz_fuse_handle_req(r12, &(0x7f0000004300)="f6c5cdd50b89338e6f0228b937225c21a87072407fe83d5fecd7bcca9b3fb6c714baa7d905bd76d4f38eba0ffafc067da9e5b2a863dbea1f11e32b455862ad205d1de267dbf9edb296fda48092e372fd3166c91d636b627f4ce223d2fff7db30abd245c174812a8ebfce720483d74f6658daaba3ea9e453d789d9d1d8b63c91f02b1282f122d5847241f305a5d791a7188c946ed5d5e5343c04968e62b064aeadeafd55ddb6a1b724a9adf29b15c4c55c9afd709d19cf29df117c69d1f855b647f2d6dc3ad9cc2e413cda65ca8d3fd777fdf88827428723d37b89a7330dddd234f39187db8e54905b8eb0dc851f51ff37b5deb69b64bbd27b72881267f94a88974a56b1d3178d49c209d6f4e974c00f25a87255c3804b1150f98d46437f5333b200651dfd1ae939125483cec1690ecb4d449ae4f2bdf88d50382440dbe1699017f21c0f1e0c85cd339a9f87046af063b54b923d4eaa04fc8dabb3bb3e3bc83f0657b5a3c4cdfce3c325abe45a39b794d13057e3a036ec20c4eb1c18a7501a8bf3899626fe01b2b9c18ab08eaa972ab9f8a786888162c7f77db751c1ab88db854ad8a99c7307a52571fd4d0a8ca5a6f4f5e46396bab29e4a5bb6f7c40404be7357b47028a1cd2b780abbba9e37d182866a9171ddea543a5684ff6445d4c3ba61b4300a1556e85518301862b398e43f61d461054469f693c42f995a000dc9b950b277bbc5a9bec872462a0938ef0e0ba4f4d2bff4d81804996a9f97893c02b2deff1abf1a6cb7987f446132f55a10aaf537d93422ed22fa659ceda5939cf18398f8632a257abbf68d4854e452ceb5acc02c7b65d67b582e159fb5039ecfe636dfd00218f2e5d1e2ebeca027472d63fdd2b61d7bbd9258a3fbb14ee2559845a638e07bbde84f87a42b59a09c1bc877b7e51a4ea42c64bcb3b3c8043f1604c569308bd6ddf438204df167580f5aefe2a8beabb77a8fd3392f99e3a43a7cfa0a68b1b21a307aeecd5b7a3742d74ff1790b13f1026ebec296210301d48d9354646382a18d247300bfd8aca878051a2d667ad2ee489edfeb3c1c912cc6a6c573fd92dd4cd1b6d2fb1bbdc86ddd8bf515c28f15ebafe858df78e8a783b293db3144c44397cbaeeadea44655c6350562166bda3accf7a2e65cf3eb7beace08760337e2dff8c9611fb131b345f44dba2aa2eee0bb4ec719c59a269e71ffc0775c5c193e341a833d38edf8a1f01f66b9fd039ff55c884257ec7330f333e579e66ac67097bfe31b2b78d88b81b640351da3bea710e38d8b50b0a63814f4638df1680d2217dfe7364dc228ea79f74e678b338105391e8c1e041cae3d2ccb9d1b034d96b811bf06515b3f4dd02cf2cf9f9884a6a1af39f219fde0b1caee2065536b8e900bf4fe9d87396cb0854ff28db253382a8f1e6c2a2805b5d5c8b756640a49a092f8fbc5ab87e511d790519e9e79c1336b2af288b1b07871858966197f65919009c435e6ca5bc89a15fae0e3534e50cbacb3cb2ee519a9894f08facb453a7ada35c0cd8e6ac71cf9ceb21c1b944d81a16a3299c730fe1ddb164505e2df5e4dc7f46c3fa3230a9cc3845298d4abf909565a67be3316ca881540f2920c8fb6ffe5ffc66ef477476cc4941ba03795287f408b6175df89274e189bc2e12e93f5d8aaa532400946a7a0cb6cacb55d4947d0c02da9e2345b4d0cc92a570019ac51f64b29b7e509109500f9fe8129196bc46230a1848ad7dc721efd97f1cbee41a1e520da4cda9fa5a0024d7865e637d0f17f240647f11f4d41a39e29643917f6ccd8680d83cfaa33081c3dd613ba2ebe736539834ba7977d2617b85b073a4532c8e6cb3dc3ecb492f23b573ee103ad6c56a5930904e836e9390a8b20470de2c7e0d1b52000366cbc198caa4917b593334a449840a093bbd709a6f835eb4338e23b12f59efd0fe6a8f7d108e6c40d63b06b43639a73822b431b636c3c6cfa2c973fd43aab1ebb560eb5b556b98758583195190651d9f12bec2a2db9c87f879af59d9e72786e416ea8fa36ff4a4f08d56c5e208b9995fd9ed0607d3af20b1eb51dc0943cd96bee0cc78875fac1dc471f80664ef9eb1f146d5b6871842ae1c51e83523f28a149346df307eae77929a81c235f5593d7eb30581b0650a8759d5a59b5c2697c461e17d8458b13dc88935b878f71f0597d46924bc84714ca7af2df5749b1b0fbe1950aade8d85555887809f9d4cb5d8d6cdd0ddede90e2fd122d1168f0c7e535aefe0385ce12a5cb1060498ba51b28fc344e6c6094b1cf6263007e299d7ceae7814c664f43bc2b8e989779e1a2a36e7e209175c197117966925ced8cd941fb4d37d05a5c771ba579671d505d6af7fb70fe764d906fa84f046fb4429d82bc7f4ed72f686bf2f923ec7bd48b1be8773ef8a51235825cb6c54d444021e823ba2614e7d93920a96d23f19d9adfcabe1716fea4979ef4d74fadc6fd53e8d6c6704c4eb04a039ba4c83d15afdb195a36f292ba9a2728cd85311076aa6a484c01fbf9fad617f4870fcbd1cd453aeaa391968287263852732552443e3388bd07d975cd2a11624fa2d0d931034b940c4b2babe262706c6cd72007c5fd5744564babc9fc37da476cb38ed0de6b530864e26a6febeb8d901d40c771a0cf2f498830487d83368ff3f8af68a0ffa5762d3f2c9cf2a66e2338d3e3655b647685c2dcacba997eac420d5618c3d268b85795fa49e37ee504521017439581a6c5c064f0184e4cad2b8134e2f9b9ec42981c155775d7d744bfff7adb3f7599f159c7cf1d7d56fb7cddf5b4f8ee8a3dcfbc1151b3d253771db09879f48c3c0cc9506e97c776fa8251c21d5fed9dba8ca6674e45ac2a6bef86ae18b175ffb5d281f58527661ef7d5651b28db85c1b7cc305ab5b34fb49a32778390d3b6d4e78d06d3d863eff86435d36be3043529fb9b4d061a7a983d6e287fa83925dfab1b526d6bf510a29f9d6ad493bbb4da5fdf0aef4f16ff50799b016dc4230aaf87b9ef8953f8ad522ab4c3ec3209a57852cbdb5e39628ad107b248d6f07d123fb0e68d7b7aa8558478de5dee88032de6ccbbcab0ecfe8fccb1681816db894fdc24a9b6cf8ad5690efb01c8b4840255a5d5563b4cb73609f0a5337738e179fd9577bb795eb5a89a4ee4e2b2bed5fc65ba1efb911889e131a0b010c5699d7f6b869ffff3945208feee8d245eb45590f2c67b97d186307dbee5327ef60340386ae04d45f981061b80d33ed6db2e5dcd711d68f8d9befdca10334e9636de1a2d6e6de2888d0984aae79b636eb0576f6cc9f450320b7e946eb82e9e1f8b3477f382090c79a9524a69f3416eadba673ff24cb1846358680d370e6ae98230256ebad4826f90ef8189b95f3b6275950c33ec2781bf438bbcce8ee350f3c1475b026a6c189db5101981b21f82ba8d8f62e852ccc5109a2780c70eb4a0b014c0c06ef46ff506c481b8082154db687b644ff122e5f35af5882212834a5b696afda432241f966d5706fa7c00be4a4912b6adb8e5629d0e18bb2ed4e2d7b6dbe79920d21ed0491f7a5017ae5ccdee5b498f61bb9ad5845a6268abebf80338c20c09530675a8366bfd4ea746957dd7337f1c1184751b649a399891ad2b6306bb062b9b2dc8a8b09302ea3386ccd78d9a3a0314c3df264ce81048391ae66ec9eeda8c70efe95146205d0b6bed2c362f2920615d41c7d12fc3991000a080061dad4e34587ff1684c6756f55dfd249d2d62bef74b5e4a40a63a2bc14a473cf913d5a4fd289d1792fc693c4a5f85326eebc52994a34e16af861438f22633fc5a4ce0d30d37ac0e2277e072f78375d7b1443e1af9647c23decfc411a3d0def781ce6679d92872fbc27dbd4a7edc2acfe565103d472fbde7ac626248a5305cf6e1c5fc81e9b71adb2523839b9425c72a67409539d611240ff5ad04ea2b3d063e197f5663606aeb0b76fa2e1121e3815506fe4a9ac09d555c1b8d8c9749f5dd5096130aaab80d9b721a831013885e3a376a57f97db4f1878372c7ac241b7424b86d97ae5fa3a0943f55c64cdbb4aa3209c4fbee3d9ed201e2bfccee01d33bd99c01689e1f23b185acb82e75cd2a161c316334f4887c8225f11ec1354105e3180d67ebb3a98d1178cca8332eb73555f53ed86c7285fc6c85570be32e74baeece3d610cfb505e1ca6c02fabffbd9b4c80274db8faab4a4d29f8bfa6db38daf4ca8442aad66e40581f40a63e50b3a33d9a3e32f4440b761d149a8d71c138f74d5b0e10d9266788499a19f03a17726226e27c899c538bf4c219d7a035bdab2c5b347bcb176555fa451594050c6196a2236e5b0981eabab3519dd10ed1ffb6334476cbb06059384f02c164f278d49391c6069b9adf25c14870e2fe1f28abdb325d3101fe464f829e971067dc9231fc3bc9d0e2a6c8e13db15f4b69b3b028a587a092453296f7f790a547ba191bca2ca929d1477344d7ba30b826a10152580e5ed7418f481e4b10139a4acea1a1c42f748cafff8b0215c6be50e0af09905366f0403c53f8c746ff06ec45d69d3c4039d0980af45c8a2d6cadafe477ffe3451fce3bdc9644faf73ef3ca3e823526fdc086d82967b1a569cdb99ea26fe6d06a21fdfa7a8342089931240324b786f6be1b987c8fc9e9e602cb0ad66039a0147319a896134cc97a7f50b3a0c04c4f80b8a53ea222f5c009325eca6668e453d92e1577712af0297ffbc3e3365d504ebc1c7e825e045c30c0ad9067fcea6dd754c179c3febce85187611f78634c081192b430010987a852837015a3c2a70604e18c5d394207fa61fd3c51a8ac5ab263d1c15a9918f599338d21b894e6016337a5a31422867a775a7def8fb7cc3a41342175e05c891ebbd7318bf011ab2dcd865dc5efa3a9451d973951c96752803665567c08013259f14fd704d5d108cef5a38b4e2375aa241c5cfa99511e334cac9665a06f25da7d3fdb497363b119bb4d536a6803b3aed59143655ef6df225b5a9305979f77e32942ffb48e859da96a309ab57b68fa56a9e0d6e53650e7b1968fe5afc21e5638cd50f5c415c9addd998fe32ac983a9f9266590967782b6d9b70f22a48cc14301af5de46d7b71d0f7c0ead21ff503cbed5c2535672835ea0216eaa7fed72390b66b4684b51365d1923aec4dcf4dd08b357552cfb7e96a5ab956ac1276882e80a79d018c5ca7ffb3367d59846387f4af1fd4b6098cb560bb565af3ec0c3934da29120546804f3800aaba4969e00cb83d9d9b0cf216c42a8722030a6fc85a01b9748bebe688671318a2cc33f69e0bf3a8a3779c8847de958b28b2e8017da7f74d56f1a75134a4da0944e45dfefe63ff367759b55e1659870e0be86cef2789ec9063ae6093693c1d47cfc164eae67c97efa447120a36b39561d380077ceaff4bf0f55b066af441e400cc3996633abf905a32cf025becf31983dc6fceb6e0fb506bd350d81afa6421115939adef8cd68abbbd94f1567d9e9f7505af57e1802b8d704bb7460b3822330c4a4bb6ff2b187fb9a3f324b0f415c706a1de8a7cf6747c72be3b356c0206a3c0c39daa85309bff9faba7b68178108b261086cc15a0e21a52a37c1576a72d2d5da5c43248ad760d239711739cb79fc79b4ca2dbec2e100db1c535ed90623c67ed2e3817ebec259343b17efdd912ea0fbf73653015b7f8a51cae3cab19ba00638b8c8bfa8db481ca7dc7ce5c2540c46c963386188f74dec088552330e6ea067b222bd97ecab5073d95d5814599f522a36fc80636bb66ee8dca399586f90f1c849e30d92382bb0e64f62511a7f1044560175d68dffc03a9e56ac7629a4bcf50a4334f29b3391ef4bf0f3174a44d69e143437cb3dcb3871c4e7de50084b5e5033c48df364a1d5cf925d42a3c8e2b419909e4a2ca2156c1397eb87704e8f8d6cdb3a4a031c1b5468a1e75a923cbdbd384cd8d87c2c05f11f1df014ef98c13fcf9f182f6fb68dc0aa4adf7bec8a17caedd172f64806c311fc106b39edd9628a01d7159d638e09b39feab432718059589dc971143da4a8e640aa63ae0c2fb4a71129d362cdcf993adbc97b4f1543637cf1acbc9e67067f6c6f95be39fdd14dc6478c507507ceff88c2d1c5e13522547ab149dad2526393714c6c0a221c167ddf1084b563c0bfcc4c75a972131c62ddec7a497bd5118eaa12ab25bbbf7cc62eca5de5ea50bab67ce6ff2e05cc47cc0b0a5465eb01bbc08dac30b8522bd92180d8987390314e19eb3201f0be2b4f71abb697a751fd8d6a3251ca8ea1b2f20a7827d2599d62e392d6c065183a1778950d5ebe04180047ee8a2a096e5f1d6813ec63ff4a626c725b24d259cbd9ca6305009b29c6ef7225eecf9078824f9aef4d3e9aee1e9616b2b7f87499f8abab6c38e9a3e7714132850b5e71fa671697e6c8407ac3dad5abeee5f7b2a63aa51d29744736b0c38adccf8e29a85b81f3b3106daed64fc78618e18c9056cc41ce2f50379cc6c2c1411ba2c690e1899dee193f0f2877412f1cbd54d12255ca81a72211f9a8ab7f0b7bebb6c11b4bd6c77455decdfd7df2b2014395ba69f22e520138a43e1b3a11264822b143adcad307b35800563bab720687a898a76cde1f0a15aa3f32c0d302ce6f1094bacf5a1add935884be029c7fe18a5e90c696e3371af0f3cd721abd7dd4ce74efe353105ebcc4b1411d52026901380a9c7a807a76fa617667adea8b7734822da93d93969641a92ad2af6350ceee54e3d7c7c39e22d6c5f363d201572b8d68c2b9c7230b0b85801cfafbc5557f21bc444ea05fc612e2c2a8d4a38578c69bb252d8f4d617d0974f95b6ebb416d5c8f3fa925d4ed4f23bfce03e28389ca8c11e871fa49e8d66387bbb09b3c29d9ed75ea5a9ac7930cb3ed05f999867c640b3435962fdb763002e2fb451c5a1b9d4536e49ba50fcf61451168a994249ef29af51694a1426d987ed8cfe09f10462c7629c4ff1b1cc709b99e9e87a54d1ecf54cd9da0c2c19b84b2a2c32c0bd12d158b73230cf610645048cf1afbb62aa7ce6fab79bec3ad84108f3d96cb9fb3d78a26724892a6bca533e64880c7d4c28a6685502f4cb2a27b132c8253b97e88583fe0766d04795709486556df99b7e65fbf71febe24e0a188e2dc489b8fddbf9d4b1c9ef4b558f888824469df9b2085a845998220332d9cb693472ff2abcc10784c2280825adfcc630e3a961b39ab786deddc53b18e862edc75742d6eb2d7cc227ba3ed770851718388612e4e7f4f257a90fdf09e3b0081d7498e2d5b628d9132aa0165f323f59af5e9ea54c582999fb527d5f2f3dd7e4f85877080526f8481899b6afc732f5da6af31b561ddc36a6b8c723087d3f168292550d89b228f7a3cc131c110a2dab2f81e339f24d3d2b696892dcd4a3e8f2eaaddc0d78e2d07cb9df9d2fe73e4c55562c0794092c7dabd4364f9fea89d6cdd8369d5bf1bc8863b8f89aacf0fd9b9b380947bb4872656e58bc87526e18fa8b17ef8a7219adf1b79d1be5dd827e7ba8e4ed50a81eb7562b179876a8803dde2ea99fe744e8f7df17040ac38592a3be7eb353416496e867d8a74c7eb94556b16241935d718dd43462fe0855cc31a812e0ac01109d1d3539bd2fd4eeb422009138a92324bd072edee2ba47d6cacc24588410ce30565a8aaa5aad52d9c55368372715717ff5ed3a0243ddafd11a7059c29a26b9ea9374e8434f31e4c15a747ee6d69368d12b96122690f843569e82ad27eb8fb25e94dde94cc15e690dc65f6a6c2a6393821168a79e03cd223ce54a1d5e38eee1c12e23027b12c6a8094c805088617c2fb4f52008366faf37fdb13b3a7a879949d13644da36dd35a4ede785ca0ac7b4f15472e77a33228129143f849ee75c915df31764c96954621a01e0941d6bb58125f544818b7152698f3addcd0a684af8fcdd4bcdf5752b3faa731988866ee8a664850989d280505d2a4b861f159d47d2d61ab3de866fb2c8f90075b713f61cf83a2ed426d53214b70385b7a46e5620c032486a5a00e0e73d3ea16eeccf5731507903a25685466b61311502ce781634ee46542957a0d5bacabb8d965689422588ee102d6a6016bf11589fff32e503feefccefe4107d0619e7a15336a8655e2f09034b4069941126d48909232592aac6d9c231285dc1d038ff1fa09c1588f543304659ca334afbc42b5f5fb813b34663cc6f4b0a12fc3edc28765b062e7a50fd19ef575be96cd1d9aa48c1fef1b2763949982a47bf25a69c8b1306e8e36c91d2096e6a6cf934452233ff49e91ee173c1e288b9ff70ff364689b82e2467a3d741809657ce0856582d24da5663162422a6f1ed1fce7cef40d90ce57cb99e19a0b4365d483361d03d0cceadd682f333bcdb0a49e24d8c7d004aad2dac06f4839cffc0a77730623917e5f101c33411ab4e0a8491de9a8bbd5dedb8dfeb5a5880da57c74bb8e1fd8b02d3c22087be3f686aee26988b2d62a41d4593ff0dc100c31dad221489f612ef60c160bd6c1f5a00ea6efd3a5aa5ca14efbf78ae4e5d8c5db9c03758b81e636005ade8d03a11f5d8231cfc1bdacdb276992ca8ecbad337fa89dacc9e9be11d398d37207e15ddb45566e0af78833545352d3043b70e20695ddddaccccaa93ee5e2874bfc7f9510541a57fb3cb9c8d6e75460cca3c4cca39a642eff1967dda07a66fe67d87696a5fe22a718a52cd9ba83e348ed211c1dc2e21ebd797455f0648af12c10321240058857632112a75adfdca249f26cf8d6ba05ee83d00ff8d64d8fed069dae70b79105ccd95fc9df34426d765578f651a4cba8094f46e0a9b676c0c0ebb1803660a70f5c7ad2de1ff96676c3ecacdc2953fd235856228556db20395b8d54819b7b12f56e4dddf6a7fe4f7f3d69dff022c59efb2313ae801dcb02b117f50f18eb11dd5a291a7068c820fbe381bd0697566909a38fdab0a0c48442dc935ab8447ebecb93af879a6bb82ab5f245274d873b5be4312856fe4fab8edc9575c02ba4cdb34b31323b69cfef40755bf96279460640ed9fb84d5c60d95cfd76a39726c29f5607d80090e5e3da18fd74682975dd98d98e4afdf4460e1aeb7087a18ded69310b28fa45b356fc28d1f2bef4c9dd50909076de9587fa07b966ee143ec589f70b8ac4d1320cac5bafefe640e445922090c721ce79e4e2c546cfb9b7f058932e6c83170dd2785e28ed81757ade61aa094bd042411aafe0b75156067a5790c78a44589728f1190ac0ba2f93004e06602f51fab34cc56a485569be11e0fd8c89ec3363e053dbdb6cbc69b686e89ff3730dce9099daff958f3be6e7f9ac00bddf0f133a6f904262443963aabe84b0ec9ab9209ebb0d6e81b8d30b2959bbfe5b332459310be2d8183a93ea08301b816d5b009a967916dd45b0f541c57685a6c7ef8cf715ae7fd1780f0a0da48467196e25e26fd2d5a075ad5acfa1ebec9647da21672b642ee4a908fbce416f4ed36ab5b96e5b47a0f6c7f280119567b7d54640c65ce5a0f4912690c4a3d0805e4284fb695eb3af2528f031261439506a4d3f4c2e18b736c55475828a0faf0153acf0dd89bf3c2f6525cb4bfcb419421c7696ee93bc595158a9a43bb288022122a8c45a0db060fe5e85bcc128f396f7af7006eba4e0d6e2f0802625342799bc1b98366682db90ff1be99322bc0672e07757c44173b96e659ff645d263af255d6ecd88bd9a0863006db7f674e79b0493d41a12057e36243394294b4c7850d14a988715de4b55e9f83c2f0676a8486efcc948109076361267f092315dae79164da8f832ad6f35f600b92e4a8228d39e507117c1c1b2a4a12b667538000912ea67de21bd85616cb30f95573ba748a75d2e04b493865a8711a688e33221b26f621ab3a137cf86cc9dd340bcee72f19e00de06f1e9abbe08b4cb8725c9e624f02d36c4c276a529b6e23581c348bb90a4fb1f89053aee36caca5529bad9124825860c011140744f245cd02ffe219e436bfef045517e4e41094b25cf9082692cd8e37d3893c5a90c35b808a17a6508fa7ae743740be0d984ef5ea80cee51e14b9997f86b45b97e5acf89a0a6aa962689c4f53bc7b65e5037de60fa395ed1013591caa79412108224c020d77069939391e20ee32b86139fca7eb9ca5c07fa733311fef5d5594b83ae34c6bc32f037b09995511ff9b9b611bc727055a10b808ebb8c8e5ce532046c7ad3336c38d506e0e3043c4413dc8ce0a9caadbef27d6f663b22bf8d399621ee86e52d9abd5628e3270424d8a06a79174c7de23c431224fd8d0f42853510600f9e2deb8a7bfcd324a5c6ec19cd0c9ca81c552b111a2acc4479e20439e2e3caf44c92026b5be1ad6933ed8d4de1575216c134d55171568ee64213fc4d32ca5cd7ad04b8705ecfd1b88d56294dca67efe3b1b37c7d5d170cef18997c4af074e97a98c11ec3cdc83a4ea564ebb47f02344d3ab410e25a4ad658be9bf627d49c106c1098dccf7ff62ff9f4dc997a279afdc5630ba32167a68ed7bb3bae2a8b61fca67b5b7dc5b3ef3ab679b602764da9aabf3d0caa56b278c2ab6fbee2cfdd7277402a1f82de1d97807829c0105277073772929f16d79584118f31b45ec4db29aad83693b2d9de08f417beaa2f78d55a36a824a94d1e3cfeb3d75c3d41ddd0e317e85d327e9b5a9da44dc12b6fc3acf6d222a44f59520fa3fcdc37903eca4b7a91fe14cf54b06855d204ebd71018fe767a158b5e389b5e8e136fc8960840ef1916d8e36f08260e5fc9808442e2034f2c761ae051d03fa618a5f6b8ba8cee00411d09aaa3f8fe30a5d29d9403a905403b5310355326387ea6ea72643b70fcc5bf767371878440d07be919c4ad8c4b8951655bbeac50025f4cc2e859c20dfd440a0b1b14549bccaf7952a27f12266c3b7185d9f37ab405d0765011ae6dbc0717f58ec6bd4101589f5c6054faba863bd2af1e8b19cc2cee98c619e477a47497896c42c37697313917b37140a77a5afec97556f06e0ee1d87c3739bd9ff4c210ddd4eceb65701e64bf4d6cbd5d4b9786f4d45acd881fa6eb1c6fda5f8844f5a1635d05e7bb82270694efe063d44296d86b4bb8b28e573dd7cc0d379b5449af1064f10ab8e8f5f177713a63fd7ea8bb68305356c59b5b48334d568fc6d81713bf2c1438dbec4c2c793d5bcd94c459eaace9295ec5b51328fcea5c8f984d8bf90b2f9fb247ce722a1c001e6ff179524417d647b856d905976f623b2db0facf05d62a87662ddc0d6c31cadca2ec262439fdd0f5cd7788617b98bbb802ceed7f971fe6d432a49dc132fe5475db3bc61d6ff04442a9afa9078be7a15de8668cdf469697e337eb4a99b24cd89da2a36eaf4f725cfc77f5e4de3dc010c2ef1f6b22dc479544c0c4c611fe1c8ef5ed3c23ddae7cd01ae1874217f8d1001f0c5f8d2ace0ec72ef3ed9b95b72753462feaa1ff5c2d23f5ec1ccf41064895d6944f38bf7c41a091df7b8c5c5021ff7ab7571439a3d5c889aa57c715e4a55ecd77b5cb4f8bc3408d95d560f5e8ec711e81ef8a751df5d1d053822debf0295574ebfc5f1fc47caafdf8b3862d68fb01d6239fa13c026320aafdead31d003d8bd8b46842687b600", 0x2000, &(0x7f00000011c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={0x90, 0x0, 0x0, {0x3, 0x0, 0x2, 0x0, 0x1, 0x800, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0xffffffff, 0x9, 0x0, 0xc000, 0x3, r14}}}, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x130, 0x0, 0x0, {0x0, 0x0, 0x0, '\x00', {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, {}, {0x9}}}}}) write$FUSE_INIT(r12, &(0x7f0000000e00)={0x50, 0x0, r13}, 0x50) (async) write$FUSE_INIT(r11, &(0x7f0000000440)={0x50, 0x0, r13, {0x7, 0x29, 0x2, 0x11040400, 0x67f0, 0x0, 0x48a6, 0x800, 0x0, 0x0, 0x80, 0x8}}, 0x50) 2.051620708s ago: executing program 0 (id=1477): r0 = syz_io_uring_setup(0x24fd, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x2, 0xe5}, &(0x7f0000000a40)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x610c42, 0x0) socket$netlink(0x10, 0x3, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000bc0)={0x18, 0x10, &(0x7f0000000340)=ANY=[@ANYRES8=r1, @ANYRES8=r0, @ANYRESOCT=r2], &(0x7f0000000000)='GPL\x00', 0x8, 0xbb, &(0x7f0000000c80)=""/187, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000400)=[{0x0, 0x1, 0xa, 0x4}, {0x2, 0x2, 0x40000013, 0x2}, {0x7, 0x5, 0xf, 0x9}], 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r3 = getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000ac0)=[{{&(0x7f0000000480)=@abs={0x1, 0x0, 0x4e20}, 0x6e, &(0x7f0000000580)=[{&(0x7f0000000500)="4ffbaa0a3bd32b8711840c80f6009003d763ae3bafd60e391fbfa4ce9437e735b09357312bf898c95a835095f25ee33f498a4cbe5ea1a837d137155bd617bd7ba7476f433208ae2801996660f73ff214f91541f6c8f22d0edb7299e7250576fd23e819bca0c87f1d030f2e2f28f09dab4a052cf93b92543981e9d4fc", 0x7c}], 0x1, &(0x7f0000000a80)=[@cred={{0x18}}, @cred={{0x18, 0x1, 0x2, {r3}}}], 0x30, 0x800}}], 0x1, 0x0) recvmmsg(r4, &(0x7f0000000680)=[{{&(0x7f00000002c0)=@ethernet, 0x9b, &(0x7f0000000380)=[{&(0x7f00000007c0)=""/185, 0xc7}, {&(0x7f0000000080)=""/63, 0x3f}, {&(0x7f0000000240)=""/24, 0x18}], 0x3, &(0x7f0000000700)=""/175, 0xaf}, 0xfffffffc}], 0x1, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x800000000002) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) add_key$user(&(0x7f00000003c0), 0x0, 0x0, 0x0, 0xfffffffffffffffd) r6 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000004380), 0x101602, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000003d0007010000000000000000027c0000040000080000008006000680800a0000"], 0x24}}, 0xc000) read$FUSE(r6, &(0x7f00000020c0)={0x2020}, 0xffffff68) socket$inet_udplite(0x2, 0x2, 0x88) r8 = socket$vsock_stream(0x28, 0x1, 0x0) r9 = socket(0xa, 0x80000, 0x1000007) getsockopt$nfc_llcp(r9, 0x29, 0x24, 0x0, 0x20000011) connect$vsock_stream(r8, &(0x7f0000000100)={0x28, 0x0, 0x2711, @local}, 0x10) r10 = socket$inet6_sctp(0xa, 0x801, 0x84) connect$inet6(r10, &(0x7f0000000100)={0xa, 0x0, 0x0, @private1, 0x200000}, 0x1c) sendto$inet6(r10, &(0x7f00000001c0)='O', 0x1, 0x0, &(0x7f0000000280)={0xa, 0x0, 0x0, @private2}, 0x1c) shutdown(r10, 0x1) 2.045642688s ago: executing program 1 (id=1478): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4106(gcm(aes))\x00'}, 0x5d) setsockopt$ALG_SET_AEAD_AUTHSIZE(r0, 0x117, 0x5, 0x0, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0) setsockopt$bt_BT_DEFER_SETUP(0xffffffffffffffff, 0x112, 0x7, 0x0, 0x0) seccomp$SECCOMP_GET_ACTION_AVAIL(0x2, 0x0, 0x0) syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x40047) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x7}, 0x0) mkdir(&(0x7f00000020c0)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f0000000380), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000340)=ANY=[]) chdir(&(0x7f0000000100)='./file0\x00') r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x20051, 0xffffffffffffffff, 0x151e6000) openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0x4, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94) r2 = fsopen(&(0x7f0000000080)='binder\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(r2, 0x6, 0x0, 0x0, 0x0) mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000340)=ANY=[]) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$sock_int(r3, 0x1, 0x21, &(0x7f0000000080), 0x4) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') open(&(0x7f0000000000)='.\x00', 0x0, 0x0) mkdir(&(0x7f0000000400)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='ramfs\x00', 0x0, 0x0) 1.795189939s ago: executing program 3 (id=1479): r0 = socket$kcm(0x11, 0x200000000000002, 0x300) bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) syz_genetlink_get_family_id$nfc(&(0x7f0000000100), 0xffffffffffffffff) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000180)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_emit_ethernet(0x0, 0x0, 0x0) socket$nl_generic(0x11, 0x3, 0x10) socket$inet6_sctp(0xa, 0x5, 0x84) syz_open_dev$usbfs(&(0x7f0000000000), 0xd, 0x800) r4 = syz_io_uring_setup(0x117, &(0x7f0000000100), &(0x7f0000000280), &(0x7f0000000200)) r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) connect(r5, &(0x7f00000004c0)=@rc={0x1f, @none, 0x8}, 0x80) io_uring_enter(r4, 0x47f6, 0x0, 0x0, 0x0, 0x0) r6 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x0) ioctl$NBD_SET_TIMEOUT(r6, 0xab09, 0x5) bpf$TOKEN_CREATE(0x24, &(0x7f00000002c0)={0x0, r6}, 0x8) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="000004000000181162e353000000000000000000", @ANYRES16=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000d00)=r7, 0x4) 1.731249331s ago: executing program 3 (id=1480): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="280500003d0007010000000000000000017c0000040000000c0001800600060086dd00"], 0x528}}, 0xc000) r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r2 = dup(r1) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) ioctl$VIDIOC_QUERY_EXT_CTRL(r2, 0xc0e85667, &(0x7f00000004c0)={0x20000000, 0x4, "915288a030e9fe34229a78047df3621cb01f5118b881bc1e7b057239da4ee12a", 0x2, 0x30, 0x3, 0x3, 0xa, 0x9, 0x0, 0xa00000, [0x5, 0xffff, 0x9c4d, 0x4]}) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x47, &(0x7f0000000000)={@broadcast, @broadcast, <r3=>0x0}, &(0x7f0000000040)=0xc) ioctl$sock_inet6_SIOCADDRT(r2, 0x890b, &(0x7f0000000280)={@private0, @mcast2, @mcast1, 0x1000, 0x0, 0xaeb1, 0x300, 0xb, 0x4, r3}) r4 = gettid() r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000700), 0x0) read(r5, &(0x7f0000000200)=""/202, 0xca) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r5, 0x4058534c, &(0x7f00000000c0)={0x80, 0x1, {0x3}}) ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r5, 0x408c5333, &(0x7f0000000300)={0x3, 0x80, 0x0, 'queue1\x00', 0x80a6}) tkill(r4, 0x7) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='blkio.throttle.io_service_bytes_recursive\x00', 0x0, 0x0) 1.383423286s ago: executing program 3 (id=1482): openat$udambuf(0xffffffffffffff9c, 0x0, 0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f0000000380), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) r1 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$SNDCTL_DSP_SUBDIVIDE(r1, 0xc0045009, 0x0) socket$kcm(0x10, 0x2, 0x0) r2 = syz_usb_connect(0x0, 0x4a, &(0x7f0000000040)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb10"], 0x0) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) syz_usb_ep_write$ath9k_ep1(r2, 0x82, 0xc38, &(0x7f0000000080)=ANY=[]) r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x24, &(0x7f00000002c0)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0xf}, {{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x2, 0x3, 0xa, 0x9, 0xfe00}, {0x5, 0x0, 0xb, 0xa, 0x0, 0x2}, {0x3, 0x0, 0x3, 0xa, 0x9, 0xfff8}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffdff}, {}, {}, {0x7, 0x0, 0xc}, {0x18, 0x2, 0x2, 0x0, r3}, {0x6, 0x0, 0xb, 0x9, 0x0, 0x3}, {0x46, 0x8, 0xfff0, 0x76}}, @printk={@u, {0x3, 0x3, 0x3, 0x4, 0x9}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xfffffffe}}], {{0x7, 0x1, 0x7, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) 1.271989593s ago: executing program 2 (id=1483): r0 = gettid() mknod(&(0x7f0000000140)='./file0\x00', 0x1000, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000000c0), 0x4) setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f0000000180)=@gcm_256={{0x303}, "c4915c7f49468ce8", "9b84f987950ff3df25fa8f46983d34157e047d27ae4a66a6d15608a32cbaa5bc", "685a228f", "be0ea450d5a5fd03"}, 0x38) openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x0, 0x0) r2 = open$dir(&(0x7f0000000140)='./file0\x00', 0x801, 0x0) openat$mice(0xffffff9c, &(0x7f0000000040), 0x202180) sendfile(r2, r1, 0x0, 0x800) sched_getparam(r0, &(0x7f0000000100)) 1.206716889s ago: executing program 2 (id=1484): r0 = gettid() sched_getparam(r0, &(0x7f0000000100)) (fail_nth: 4) 1.20092193s ago: executing program 1 (id=1485): mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0) (async) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0) r0 = socket$xdp(0x2c, 0x3, 0x0) iopl(0x3) openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async) r1 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$SNDCTL_DSP_CHANNELS(r1, 0xc0045006, &(0x7f0000000180)=0x28) read$dsp(r1, &(0x7f0000000440)=""/171, 0xab) (async) read$dsp(r1, &(0x7f0000000440)=""/171, 0xab) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) io_uring_register$IORING_UNREGISTER_EVENTFD(0xffffffffffffffff, 0x5, 0x0, 0x0) ioctl$FICLONERANGE(r1, 0x4020940d, &(0x7f00000001c0)={{r0}, 0x0, 0xd8, 0x3}) socket$inet_sctp(0x2, 0x1, 0x84) mbind(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) bind$vsock_stream(0xffffffffffffffff, 0x0, 0x0) listen(0xffffffffffffffff, 0x0) socket$vsock_stream(0x28, 0x1, 0x0) (async) socket$vsock_stream(0x28, 0x1, 0x0) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/65, 0x328000, 0x800}, 0x20) (async) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/65, 0x328000, 0x800}, 0x20) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) (async) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (async) r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a03020000000000000000020000000900020073797a30000000000900010073797a30000005004000000000180003801400756e002000000000000000140000001100010000000000000002000000000a"], 0x80}}, 0x0) syz_emit_ethernet(0x4a, &(0x7f000001f8c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa886422a6003c0000002100069078ac141432ac1e00010000000000000000000000000000000300000000fffffffd00"/74], 0x0) (async) syz_emit_ethernet(0x4a, &(0x7f000001f8c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa886422a6003c0000002100069078ac141432ac1e00010000000000000000000000000000000300000000fffffffd00"/74], 0x0) r4 = socket(0x11, 0x800000003, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r5, 0x25, &(0x7f0000000000)={0x1, 0x0, 0x0, 0x0, r2}) fcntl$lock(r5, 0x25, &(0x7f0000000340)={0x0, 0x0, 0x10080000f}) (async) fcntl$lock(r5, 0x25, &(0x7f0000000340)={0x0, 0x0, 0x10080000f}) fcntl$lock(r5, 0x25, &(0x7f0000000180)) (async) fcntl$lock(r5, 0x25, &(0x7f0000000180)) ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000000600)) socket$nl_route(0x10, 0x3, 0x0) 1.011743114s ago: executing program 2 (id=1486): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000500)=ANY=[@ANYBLOB="2cb000ffff0d00020073797a0100000000000000130700000004000880afea20abbbd3c9f4149bec36c3ae03d0961eb4f69143b653ee1625ccbb050c47d5798fa376cc17eb640c841829337763cf76abc3460fa7cbada9b543d3f3e08c5265ccb0d6bdeb99038c4416658ca1ed8c1dcd3d4484baa5a2762adb5837e60194f4b52f7c08cc2d82353da09539006bbf1aee6643fa61964f1e93af7fb8e430621ce5487a2f26d9abfebe2c9325c905aef0de7e061c6d2bf5c34d888ef763d04df3a88a0ec8d27c58f2a91090091489b9d2eb74c019701aa0f7bbecac5eacea815630fbccafbe1d6dc41bbe70d21ecf35fc4b1ad5636d9ac0ab53a8347a7bed633994f4e8d424d4a7650252e2c4d6c975008d986a17a60ee07ffd76ccedd63c174b1bf62c1c"], 0x2c}, 0x1, 0x0, 0x0, 0x10000082}, 0x4000080) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f00000001c0)=ANY=[@ANYRESOCT=r2], &(0x7f0000001200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r5 = fsopen(&(0x7f0000000300)='cgroup2\x00', 0x1) fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0) r6 = fsmount(r5, 0x0, 0x0) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000200)={r4, r6, 0x1, 0x0, @void}, 0x10) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a300000000040000000030a01020000000000000000010000000900030073797a0600000000140004800800024032658aeb08000140000000000900010073797a300000000048000000060a010400000000000000000100000008000b40000000000900010073797a3000000000200004801c0001800b00010072656a65637400000c000280080001400000000114000000110001"], 0xd0}}, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000340)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1c}, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "00fbff", 0x14, 0x6, 0x0, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x10}}}}}}}, 0x0) ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000400)=ANY=[@ANYBLOB="0100000000020000291001c000000000b70b00d6b4875d04e5803f8e9ab15ca84d084b8bb18f056121829543e75d8658e65776a674221a82a2005b94c52134519c52dd3082d4b8ba1cebb2d7619a0f41e2461a4bda35da323006041518bb2e8100000000000000ea41ac57faf09c7cb80f6d5ef9ccdef567f9754ad26d03831ea6b3def2d45ce94a789174602fa2229106aa64eafa71a95f7f6b821a197c39e013d58cfab18f2b957a1be2d5544e1ce52fecfe8f3e90188d975743d12fa0f257d656d1f76b373871817ede6a064538bf25b77a32c3d5bf9a24b9ad661063b12d87167ceb2597c31a9329ee080d013bb0b6c599113216c4fd572fac90081293f3"]) r8 = socket$inet6(0xa, 0x5, 0x0) bind$inet6(r8, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r9=>r8}, './file0\x00'}) r10 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) ioctl$sock_kcm_SIOCKCMCLONE(r9, 0x89e2, &(0x7f0000000080)={r10}) r11 = socket$inet(0x2, 0x80001, 0x84) bind$inet(r11, &(0x7f0000000180)={0x2, 0xce20, @local}, 0x10) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r9, 0xc0845657, &(0x7f0000000200)={0x0, @bt={0xffffffb2, 0x9, 0x1, 0x0, 0x3, 0x80000000, 0x1, 0x6, 0x4, 0xd48, 0x88f, 0x8, 0x5, 0x8da, 0x1, 0x2, {0x3, 0x4}, 0x8, 0x1}}) r12 = socket(0x15, 0x5, 0x0) getsockopt(r12, 0x200000000114, 0x8, &(0x7f0000001e00)=""/102400, &(0x7f0000000040)=0x19000) bind$inet(0xffffffffffffffff, &(0x7f00000003c0)={0x2, 0xcf20, @local}, 0x10) epoll_create1(0x0) r13 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r13, 0x6, 0x210000000013, &(0x7f0000000040)=0x100000001, 0x4) setsockopt$inet_tcp_int(r13, 0x6, 0x18, &(0x7f0000000100)=0x80000006, 0x4) 1.01118131s ago: executing program 0 (id=1487): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0) r1 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x2a00) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0) write$binfmt_aout(r2, &(0x7f0000001640)=ANY=[], 0x1a3) write$P9_RSTATu(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="650000007d010000004b000300ef48000000010000000300000000000000000000020100000006000000d4000000000000007e0faedd67655bec0f1595980c046367726f75702e73"], 0x65) write$binfmt_misc(r2, &(0x7f0000000000), 0xe09) ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f00000002c0)={r2, 0x55, {0x2a00, 0x80010000, 0x0, 0x18, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00", [0x6]}}) 937.669145ms ago: executing program 0 (id=1488): mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x5d032, 0xffffffffffffffff, 0x0) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x408}) r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x4, 0xb, [{}, {}, {}, {0xfffffffd}, {}, {0x0, 0x1000000}]}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, 0x0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x24008004) sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYRESDEC=r2], 0x1c}, 0x1, 0x0, 0x0, 0x40154}, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{0x0}, {&(0x7f0000001480)}], 0x2) sendmsg$NFT_BATCH(r2, 0x0, 0x200548d0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) close(0xffffffffffffffff) connect$bt_sco(r0, &(0x7f0000000040), 0x8) ioctl$SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, &(0x7f0000000180)) r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="18007cefbea0119a001195a6ae0e820a6c8b8c6ebeba"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r4}, 0x10) sendmsg$netlink(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)={0x114, 0x32, 0x1, 0x0, 0x0, "", [@nested={0x101, 0x0, 0x0, 0x1, [@typed={0xc, 0x1, 0x0, 0x0, @u64}, @typed={0x14, 0x3, 0x0, 0x0, @ipv6=@rand_addr=' \x01\x00'}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe8101000000010000008b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd"]}]}, 0x114}], 0x1}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$tipc2(&(0x7f0000000480), 0xffffffffffffffff) 780.100964ms ago: executing program 2 (id=1489): r0 = open_tree(0xffffffffffffff9c, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000005580)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822a0269a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7ae22e16c6c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bba3d005585bf07d70e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225c380fac12f8205d182f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05fea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d96ee1b84bb64b14aebc6b5194c55dd6890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56bd86acb7654a195bc3e98df3a5dffd5b07838a3ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d0ed9829dec16ab67a4f59a504e09f55ab82bbd405087a17a229a149c53ee9145500db213cb36489a10957739e481a756e65bde579bbbfb404213f661eeaaffacbcfbfd6"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$nl_rdma(0x10, 0x3, 0x14) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000900), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000a40)={'wlan1\x00', <r6=>0x0}) sendmsg$NL80211_CMD_ADD_TX_TS(r4, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x1c, r5, 0x1, 0x70bd27, 0x25dfdbff, {{}, {@val={0x8, 0x3, r6}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x20000010}, 0x44000) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'dummy0\x00', <r7=>0x0}) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000000)={@ifindex=r7, r1, 0x2f, 0x4, 0x5, @void, @value}, 0x20) r8 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r8, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r8, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c) r9 = socket$nl_netfilter(0x10, 0x3, 0xc) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) sendmsg$NFT_BATCH(r9, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000048000000160a01020000000000000000010000000900010073797a30000000000900020073797a3000000000140003800800024000000000080001400000000008000740000000015c000000160a01010000000000000000010000000900020073797a30000000000900010073797a3000000000300003802c00038014"], 0xec}}, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r8, 0x29, 0x22, &(0x7f0000000240)={{{@in6=@loopback, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r10=>0x0}}, {{@in6=@remote}, 0x0, @in=@dev}}, &(0x7f0000000180)=0x100) r11 = getgid() setsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f00000001c0)={0x0, r10, r11}, 0xc) setsockopt$inet6_tcp_TCP_ULP(r8, 0x6, 0x1f, &(0x7f00000000c0), 0x4) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r8, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet6_group_source_req(r0, 0x29, 0x2c, &(0x7f0000000340)={0x8, {{0xa, 0x4e20, 0x101, @local}}, {{0xa, 0x4e24, 0x4, @mcast2, 0xaa44b8a9}}}, 0x104) setsockopt$inet6_tcp_TLS_TX(r8, 0x11a, 0x1, &(0x7f0000000040)=@gcm_128={{0x303}, "0400", "0d07080d7f4fcf0000e8ffffff00", '\x00', "8657e2b7e43b34e4"}, 0x28) sendto$inet6(r8, &(0x7f00000001c0), 0xfffffffffffffede, 0x0, 0x0, 0x3000137) 779.071766ms ago: executing program 1 (id=1490): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="280500003d0007010000000000000000017c0000040000000c0001800600060086dd00"], 0x528}}, 0xc000) r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r2 = dup(r1) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) ioctl$VIDIOC_QUERY_EXT_CTRL(r2, 0xc0e85667, &(0x7f00000004c0)={0x20000000, 0x4, "915288a030e9fe34229a78047df3621cb01f5118b881bc1e7b057239da4ee12a", 0x2, 0x30, 0x3, 0x3, 0xa, 0x9, 0x0, 0xa00000, [0x5, 0xffff, 0x9c4d, 0x4]}) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x47, &(0x7f0000000000)={@broadcast, @broadcast, <r3=>0x0}, &(0x7f0000000040)=0xc) ioctl$sock_inet6_SIOCADDRT(r2, 0x890b, &(0x7f0000000280)={@private0, @mcast2, @mcast1, 0x1000, 0x0, 0xaeb1, 0x300, 0xb, 0x4, r3}) r4 = gettid() r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000700), 0x0) read(r5, &(0x7f0000000200)=""/202, 0xca) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r5, 0x4058534c, &(0x7f00000000c0)={0x80, 0x1, {0x3}}) ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r5, 0x408c5333, &(0x7f0000000300)={0x3, 0x80, 0x0, 'queue1\x00', 0x80a6}) tkill(r4, 0x7) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='blkio.throttle.io_service_bytes_recursive\x00', 0x0, 0x0) 778.891777ms ago: executing program 32 (id=1490): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="280500003d0007010000000000000000017c0000040000000c0001800600060086dd00"], 0x528}}, 0xc000) r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r2 = dup(r1) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) ioctl$VIDIOC_QUERY_EXT_CTRL(r2, 0xc0e85667, &(0x7f00000004c0)={0x20000000, 0x4, "915288a030e9fe34229a78047df3621cb01f5118b881bc1e7b057239da4ee12a", 0x2, 0x30, 0x3, 0x3, 0xa, 0x9, 0x0, 0xa00000, [0x5, 0xffff, 0x9c4d, 0x4]}) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x47, &(0x7f0000000000)={@broadcast, @broadcast, <r3=>0x0}, &(0x7f0000000040)=0xc) ioctl$sock_inet6_SIOCADDRT(r2, 0x890b, &(0x7f0000000280)={@private0, @mcast2, @mcast1, 0x1000, 0x0, 0xaeb1, 0x300, 0xb, 0x4, r3}) r4 = gettid() r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000700), 0x0) read(r5, &(0x7f0000000200)=""/202, 0xca) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r5, 0x4058534c, &(0x7f00000000c0)={0x80, 0x1, {0x3}}) ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r5, 0x408c5333, &(0x7f0000000300)={0x3, 0x80, 0x0, 'queue1\x00', 0x80a6}) tkill(r4, 0x7) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='blkio.throttle.io_service_bytes_recursive\x00', 0x0, 0x0) 71.234282ms ago: executing program 2 (id=1491): r0 = socket(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010411feffffff00000000000000", @ANYRES32=r3, @ANYBLOB], 0x3c}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{}, 0x0, 0x0, 0x9, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x8001}}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x40800}, 0x0) 587.786µs ago: executing program 0 (id=1492): r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000340)) r2 = socket$qrtr(0x2a, 0x2, 0x0) connect$qrtr(r2, &(0x7f0000000040)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc) write$binfmt_script(r2, 0x0, 0x900) 277.095µs ago: executing program 0 (id=1493): pipe(0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = socket$xdp(0x2c, 0x3, 0x0) mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x13, r1, 0x80000) syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r2=>0xffffffffffffffff}, '\x00'}) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000001f80), r3) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000001fc0)={'wpan0\x00', <r5=>0x0}) sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r3, &(0x7f00000020c0)={0x0, 0x0, &(0x7f0000002080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="00147baa86d68a7e142d1741a3007802cb69cbb75043d2e58c10e1e9cc005228bfe8f1aed68e583774650f4b835f6827ed1218b371116b2c8e076b6f6c7e9f6a92bdbd12330f1c70e09de45f3d9bccf692bfb78da4efdb9d270008e0d7c2c8c5a607d7688e05d116a7f7790c86b16f5efd1293b00c3822ca60de3c429aa880fed8059304e72ae4d50114fdbea8c5aaca884d0e376ae4378a34fd1488429ef486106c639d243fe28b5c0b9a8c1ed7cf5b81e3eb8d936500"/196, @ANYRES16=r4, @ANYBLOB="010000000000000000002e0000000c0005000000000000000000060006000000000008000200", @ANYRES32=r5, @ANYBLOB="05002b0000000000"], 0x38}}, 0x0) r6 = openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$EVIOCGPROP(r6, 0x40047438, &(0x7f0000000180)=""/246) r7 = io_uring_setup(0x6f63, &(0x7f0000001200)={0x0, 0xad4b, 0x1000, 0x7, 0x210, 0x0, r2}) socket$inet_smc(0x2b, 0x1, 0x0) io_uring_register$IORING_REGISTER_FILES(r7, 0x2, &(0x7f0000000140), 0x0) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18020000fcffffff000000000000210085000000360000009500070000000000b83f3584230b8f5ec8921327291cf4880dd3a91af830f8a476ba1b51d4eb67103b000000000000000000000000000000640f9922d207e93470686f20ad"], &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) r9 = syz_io_uring_setup(0x24f9, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r10=>0x0, &(0x7f0000000000)=<r11=>0x0) syz_io_uring_submit(r10, r11, &(0x7f0000000180)=@IORING_OP_MSG_RING={0x28, 0xc, 0x0, r9, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x2}) io_uring_enter(r9, 0x2, 0x0, 0x0, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r8, 0x1800000000000060, 0x0, 0x0, 0x0, 0x0, 0x2300, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0}, 0x50) ioctl$PPPIOCGFLAGS1(r6, 0x4020744f, &(0x7f0000000100)) r12 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r12, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="3c00000010000104fcffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="000000000000000d1c0012800b00010062726964676500000c00028005001602000000002d2819596d45c832f812c2f5ed986387b35adf6153ab0d31c026407d86b21fb1dd328478c4"], 0x3c}}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) syz_emit_vhci(&(0x7f00000001c0)=ANY=[], 0xd) 0s ago: executing program 2 (id=1494): socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f00000002c0)) syz_open_dev$vim2m(&(0x7f0000000080), 0x200000000000000, 0x2) socket$can_j1939(0x1d, 0x2, 0x7) syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141301) openat$userio(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) pselect6(0x40, &(0x7f00000000c0)={0x9000000, 0x0, 0x7f, 0x0, 0x1}, 0x0, &(0x7f0000000140)={0x1ff, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x4}, 0x0, 0x0) kernel console output (not intermixed with test programs): : 00000000000001b3 [ 143.141837][ T8970] RAX: ffffffffffffffda RBX: 00000000f5096480 RCX: 0000000000000058 [ 143.143902][ T8970] RDX: 0000000000000000 RSI: 0000000001840000 RDI: 0000000000000001 [ 143.145966][ T8970] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 143.148037][ T8970] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 143.150140][ T8970] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 143.152197][ T8970] </TASK> [ 143.153106][ C2] vkms_vblank_simulate: vblank timer overrun [ 143.179071][ T30] usb 5-1: device descriptor read/64, error -71 [ 143.305440][ T30] usb usb5-port1: attempt power cycle [ 143.435839][ T8981] netlink: 60 bytes leftover after parsing attributes in process `syz.2.779'. [ 143.560146][ T8992] openvswitch: netlink: Missing key (keys=40, expected=100) [ 143.690226][ T30] usb 5-1: new low-speed USB device number 8 using dummy_hcd [ 143.723290][ T30] usb 5-1: device descriptor read/8, error -71 [ 144.090706][ T30] usb 5-1: new low-speed USB device number 9 using dummy_hcd [ 144.107922][ T30] usb 5-1: device descriptor read/8, error -71 [ 144.508987][ T30] usb usb5-port1: unable to enumerate USB device [ 144.820219][ T9012] netlink: 'syz.1.787': attribute type 1 has an invalid length. [ 144.822567][ T9012] netlink: 'syz.1.787': attribute type 3 has an invalid length. [ 144.825388][ T9012] netlink: 224 bytes leftover after parsing attributes in process `syz.1.787'. [ 145.684420][ T9030] openvswitch: netlink: Missing key (keys=40, expected=100) [ 146.181153][ T9040] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5) [ 146.182999][ T9040] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 146.185500][ T9040] vhci_hcd vhci_hcd.0: Device attached [ 146.373514][ T6022] vhci_hcd: vhci_device speed not set [ 146.704914][ T6022] usb 41-1: new full-speed USB device number 3 using vhci_hcd [ 146.929417][ T5326] Bluetooth: hci3: command 0x040f tx timeout [ 147.477464][ T9041] vhci_hcd: connection reset by peer [ 147.480425][ T1133] vhci_hcd: stop threads [ 147.481834][ T1133] vhci_hcd: release socket [ 147.483544][ T1133] vhci_hcd: disconnect device [ 147.612767][ T9071] openvswitch: netlink: Missing key (keys=40, expected=100) [ 148.028340][ T9085] netlink: 'syz.2.804': attribute type 1 has an invalid length. [ 148.030715][ T9085] netlink: 'syz.2.804': attribute type 3 has an invalid length. [ 148.032770][ T9085] netlink: 224 bytes leftover after parsing attributes in process `syz.2.804'. [ 150.179420][ T5326] Bluetooth: hci3: command 0x040f tx timeout [ 150.512705][ T9144] netlink: 'syz.3.817': attribute type 1 has an invalid length. [ 150.515263][ T9144] netlink: 'syz.3.817': attribute type 3 has an invalid length. [ 150.517767][ T9144] netlink: 224 bytes leftover after parsing attributes in process `syz.3.817'. [ 150.694763][ T9145] netlink: 'syz.0.816': attribute type 1 has an invalid length. [ 150.697082][ T9145] netlink: 'syz.0.816': attribute type 3 has an invalid length. [ 150.699112][ T9145] netlink: 224 bytes leftover after parsing attributes in process `syz.0.816'. [ 152.264055][ T6022] vhci_hcd: vhci_device speed not set [ 152.659765][ T5326] Bluetooth: hci3: command 0x040f tx timeout [ 152.847693][ T9193] FAULT_INJECTION: forcing a failure. [ 152.847693][ T9193] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 152.851115][ T9193] CPU: 0 UID: 0 PID: 9193 Comm: syz.1.831 Not tainted 6.12.0-syzkaller-10689-g7af08b57bcb9 #0 [ 152.853788][ T9193] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 152.856559][ T9193] Call Trace: [ 152.857442][ T9193] <TASK> [ 152.858222][ T9193] dump_stack_lvl+0x16c/0x1f0 [ 152.859468][ T9193] should_fail_ex+0x497/0x5b0 [ 152.860713][ T9193] _copy_to_user+0x32/0xd0 [ 152.861891][ T9193] bpf_test_finish.isra.0+0x55f/0x680 [ 152.863305][ T9193] ? lock_acquire+0x2f/0xb0 [ 152.864499][ T9193] ? __pfx_bpf_test_finish.isra.0+0x10/0x10 [ 152.866066][ T9193] ? _copy_from_user+0x59/0xd0 [ 152.867332][ T9193] bpf_prog_test_run_xdp+0xa13/0x1580 [ 152.868695][ T9193] ? lock_acquire+0x2f/0xb0 [ 152.869890][ T9193] ? __fget_files+0x40/0x3a0 [ 152.871116][ T9193] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 152.872649][ T9193] ? __fget_files+0x206/0x3a0 [ 152.873890][ T9193] ? fput+0x67/0x440 [ 152.874912][ T9193] ? __bpf_prog_get+0xa0/0x290 [ 152.876188][ T9193] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 152.877687][ T9193] __sys_bpf+0x1921/0x57a0 [ 152.878858][ T9193] ? __pfx_lock_release+0x10/0x10 [ 152.880176][ T9193] ? __pfx___sys_bpf+0x10/0x10 [ 152.881463][ T9193] ? vfs_write+0x306/0x1150 [ 152.882662][ T9193] ? __mutex_unlock_slowpath+0x164/0x690 [ 152.884155][ T9193] ? fput+0x67/0x440 [ 152.885190][ T9193] ? ksys_write+0x1ba/0x250 [ 152.886397][ T9193] ? __pfx_ksys_write+0x10/0x10 [ 152.887687][ T9193] __ia32_sys_bpf+0x76/0xe0 [ 152.888882][ T9193] __do_fast_syscall_32+0x73/0x120 [ 152.890232][ T9193] do_fast_syscall_32+0x32/0x80 [ 152.891518][ T9193] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 152.893167][ T9193] RIP: 0023:0xf746e579 [ 152.894244][ T9193] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 152.899230][ T9193] RSP: 002b:00000000f515657c EFLAGS: 00000292 ORIG_RAX: 0000000000000165 [ 152.901380][ T9193] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000020000300 [ 152.903432][ T9193] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000 [ 152.905484][ T9193] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 152.907693][ T9193] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 152.909732][ T9193] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 152.911821][ T9193] </TASK> [ 153.116782][ T9196] netlink: 4 bytes leftover after parsing attributes in process `syz.1.832'. [ 153.267400][ T9205] netlink: 'syz.1.833': attribute type 1 has an invalid length. [ 153.277762][ T9205] netlink: 'syz.1.833': attribute type 3 has an invalid length. [ 153.290352][ T9205] netlink: 224 bytes leftover after parsing attributes in process `syz.1.833'. [ 154.779807][ T9232] netlink: 4 bytes leftover after parsing attributes in process `syz.2.841'. [ 154.829520][ T9242] FAULT_INJECTION: forcing a failure. [ 154.829520][ T9242] name failslab, interval 1, probability 0, space 0, times 0 [ 154.833120][ T9242] CPU: 0 UID: 0 PID: 9242 Comm: syz.2.842 Not tainted 6.12.0-syzkaller-10689-g7af08b57bcb9 #0 [ 154.835836][ T9242] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 154.838730][ T9242] Call Trace: [ 154.839614][ T9242] <TASK> [ 154.840356][ T9242] dump_stack_lvl+0x16c/0x1f0 [ 154.841560][ T9242] should_fail_ex+0x497/0x5b0 [ 154.842813][ T9242] ? fs_reclaim_acquire+0xae/0x150 [ 154.844072][ T9242] should_failslab+0xc2/0x120 [ 154.845257][ T9242] kmem_cache_alloc_node_noprof+0x72/0x3b0 [ 154.846719][ T9242] ? ovs_flow_alloc+0x10e/0x210 [ 154.847962][ T9242] ovs_flow_alloc+0x10e/0x210 [ 154.849135][ T9242] ovs_flow_cmd_new+0x232/0xe30 [ 154.850394][ T9242] ? kasan_save_stack+0x42/0x60 [ 154.851702][ T9242] ? __pfx_ovs_flow_cmd_new+0x10/0x10 [ 154.853097][ T9242] ? __kmalloc_noprof+0x21a/0x4f0 [ 154.854369][ T9242] ? genl_family_rcv_msg_doit+0xbf/0x2f0 [ 154.855848][ T9242] ? genl_rcv_msg+0x565/0x800 [ 154.857101][ T9242] ? netlink_rcv_skb+0x165/0x410 [ 154.858405][ T9242] ? ____sys_sendmsg+0x9ae/0xb40 [ 154.859814][ T9242] ? ___sys_sendmsg+0x135/0x1e0 [ 154.861067][ T9242] ? __sys_sendmsg+0x16e/0x220 [ 154.862291][ T9242] ? __do_fast_syscall_32+0x73/0x120 [ 154.863661][ T9242] ? do_fast_syscall_32+0x32/0x80 [ 154.865006][ T9242] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 154.867015][ T9242] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 154.868915][ T9242] genl_family_rcv_msg_doit+0x202/0x2f0 [ 154.870361][ T9242] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 154.871929][ T9242] ? genl_get_cmd+0x195/0x580 [ 154.873221][ T9242] ? bpf_lsm_capable+0x9/0x10 [ 154.874500][ T9242] ? security_capable+0x7e/0x260 [ 154.875946][ T9242] ? ns_capable+0xd7/0x110 [ 154.877288][ T9242] genl_rcv_msg+0x565/0x800 [ 154.878650][ T9242] ? __pfx_genl_rcv_msg+0x10/0x10 [ 154.879997][ T9242] ? __pfx_ovs_flow_cmd_new+0x10/0x10 [ 154.881373][ T9242] netlink_rcv_skb+0x165/0x410 [ 154.882700][ T9242] ? __pfx_genl_rcv_msg+0x10/0x10 [ 154.884396][ T9242] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 154.886044][ T9242] ? down_read+0xc9/0x330 [ 154.887224][ T9242] ? __pfx_down_read+0x10/0x10 [ 154.888496][ T9242] ? netlink_deliver_tap+0x1ae/0xca0 [ 154.889879][ T9242] genl_rcv+0x28/0x40 [ 154.890880][ T9242] netlink_unicast+0x53c/0x7f0 [ 154.892118][ T9242] ? __pfx_netlink_unicast+0x10/0x10 [ 154.893496][ T9242] ? __phys_addr_symbol+0x30/0x80 [ 154.895030][ T9242] ? __check_object_size+0x488/0x710 [ 154.896586][ T9242] netlink_sendmsg+0x8b8/0xd70 [ 154.897834][ T9242] ? __pfx_netlink_sendmsg+0x10/0x10 [ 154.899542][ T9242] ____sys_sendmsg+0x9ae/0xb40 [ 154.900959][ T9242] ? __pfx_____sys_sendmsg+0x10/0x10 [ 154.902551][ T9242] ? get_compat_msghdr+0x11b/0x170 [ 154.904205][ T9242] ___sys_sendmsg+0x135/0x1e0 [ 154.905406][ T9242] ? __pfx____sys_sendmsg+0x10/0x10 [ 154.907094][ T9242] ? __pfx_lock_release+0x10/0x10 [ 154.908635][ T9242] ? trace_lock_acquire+0x14e/0x1f0 [ 154.910206][ T9242] ? __fget_files+0x206/0x3a0 [ 154.911850][ T9242] __sys_sendmsg+0x16e/0x220 [ 154.913187][ T9242] ? __pfx___sys_sendmsg+0x10/0x10 [ 154.914863][ T9242] __do_fast_syscall_32+0x73/0x120 [ 154.916255][ T9242] do_fast_syscall_32+0x32/0x80 [ 154.917863][ T9242] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 154.919663][ T9242] RIP: 0023:0xf7f11579 [ 154.920889][ T9242] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 154.926924][ T9242] RSP: 002b:00000000f509657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 154.929451][ T9242] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000 [ 154.931647][ T9242] RDX: 000000000000c000 RSI: 0000000000000000 RDI: 0000000000000000 [ 154.934084][ T9242] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 154.936399][ T9242] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 154.938556][ T9242] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 154.940627][ T9242] </TASK> [ 155.579955][ T9265] netlink: 'syz.3.848': attribute type 1 has an invalid length. [ 155.582241][ T9265] netlink: 'syz.3.848': attribute type 3 has an invalid length. [ 155.584633][ T9265] netlink: 224 bytes leftover after parsing attributes in process `syz.3.848'. [ 156.180654][ T9272] netlink: 4 bytes leftover after parsing attributes in process `syz.0.850'. [ 156.667101][ T9293] netlink: 12 bytes leftover after parsing attributes in process `syz.1.855'. [ 157.591663][ T9308] netlink: 4 bytes leftover after parsing attributes in process `syz.3.861'. [ 157.693346][ T9320] openvswitch: netlink: Missing key (keys=40, expected=100) [ 158.794521][ T9354] openvswitch: netlink: Missing key (keys=40, expected=100) [ 158.929918][ T9351] netlink: 4 bytes leftover after parsing attributes in process `syz.1.873'. [ 159.021591][ T9369] netlink: 'syz.1.876': attribute type 1 has an invalid length. [ 159.170263][ T5961] Bluetooth: hci3: command 0x040f tx timeout [ 159.537859][ T9376] netlink: 'syz.0.879': attribute type 11 has an invalid length. [ 160.640097][ T9406] netlink: 12 bytes leftover after parsing attributes in process `syz.3.887'. [ 161.089437][ T9421] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 161.095525][ T9415] netlink: 12 bytes leftover after parsing attributes in process `syz.1.889'. [ 162.821599][ T9465] FAULT_INJECTION: forcing a failure. [ 162.821599][ T9465] name failslab, interval 1, probability 0, space 0, times 0 [ 162.825687][ T9465] CPU: 0 UID: 0 PID: 9465 Comm: syz.3.902 Not tainted 6.12.0-syzkaller-10689-g7af08b57bcb9 #0 [ 162.829351][ T9465] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 162.832481][ T9465] Call Trace: [ 162.833387][ T9465] <TASK> [ 162.834207][ T9465] dump_stack_lvl+0x16c/0x1f0 [ 162.835456][ T9465] should_fail_ex+0x497/0x5b0 [ 162.837112][ T9465] ? fs_reclaim_acquire+0xae/0x150 [ 162.838924][ T9465] should_failslab+0xc2/0x120 [ 162.840624][ T9465] __kmalloc_cache_noprof+0x68/0x420 [ 162.842543][ T9465] ? ovl_lookup_single+0x33d/0xf60 [ 162.844412][ T9465] ovl_encode_real_fh+0xd3/0x430 [ 162.846203][ T9465] ? __pfx_ovl_encode_real_fh+0x10/0x10 [ 162.848181][ T9465] ovl_lookup_index+0xbb/0x830 [ 162.849905][ T9465] ? __pfx_ovl_lookup_index+0x10/0x10 [ 162.851563][ T9465] ? trace_kmalloc+0x2d/0xd0 [ 162.853148][ T9465] ? ovl_lookup+0x116a/0x21f0 [ 162.854794][ T9465] ovl_lookup+0xbf5/0x21f0 [ 162.856399][ T9465] ? __pfx_ovl_lookup+0x10/0x10 [ 162.858165][ T9465] ? __pfx_d_alloc_parallel+0x10/0x10 [ 162.860118][ T9465] ? lockdep_init_map_type+0x16d/0x7d0 [ 162.862020][ T9465] __lookup_slow+0x24f/0x460 [ 162.863673][ T9465] ? __pfx___lookup_slow+0x10/0x10 [ 162.865119][ T9465] ? walk_component+0x342/0x5b0 [ 162.866467][ T9465] ? lookup_fast+0x155/0x540 [ 162.868043][ T9465] walk_component+0x350/0x5b0 [ 162.869682][ T9465] path_lookupat+0x17f/0x770 [ 162.871612][ T9465] filename_lookup+0x221/0x5f0 [ 162.873329][ T9465] ? __pfx_filename_lookup+0x10/0x10 [ 162.875159][ T9465] ? __pfx___lock_acquire+0x10/0x10 [ 162.877061][ T9465] ? lock_acquire+0x2f/0xb0 [ 162.878826][ T9465] ? __virt_addr_valid+0x1a4/0x590 [ 162.880618][ T9465] do_linkat+0x148/0x590 [ 162.882167][ T9465] ? __pfx_do_linkat+0x10/0x10 [ 162.883520][ T9465] ? strncpy_from_user+0x1fe/0x2d0 [ 162.885151][ T9465] ? getname_flags.part.0+0x1c5/0x550 [ 162.886964][ T9465] __ia32_sys_link+0x7c/0xa0 [ 162.888575][ T9465] __do_fast_syscall_32+0x73/0x120 [ 162.890350][ T9465] do_fast_syscall_32+0x32/0x80 [ 162.892013][ T9465] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 162.894169][ T9465] RIP: 0023:0xf7f51579 [ 162.895565][ T9465] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 162.901835][ T9465] RSP: 002b:00000000f50d657c EFLAGS: 00000292 ORIG_RAX: 0000000000000009 [ 162.904877][ T9465] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000020000040 [ 162.907737][ T9465] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 162.910012][ T9465] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 162.912064][ T9465] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 162.914181][ T9465] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 162.916260][ T9465] </TASK> [ 163.069843][ T9474] netlink: 24 bytes leftover after parsing attributes in process `syz.2.905'. [ 163.076893][ T9474] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 163.079500][ T9474] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 163.081839][ T9474] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 163.084198][ T9474] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 163.187153][ T9473] netlink: 'syz.1.901': attribute type 2 has an invalid length. [ 163.528451][ T5961] Bluetooth: hci3: unexpected event for opcode 0x2060 [ 163.780050][ T9489] netlink: 4 bytes leftover after parsing attributes in process `syz.3.910'. [ 164.082925][ T9505] FAULT_INJECTION: forcing a failure. [ 164.082925][ T9505] name failslab, interval 1, probability 0, space 0, times 0 [ 164.086222][ T9505] CPU: 1 UID: 0 PID: 9505 Comm: syz.1.912 Not tainted 6.12.0-syzkaller-10689-g7af08b57bcb9 #0 [ 164.088865][ T9505] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 164.091499][ T9505] Call Trace: [ 164.092350][ T9505] <TASK> [ 164.093103][ T9505] dump_stack_lvl+0x16c/0x1f0 [ 164.094282][ T9505] should_fail_ex+0x497/0x5b0 [ 164.095488][ T9505] ? fs_reclaim_acquire+0xae/0x150 [ 164.096801][ T9505] should_failslab+0xc2/0x120 [ 164.098034][ T9505] kmem_cache_alloc_node_noprof+0x72/0x3b0 [ 164.099566][ T9505] ? __alloc_skb+0x2b3/0x380 [ 164.100766][ T9505] __alloc_skb+0x2b3/0x380 [ 164.101924][ T9505] ? __pfx___alloc_skb+0x10/0x10 [ 164.103208][ T9505] ? rtnetlink_rcv_msg+0x3e6/0xea0 [ 164.104541][ T9505] netlink_ack+0x164/0xb20 [ 164.105940][ T9505] netlink_rcv_skb+0x327/0x410 [ 164.107230][ T9505] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 164.108658][ T9505] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 164.110066][ T9505] ? netlink_deliver_tap+0x1ae/0xca0 [ 164.111464][ T9505] netlink_unicast+0x53c/0x7f0 [ 164.112736][ T9505] ? __pfx_netlink_unicast+0x10/0x10 [ 164.114129][ T9505] ? __phys_addr_symbol+0x30/0x80 [ 164.115454][ T9505] ? __check_object_size+0x488/0x710 [ 164.116842][ T9505] netlink_sendmsg+0x8b8/0xd70 [ 164.118094][ T9505] ? __pfx_netlink_sendmsg+0x10/0x10 [ 164.119514][ T9505] ____sys_sendmsg+0x9ae/0xb40 [ 164.120773][ T9505] ? __pfx_____sys_sendmsg+0x10/0x10 [ 164.122148][ T9505] ? get_compat_msghdr+0x11b/0x170 [ 164.123497][ T9505] ___sys_sendmsg+0x135/0x1e0 [ 164.124731][ T9505] ? __pfx____sys_sendmsg+0x10/0x10 [ 164.126103][ T9505] ? __pfx_lock_release+0x10/0x10 [ 164.127427][ T9505] ? trace_lock_acquire+0x14e/0x1f0 [ 164.128796][ T9505] ? __fget_files+0x206/0x3a0 [ 164.130036][ T9505] __sys_sendmsg+0x16e/0x220 [ 164.131283][ T9505] ? __pfx___sys_sendmsg+0x10/0x10 [ 164.132623][ T9505] __do_fast_syscall_32+0x73/0x120 [ 164.133964][ T9505] do_fast_syscall_32+0x32/0x80 [ 164.135241][ T9505] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 164.136909][ T9505] RIP: 0023:0xf746e579 [ 164.137973][ T9505] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 164.142925][ T9505] RSP: 002b:00000000f515657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 164.145084][ T9505] RAX: ffffffffffffffda RBX: 000000000000000e RCX: 0000000020000040 [ 164.147143][ T9505] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 164.149179][ T9505] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 164.151221][ T9505] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 164.153232][ T9505] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 164.155250][ T9505] </TASK> [ 164.617092][ T9518] netlink: 12 bytes leftover after parsing attributes in process `syz.3.915'. [ 164.807174][ T9523] netlink: 'syz.0.916': attribute type 2 has an invalid length. [ 164.897927][ T9528] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check. [ 165.274571][ T9544] FAULT_INJECTION: forcing a failure. [ 165.274571][ T9544] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 165.279042][ T9544] CPU: 3 UID: 0 PID: 9544 Comm: syz.2.925 Not tainted 6.12.0-syzkaller-10689-g7af08b57bcb9 #0 [ 165.282528][ T9544] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 165.286205][ T9544] Call Trace: [ 165.287696][ T9544] <TASK> [ 165.288725][ T9544] dump_stack_lvl+0x16c/0x1f0 [ 165.290346][ T9544] should_fail_ex+0x497/0x5b0 [ 165.291609][ T9544] _copy_from_user+0x2e/0xd0 [ 165.292818][ T9544] copy_from_buffer+0x86/0xb0 [ 165.294014][ T9544] copy_uabi_to_xstate+0x3c7/0x670 [ 165.295356][ T9544] ? find_held_lock+0x2d/0x110 [ 165.296834][ T9544] ? __pfx_copy_uabi_to_xstate+0x10/0x10 [ 165.298778][ T9544] ? __pfx_lock_release+0x10/0x10 [ 165.300509][ T9544] ? trace_lock_acquire+0x14e/0x1f0 [ 165.302311][ T9544] ? __local_bh_enable_ip+0xa4/0x120 [ 165.304147][ T9544] __fpu_restore_sig+0x1062/0x1430 [ 165.305932][ T9544] ? __pfx___fpu_restore_sig+0x10/0x10 [ 165.307873][ T9544] ? lock_acquire+0x2f/0xb0 [ 165.309183][ T9546] netlink: 4 bytes leftover after parsing attributes in process `syz.3.926'. [ 165.309422][ T9544] ? __might_fault+0xe3/0x190 [ 165.313610][ T9544] fpu__restore_sig+0x113/0x190 [ 165.314927][ T9544] ia32_restore_sigcontext+0x40f/0x5d0 [ 165.316364][ T9544] ? __pfx_ia32_restore_sigcontext+0x10/0x10 [ 165.317995][ T9544] ? __pfx_lock_release+0x10/0x10 [ 165.319311][ T9544] ? _raw_spin_unlock_irq+0x23/0x50 [ 165.320709][ T9544] ? lockdep_hardirqs_on+0x7c/0x110 [ 165.322049][ T9544] __do_compat_sys_rt_sigreturn+0x121/0x1f0 [ 165.323829][ T9544] ? __pfx___do_compat_sys_rt_sigreturn+0x10/0x10 [ 165.324788][ T9546] netlink: 8 bytes leftover after parsing attributes in process `syz.3.926'. [ 165.325877][ T9544] do_int80_emulation+0x104/0x200 [ 165.325899][ T9544] asm_int80_emulation+0x1a/0x20 [ 165.325914][ T9544] RIP: 0023:0xf7f11577 [ 165.325923][ T9544] Code: 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 <cd> 80 5d 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 [ 165.325933][ T9544] RSP: 002b:00000000f509657c EFLAGS: 00000292 [ 165.339585][ T9544] RAX: 000000000000013b RBX: 0000000000000003 RCX: 0000000000000006 [ 165.342135][ T9544] RDX: 00000000fffffc01 RSI: 0000000000000000 RDI: 0000000000000000 [ 165.344243][ T9544] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 165.346332][ T9544] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 165.348429][ T9544] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 165.350846][ T9544] </TASK> [ 165.744910][ T5961] Bluetooth: hci3: command 0x040f tx timeout [ 166.172910][ T9578] openvswitch: netlink: Missing key (keys=40, expected=100) [ 166.380199][ T5961] Bluetooth: hci2: ACL packet for unknown connection handle 201 [ 166.617012][ T9598] netlink: 'syz.2.939': attribute type 1 has an invalid length. [ 166.619013][ T9598] netlink: 'syz.2.939': attribute type 3 has an invalid length. [ 166.621040][ T9598] netlink: 224 bytes leftover after parsing attributes in process `syz.2.939'. [ 167.079811][ T9612] openvswitch: netlink: Missing key (keys=40, expected=100) [ 167.884819][ T5961] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 167.888229][ T5961] Bluetooth: hci3: Injecting HCI hardware error event [ 167.891197][ T5961] Bluetooth: hci3: hardware error 0x00 [ 168.304581][ T9638] loop3: detected capacity change from 0 to 7 [ 168.308531][ T9638] Dev loop3: unable to read RDB block 7 [ 168.310652][ T9638] loop3: unable to read partition table [ 168.312730][ T9638] loop3: partition table beyond EOD, truncated [ 168.314835][ T9638] loop_reread_partitions: partition scan of loop3 (�被x������ ) failed (rc=-5) [ 168.353872][ T9641] FAULT_INJECTION: forcing a failure. [ 168.353872][ T9641] name failslab, interval 1, probability 0, space 0, times 0 [ 168.358167][ T9641] CPU: 3 UID: 0 PID: 9641 Comm: syz.1.952 Not tainted 6.12.0-syzkaller-10689-g7af08b57bcb9 #0 [ 168.361623][ T9641] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 168.365238][ T9641] Call Trace: [ 168.366412][ T9641] <TASK> [ 168.367330][ T9641] dump_stack_lvl+0x16c/0x1f0 [ 168.368608][ T9641] should_fail_ex+0x497/0x5b0 [ 168.369851][ T9641] ? fs_reclaim_acquire+0xae/0x150 [ 168.371212][ T9641] should_failslab+0xc2/0x120 [ 168.372488][ T9641] __kmalloc_cache_noprof+0x68/0x420 [ 168.373912][ T9641] nbd_dev_add+0xe2/0xbc0 [ 168.375391][ T9641] ? trace_contention_end+0xee/0x140 [ 168.377210][ T9641] ? __pfx_nbd_dev_add+0x10/0x10 [ 168.378914][ T9641] ? __mutex_lock+0x1cc/0xa60 [ 168.380541][ T9641] ? bpf_lsm_capable+0x9/0x10 [ 168.382188][ T9641] ? __radix_tree_lookup+0x21f/0x2c0 [ 168.384003][ T9641] nbd_genl_connect+0x8b1/0x1c00 [ 168.385853][ T9641] ? __pfx_nbd_genl_connect+0x10/0x10 [ 168.387682][ T9641] ? __nla_parse+0x40/0x60 [ 168.389214][ T9641] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 168.391733][ T9641] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 168.394247][ T9641] genl_family_rcv_msg_doit+0x202/0x2f0 [ 168.396152][ T9641] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 168.398257][ T9641] ? genl_get_cmd+0x195/0x580 [ 168.399901][ T9641] ? __radix_tree_lookup+0x21f/0x2c0 [ 168.401705][ T9641] genl_rcv_msg+0x565/0x800 [ 168.403263][ T9641] ? __pfx_genl_rcv_msg+0x10/0x10 [ 168.405004][ T9641] ? __pfx_nbd_genl_connect+0x10/0x10 [ 168.406877][ T9641] ? __pfx___lock_acquire+0x10/0x10 [ 168.408656][ T9641] netlink_rcv_skb+0x165/0x410 [ 168.410285][ T9641] ? __pfx_genl_rcv_msg+0x10/0x10 [ 168.412027][ T9641] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 168.413854][ T9641] ? down_read+0xc9/0x330 [ 168.415361][ T9641] ? __pfx_down_read+0x10/0x10 [ 168.417014][ T9641] ? netlink_deliver_tap+0x1ae/0xca0 [ 168.418859][ T9641] genl_rcv+0x28/0x40 [ 168.420279][ T9641] netlink_unicast+0x53c/0x7f0 [ 168.421931][ T9641] ? __pfx_netlink_unicast+0x10/0x10 [ 168.423735][ T9641] ? __phys_addr_symbol+0x30/0x80 [ 168.425436][ T9641] ? __check_object_size+0x488/0x710 [ 168.427151][ T9641] netlink_sendmsg+0x8b8/0xd70 [ 168.428491][ T9641] ? __pfx_netlink_sendmsg+0x10/0x10 [ 168.430014][ T9641] ____sys_sendmsg+0x9ae/0xb40 [ 168.431651][ T9641] ? __pfx_____sys_sendmsg+0x10/0x10 [ 168.433446][ T9641] ? get_compat_msghdr+0x11b/0x170 [ 168.435188][ T9641] ___sys_sendmsg+0x135/0x1e0 [ 168.436797][ T9641] ? __pfx____sys_sendmsg+0x10/0x10 [ 168.438575][ T9641] ? __pfx_lock_release+0x10/0x10 [ 168.440277][ T9641] ? trace_lock_acquire+0x14e/0x1f0 [ 168.442055][ T9641] ? __fget_files+0x206/0x3a0 [ 168.443680][ T9641] __sys_sendmsg+0x16e/0x220 [ 168.445268][ T9641] ? __pfx___sys_sendmsg+0x10/0x10 [ 168.447063][ T9641] __do_fast_syscall_32+0x73/0x120 [ 168.448818][ T9641] do_fast_syscall_32+0x32/0x80 [ 168.450485][ T9641] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 168.452637][ T9641] RIP: 0023:0xf746e579 [ 168.454013][ T9641] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 168.460477][ T9641] RSP: 002b:00000000f515657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 168.463288][ T9641] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000020001ac0 [ 168.465937][ T9641] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 168.468156][ T9641] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 168.470254][ T9641] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 168.472285][ T9641] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 168.474294][ T9641] </TASK> [ 168.477983][ T9641] nbd: failed to add new device [ 168.479463][ T9642] nbd: couldn't find a device at index 1 [ 168.547466][ T9652] openvswitch: netlink: Missing key (keys=40, expected=100) [ 168.715928][ T9658] fuse: Unknown parameter 'uid>00000000000000000000' [ 168.722097][ T9658] (syz.3.957,9658,2):dlmfs_mkdir:420 ERROR: invalid domain name for directory. [ 170.181641][ T5961] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 170.205250][ T5961] Bluetooth: hci2: command 0x0c1a tx timeout [ 171.013338][ T9699] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 171.015636][ T9699] overlayfs: failed to set xattr on upper [ 171.017373][ T9699] overlayfs: ...falling back to redirect_dir=nofollow. [ 171.019356][ T9699] overlayfs: ...falling back to index=off. [ 171.021003][ T9699] overlayfs: ...falling back to uuid=null. [ 171.075343][ T9707] FAULT_INJECTION: forcing a failure. [ 171.075343][ T9707] name failslab, interval 1, probability 0, space 0, times 0 [ 171.078698][ T9707] CPU: 2 UID: 0 PID: 9707 Comm: syz.3.970 Not tainted 6.12.0-syzkaller-10689-g7af08b57bcb9 #0 [ 171.081382][ T9707] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 171.084159][ T9707] Call Trace: [ 171.085139][ T9707] <TASK> [ 171.085957][ T9707] dump_stack_lvl+0x16c/0x1f0 [ 171.087228][ T9707] should_fail_ex+0x497/0x5b0 [ 171.088529][ T9707] ? fs_reclaim_acquire+0xae/0x150 [ 171.089892][ T9707] should_failslab+0xc2/0x120 [ 171.091175][ T9707] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 171.092988][ T9707] ? security_file_alloc+0x34/0x2b0 [ 171.094747][ T9707] security_file_alloc+0x34/0x2b0 [ 171.096465][ T9707] init_file+0x93/0x480 [ 171.097883][ T9707] alloc_empty_file+0x91/0x1e0 [ 171.099559][ T9707] alloc_file_pseudo+0x13d/0x200 [ 171.101249][ T9707] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 171.103171][ T9707] ? __pfx_idr_alloc_u32+0x10/0x10 [ 171.104556][ T9707] ? find_held_lock+0x2d/0x110 [ 171.105831][ T9707] ? find_held_lock+0x2d/0x110 [ 171.107106][ T9707] __anon_inode_getfile+0x136/0x3c0 [ 171.108470][ T9707] ? __pfx___anon_inode_getfile+0x10/0x10 [ 171.109981][ T9707] ? __local_bh_enable_ip+0xa4/0x120 [ 171.111407][ T9707] bpf_link_prime+0x202/0x4d0 [ 171.112667][ T9707] bpf_raw_tp_link_attach+0x28e/0x5f0 [ 171.114073][ T9707] ? __pfx_lock_release+0x10/0x10 [ 171.115415][ T9707] ? __pfx_bpf_raw_tp_link_attach+0x10/0x10 [ 171.116959][ T9707] ? lock_acquire+0x2f/0xb0 [ 171.118148][ T9707] ? __fget_files+0x40/0x3a0 [ 171.119387][ T9707] ? fput+0x67/0x440 [ 171.120414][ T9707] ? __bpf_prog_get+0xa0/0x290 [ 171.121691][ T9707] __sys_bpf+0x3a7/0x57a0 [ 171.122872][ T9707] ? __pfx_lock_release+0x10/0x10 [ 171.124231][ T9707] ? __pfx___sys_bpf+0x10/0x10 [ 171.125502][ T9707] ? vfs_write+0x306/0x1150 [ 171.126735][ T9707] ? __mutex_unlock_slowpath+0x164/0x690 [ 171.128232][ T9707] ? fput+0x67/0x440 [ 171.129269][ T9707] ? ksys_write+0x1ba/0x250 [ 171.130462][ T9707] ? __pfx_ksys_write+0x10/0x10 [ 171.131760][ T9707] __ia32_sys_bpf+0x76/0xe0 [ 171.132964][ T9707] __do_fast_syscall_32+0x73/0x120 [ 171.134312][ T9707] do_fast_syscall_32+0x32/0x80 [ 171.135580][ T9707] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 171.137248][ T9707] RIP: 0023:0xf7f51579 [ 171.138324][ T9707] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 171.143375][ T9707] RSP: 002b:00000000f50d657c EFLAGS: 00000292 ORIG_RAX: 0000000000000165 [ 171.145536][ T9707] RAX: ffffffffffffffda RBX: 0000000000000011 RCX: 0000000020000040 [ 171.147585][ T9707] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000000 [ 171.149664][ T9707] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 171.151730][ T9707] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 171.153776][ T9707] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 171.155901][ T9707] </TASK> [ 171.263478][ T9701] ceph: No mds server is up or the cluster is laggy [ 171.263927][ T9712] nbd: nbd3 already in use [ 171.269695][ T9712] block nbd3: not configured, cannot reconfigure [ 172.237317][ T9735] FAULT_INJECTION: forcing a failure. [ 172.237317][ T9735] name failslab, interval 1, probability 0, space 0, times 0 [ 172.241738][ T9735] CPU: 0 UID: 0 PID: 9735 Comm: syz.1.978 Not tainted 6.12.0-syzkaller-10689-g7af08b57bcb9 #0 [ 172.245084][ T9735] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 172.248622][ T9735] Call Trace: [ 172.249714][ T9735] <TASK> [ 172.250686][ T9735] dump_stack_lvl+0x16c/0x1f0 [ 172.252254][ T9735] should_fail_ex+0x497/0x5b0 [ 172.253799][ T9735] ? fs_reclaim_acquire+0xae/0x150 [ 172.255352][ T9735] should_failslab+0xc2/0x120 [ 172.256500][ T9735] kmem_cache_alloc_node_noprof+0x72/0x3b0 [ 172.257985][ T9735] ? __alloc_skb+0x2b3/0x380 [ 172.259099][ T9735] __alloc_skb+0x2b3/0x380 [ 172.260167][ T9735] ? __pfx___alloc_skb+0x10/0x10 [ 172.261322][ T9735] ? synchronize_rcu_expedited+0x426/0x450 [ 172.262839][ T9735] ? reacquire_held_locks+0x3f0/0x4c0 [ 172.264529][ T9735] ? __pfx_mark_lock+0x10/0x10 [ 172.266076][ T9735] ? lock_acquire.part.0+0x11b/0x380 [ 172.267826][ T9735] nl80211_frame_tx_status+0x1f0/0xd10 [ 172.269543][ T9735] ? __pfx_nl80211_frame_tx_status+0x10/0x10 [ 172.271409][ T9735] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 172.273141][ T9735] ? __pfx_lock_release+0x10/0x10 [ 172.274526][ T9735] ieee80211_roc_notify_destroy+0x172/0x540 [ 172.275928][ T9735] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 172.277288][ T9735] ? __pfx_ieee80211_roc_notify_destroy+0x10/0x10 [ 172.278785][ T9735] ? synchronize_rcu_expedited+0x426/0x450 [ 172.280163][ T9735] ? __pfx_autoremove_wake_function+0x10/0x10 [ 172.281662][ T9735] ieee80211_roc_purge+0x2ac/0x4a0 [ 172.283161][ T9735] ieee80211_do_stop+0x1f4/0x25a0 [ 172.284772][ T9735] ? hlock_class+0x4e/0x130 [ 172.286115][ T9735] ? mark_lock+0xb5/0xc60 [ 172.287181][ T9735] ? rcu_is_watching+0x12/0xc0 [ 172.288333][ T9735] ? __pfx_ieee80211_do_stop+0x10/0x10 [ 172.289620][ T9735] ? mark_held_locks+0x9f/0xe0 [ 172.290752][ T9735] ieee80211_stop+0x11e/0x6b0 [ 172.291948][ T9735] ? __pfx_ieee80211_stop+0x10/0x10 [ 172.293216][ T9735] __dev_close_many+0x1c5/0x310 [ 172.294400][ T9735] ? __pfx___dev_close_many+0x10/0x10 [ 172.295870][ T9735] ? __pfx_lock_release+0x10/0x10 [ 172.297452][ T9735] ? trace_contention_end+0xee/0x140 [ 172.298731][ T9735] dev_close_many+0x24c/0x6a0 [ 172.299888][ T9735] ? __pfx_dev_close_many+0x10/0x10 [ 172.301123][ T9735] ? __mutex_unlock_slowpath+0x164/0x690 [ 172.302568][ T9735] dev_close+0x181/0x230 [ 172.303991][ T9735] ? __pfx_dev_close+0x10/0x10 [ 172.305598][ T9735] nl80211_del_interface+0xec/0x190 [ 172.307168][ T9735] genl_family_rcv_msg_doit+0x202/0x2f0 [ 172.309102][ T9735] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 172.311097][ T9735] ? genl_get_cmd+0x195/0x580 [ 172.312753][ T9735] ? bpf_lsm_capable+0x9/0x10 [ 172.314246][ T9735] ? security_capable+0x7e/0x260 [ 172.315889][ T9735] ? ns_capable+0xd7/0x110 [ 172.317324][ T9735] genl_rcv_msg+0x565/0x800 [ 172.318875][ T9735] ? __pfx_genl_rcv_msg+0x10/0x10 [ 172.320637][ T9735] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 172.322493][ T9735] ? __pfx_nl80211_del_interface+0x10/0x10 [ 172.324490][ T9735] ? __pfx_nl80211_post_doit+0x10/0x10 [ 172.326260][ T9735] netlink_rcv_skb+0x165/0x410 [ 172.327825][ T9735] ? __pfx_genl_rcv_msg+0x10/0x10 [ 172.329478][ T9735] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 172.331234][ T9735] ? down_read+0xc9/0x330 [ 172.332661][ T9735] ? __pfx_down_read+0x10/0x10 [ 172.334244][ T9735] ? rcu_is_watching+0x12/0xc0 [ 172.335838][ T9735] genl_rcv+0x28/0x40 [ 172.337160][ T9735] netlink_unicast+0x53c/0x7f0 [ 172.338723][ T9735] ? __pfx_netlink_unicast+0x10/0x10 [ 172.340451][ T9735] ? __phys_addr_symbol+0x30/0x80 [ 172.342088][ T9735] ? __check_object_size+0x488/0x710 [ 172.343901][ T9735] netlink_sendmsg+0x8b8/0xd70 [ 172.345497][ T9735] ? __pfx_netlink_sendmsg+0x10/0x10 [ 172.347277][ T9735] ____sys_sendmsg+0x9ae/0xb40 [ 172.348854][ T9735] ? __pfx_____sys_sendmsg+0x10/0x10 [ 172.350586][ T9735] ? get_compat_msghdr+0x11b/0x170 [ 172.352278][ T9735] ___sys_sendmsg+0x135/0x1e0 [ 172.353831][ T9735] ? __pfx____sys_sendmsg+0x10/0x10 [ 172.355573][ T9735] ? __pfx_lock_release+0x10/0x10 [ 172.357274][ T9735] ? trace_lock_acquire+0x14e/0x1f0 [ 172.359099][ T9735] ? __fget_files+0x206/0x3a0 [ 172.360762][ T9735] __sys_sendmsg+0x16e/0x220 [ 172.362378][ T9735] ? __pfx___sys_sendmsg+0x10/0x10 [ 172.364038][ T9735] __do_fast_syscall_32+0x73/0x120 [ 172.365398][ T9735] do_fast_syscall_32+0x32/0x80 [ 172.366687][ T9735] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 172.368350][ T9735] RIP: 0023:0xf746e579 [ 172.369427][ T9735] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 172.374667][ T9735] RSP: 002b:00000000f515657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 172.376863][ T9735] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000200 [ 172.378922][ T9735] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 172.380968][ T9735] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 172.383007][ T9735] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 172.385043][ T9735] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 172.387126][ T9735] </TASK> [ 172.912253][ T9754] openvswitch: netlink: Missing key (keys=40, expected=100) [ 173.211865][ T9761] vivid-007: disconnect [ 173.435156][ T9764] overlay: Unknown parameter '/' [ 173.878950][ T9772] binder: 9771:9772 ioctl c00c620f 20000240 returned -22 [ 174.017434][ T9779] binder_alloc: 8628: binder_alloc_buf, no vma [ 174.103737][ T9760] vivid-007: reconnect [ 174.446406][ T9789] evm: overlay not supported [ 175.200106][ T9796] FAULT_INJECTION: forcing a failure. [ 175.200106][ T9796] name failslab, interval 1, probability 0, space 0, times 0 [ 175.203346][ T9796] CPU: 3 UID: 0 PID: 9796 Comm: syz.2.991 Not tainted 6.12.0-syzkaller-10689-g7af08b57bcb9 #0 [ 175.205977][ T9796] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 175.208773][ T9796] Call Trace: [ 175.209638][ T9796] <TASK> [ 175.210408][ T9796] dump_stack_lvl+0x16c/0x1f0 [ 175.211655][ T9796] should_fail_ex+0x497/0x5b0 [ 175.212887][ T9796] should_failslab+0xc2/0x120 [ 175.214113][ T9796] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 175.215702][ T9796] ? dst_alloc+0x99/0x1a0 [ 175.217218][ T9796] dst_alloc+0x99/0x1a0 [ 175.218573][ T9796] rt_dst_alloc+0x35/0x3a0 [ 175.220093][ T9796] ip_route_output_key_hash_rcu+0x8a5/0x2770 [ 175.221881][ T9796] ? lock_downgrade+0x225/0x6d0 [ 175.223285][ T9796] ip_route_output_key_hash+0x138/0x2e0 [ 175.224717][ T9796] ? __pfx_ip_route_output_key_hash+0x10/0x10 [ 175.226302][ T9796] ? __pfx_lock_release+0x10/0x10 [ 175.227639][ T9796] ? trace_lock_acquire+0x14e/0x1f0 [ 175.229078][ T9796] ip_route_output_flow+0x27/0x150 [ 175.230397][ T9796] udp_sendmsg+0x1b92/0x29b0 [ 175.231623][ T9796] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 175.233058][ T9796] ? __pfx_udp_sendmsg+0x10/0x10 [ 175.234409][ T9796] ? __pfx___might_resched+0x10/0x10 [ 175.235796][ T9796] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 175.237857][ T9796] ? aa_sk_perm+0x2f5/0xb20 [ 175.239064][ T9796] ? __import_iovec+0x1f2/0x6d0 [ 175.240330][ T9796] ? __pfx_udp_sendmsg+0x10/0x10 [ 175.241624][ T9796] inet_sendmsg+0x105/0x140 [ 175.242811][ T9796] ____sys_sendmsg+0x907/0xb40 [ 175.244062][ T9796] ? __pfx_____sys_sendmsg+0x10/0x10 [ 175.245434][ T9796] ? get_compat_msghdr+0x11b/0x170 [ 175.246773][ T9796] ___sys_sendmsg+0x135/0x1e0 [ 175.248049][ T9796] ? __pfx____sys_sendmsg+0x10/0x10 [ 175.249403][ T9796] ? trace_lock_acquire+0x14e/0x1f0 [ 175.250761][ T9796] __sys_sendmmsg+0x2fa/0x420 [ 175.251991][ T9796] ? __pfx___sys_sendmmsg+0x10/0x10 [ 175.253342][ T9796] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 175.254896][ T9796] ? fput+0x67/0x440 [ 175.255937][ T9796] ? ksys_write+0x1ba/0x250 [ 175.257150][ T9796] ? __pfx_ksys_write+0x10/0x10 [ 175.258447][ T9796] __ia32_compat_sys_sendmmsg+0x9d/0x100 [ 175.259913][ T9796] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 175.261600][ T9796] __do_fast_syscall_32+0x73/0x120 [ 175.262930][ T9796] do_fast_syscall_32+0x32/0x80 [ 175.264199][ T9796] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 175.265849][ T9796] RIP: 0023:0xf7f11579 [ 175.266902][ T9796] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 175.272593][ T9796] RSP: 002b:00000000f507557c EFLAGS: 00000292 ORIG_RAX: 0000000000000159 [ 175.274727][ T9796] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000020007fc0 [ 175.276768][ T9796] RDX: 000000000800001d RSI: 0000000000000a00 RDI: 0000000000000000 [ 175.278796][ T9796] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 175.281050][ T9796] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 175.283423][ T9796] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 175.285741][ T9796] </TASK> [ 177.298240][ T9] IPVS: starting estimator thread 0... [ 177.387110][ T9825] IPVS: using max 41 ests per chain, 98400 per kthread [ 178.039513][ T9836] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1001'. [ 179.493049][ T9863] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present! [ 179.569606][ T9872] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 179.623421][ T9868] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 179.625083][ T9868] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 179.649737][ T9864] ceph: No mds server is up or the cluster is laggy [ 179.721863][ T9891] FAULT_INJECTION: forcing a failure. [ 179.721863][ T9891] name failslab, interval 1, probability 0, space 0, times 0 [ 179.725053][ T9891] CPU: 3 UID: 0 PID: 9891 Comm: syz.0.1014 Not tainted 6.12.0-syzkaller-10689-g7af08b57bcb9 #0 [ 179.727547][ T9891] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 179.730494][ T9891] Call Trace: [ 179.731411][ T9891] <TASK> [ 179.732227][ T9891] dump_stack_lvl+0x16c/0x1f0 [ 179.733642][ T9891] should_fail_ex+0x497/0x5b0 [ 179.734937][ T9891] ? fs_reclaim_acquire+0xae/0x150 [ 179.736297][ T9891] should_failslab+0xc2/0x120 [ 179.737455][ T9891] kmem_cache_alloc_node_noprof+0x72/0x3b0 [ 179.738914][ T9891] ? nf_tables_abort+0x1482/0x3ce0 [ 179.740361][ T9891] ? __alloc_skb+0x2b3/0x380 [ 179.741677][ T9891] __alloc_skb+0x2b3/0x380 [ 179.742879][ T9891] ? __pfx___alloc_skb+0x10/0x10 [ 179.744264][ T9891] ? __pfx_nf_tables_abort+0x10/0x10 [ 179.745608][ T9891] ? net_generic+0xea/0x2a0 [ 179.746798][ T9891] netlink_ack+0x164/0xb20 [ 179.747957][ T9891] nfnetlink_rcv_batch+0x1628/0x24e0 [ 179.749353][ T9891] ? __pfx_nfnetlink_rcv_batch+0x10/0x10 [ 179.750904][ T9891] ? __pfx_lock_release+0x10/0x10 [ 179.752344][ T9891] ? __local_bh_enable_ip+0xa4/0x120 [ 179.753752][ T9891] ? lockdep_hardirqs_on+0x7c/0x110 [ 179.755153][ T9891] ? __pfx___dev_queue_xmit+0x10/0x10 [ 179.756535][ T9891] ? __nla_parse+0x40/0x60 [ 179.757695][ T9891] nfnetlink_rcv+0x3c3/0x430 [ 179.758921][ T9891] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 179.760254][ T9891] netlink_unicast+0x53c/0x7f0 [ 179.761680][ T9891] ? __pfx_netlink_unicast+0x10/0x10 [ 179.763162][ T9891] ? __phys_addr_symbol+0x30/0x80 [ 179.764469][ T9891] ? __check_object_size+0x488/0x710 [ 179.765979][ T9891] netlink_sendmsg+0x8b8/0xd70 [ 179.767388][ T9891] ? __pfx_netlink_sendmsg+0x10/0x10 [ 179.768816][ T9891] ____sys_sendmsg+0x9ae/0xb40 [ 179.770131][ T9891] ? __pfx_____sys_sendmsg+0x10/0x10 [ 179.771592][ T9891] ? get_compat_msghdr+0x11b/0x170 [ 179.772942][ T9891] ___sys_sendmsg+0x135/0x1e0 [ 179.774132][ T9891] ? __pfx____sys_sendmsg+0x10/0x10 [ 179.775493][ T9891] ? __pfx_lock_release+0x10/0x10 [ 179.776809][ T9891] ? trace_lock_acquire+0x14e/0x1f0 [ 179.778187][ T9891] ? __fget_files+0x206/0x3a0 [ 179.779431][ T9891] __sys_sendmsg+0x16e/0x220 [ 179.780642][ T9891] ? __pfx___sys_sendmsg+0x10/0x10 [ 179.782040][ T9891] __do_fast_syscall_32+0x73/0x120 [ 179.783497][ T9891] do_fast_syscall_32+0x32/0x80 [ 179.784790][ T9891] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 179.786658][ T9891] RIP: 0023:0xf748e579 [ 179.787823][ T9891] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 179.793280][ T9891] RSP: 002b:00000000f517657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 179.795558][ T9891] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 179.797824][ T9891] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 179.800117][ T9891] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 179.802506][ T9891] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 179.804761][ T9891] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 179.807068][ T9891] </TASK> [ 179.875225][ T9895] exFAT-fs (nullb0): invalid boot record signature [ 179.877387][ T9895] exFAT-fs (nullb0): failed to read boot sector [ 179.879567][ T9895] exFAT-fs (nullb0): failed to recognize exfat type [ 179.890909][ T9901] FAULT_INJECTION: forcing a failure. [ 179.890909][ T9901] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 179.894830][ T9901] CPU: 0 UID: 0 PID: 9901 Comm: syz.3.1017 Not tainted 6.12.0-syzkaller-10689-g7af08b57bcb9 #0 [ 179.897660][ T9901] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 179.900465][ T9901] Call Trace: [ 179.901346][ T9901] <TASK> [ 179.902137][ T9901] dump_stack_lvl+0x16c/0x1f0 [ 179.903393][ T9901] should_fail_ex+0x497/0x5b0 [ 179.904635][ T9901] _copy_to_user+0x32/0xd0 [ 179.905880][ T9901] simple_read_from_buffer+0xd0/0x160 [ 179.907292][ T9901] proc_fail_nth_read+0x198/0x270 [ 179.908786][ T9901] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 179.910223][ T9901] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 179.911667][ T9901] vfs_read+0x1df/0xbe0 [ 179.913477][ T9901] ? __fget_files+0x1fc/0x3a0 [ 179.914666][ T9901] ? __pfx___mutex_lock+0x10/0x10 [ 179.916102][ T9901] ? __pfx_vfs_read+0x10/0x10 [ 179.917361][ T9901] ? __fget_files+0x206/0x3a0 [ 179.918641][ T9901] ksys_read+0x12b/0x250 [ 179.919764][ T9901] ? __pfx_ksys_read+0x10/0x10 [ 179.921020][ T9901] __do_fast_syscall_32+0x73/0x120 [ 179.922365][ T9901] do_fast_syscall_32+0x32/0x80 [ 179.923655][ T9901] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 179.925292][ T9901] RIP: 0023:0xf7f51579 [ 179.926375][ T9901] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 179.931634][ T9901] RSP: 002b:00000000f50d65b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 179.933962][ T9901] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f50d6620 [ 179.936020][ T9901] RDX: 000000000000000f RSI: 00000000f73e0ff4 RDI: 0000000000000000 [ 179.938182][ T9901] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 179.940227][ T9901] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 179.942289][ T9901] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 179.944342][ T9901] </TASK> [ 180.315069][ T9913] futex_wake_op: syz.3.1020 tries to shift op by -1; fix this program [ 180.536280][ T35] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 180.677434][ T35] usb 6-1: Using ep0 maxpacket: 8 [ 180.680062][ T35] usb 6-1: config 1 has an invalid descriptor of length 102, skipping remainder of the config [ 180.682835][ T35] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 180.685604][ T35] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10 [ 180.693215][ T35] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024 [ 180.697259][ T35] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 180.700202][ T35] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 180.710442][ T35] hub 6-1:1.0: bad descriptor, ignoring hub [ 180.712493][ T35] hub 6-1:1.0: probe with driver hub failed with error -5 [ 180.717884][ T35] cdc_wdm 6-1:1.0: skipping garbage [ 180.719332][ T35] cdc_wdm 6-1:1.0: skipping garbage [ 180.726963][ T35] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device [ 180.729598][ T35] cdc_wdm 6-1:1.0: Unknown control protocol [ 181.447586][ T9908] usb 6-1: reset high-speed USB device number 5 using dummy_hcd [ 181.685541][ T5961] Bluetooth: hci1: command 0x0c1a tx timeout [ 181.687556][ T5961] Bluetooth: hci2: command 0x0c1a tx timeout [ 183.258065][ T9959] netlink: 'syz.0.1031': attribute type 2 has an invalid length. [ 183.406228][ T9949] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 183.639672][ T1014] usb 6-1: USB disconnect, device number 5 [ 183.793936][ T9971] netlink: 'syz.2.1033': attribute type 2 has an invalid length. [ 183.986822][ T5326] Bluetooth: hci2: command 0x0c1a tx timeout [ 184.205646][ T9979] lo: entered promiscuous mode [ 184.208926][ T9979] Process accounting resumed [ 184.234744][ T9978] lo: left promiscuous mode [ 184.299912][ T9985] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1038'. [ 184.747774][T10000] netlink: 'syz.2.1039': attribute type 2 has an invalid length. [ 185.564791][T10015] netlink: 'syz.0.1044': attribute type 2 has an invalid length. [ 185.978937][T10035] syz.2.1048: attempt to access beyond end of device [ 185.978937][T10035] nbd2: rw=4096, sector=0, nr_sectors = 1 limit=0 [ 186.071930][T10030] ceph: No mds server is up or the cluster is laggy [ 187.429885][T10065] openvswitch: netlink: Missing key (keys=40, expected=100) [ 189.819264][T10101] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 190.129617][T10116] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1064'. [ 190.132414][T10116] unsupported nlmsg_type 40 [ 190.143056][T10116] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 190.723854][T10125] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1067'. [ 190.733999][T10125] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1067'. [ 190.796916][T10129] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1068'. [ 191.215593][T10136] netlink: 'syz.3.1070': attribute type 2 has an invalid length. [ 192.644709][T10156] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1075'. [ 192.707926][T10159] FAULT_INJECTION: forcing a failure. [ 192.707926][T10159] name failslab, interval 1, probability 0, space 0, times 0 [ 192.712613][T10159] CPU: 2 UID: 0 PID: 10159 Comm: syz.0.1076 Not tainted 6.12.0-syzkaller-10689-g7af08b57bcb9 #0 [ 192.715537][T10159] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 192.718447][T10159] Call Trace: [ 192.719372][T10159] <TASK> [ 192.720229][T10159] dump_stack_lvl+0x16c/0x1f0 [ 192.721680][T10159] should_fail_ex+0x497/0x5b0 [ 192.723200][T10159] ? fs_reclaim_acquire+0xae/0x150 [ 192.724611][T10159] should_failslab+0xc2/0x120 [ 192.725997][T10159] __kmalloc_noprof+0xce/0x4f0 [ 192.727362][T10159] ? skcipher_recvmsg+0xb5/0x1020 [ 192.728795][T10159] ? sock_kmalloc+0x111/0x170 [ 192.730110][T10159] sock_kmalloc+0x111/0x170 [ 192.731398][T10159] af_alg_alloc_areq+0xbc/0x2e0 [ 192.732765][T10159] skcipher_recvmsg+0x326/0x1020 [ 192.734166][T10159] ? lock_acquire+0x2f/0xb0 [ 192.735435][T10159] ? __pfx_skcipher_recvmsg+0x10/0x10 [ 192.736950][T10159] sock_recvmsg+0x1f6/0x250 [ 192.738174][T10159] __sys_recvfrom+0x204/0x310 [ 192.739483][T10159] ? __pfx___sys_recvfrom+0x10/0x10 [ 192.740935][T10159] ? __might_fault+0x13b/0x190 [ 192.742256][T10159] __do_compat_sys_socketcall+0x384/0x700 [ 192.743876][T10159] ? __fget_files+0x206/0x3a0 [ 192.745196][T10159] ? __pfx___do_compat_sys_socketcall+0x10/0x10 [ 192.746923][T10159] ? fput+0x67/0x440 [ 192.748062][T10159] __do_fast_syscall_32+0x73/0x120 [ 192.749516][T10159] do_fast_syscall_32+0x32/0x80 [ 192.750914][T10159] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 192.752629][T10159] RIP: 0023:0xf748e579 [ 192.753790][T10159] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 192.759105][T10159] RSP: 002b:00000000f5175460 EFLAGS: 00000293 ORIG_RAX: 0000000000000066 [ 192.761367][T10159] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00000000f517547c [ 192.763536][T10159] RDX: 0000000000000000 RSI: 00000000f5175580 RDI: 00000000f7480ff4 [ 192.765761][T10159] RBP: 00000000f5175580 R08: 0000000000000000 R09: 0000000000000000 [ 192.767997][T10159] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 192.770190][T10159] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 192.772298][T10165] vivid-007: disconnect [ 192.772330][T10159] </TASK> [ 193.597963][T10163] vivid-007: reconnect [ 193.789284][ T35] IPVS: starting estimator thread 0... [ 193.884217][T10177] IPVS: using max 41 ests per chain, 98400 per kthread [ 194.547873][T10186] netlink: 'syz.2.1082': attribute type 2 has an invalid length. [ 194.790502][T10194] openvswitch: netlink: Missing key (keys=40, expected=100) [ 195.167005][T10206] tmpfs: Unknown parameter '��������' [ 195.175567][T10206] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 196.146126][ T35] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 196.257163][ C0] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 196.438597][ T35] usb 7-1: Using ep0 maxpacket: 32 [ 196.441427][ T35] usb 7-1: config 0 interface 0 altsetting 3 endpoint 0x81 has an invalid bInterval 32, changing to 9 [ 196.444461][ T35] usb 7-1: config 0 interface 0 altsetting 3 endpoint 0x81 has invalid wMaxPacketSize 0 [ 196.447172][ T35] usb 7-1: config 0 interface 0 has no altsetting 0 [ 196.449540][ T35] usb 7-1: New USB device found, idVendor=056a, idProduct=00c4, bcdDevice= 0.00 [ 196.451999][ T35] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 196.455118][ T35] usb 7-1: config 0 descriptor?? [ 196.548498][T10227] tipc: Started in network mode [ 196.549882][T10227] tipc: Node identity ac1414aa, cluster identity 4711 [ 196.552574][T10227] tipc: Enabled bearer <udp:>, priority 10 [ 196.698955][T10231] rtc_cmos 00:05: Alarms can be up to one day in the future [ 196.742699][T10229] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1092'. [ 196.933446][T10247] netlink: 'syz.1.1095': attribute type 1 has an invalid length. [ 196.936098][T10247] netlink: 'syz.1.1095': attribute type 3 has an invalid length. [ 196.938817][T10247] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1095'. [ 197.059467][T10248] netlink: 'syz.0.1096': attribute type 2 has an invalid length. [ 197.326758][ T6022] rtc_cmos 00:05: Alarms can be up to one day in the future [ 197.329471][ T6022] rtc_cmos 00:05: Alarms can be up to one day in the future [ 197.332208][ T6022] rtc_cmos 00:05: Alarms can be up to one day in the future [ 197.335678][ T6022] rtc_cmos 00:05: Alarms can be up to one day in the future [ 197.338288][ T6022] rtc rtc0: __rtc_set_alarm: err=-22 [ 197.763994][ T6086] tipc: Node number set to 2886997162 [ 198.774072][T10272] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1101'. [ 198.965984][ T35] usbhid 7-1:0.0: can't add hid device: -71 [ 198.972831][ T35] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 198.979006][ T35] usb 7-1: USB disconnect, device number 3 [ 198.998566][T10277] FAULT_INJECTION: forcing a failure. [ 198.998566][T10277] name failslab, interval 1, probability 0, space 0, times 0 [ 199.007270][T10277] CPU: 3 UID: 0 PID: 10277 Comm: syz.2.1102 Not tainted 6.12.0-syzkaller-10689-g7af08b57bcb9 #0 [ 199.010388][T10277] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 199.014097][T10277] Call Trace: [ 199.015016][T10277] <TASK> [ 199.016025][T10277] dump_stack_lvl+0x16c/0x1f0 [ 199.017694][T10277] should_fail_ex+0x497/0x5b0 [ 199.018968][T10277] should_failslab+0xc2/0x120 [ 199.020224][T10277] __kmalloc_cache_noprof+0x68/0x420 [ 199.021635][T10277] ? rcu_is_watching+0x12/0xc0 [ 199.023077][T10277] ? trace_lock_acquire+0x14e/0x1f0 [ 199.024910][T10277] sctp_add_bind_addr+0x9d/0x3e0 [ 199.026763][T10277] sctp_copy_local_addr_list+0x39e/0x5a0 [ 199.028870][T10277] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 199.031048][T10277] ? sctp_auth_asoc_copy_shkeys+0x2a7/0x360 [ 199.033113][T10277] ? sctp_bind_addr_copy+0xe0/0x530 [ 199.035012][T10277] sctp_bind_addr_copy+0xe0/0x530 [ 199.036862][T10277] sctp_connect_new_asoc+0x1d8/0x790 [ 199.038682][T10277] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 199.040795][T10277] ? mark_held_locks+0x9f/0xe0 [ 199.042572][T10277] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 199.044567][T10277] sctp_sendmsg+0x162a/0x1f10 [ 199.046237][T10277] ? __pfx___lock_acquire+0x10/0x10 [ 199.048057][T10277] ? __pfx_sctp_sendmsg+0x10/0x10 [ 199.049804][T10277] ? __pfx___might_resched+0x10/0x10 [ 199.051664][T10277] ? __pfx_aa_sk_perm+0x10/0x10 [ 199.053460][T10277] ? __import_iovec+0x1f2/0x6d0 [ 199.055160][T10277] ? __pfx_sctp_sendmsg+0x10/0x10 [ 199.056924][T10277] inet_sendmsg+0x119/0x140 [ 199.058506][T10277] ____sys_sendmsg+0x907/0xb40 [ 199.060177][T10277] ? __pfx_____sys_sendmsg+0x10/0x10 [ 199.062031][T10277] ? get_compat_msghdr+0x11b/0x170 [ 199.063865][T10277] ___sys_sendmsg+0x135/0x1e0 [ 199.065539][T10277] ? __pfx____sys_sendmsg+0x10/0x10 [ 199.067440][T10277] ? trace_lock_acquire+0x14e/0x1f0 [ 199.069359][T10277] __sys_sendmmsg+0x2fa/0x420 [ 199.071105][T10277] ? __pfx___sys_sendmmsg+0x10/0x10 [ 199.073030][T10277] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 199.075230][T10277] ? fput+0x67/0x440 [ 199.076667][T10277] ? ksys_write+0x1ba/0x250 [ 199.078377][T10277] ? __pfx_ksys_write+0x10/0x10 [ 199.080165][T10277] __ia32_compat_sys_sendmmsg+0x9d/0x100 [ 199.082210][T10277] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 199.084617][T10277] __do_fast_syscall_32+0x73/0x120 [ 199.086523][T10277] do_fast_syscall_32+0x32/0x80 [ 199.088328][T10277] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 199.090627][T10277] RIP: 0023:0xf7f11579 [ 199.092156][T10277] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 199.095613][ T5326] Bluetooth: hci2: command 0x0c1a tx timeout [ 199.098690][T10277] RSP: 002b:00000000f509657c EFLAGS: 00000292 ORIG_RAX: 0000000000000159 [ 199.098755][T10277] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200007c0 [ 199.098763][T10277] RDX: 0000000000000001 RSI: 0000000000000040 RDI: 0000000000000000 [ 199.098790][T10277] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 199.098801][T10277] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 199.098812][T10277] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 199.098829][T10277] </TASK> [ 199.534334][T10300] netlink: 'syz.2.1106': attribute type 1 has an invalid length. [ 199.537243][T10300] netlink: 'syz.2.1106': attribute type 3 has an invalid length. [ 199.540018][T10300] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1106'. [ 200.517598][T10304] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 200.649773][T10320] netlink: 'syz.0.1113': attribute type 1 has an invalid length. [ 200.652002][T10320] netlink: 'syz.0.1113': attribute type 3 has an invalid length. [ 200.654696][T10320] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1113'. [ 201.563238][T10335] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1118'. [ 201.647568][ T5326] Bluetooth: hci2: command 0x0c1a tx timeout [ 202.361086][ T5961] Bluetooth: hci1: ACL packet for unknown connection handle 201 [ 202.393750][T10347] openvswitch: netlink: Missing key (keys=40, expected=100) [ 202.621416][T10361] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 202.855798][T10361] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 202.862517][T10361] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 203.005912][ T1413] ieee802154 phy0 wpan0: encryption failed: -22 [ 203.008108][ T1413] ieee802154 phy1 wpan1: encryption failed: -22 [ 203.746834][T10386] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1130'. [ 203.917187][T10394] openvswitch: netlink: Missing key (keys=40, expected=100) [ 204.632771][T10407] process 'syz.0.1137' launched '/dev/fd/3' with NULL argv: empty string added [ 205.115905][T10433] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1141'. [ 205.223880][T10435] openvswitch: netlink: Missing key (keys=40, expected=100) [ 206.303542][T10441] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 207.888801][T10495] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1156'. [ 208.863401][T10527] FAULT_INJECTION: forcing a failure. [ 208.863401][T10527] name failslab, interval 1, probability 0, space 0, times 0 [ 208.867959][T10527] CPU: 0 UID: 0 PID: 10527 Comm: syz.0.1165 Not tainted 6.12.0-syzkaller-10689-g7af08b57bcb9 #0 [ 208.871654][T10527] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 208.875340][T10527] Call Trace: [ 208.876733][T10527] <TASK> [ 208.877879][T10527] dump_stack_lvl+0x16c/0x1f0 [ 208.879325][T10527] should_fail_ex+0x497/0x5b0 [ 208.880562][T10527] should_failslab+0xc2/0x120 [ 208.881793][T10527] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 208.883252][T10527] ? skb_clone+0x190/0x3f0 [ 208.884430][T10527] skb_clone+0x190/0x3f0 [ 208.885561][T10527] netlink_deliver_tap+0xafd/0xca0 [ 208.886907][T10527] netlink_unicast+0x6b4/0x7f0 [ 208.888179][T10527] ? __pfx_netlink_unicast+0x10/0x10 [ 208.889580][T10527] netlink_ack+0x6a5/0xb20 [ 208.890764][T10527] netlink_rcv_skb+0x327/0x410 [ 208.892032][T10527] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 208.893457][T10527] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 208.894838][T10527] ? __pfx_aa_get_newest_label+0x10/0x10 [ 208.896311][T10527] ? bpf_lsm_capable+0x9/0x10 [ 208.897548][T10527] ? security_capable+0x7e/0x260 [ 208.898839][T10527] ? ns_capable+0xd7/0x110 [ 208.900007][T10527] nfnetlink_rcv+0x1b4/0x430 [ 208.901215][T10527] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 208.902551][T10527] ? netlink_deliver_tap+0x1ae/0xca0 [ 208.903937][T10527] netlink_unicast+0x53c/0x7f0 [ 208.905197][T10527] ? __pfx_netlink_unicast+0x10/0x10 [ 208.906738][T10527] ? __phys_addr_symbol+0x30/0x80 [ 208.908084][T10527] ? __check_object_size+0x488/0x710 [ 208.909495][T10527] netlink_sendmsg+0x8b8/0xd70 [ 208.910767][T10527] ? __pfx_netlink_sendmsg+0x10/0x10 [ 208.912176][T10527] ____sys_sendmsg+0x9ae/0xb40 [ 208.913563][T10527] ? __pfx_____sys_sendmsg+0x10/0x10 [ 208.914966][T10527] ? get_compat_msghdr+0x11b/0x170 [ 208.916317][T10527] ___sys_sendmsg+0x135/0x1e0 [ 208.917572][T10527] ? __pfx____sys_sendmsg+0x10/0x10 [ 208.918946][T10527] ? __pfx_lock_release+0x10/0x10 [ 208.920270][T10527] ? trace_lock_acquire+0x14e/0x1f0 [ 208.921635][T10527] ? __fget_files+0x206/0x3a0 [ 208.922881][T10527] __sys_sendmsg+0x16e/0x220 [ 208.924094][T10527] ? __pfx___sys_sendmsg+0x10/0x10 [ 208.925466][T10527] __do_fast_syscall_32+0x73/0x120 [ 208.926820][T10527] do_fast_syscall_32+0x32/0x80 [ 208.928096][T10527] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 208.929739][T10527] RIP: 0023:0xf748e579 [ 208.930809][T10527] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 208.935737][T10527] RSP: 002b:00000000f517657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 208.937887][T10527] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000240 [ 208.939943][T10527] RDX: 0000000000000804 RSI: 0000000000000000 RDI: 0000000000000000 [ 208.941982][T10527] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 208.944036][T10527] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 208.946094][T10527] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 208.948155][T10527] </TASK> [ 209.480713][T10539] FAULT_INJECTION: forcing a failure. [ 209.480713][T10539] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 209.485326][T10539] CPU: 0 UID: 0 PID: 10539 Comm: syz.3.1169 Not tainted 6.12.0-syzkaller-10689-g7af08b57bcb9 #0 [ 209.489006][T10539] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 209.493135][T10539] Call Trace: [ 209.494360][T10539] <TASK> [ 209.495452][T10539] dump_stack_lvl+0x16c/0x1f0 [ 209.497139][T10539] should_fail_ex+0x497/0x5b0 [ 209.498711][T10539] _copy_to_user+0x32/0xd0 [ 209.500225][T10539] simple_read_from_buffer+0xd0/0x160 [ 209.502044][T10539] proc_fail_nth_read+0x198/0x270 [ 209.503650][T10539] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 209.505089][T10539] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 209.506586][T10539] vfs_read+0x1df/0xbe0 [ 209.507809][T10539] ? __fget_files+0x1fc/0x3a0 [ 209.508476][T10536] netlink: 'syz.2.1168': attribute type 2 has an invalid length. [ 209.509394][T10539] ? __pfx___mutex_lock+0x10/0x10 [ 209.513786][T10539] ? __pfx_vfs_read+0x10/0x10 [ 209.515503][T10539] ? __fget_files+0x206/0x3a0 [ 209.517320][T10539] ksys_read+0x12b/0x250 [ 209.518900][T10539] ? __pfx_ksys_read+0x10/0x10 [ 209.520670][T10539] __do_fast_syscall_32+0x73/0x120 [ 209.522529][T10539] do_fast_syscall_32+0x32/0x80 [ 209.524297][T10539] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 209.526581][T10539] RIP: 0023:0xf7f51579 [ 209.528069][T10539] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 209.533543][T10539] RSP: 002b:00000000f50d65b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 209.535724][T10539] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f50d6620 [ 209.537767][T10539] RDX: 000000000000000f RSI: 00000000f73e0ff4 RDI: 0000000000000000 [ 209.539832][T10539] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 209.541878][T10539] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 209.543989][T10539] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 209.546046][T10539] </TASK> [ 209.853746][T10552] FAULT_INJECTION: forcing a failure. [ 209.853746][T10552] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 209.860748][T10552] CPU: 2 UID: 0 PID: 10552 Comm: syz.3.1173 Not tainted 6.12.0-syzkaller-10689-g7af08b57bcb9 #0 [ 209.863564][T10552] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 209.866393][T10552] Call Trace: [ 209.867299][T10552] <TASK> [ 209.868280][T10552] dump_stack_lvl+0x16c/0x1f0 [ 209.869616][T10552] should_fail_ex+0x497/0x5b0 [ 209.870915][T10552] _copy_to_user+0x32/0xd0 [ 209.872096][T10552] simple_read_from_buffer+0xd0/0x160 [ 209.873516][T10552] proc_fail_nth_read+0x198/0x270 [ 209.874866][T10552] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 209.876544][T10552] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 209.878096][T10552] vfs_read+0x1df/0xbe0 [ 209.879246][T10552] ? __fget_files+0x1fc/0x3a0 [ 209.880558][T10552] ? __pfx___mutex_lock+0x10/0x10 [ 209.881898][T10552] ? __pfx_vfs_read+0x10/0x10 [ 209.883206][T10552] ? __fget_files+0x206/0x3a0 [ 209.884460][T10552] ksys_read+0x12b/0x250 [ 209.885607][T10552] ? __pfx_ksys_read+0x10/0x10 [ 209.886896][T10552] __do_fast_syscall_32+0x73/0x120 [ 209.888289][T10552] do_fast_syscall_32+0x32/0x80 [ 209.889590][T10552] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 209.891533][T10552] RIP: 0023:0xf7f51579 [ 209.892622][T10552] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 209.897559][T10552] RSP: 002b:00000000f50d65b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 209.899818][T10552] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f50d6620 [ 209.901899][T10552] RDX: 000000000000000f RSI: 00000000f73e0ff4 RDI: 0000000000000000 [ 209.904018][T10552] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 209.906120][T10552] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 209.908476][T10552] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 209.910561][T10552] </TASK> [ 210.103180][T10549] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1172'. [ 211.607173][T10560] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 212.271274][T10594] openvswitch: netlink: Missing key (keys=40, expected=2000) [ 212.636666][T10601] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1185'. [ 213.025430][ T9] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 213.164485][T10608] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1187'. [ 213.207067][ T9] usb 5-1: Using ep0 maxpacket: 8 [ 213.440986][ T9] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 213.794658][ T9] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 213.797330][ T9] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 213.799894][ T9] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0 [ 213.802477][ T9] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0 [ 213.804993][ T9] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0 [ 214.000984][ T9] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 214.003420][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 214.005530][ T9] usb 5-1: Product: syz [ 214.006668][ T9] usb 5-1: Manufacturer: syz [ 214.007918][ T9] usb 5-1: SerialNumber: syz [ 214.025068][T10627] openvswitch: netlink: Missing key (keys=40, expected=100) [ 214.391948][T10596] Trying to write to read-only block-device nullb0 [ 214.596974][T10628] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 214.636017][ T9] cdc_ncm 5-1:1.0: bind() failure [ 214.639557][ T9] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found [ 214.641383][ T9] cdc_ncm 5-1:1.1: bind() failure [ 214.643861][ T9] usb 5-1: USB disconnect, device number 10 [ 214.895271][ T1014] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 215.054230][T10643] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1195'. [ 215.055528][ T1014] usb 6-1: Using ep0 maxpacket: 16 [ 215.064271][ T1014] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 215.067268][ T1014] usb 6-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 215.069688][ T1014] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 215.072691][ T1014] usb 6-1: config 0 descriptor?? [ 215.079200][ T1014] input: bcm5974 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input5 [ 215.144077][T10645] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1196'. [ 215.357964][ T5360] bcm5974 6-1:0.0: could not read from device [ 215.368809][ T5360] bcm5974 6-1:0.0: could not read from device [ 215.380600][ T5360] bcm5974 6-1:0.0: could not read from device [ 215.382942][ T1014] usb 6-1: USB disconnect, device number 6 [ 215.386790][T10654] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1195'. [ 215.389262][T10636] bcm5974 6-1:0.0: could not read from device [ 215.397184][ T5360] bcm5974 6-1:0.0: could not read from device [ 216.177613][T10666] Invalid logical block size (201) [ 216.481110][ T39] kauditd_printk_skb: 2 callbacks suppressed [ 216.481121][ T39] audit: type=1326 audit(1732912911.173:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10668 comm="syz.0.1202" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf748e579 code=0x0 [ 216.985951][T10678] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1204'. [ 217.376467][T10698] lo speed is unknown, defaulting to 1000 [ 217.379679][T10698] lo speed is unknown, defaulting to 1000 [ 217.390373][T10698] lo speed is unknown, defaulting to 1000 [ 217.441977][ T9] lo speed is unknown, defaulting to 1000 [ 217.443812][T10698] infiniband syz0: set active [ 217.445288][T10698] infiniband syz0: added lo [ 217.558433][T10698] RDS/IB: syz0: added [ 217.560946][T10698] smc: adding ib device syz0 with port count 1 [ 217.563329][T10698] smc: ib device syz0 port 1 has pnetid [ 217.570010][ T832] lo speed is unknown, defaulting to 1000 [ 217.573726][T10698] lo speed is unknown, defaulting to 1000 [ 217.646776][T10698] lo speed is unknown, defaulting to 1000 [ 217.741600][T10698] lo speed is unknown, defaulting to 1000 [ 217.848832][T10698] lo speed is unknown, defaulting to 1000 [ 218.062538][T10713] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 218.131039][T10714] netlink: 'syz.1.1213': attribute type 10 has an invalid length. [ 218.135308][T10714] netlink: 55 bytes leftover after parsing attributes in process `syz.1.1213'. [ 218.317626][T10717] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1216'. [ 218.767237][T10741] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1219'. [ 219.479509][T10746] openvswitch: netlink: Missing key (keys=40, expected=100) [ 219.609524][T10747] netlink: 'syz.1.1224': attribute type 2 has an invalid length. [ 220.452760][T10767] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1229'. [ 220.455103][T10767] FAULT_INJECTION: forcing a failure. [ 220.455103][T10767] name failslab, interval 1, probability 0, space 0, times 0 [ 220.458280][T10767] CPU: 2 UID: 0 PID: 10767 Comm: syz.0.1229 Not tainted 6.12.0-syzkaller-10689-g7af08b57bcb9 #0 [ 220.460950][T10767] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 220.463570][T10767] Call Trace: [ 220.464341][T10767] <TASK> [ 220.465115][T10767] dump_stack_lvl+0x16c/0x1f0 [ 220.466344][T10767] should_fail_ex+0x497/0x5b0 [ 220.467585][T10767] should_failslab+0xc2/0x120 [ 220.468824][T10767] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 220.470228][T10767] ? skb_clone+0x190/0x3f0 [ 220.471425][T10767] skb_clone+0x190/0x3f0 [ 220.472540][T10767] netlink_deliver_tap+0xafd/0xca0 [ 220.473883][T10767] netlink_unicast+0x6b4/0x7f0 [ 220.475145][T10767] ? __pfx_netlink_unicast+0x10/0x10 [ 220.476611][T10767] ? rtnetlink_rcv_msg+0x3e6/0xea0 [ 220.477962][T10767] netlink_ack+0x6a5/0xb20 [ 220.479165][T10767] netlink_rcv_skb+0x327/0x410 [ 220.480428][T10767] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 220.481854][T10767] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 220.483275][T10767] ? netlink_deliver_tap+0x1ae/0xca0 [ 220.484656][T10767] netlink_unicast+0x53c/0x7f0 [ 220.485929][T10767] ? __pfx_netlink_unicast+0x10/0x10 [ 220.487327][T10767] ? __phys_addr_symbol+0x30/0x80 [ 220.488617][T10767] ? __check_object_size+0x488/0x710 [ 220.489942][T10767] netlink_sendmsg+0x8b8/0xd70 [ 220.491206][T10767] ? __pfx_netlink_sendmsg+0x10/0x10 [ 220.492598][T10767] ____sys_sendmsg+0x9ae/0xb40 [ 220.493858][T10767] ? __pfx_____sys_sendmsg+0x10/0x10 [ 220.495267][T10767] ? get_compat_msghdr+0x11b/0x170 [ 220.496615][T10767] ___sys_sendmsg+0x135/0x1e0 [ 220.497856][T10767] ? __pfx____sys_sendmsg+0x10/0x10 [ 220.499375][T10767] ? __pfx_lock_release+0x10/0x10 [ 220.500694][T10767] ? trace_lock_acquire+0x14e/0x1f0 [ 220.502053][T10767] ? __fget_files+0x206/0x3a0 [ 220.503315][T10767] __sys_sendmsg+0x16e/0x220 [ 220.504533][T10767] ? __pfx___sys_sendmsg+0x10/0x10 [ 220.505885][T10767] __do_fast_syscall_32+0x73/0x120 [ 220.507248][T10767] do_fast_syscall_32+0x32/0x80 [ 220.508526][T10767] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 220.510166][T10767] RIP: 0023:0xf748e579 [ 220.511266][T10767] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 220.516248][T10767] RSP: 002b:00000000f517657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 220.518406][T10767] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 220.520463][T10767] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 220.522507][T10767] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 220.524584][T10767] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 220.526660][T10767] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 220.528723][T10767] </TASK> [ 220.886019][T10768] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 221.194366][T10784] openvswitch: netlink: Missing key (keys=40, expected=100) [ 223.386931][T10830] openvswitch: netlink: Missing key (keys=40, expected=100) [ 223.633809][T10837] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1243'. [ 223.711042][T10842] netlink: 'syz.0.1245': attribute type 1 has an invalid length. [ 223.713253][T10842] netlink: 'syz.0.1245': attribute type 3 has an invalid length. [ 223.715930][T10842] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1245'. [ 223.944874][T10847] FAULT_INJECTION: forcing a failure. [ 223.944874][T10847] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 223.948544][T10847] CPU: 3 UID: 0 PID: 10847 Comm: syz.3.1246 Not tainted 6.12.0-syzkaller-10689-g7af08b57bcb9 #0 [ 223.951325][T10847] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 223.954154][T10847] Call Trace: [ 223.955062][T10847] <TASK> [ 223.955836][T10847] dump_stack_lvl+0x16c/0x1f0 [ 223.957075][T10847] should_fail_ex+0x497/0x5b0 [ 223.958399][T10847] _copy_from_user+0x2e/0xd0 [ 223.959652][T10847] move_addr_to_kernel+0x68/0x160 [ 223.960999][T10847] __sys_connect+0xb0/0x170 [ 223.962280][T10847] ? __pfx___sys_connect+0x10/0x10 [ 223.963617][T10847] ? __pfx_ksys_write+0x10/0x10 [ 223.964978][T10847] __ia32_sys_connect+0x71/0xb0 [ 223.966247][T10847] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 223.968026][T10847] __do_fast_syscall_32+0x73/0x120 [ 223.969363][T10847] do_fast_syscall_32+0x32/0x80 [ 223.970638][T10847] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 223.972353][T10847] RIP: 0023:0xf7f51579 [ 223.973414][T10847] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 223.978489][T10847] RSP: 002b:00000000f50b557c EFLAGS: 00000292 ORIG_RAX: 000000000000016a [ 223.980700][T10847] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000020772000 [ 223.982749][T10847] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000000 [ 223.984846][T10847] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 223.986911][T10847] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 223.989026][T10847] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 223.991215][T10847] </TASK> [ 223.992062][ C3] vkms_vblank_simulate: vblank timer overrun [ 224.126981][ T5326] Bluetooth: hci2: command 0x0c1a tx timeout [ 225.201250][T10872] openvswitch: netlink: Missing key (keys=40, expected=100) [ 225.453988][T10874] dlm: no local IP address has been set [ 225.455695][T10874] dlm: cannot start dlm midcomms -107 [ 226.053965][T10900] netlink: 'syz.0.1261': attribute type 2 has an invalid length. [ 226.143653][T10905] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1262'. [ 226.606571][T10915] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1265'. [ 228.269021][T10940] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 229.062671][T10989] FAULT_INJECTION: forcing a failure. [ 229.062671][T10989] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 229.066092][T10989] CPU: 1 UID: 0 PID: 10989 Comm: syz.2.1285 Not tainted 6.12.0-syzkaller-10689-g7af08b57bcb9 #0 [ 229.068794][T10989] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 229.071537][T10989] Call Trace: [ 229.072386][T10989] <TASK> [ 229.073212][T10989] dump_stack_lvl+0x16c/0x1f0 [ 229.074428][T10989] should_fail_ex+0x497/0x5b0 [ 229.075658][T10989] _copy_from_user+0x2e/0xd0 [ 229.076874][T10989] move_addr_to_kernel+0x68/0x160 [ 229.078143][T10989] __sys_connect+0xb0/0x170 [ 229.079300][T10989] ? __pfx___sys_connect+0x10/0x10 [ 229.080832][T10989] __ia32_sys_connect+0x71/0xb0 [ 229.082078][T10989] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 229.083730][T10989] __do_fast_syscall_32+0x73/0x120 [ 229.085095][T10989] do_fast_syscall_32+0x32/0x80 [ 229.086318][T10989] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 229.087928][T10989] RIP: 0023:0xf7f11579 [ 229.088969][T10989] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 229.093877][T10989] RSP: 002b:00000000f505457c EFLAGS: 00000292 ORIG_RAX: 000000000000016a [ 229.096111][T10989] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000020000040 [ 229.098207][T10989] RDX: 0000000000000026 RSI: 0000000000000000 RDI: 0000000000000000 [ 229.100285][T10989] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 229.102384][T10989] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 229.104470][T10989] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 229.106643][T10989] </TASK> [ 229.863445][T10976] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 230.154030][T11000] umip_printk: 7 callbacks suppressed [ 230.377639][ T5961] Bluetooth: hci2: command 0x0c1a tx timeout [ 230.715667][T11004] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1290'. [ 231.273350][T11022] netlink: 'syz.1.1296': attribute type 1 has an invalid length. [ 231.281227][T11022] netlink: 'syz.1.1296': attribute type 3 has an invalid length. [ 231.291137][T11022] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1296'. [ 231.736289][T11029] openvswitch: netlink: Missing key (keys=40, expected=100) [ 231.991354][T11036] hfs: can't find a HFS filesystem on dev sr0 [ 232.166508][T11051] ptm ptm2: ldisc open failed (-12), clearing slot 2 [ 232.250853][ T39] audit: type=1326 audit(1732912925.932:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11053 comm="syz.0.1305" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf748e579 code=0x0 [ 232.725691][T11066] openvswitch: netlink: Missing key (keys=40, expected=100) [ 233.174367][T11070] netlink: 'syz.3.1307': attribute type 2 has an invalid length. [ 233.182074][T11079] FAULT_INJECTION: forcing a failure. [ 233.182074][T11079] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 233.185706][T11079] CPU: 0 UID: 0 PID: 11079 Comm: syz.1.1312 Not tainted 6.12.0-syzkaller-10689-g7af08b57bcb9 #0 [ 233.188553][T11079] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 233.191451][T11079] Call Trace: [ 233.192472][T11079] <TASK> [ 233.193304][T11079] dump_stack_lvl+0x16c/0x1f0 [ 233.194579][T11079] should_fail_ex+0x497/0x5b0 [ 233.195835][T11079] _copy_to_user+0x32/0xd0 [ 233.197034][T11079] bpf_test_finish.isra.0+0x52b/0x680 [ 233.198510][T11079] ? __pfx_bpf_test_finish.isra.0+0x10/0x10 [ 233.200317][T11079] ? __pfx_skb_checksum+0x10/0x10 [ 233.201717][T11079] ? free_to_partial_list+0x510/0x630 [ 233.203178][T11079] ? __pfx_csum_partial_ext+0x10/0x10 [ 233.204571][T11079] ? __pfx_csum_block_add_ext+0x10/0x10 [ 233.206015][T11079] bpf_prog_test_run_skb+0x11da/0x22c0 [ 233.207512][T11079] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 233.209057][T11079] ? fput+0x67/0x440 [ 233.210114][T11079] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 233.211662][T11079] __sys_bpf+0x1921/0x57a0 [ 233.212853][T11079] ? __pfx_lock_release+0x10/0x10 [ 233.214229][T11079] ? __pfx___sys_bpf+0x10/0x10 [ 233.215607][T11079] ? vfs_write+0x306/0x1150 [ 233.216810][T11079] ? __mutex_unlock_slowpath+0x164/0x690 [ 233.218301][T11079] ? fput+0x67/0x440 [ 233.219371][T11079] ? ksys_write+0x1ba/0x250 [ 233.220577][T11079] ? __pfx_ksys_write+0x10/0x10 [ 233.221897][T11079] __ia32_sys_bpf+0x76/0xe0 [ 233.223137][T11079] __do_fast_syscall_32+0x73/0x120 [ 233.224596][T11079] do_fast_syscall_32+0x32/0x80 [ 233.225988][T11079] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 233.227685][T11079] RIP: 0023:0xf746e579 [ 233.228866][T11079] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 233.234029][T11079] RSP: 002b:00000000f515657c EFLAGS: 00000292 ORIG_RAX: 0000000000000165 [ 233.236485][T11079] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00000000200002c0 [ 233.238611][T11079] RDX: 000000000000004c RSI: 0000000000000000 RDI: 0000000000000000 [ 233.240835][T11079] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 233.242939][T11079] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 233.245091][T11079] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 233.247754][T11079] </TASK> [ 234.128808][T11099] openvswitch: netlink: Missing key (keys=40, expected=100) [ 235.503766][T11124] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1324'. [ 236.016201][T11141] openvswitch: netlink: Missing key (keys=40, expected=100) [ 236.585649][ T62] usb 6-1: new full-speed USB device number 7 using dummy_hcd [ 236.746359][ T62] usb 6-1: too many configurations: 9, using maximum allowed: 8 [ 236.750808][ T62] usb 6-1: unable to read config index 0 descriptor/start: -61 [ 236.753965][ T62] usb 6-1: can't read configurations, error -61 [ 236.895472][ T62] usb 6-1: new full-speed USB device number 8 using dummy_hcd [ 237.121296][ T62] usb 6-1: too many configurations: 9, using maximum allowed: 8 [ 237.124496][ T62] usb 6-1: unable to read config index 0 descriptor/start: -61 [ 237.126507][ T62] usb 6-1: can't read configurations, error -61 [ 237.128311][ T62] usb usb6-port1: attempt power cycle [ 237.245385][T11168] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1339'. [ 237.421583][T11185] openvswitch: netlink: Missing key (keys=40, expected=100) [ 237.481502][T11187] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1344'. [ 237.483153][ T62] usb 6-1: new full-speed USB device number 9 using dummy_hcd [ 237.506934][ T62] usb 6-1: too many configurations: 9, using maximum allowed: 8 [ 237.510361][ T62] usb 6-1: unable to read config index 0 descriptor/start: -61 [ 237.512764][ T62] usb 6-1: can't read configurations, error -61 [ 237.654014][ T62] usb 6-1: new full-speed USB device number 10 using dummy_hcd [ 237.676280][ T62] usb 6-1: too many configurations: 9, using maximum allowed: 8 [ 237.680013][ T62] usb 6-1: unable to read config index 0 descriptor/start: -61 [ 237.682121][ T62] usb 6-1: can't read configurations, error -61 [ 237.683969][ T62] usb usb6-port1: unable to enumerate USB device [ 238.567957][T11215] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1354'. [ 238.605600][T11221] openvswitch: netlink: Missing key (keys=40, expected=100) [ 238.868461][T11230] fuse: Unknown parameter '' [ 240.427756][T11265] openvswitch: netlink: Missing key (keys=40, expected=100) [ 240.507978][T11267] netlink: 'syz.0.1365': attribute type 1 has an invalid length. [ 240.510760][T11267] netlink: 'syz.0.1365': attribute type 3 has an invalid length. [ 240.513449][T11267] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1365'. [ 240.816813][ T6022] usb 6-1: new full-speed USB device number 11 using dummy_hcd [ 240.978769][ T6022] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 240.981274][ T6022] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 6 [ 240.984591][ T6022] usb 6-1: New USB device found, idVendor=28bd, idProduct=1903, bcdDevice= 0.00 [ 240.986898][ T6022] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 240.993208][ T6022] usb 6-1: config 0 descriptor?? [ 241.040994][T11280] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1370'. [ 241.219236][ T6022] usbhid 6-1:0.0: can't add hid device: -71 [ 241.220914][ T6022] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 241.231564][ T6022] usb 6-1: USB disconnect, device number 11 [ 241.397300][ T39] audit: type=1326 audit(1732912934.496:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11283 comm="syz.0.1372" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000 [ 241.402812][ T39] audit: type=1326 audit(1732912934.496:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11283 comm="syz.0.1372" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000 [ 241.408830][ T39] audit: type=1326 audit(1732912934.496:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11283 comm="syz.0.1372" exe="/syz-executor" sig=0 arch=40000003 syscall=386 compat=1 ip=0xf748e579 code=0x7ffc0000 [ 241.414340][ T39] audit: type=1326 audit(1732912934.496:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11283 comm="syz.0.1372" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000 [ 241.419889][ T39] audit: type=1326 audit(1732912934.496:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11283 comm="syz.0.1372" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000 [ 241.425190][ T39] audit: type=1326 audit(1732912934.514:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11283 comm="syz.0.1372" exe="/syz-executor" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf748e579 code=0x7ffc0000 [ 241.431017][ T39] audit: type=1326 audit(1732912934.514:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11283 comm="syz.0.1372" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000 [ 241.436538][ T39] audit: type=1326 audit(1732912934.514:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11283 comm="syz.0.1372" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000 [ 241.442041][ T39] audit: type=1326 audit(1732912934.514:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11283 comm="syz.0.1372" exe="/syz-executor" sig=0 arch=40000003 syscall=157 compat=1 ip=0xf748e579 code=0x7ffc0000 [ 241.447744][ T39] audit: type=1326 audit(1732912934.514:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11283 comm="syz.0.1372" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000 [ 241.643468][T11287] IPVS: dh: SCTP 172.20.20.187:0 - no destination available [ 241.942859][T11303] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1374'. [ 242.077069][T11318] FAULT_INJECTION: forcing a failure. [ 242.077069][T11318] name failslab, interval 1, probability 0, space 0, times 0 [ 242.080967][T11318] CPU: 0 UID: 0 PID: 11318 Comm: syz.1.1383 Not tainted 6.12.0-syzkaller-10689-g7af08b57bcb9 #0 [ 242.083756][T11318] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 242.086621][T11318] Call Trace: [ 242.087497][T11318] <TASK> [ 242.088337][T11318] dump_stack_lvl+0x16c/0x1f0 [ 242.089670][T11318] should_fail_ex+0x497/0x5b0 [ 242.090903][T11318] ? fs_reclaim_acquire+0xae/0x150 [ 242.092240][T11318] should_failslab+0xc2/0x120 [ 242.093467][T11318] __kmalloc_noprof+0xce/0x4f0 [ 242.094723][T11318] ? blk_mq_alloc_request+0x508/0x950 [ 242.096107][T11318] ? bio_kmalloc+0x41/0x70 [ 242.097368][T11318] ? __pfx___debug_object_init+0x10/0x10 [ 242.098984][T11318] bio_kmalloc+0x41/0x70 [ 242.100096][T11318] blk_rq_map_kern+0x3ea/0x760 [ 242.101397][T11318] scsi_execute_cmd+0x379/0xff0 [ 242.102680][T11318] ? __pfx_lock_release+0x10/0x10 [ 242.104006][T11318] ? trace_lock_acquire+0x14e/0x1f0 [ 242.105378][T11318] ? __pfx_scsi_execute_cmd+0x10/0x10 [ 242.106781][T11318] ? is_bpf_text_address+0x94/0x1a0 [ 242.108216][T11318] ? kernel_text_address+0x8d/0x100 [ 242.109616][T11318] ? __kernel_text_address+0xd/0x40 [ 242.110957][T11318] sr_do_ioctl+0x21c/0x830 [ 242.112143][T11318] ? __pfx_sr_do_ioctl+0x10/0x10 [ 242.113447][T11318] ? kasan_save_stack+0x42/0x60 [ 242.114722][T11318] sr_packet+0xee/0x1c0 [ 242.115807][T11318] dvd_do_auth+0x8de/0xe50 [ 242.116972][T11318] ? __pfx_dvd_do_auth+0x10/0x10 [ 242.118322][T11318] ? __might_fault+0x13b/0x190 [ 242.119655][T11318] ? lock_acquire+0x2f/0xb0 [ 242.120879][T11318] ? __might_fault+0xe3/0x190 [ 242.122104][T11318] ? __might_fault+0xe3/0x190 [ 242.123344][T11318] mmc_ioctl_dvd_auth+0x154/0x230 [ 242.124681][T11318] ? __pfx_mmc_ioctl_dvd_auth+0x10/0x10 [ 242.126130][T11318] cdrom_ioctl+0x2d98/0x3280 [ 242.127347][T11318] ? mark_lock+0xb5/0xc60 [ 242.128488][T11318] ? __pfx_cdrom_ioctl+0x10/0x10 [ 242.129867][T11318] ? __pfx_mark_lock+0x10/0x10 [ 242.131251][T11318] ? trace_rpm_return_int+0x1a6/0x230 [ 242.132680][T11318] ? rpm_resume+0x81c/0x1330 [ 242.133916][T11318] ? lock_acquire.part.0+0x11b/0x380 [ 242.135320][T11318] ? find_held_lock+0x2d/0x110 [ 242.136628][T11318] ? __pm_runtime_resume+0xc3/0x170 [ 242.138079][T11318] ? __pfx_lock_release+0x10/0x10 [ 242.139520][T11318] ? lockdep_hardirqs_on+0x7c/0x110 [ 242.140972][T11318] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 242.142812][T11318] ? __pm_runtime_resume+0xc3/0x170 [ 242.144294][T11318] sr_block_ioctl+0x1b0/0x250 [ 242.145564][T11318] ? __pfx_sr_block_ioctl+0x10/0x10 [ 242.146992][T11318] blkdev_compat_ptr_ioctl+0x9c/0xe0 [ 242.148421][T11318] ? __pfx_blkdev_compat_ptr_ioctl+0x10/0x10 [ 242.149996][T11318] compat_blkdev_ioctl+0x2f7/0x750 [ 242.151475][T11318] ? __pfx_compat_blkdev_ioctl+0x10/0x10 [ 242.153025][T11318] ? __fget_files+0x206/0x3a0 [ 242.154312][T11318] ? __pfx_compat_blkdev_ioctl+0x10/0x10 [ 242.155838][T11318] __do_compat_sys_ioctl+0x1cb/0x2c0 [ 242.157291][T11318] __do_fast_syscall_32+0x73/0x120 [ 242.158671][T11318] do_fast_syscall_32+0x32/0x80 [ 242.159975][T11318] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 242.161717][T11318] RIP: 0023:0xf746e579 [ 242.162892][T11318] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 242.167995][T11318] RSP: 002b:00000000f515657c EFLAGS: 00000292 ORIG_RAX: 0000000000000036 [ 242.169954][T11318] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000005392 [ 242.172093][T11318] RDX: 00000000200000c0 RSI: 0000000000000000 RDI: 0000000000000000 [ 242.174282][T11318] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 242.176403][T11318] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 242.178516][T11318] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 242.180645][T11318] </TASK> [ 242.321819][T11321] lo speed is unknown, defaulting to 1000 [ 243.883841][T11346] binder: Unknown parameter 'smackfsroot' [ 244.270591][T11369] FAULT_INJECTION: forcing a failure. [ 244.270591][T11369] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 244.273960][T11369] CPU: 0 UID: 0 PID: 11369 Comm: syz.3.1396 Not tainted 6.12.0-syzkaller-10689-g7af08b57bcb9 #0 [ 244.276694][T11369] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 244.279603][T11369] Call Trace: [ 244.280519][T11369] <TASK> [ 244.281335][T11369] dump_stack_lvl+0x16c/0x1f0 [ 244.282631][T11369] should_fail_ex+0x497/0x5b0 [ 244.283900][T11369] _copy_from_user+0x2e/0xd0 [ 244.285159][T11369] __do_compat_sys_socketcall+0x14f/0x700 [ 244.287102][T11369] ? __fget_files+0x206/0x3a0 [ 244.288760][T11369] ? __pfx___do_compat_sys_socketcall+0x10/0x10 [ 244.290531][T11369] ? fput+0x67/0x440 [ 244.291546][T11369] ? ksys_write+0x1ba/0x250 [ 244.292720][T11369] ? __pfx_ksys_write+0x10/0x10 [ 244.293979][T11369] __do_fast_syscall_32+0x73/0x120 [ 244.295305][T11369] do_fast_syscall_32+0x32/0x80 [ 244.296559][T11369] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 244.298170][T11369] RIP: 0023:0xf7f51579 [ 244.299234][T11369] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 244.304202][T11369] RSP: 002b:00000000f50d5510 EFLAGS: 00000282 ORIG_RAX: 0000000000000066 [ 244.306402][T11369] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000f50d5520 [ 244.308467][T11369] RDX: 00000000f73e0ff4 RSI: 0000000000000000 RDI: 00000000f73e0ff4 [ 244.310893][T11369] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 244.312957][T11369] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 244.314987][T11369] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 244.317033][T11369] </TASK> [ 244.529614][T11386] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1400'. [ 244.545852][T11386] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1400'. [ 244.571132][T11389] netlink: 1296 bytes leftover after parsing attributes in process `syz.2.1401'. [ 244.573540][T11389] openvswitch: netlink: Flow key attr not present in new flow. [ 244.597445][T11379] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 245.543921][T11391] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 245.594449][T11398] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 245.844170][T11417] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1409'. [ 245.848479][T11417] FAULT_INJECTION: forcing a failure. [ 245.848479][T11417] name failslab, interval 1, probability 0, space 0, times 0 [ 245.852889][T11417] CPU: 3 UID: 0 PID: 11417 Comm: syz.2.1409 Not tainted 6.12.0-syzkaller-10689-g7af08b57bcb9 #0 [ 245.856380][T11417] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 245.859995][T11417] Call Trace: [ 245.861148][T11417] <TASK> [ 245.862170][T11417] dump_stack_lvl+0x16c/0x1f0 [ 245.863827][T11417] should_fail_ex+0x497/0x5b0 [ 245.865464][T11417] should_failslab+0xc2/0x120 [ 245.867084][T11417] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 245.868921][T11417] ? skb_clone+0x190/0x3f0 [ 245.870435][T11417] skb_clone+0x190/0x3f0 [ 245.871804][T11417] netlink_deliver_tap+0xafd/0xca0 [ 245.873555][T11417] netlink_unicast+0x6b4/0x7f0 [ 245.875218][T11417] ? __pfx_netlink_unicast+0x10/0x10 [ 245.877016][T11417] ? rtnetlink_rcv_msg+0x3e6/0xea0 [ 245.878968][T11417] netlink_ack+0x6a5/0xb20 [ 245.880546][T11417] netlink_rcv_skb+0x327/0x410 [ 245.882199][T11417] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 245.883713][T11417] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 245.885153][T11417] ? netlink_deliver_tap+0x1ae/0xca0 [ 245.886935][T11417] netlink_unicast+0x53c/0x7f0 [ 245.888256][T11417] ? __pfx_netlink_unicast+0x10/0x10 [ 245.890027][T11417] ? __phys_addr_symbol+0x30/0x80 [ 245.891468][T11417] ? __check_object_size+0x488/0x710 [ 245.893266][T11417] netlink_sendmsg+0x8b8/0xd70 [ 245.894916][T11417] ? __pfx_netlink_sendmsg+0x10/0x10 [ 245.896724][T11417] ____sys_sendmsg+0x9ae/0xb40 [ 245.898380][T11417] ? __pfx_____sys_sendmsg+0x10/0x10 [ 245.900172][T11417] ? get_compat_msghdr+0x11b/0x170 [ 245.901924][T11417] ___sys_sendmsg+0x135/0x1e0 [ 245.903530][T11417] ? __pfx____sys_sendmsg+0x10/0x10 [ 245.905321][T11417] ? __pfx_lock_release+0x10/0x10 [ 245.907167][T11417] ? trace_lock_acquire+0x14e/0x1f0 [ 245.908933][T11417] ? __fget_files+0x206/0x3a0 [ 245.910558][T11417] __sys_sendmsg+0x16e/0x220 [ 245.912142][T11417] ? __pfx___sys_sendmsg+0x10/0x10 [ 245.913758][T11417] __do_fast_syscall_32+0x73/0x120 [ 245.915591][T11417] do_fast_syscall_32+0x32/0x80 [ 245.917135][T11417] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 245.919074][T11417] RIP: 0023:0xf7f11579 [ 245.920418][T11417] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 245.926503][T11417] RSP: 002b:00000000f509657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 245.929273][T11417] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000140 [ 245.931933][T11417] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 245.934542][T11417] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 245.937191][T11417] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 245.939839][T11417] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 245.942489][T11417] </TASK> [ 246.010398][T11421] netlink: 'syz.1.1407': attribute type 2 has an invalid length. [ 246.714487][T11440] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1415'. [ 246.717047][T11440] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1415'. [ 247.051511][T11451] netlink: 'syz.1.1418': attribute type 1 has an invalid length. [ 247.053447][T11451] netlink: 'syz.1.1418': attribute type 3 has an invalid length. [ 247.055387][T11451] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1418'. [ 247.637407][T11460] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1421'. [ 247.639806][T11460] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1421'. [ 247.826060][T11452] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 247.868373][T11465] FAULT_INJECTION: forcing a failure. [ 247.868373][T11465] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 247.873002][T11465] CPU: 0 UID: 0 PID: 11465 Comm: syz.0.1422 Not tainted 6.12.0-syzkaller-10689-g7af08b57bcb9 #0 [ 247.875086][T11459] syz.2.1421 (11459): drop_caches: 2 [ 247.875646][T11465] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 247.875655][T11465] Call Trace: [ 247.875659][T11465] <TASK> [ 247.875663][T11465] dump_stack_lvl+0x16c/0x1f0 [ 247.875682][T11465] should_fail_ex+0x497/0x5b0 [ 247.875699][T11465] _copy_to_user+0x32/0xd0 [ 247.875716][T11465] simple_read_from_buffer+0xd0/0x160 [ 247.875729][T11465] proc_fail_nth_read+0x198/0x270 [ 247.888383][T11465] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 247.889824][T11465] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 247.891342][T11465] vfs_read+0x1df/0xbe0 [ 247.892449][T11465] ? __fget_files+0x1fc/0x3a0 [ 247.893688][T11465] ? __pfx___mutex_lock+0x10/0x10 [ 247.895030][T11465] ? __pfx_vfs_read+0x10/0x10 [ 247.896268][T11465] ? __fget_files+0x206/0x3a0 [ 247.897460][T11465] ksys_read+0x12b/0x250 [ 247.898527][T11465] ? __pfx_ksys_read+0x10/0x10 [ 247.899817][T11465] __do_fast_syscall_32+0x73/0x120 [ 247.901163][T11465] do_fast_syscall_32+0x32/0x80 [ 247.902596][T11465] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 247.904246][T11465] RIP: 0023:0xf748e579 [ 247.905327][T11465] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 247.910294][T11465] RSP: 002b:00000000f51765b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 247.912489][T11465] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f5176620 [ 247.914563][T11465] RDX: 000000000000000f RSI: 00000000f7480ff4 RDI: 0000000000000000 [ 247.916616][T11465] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 247.918640][T11465] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 247.920691][T11465] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 247.922734][T11465] </TASK> [ 248.069614][T11470] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1423'. [ 248.591741][T11471] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 249.906914][T11510] FAULT_INJECTION: forcing a failure. [ 249.906914][T11510] name failslab, interval 1, probability 0, space 0, times 0 [ 249.911334][T11510] CPU: 3 UID: 0 PID: 11510 Comm: syz.2.1436 Not tainted 6.12.0-syzkaller-10689-g7af08b57bcb9 #0 [ 249.914785][T11510] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 249.918295][T11510] Call Trace: [ 249.919329][T11510] <TASK> [ 249.920157][T11510] dump_stack_lvl+0x16c/0x1f0 [ 249.921476][T11510] should_fail_ex+0x497/0x5b0 [ 249.922723][T11510] ? fs_reclaim_acquire+0xae/0x150 [ 249.924125][T11510] should_failslab+0xc2/0x120 [ 249.925397][T11510] __kmalloc_noprof+0xce/0x4f0 [ 249.926665][T11510] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 249.928552][T11510] ? lockdep_hardirqs_on+0x7c/0x110 [ 249.930046][T11510] genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 249.932021][T11510] genl_family_rcv_msg_doit+0xbf/0x2f0 [ 249.933450][T11510] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 249.935134][T11510] ? genl_get_cmd+0x195/0x580 [ 249.936475][T11510] ? bpf_lsm_capable+0x9/0x10 [ 249.937968][T11510] ? security_capable+0x7e/0x260 [ 249.939278][T11510] ? ns_capable+0xd7/0x110 [ 249.940444][T11510] genl_rcv_msg+0x565/0x800 [ 249.941698][T11510] ? __pfx_genl_rcv_msg+0x10/0x10 [ 249.943497][T11510] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 249.945023][T11510] ? __pfx_nl80211_trigger_scan+0x10/0x10 [ 249.946994][T11510] ? __pfx_nl80211_post_doit+0x10/0x10 [ 249.948966][T11510] netlink_rcv_skb+0x165/0x410 [ 249.950696][T11510] ? __pfx_genl_rcv_msg+0x10/0x10 [ 249.952139][T11510] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 249.953537][T11510] ? down_read+0xc9/0x330 [ 249.954665][T11510] ? __pfx_down_read+0x10/0x10 [ 249.955908][T11510] ? netlink_deliver_tap+0x1ae/0xca0 [ 249.957279][T11510] genl_rcv+0x28/0x40 [ 249.958336][T11510] netlink_unicast+0x53c/0x7f0 [ 249.959583][T11510] ? __pfx_netlink_unicast+0x10/0x10 [ 249.960961][T11510] ? __phys_addr_symbol+0x30/0x80 [ 249.962276][T11510] ? __check_object_size+0x488/0x710 [ 249.963777][T11510] netlink_sendmsg+0x8b8/0xd70 [ 249.965048][T11510] ? __pfx_netlink_sendmsg+0x10/0x10 [ 249.966420][T11510] ____sys_sendmsg+0x9ae/0xb40 [ 249.967651][T11510] ? __pfx_____sys_sendmsg+0x10/0x10 [ 249.969021][T11510] ? get_compat_msghdr+0x11b/0x170 [ 249.970352][T11510] ___sys_sendmsg+0x135/0x1e0 [ 249.971579][T11510] ? __pfx____sys_sendmsg+0x10/0x10 [ 249.972935][T11510] ? __pfx_lock_release+0x10/0x10 [ 249.974333][T11510] ? trace_lock_acquire+0x14e/0x1f0 [ 249.975690][T11510] ? __fget_files+0x206/0x3a0 [ 249.976921][T11510] __sys_sendmsg+0x16e/0x220 [ 249.978123][T11510] ? __pfx___sys_sendmsg+0x10/0x10 [ 249.979461][T11510] __do_fast_syscall_32+0x73/0x120 [ 249.980792][T11510] do_fast_syscall_32+0x32/0x80 [ 249.982061][T11510] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 249.983712][T11510] RIP: 0023:0xf7f11579 [ 249.984940][T11510] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 249.989838][T11510] RSP: 002b:00000000f509657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 249.991983][T11510] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000440 [ 249.994011][T11510] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 249.996069][T11510] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 249.998029][T11510] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 250.000015][T11510] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 250.001966][T11510] </TASK> [ 250.032881][T11513] FAULT_INJECTION: forcing a failure. [ 250.032881][T11513] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 250.036108][T11513] CPU: 2 UID: 0 PID: 11513 Comm: syz.2.1437 Not tainted 6.12.0-syzkaller-10689-g7af08b57bcb9 #0 [ 250.039097][T11513] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 250.042056][T11513] Call Trace: [ 250.042902][T11513] <TASK> [ 250.043637][T11513] dump_stack_lvl+0x16c/0x1f0 [ 250.044825][T11513] should_fail_ex+0x497/0x5b0 [ 250.045982][T11513] _copy_to_user+0x32/0xd0 [ 250.047112][T11513] simple_read_from_buffer+0xd0/0x160 [ 250.048475][T11513] proc_fail_nth_read+0x198/0x270 [ 250.050252][T11513] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 250.051833][T11513] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 250.053202][T11513] vfs_read+0x1df/0xbe0 [ 250.054248][T11513] ? __fget_files+0x1fc/0x3a0 [ 250.055409][T11513] ? __pfx___mutex_lock+0x10/0x10 [ 250.056644][T11513] ? __pfx_vfs_read+0x10/0x10 [ 250.057845][T11513] ? __fget_files+0x206/0x3a0 [ 250.059043][T11513] ksys_read+0x12b/0x250 [ 250.060193][T11513] ? __pfx_ksys_read+0x10/0x10 [ 250.061387][T11513] __do_fast_syscall_32+0x73/0x120 [ 250.062722][T11513] do_fast_syscall_32+0x32/0x80 [ 250.063948][T11513] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 250.065500][T11513] RIP: 0023:0xf7f11579 [ 250.066500][T11513] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 250.071908][T11513] RSP: 002b:00000000f50965b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 250.074737][T11513] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f5096620 [ 250.076777][T11513] RDX: 000000000000000f RSI: 00000000f73a0ff4 RDI: 0000000000000000 [ 250.078823][T11513] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 250.080882][T11513] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 250.082921][T11513] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 250.085018][T11513] </TASK> [ 250.135602][T11507] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 250.140972][T11518] openvswitch: netlink: Missing key (keys=40, expected=100) [ 250.557310][T11538] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1445'. [ 250.799172][T11548] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1448'. [ 250.941516][T11546] netlink: 'syz.1.1446': attribute type 1 has an invalid length. [ 250.944467][T11546] netlink: 'syz.1.1446': attribute type 3 has an invalid length. [ 250.947509][T11546] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1446'. [ 251.233713][T11557] openvswitch: netlink: Missing key (keys=40, expected=100) [ 251.481614][T11562] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1452'. [ 251.704881][T11572] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 252.408463][T11567] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 252.657370][T11590] netlink: 'syz.2.1460': attribute type 1 has an invalid length. [ 252.659657][T11590] netlink: 'syz.2.1460': attribute type 3 has an invalid length. [ 252.661762][T11590] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1460'. [ 253.000087][T11601] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1463'. [ 253.307727][T11616] FAULT_INJECTION: forcing a failure. [ 253.307727][T11616] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 253.311224][T11616] CPU: 0 UID: 0 PID: 11616 Comm: syz.0.1467 Not tainted 6.12.0-syzkaller-10689-g7af08b57bcb9 #0 [ 253.313895][T11616] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 253.316661][T11616] Call Trace: [ 253.317550][T11616] <TASK> [ 253.318337][T11616] dump_stack_lvl+0x16c/0x1f0 [ 253.319573][T11616] should_fail_ex+0x497/0x5b0 [ 253.320809][T11616] ? fs_reclaim_acquire+0xae/0x150 [ 253.322392][T11616] should_fail_alloc_page+0xe7/0x130 [ 253.324162][T11616] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 253.326231][T11616] __alloc_pages_noprof+0x190/0x25b0 [ 253.328023][T11616] ? kasan_save_stack+0x42/0x60 [ 253.329648][T11616] ? __kasan_kmalloc+0xaa/0xb0 [ 253.331258][T11616] ? __kmalloc_noprof+0x21a/0x4f0 [ 253.332937][T11616] ? bio_kmalloc+0x41/0x70 [ 253.334439][T11616] ? blk_rq_map_kern+0x3ea/0x760 [ 253.336097][T11616] ? scsi_execute_cmd+0x379/0xff0 [ 253.337778][T11616] ? sr_check_events+0x1f3/0xab0 [ 253.339463][T11616] ? cdrom_check_events+0x65/0x110 [ 253.341272][T11616] ? sr_block_check_events+0xc4/0x100 [ 253.343068][T11616] ? disk_check_events+0xbe/0x410 [ 253.344775][T11616] ? disk_check_media_change+0x101/0x280 [ 253.346631][T11616] ? sr_block_open+0xe1/0x270 [ 253.348210][T11616] ? blkdev_get_whole+0x96/0x290 [ 253.349853][T11616] ? bdev_open+0x2c7/0xe20 [ 253.351350][T11616] ? blkdev_open+0x329/0x400 [ 253.352894][T11616] ? do_dentry_open+0xf59/0x1ea0 [ 253.354558][T11616] ? vfs_open+0x82/0x3f0 [ 253.355980][T11616] ? path_openat+0x1e6a/0x2d60 [ 253.357591][T11616] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 253.359496][T11616] ? __do_fast_syscall_32+0x73/0x120 [ 253.361261][T11616] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 253.363427][T11616] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 253.365405][T11616] ? policy_nodemask+0xea/0x4e0 [ 253.367039][T11616] alloc_pages_mpol_noprof+0x2c9/0x610 [ 253.368855][T11616] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 253.370891][T11616] ? trace_kmalloc+0x2d/0xd0 [ 253.372444][T11616] ? __kmalloc_noprof+0x23b/0x4f0 [ 253.374125][T11616] ? bio_kmalloc+0x41/0x70 [ 253.375634][T11616] blk_rq_map_kern+0x494/0x760 [ 253.377247][T11616] scsi_execute_cmd+0x379/0xff0 [ 253.378887][T11616] ? __pfx___lock_acquire+0x10/0x10 [ 253.380606][T11616] ? __pfx_mark_lock+0x10/0x10 [ 253.382212][T11616] ? __pfx_scsi_execute_cmd+0x10/0x10 [ 253.384013][T11616] ? __lock_acquire+0x15a9/0x3c40 [ 253.385668][T11616] ? hlock_class+0x4e/0x130 [ 253.387125][T11616] sr_check_events+0x1f3/0xab0 [ 253.388723][T11616] ? __pfx_sr_check_events+0x10/0x10 [ 253.390490][T11616] ? hlock_class+0x4e/0x130 [ 253.392015][T11616] ? __pfx___lock_acquire+0x10/0x10 [ 253.393809][T11616] ? lock_acquire.part.0+0x11b/0x380 [ 253.395572][T11616] ? find_held_lock+0x2d/0x110 [ 253.397171][T11616] cdrom_check_events+0x65/0x110 [ 253.398830][T11616] sr_block_check_events+0xc4/0x100 [ 253.400560][T11616] disk_check_events+0xbe/0x410 [ 253.402187][T11616] ? _raw_spin_unlock_irq+0x23/0x50 [ 253.403933][T11616] disk_check_media_change+0x101/0x280 [ 253.405747][T11616] ? __pfx_disk_check_media_change+0x10/0x10 [ 253.407633][T11616] ? lockdep_hardirqs_on+0x7c/0x110 [ 253.409301][T11616] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 253.411105][T11616] ? __pm_runtime_resume+0xc3/0x170 [ 253.412509][T11616] sr_block_open+0xe1/0x270 [ 253.413867][T11616] ? __pfx_sr_block_open+0x10/0x10 [ 253.415241][T11616] ? __pfx_sr_block_open+0x10/0x10 [ 253.416577][T11616] blkdev_get_whole+0x96/0x290 [ 253.417827][T11616] bdev_open+0x2c7/0xe20 [ 253.418948][T11616] blkdev_open+0x329/0x400 [ 253.420112][T11616] do_dentry_open+0xf59/0x1ea0 [ 253.421366][T11616] ? __pfx_blkdev_open+0x10/0x10 [ 253.422677][T11616] vfs_open+0x82/0x3f0 [ 253.423751][T11616] ? may_open+0x1f2/0x400 [ 253.424903][T11616] path_openat+0x1e6a/0x2d60 [ 253.426104][T11616] ? __pfx_path_openat+0x10/0x10 [ 253.427400][T11616] ? __pfx___lock_acquire+0x10/0x10 [ 253.428784][T11616] ? lock_acquire.part.0+0x11b/0x380 [ 253.430151][T11616] ? find_held_lock+0x2d/0x110 [ 253.431431][T11616] do_filp_open+0x20c/0x470 [ 253.432624][T11616] ? __pfx_do_filp_open+0x10/0x10 [ 253.434014][T11616] ? find_held_lock+0x2d/0x110 [ 253.435639][T11616] ? alloc_fd+0x41f/0x760 [ 253.437084][T11616] do_sys_openat2+0x17a/0x1e0 [ 253.438318][T11616] ? __pfx_do_sys_openat2+0x10/0x10 [ 253.440041][T11616] ? __fget_files+0x206/0x3a0 [ 253.441618][T11616] __ia32_compat_sys_openat+0x16e/0x210 [ 253.443431][T11616] ? __pfx___ia32_compat_sys_openat+0x10/0x10 [ 253.445498][T11616] __do_fast_syscall_32+0x73/0x120 [ 253.447220][T11616] do_fast_syscall_32+0x32/0x80 [ 253.448804][T11616] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 253.450747][T11616] RIP: 0023:0xf748e579 [ 253.452065][T11616] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 253.457238][T11616] RSP: 002b:00000000f515557c EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 253.459773][T11616] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000040 [ 253.462167][T11616] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 253.464367][T11616] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 253.466748][T11616] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 253.469037][T11616] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 253.471392][T11616] </TASK> [ 253.675800][T11624] netlink: 1284 bytes leftover after parsing attributes in process `syz.2.1469'. [ 253.678231][T11624] openvswitch: netlink: Flow actions attr not present in new flow. [ 253.929908][T11630] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1470'. [ 254.068994][T11635] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1472'. [ 255.088922][T11659] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1477'. [ 255.195002][T11664] openvswitch: netlink: Flow actions attr not present in new flow. [ 255.793058][T11678] FAULT_INJECTION: forcing a failure. [ 255.793058][T11678] name failslab, interval 1, probability 0, space 0, times 0 [ 255.798364][T11678] CPU: 2 UID: 0 PID: 11678 Comm: syz.2.1484 Not tainted 6.12.0-syzkaller-10689-g7af08b57bcb9 #0 [ 255.801145][T11678] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 255.804072][T11678] Call Trace: [ 255.804957][T11678] <TASK> [ 255.805726][T11678] dump_stack_lvl+0x16c/0x1f0 [ 255.806986][T11678] should_fail_ex+0x497/0x5b0 [ 255.808220][T11678] ? fs_reclaim_acquire+0xae/0x150 [ 255.809552][T11678] should_failslab+0xc2/0x120 [ 255.810827][T11678] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 255.812257][T11678] ? __pfx___might_resched+0x10/0x10 [ 255.813709][T11678] ? __anon_vma_prepare+0xae/0x5e0 [ 255.815085][T11678] __anon_vma_prepare+0xae/0x5e0 [ 255.816367][T11678] ? __pfx___pte_alloc+0x10/0x10 [ 255.817636][T11678] __vmf_anon_prepare+0x11c/0x240 [ 255.818961][T11678] do_pte_missing+0x1020/0x3e00 [ 255.820221][T11678] ? mt_find+0x82d/0xa20 [ 255.821408][T11678] ? __pfx_lock_release+0x10/0x10 [ 255.822742][T11678] __handle_mm_fault+0x103c/0x2a40 [ 255.824102][T11678] ? __pfx___handle_mm_fault+0x10/0x10 [ 255.825519][T11678] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 255.826993][T11678] ? find_vma+0xc0/0x140 [ 255.828094][T11678] ? __pfx_find_vma+0x10/0x10 [ 255.829310][T11678] handle_mm_fault+0x3fa/0xaa0 [ 255.830579][T11678] do_user_addr_fault+0x7a3/0x13f0 [ 255.832005][T11678] exc_page_fault+0x5c/0xc0 [ 255.833186][T11678] asm_exc_page_fault+0x26/0x30 [ 255.834658][T11678] RIP: 0010:_copy_to_user+0xb6/0xd0 [ 255.836014][T11678] Code: 89 ee 48 89 ef e8 8a 98 ff fc 4d 85 ff 75 a8 e8 d0 96 ff fc 89 de 4c 89 e7 e8 a6 53 62 fd 0f 01 cb 48 89 d9 48 89 ef 4c 89 e6 <f3> a4 0f 1f 00 0f 01 ca 48 89 cb eb 80 66 2e 0f 1f 84 00 00 00 00 [ 255.840931][T11678] RSP: 0018:ffffc90004e77e58 EFLAGS: 00050297 [ 255.842580][T11678] RAX: 0000000000000001 RBX: 0000000000000004 RCX: 0000000000000004 [ 255.844640][T11678] RDX: fffff520009cefd6 RSI: ffffc90004e77eb0 RDI: 0000000020000100 [ 255.846678][T11678] RBP: 0000000020000100 R08: 0000000000000000 R09: fffff520009cefd6 [ 255.848653][T11678] R10: 0000000000000003 R11: 0000000000000000 R12: ffffc90004e77eb0 [ 255.850678][T11678] R13: 0000000020000104 R14: 00007ffffffff000 R15: 0000000000000000 [ 255.852791][T11678] ? _copy_to_user+0xaa/0xd0 [ 255.854031][T11678] __ia32_sys_sched_getparam+0x1ec/0x380 [ 255.855489][T11678] ? __pfx___ia32_sys_sched_getparam+0x10/0x10 [ 255.857086][T11678] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 255.858776][T11678] __do_fast_syscall_32+0x73/0x120 [ 255.860101][T11678] do_fast_syscall_32+0x32/0x80 [ 255.861405][T11678] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 255.863091][T11678] RIP: 0023:0xf7f11579 [ 255.864429][T11678] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 255.870084][T11678] RSP: 002b:00000000f509657c EFLAGS: 00000292 ORIG_RAX: 000000000000009b [ 255.872344][T11678] RAX: ffffffffffffffda RBX: 0000000000000555 RCX: 0000000020000100 [ 255.874372][T11678] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 255.876409][T11678] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 255.878581][T11678] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 255.880632][T11678] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 255.882819][T11678] </TASK> [ 255.945412][T11682] Invalid logical block size (85) [ 256.010768][ T1014] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 256.145799][T11687] netlink: 'syz.0.1488': attribute type 1 has an invalid length. [ 256.147958][T11687] netlink: 'syz.0.1488': attribute type 3 has an invalid length. [ 256.150108][T11687] __nla_validate_parse: 2 callbacks suppressed [ 256.150115][T11687] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1488'. [ 256.192459][ T1014] usb 8-1: Using ep0 maxpacket: 16 [ 256.294299][ T5961] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 256.298307][ T5961] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 256.301327][ T5961] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 256.303764][ T5961] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 256.306055][ T5961] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 256.308376][ T5961] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 256.338068][T11692] lo speed is unknown, defaulting to 1000 [ 256.439098][T11692] chnl_net:caif_netlink_parms(): no params data found [ 256.629511][T11692] bridge0: port 1(bridge_slave_0) entered blocking state [ 256.632832][T11692] bridge0: port 1(bridge_slave_0) entered disabled state [ 256.635151][T11692] bridge_slave_0: entered allmulticast mode [ 256.637140][T11692] bridge_slave_0: entered promiscuous mode [ 256.639649][T11692] bridge0: port 2(bridge_slave_1) entered blocking state [ 256.645118][T11692] bridge0: port 2(bridge_slave_1) entered disabled state [ 256.647652][T11692] bridge_slave_1: entered allmulticast mode [ 256.650124][T11692] bridge_slave_1: entered promiscuous mode [ 256.673162][T11692] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 256.677317][T11692] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 256.705410][T11692] team0: Port device team_slave_0 added [ 256.708690][T11692] team0: Port device team_slave_1 added [ 256.713926][ T1014] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 256.716662][ T1014] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 256.720740][ T1014] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 256.725321][ T1014] usb 8-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 256.727984][ T1014] usb 8-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 256.730115][ T1014] usb 8-1: Manufacturer: syz [ 256.739791][ T1014] usb 8-1: config 0 descriptor?? [ 256.742461][T11692] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 256.744261][T11692] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 256.751658][T11692] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 256.755987][T11692] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 256.758371][T11692] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 256.769626][T11692] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 256.793671][T11692] hsr_slave_0: entered promiscuous mode [ 256.796109][T11692] hsr_slave_1: entered promiscuous mode [ 256.798564][T11692] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 256.800703][T11692] Cannot create hsr debugfs directory [ 256.870655][T11692] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 256.875266][T11692] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 256.880909][T11692] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 256.893893][T11692] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 256.914999][T11692] bridge0: port 2(bridge_slave_1) entered blocking state [ 256.916890][T11692] bridge0: port 2(bridge_slave_1) entered forwarding state [ 256.919046][T11692] bridge0: port 1(bridge_slave_0) entered blocking state [ 256.920843][T11692] bridge0: port 1(bridge_slave_0) entered forwarding state [ 256.927694][T11701] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1491'. [ 256.945952][T11692] 8021q: adding VLAN 0 to HW filter on device bond0 [ 256.953818][ T45] bridge0: port 1(bridge_slave_0) entered disabled state [ 256.957874][ T45] bridge0: port 2(bridge_slave_1) entered disabled state [ 256.980287][T11692] 8021q: adding VLAN 0 to HW filter on device team0 [ 257.003382][T11710] binder: BINDER_SET_CONTEXT_MGR already set [ 257.006983][T11710] binder: 11709:11710 ioctl 40046207 0 returned -16 [ 257.008617][ T1170] bridge0: port 1(bridge_slave_0) entered blocking state [ 257.011253][ T1170] bridge0: port 1(bridge_slave_0) entered forwarding state [ 257.014342][ T62] ================================================================== [ 257.014582][ T1170] bridge0: port 2(bridge_slave_1) entered blocking state [ 257.016458][ T62] BUG: KASAN: slab-use-after-free in __list_del_entry_valid_or_report+0x14c/0x1c0 [ 257.016476][ T62] Read of size 8 at addr ffff88806678b488 by task kworker/2:1/62 [ 257.016484][ T62] [ 257.016488][ T62] CPU: 2 UID: 0 PID: 62 Comm: kworker/2:1 Not tainted 6.12.0-syzkaller-10689-g7af08b57bcb9 #0 [ 257.016499][ T62] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 257.016506][ T62] Workqueue: events binder_deferred_func [ 257.019041][ T1170] bridge0: port 2(bridge_slave_1) entered forwarding state [ 257.021007][ T62] [ 257.021013][ T62] Call Trace: [ 257.021018][ T62] <TASK> [ 257.037306][ T62] dump_stack_lvl+0x116/0x1f0 [ 257.038548][ T62] print_report+0xc3/0x620 [ 257.039712][ T62] ? __virt_addr_valid+0x5e/0x590 [ 257.041029][ T62] ? __phys_addr+0xc6/0x150 [ 257.042225][ T62] kasan_report+0xd9/0x110 [ 257.043400][ T62] ? __list_del_entry_valid_or_report+0x14c/0x1c0 [ 257.045072][ T62] ? __list_del_entry_valid_or_report+0x14c/0x1c0 [ 257.046729][ T62] __list_del_entry_valid_or_report+0x14c/0x1c0 [ 257.048289][ T62] binder_release_work+0x9b/0x490 [ 257.049589][ T62] binder_deferred_func+0xe6e/0x12e0 [ 257.050970][ T62] process_one_work+0x958/0x1b30 [ 257.052214][ T62] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 257.053658][ T62] ? __pfx_process_one_work+0x10/0x10 [ 257.055060][ T62] ? rcu_is_watching+0x12/0xc0 [ 257.056288][ T62] ? assign_work+0x1a0/0x250 [ 257.057453][ T62] worker_thread+0x6c8/0xf00 [ 257.058626][ T62] ? __kthread_parkme+0x148/0x220 [ 257.059891][ T62] ? __pfx_worker_thread+0x10/0x10 [ 257.061143][ T62] kthread+0x2c1/0x3a0 [ 257.062170][ T62] ? _raw_spin_unlock_irq+0x23/0x50 [ 257.063456][ T62] ? __pfx_kthread+0x10/0x10 [ 257.064608][ T62] ret_from_fork+0x45/0x80 [ 257.065750][ T62] ? __pfx_kthread+0x10/0x10 [ 257.066939][ T62] ret_from_fork_asm+0x1a/0x30 [ 257.068180][ T62] </TASK> [ 257.068927][ T62] [ 257.069534][ T62] Allocated by task 11710: [ 257.070662][ T62] kasan_save_stack+0x33/0x60 [ 257.071847][ T62] kasan_save_track+0x14/0x30 [ 257.073008][ T62] __kasan_kmalloc+0xaa/0xb0 [ 257.074170][ T62] binder_thread_write+0xe18/0x4c70 [ 257.075482][ T62] binder_ioctl+0x269d/0x7060 [ 257.076671][ T62] compat_ptr_ioctl+0x6b/0xa0 [ 257.077818][ T62] __do_compat_sys_ioctl+0x1cb/0x2c0 [ 257.079136][ T62] __do_fast_syscall_32+0x73/0x120 [ 257.080492][ T62] do_fast_syscall_32+0x32/0x80 [ 257.081743][ T62] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 257.083384][ T62] [ 257.084010][ T62] Freed by task 62: [ 257.084979][ T62] kasan_save_stack+0x33/0x60 [ 257.086098][ T62] kasan_save_track+0x14/0x30 [ 257.087272][ T62] kasan_save_free_info+0x3b/0x60 [ 257.088531][ T62] __kasan_slab_free+0x51/0x70 [ 257.089729][ T62] kfree+0x14f/0x4b0 [ 257.090701][ T62] binder_deferred_func+0xdd7/0x12e0 [ 257.092032][ T62] process_one_work+0x958/0x1b30 [ 257.093272][ T62] worker_thread+0x6c8/0xf00 [ 257.094430][ T62] kthread+0x2c1/0x3a0 [ 257.095460][ T62] ret_from_fork+0x45/0x80 [ 257.096568][ T62] ret_from_fork_asm+0x1a/0x30 [ 257.097762][ T62] [ 257.098376][ T62] The buggy address belongs to the object at ffff88806678b480 [ 257.098376][ T62] which belongs to the cache kmalloc-64 of size 64 [ 257.101786][ T62] The buggy address is located 8 bytes inside of [ 257.101786][ T62] freed 64-byte region [ffff88806678b480, ffff88806678b4c0) [ 257.105169][ T62] [ 257.105780][ T62] The buggy address belongs to the physical page: [ 257.107369][ T62] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x6678b [ 257.109523][ T62] anon flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff) [ 257.111414][ T62] page_type: f5(slab) [ 257.112414][ T62] raw: 04fff00000000000 ffff88801ac428c0 ffffea00011c0200 dead000000000005 [ 257.114583][ T62] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 257.116712][ T62] page dumped because: kasan: bad access detected [ 257.118366][ T62] page_owner tracks the page as allocated [ 257.119811][ T62] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5937, tgid 5937 (udevd), ts 52130374458, free_ts 52125628503 [ 257.124196][ T62] post_alloc_hook+0x2d1/0x350 [ 257.125375][ T62] get_page_from_freelist+0xfce/0x2f80 [ 257.126702][ T62] __alloc_pages_noprof+0x223/0x25b0 [ 257.127985][ T62] alloc_pages_mpol_noprof+0x2c9/0x610 [ 257.129389][ T62] new_slab+0x2c9/0x410 [ 257.130469][ T62] ___slab_alloc+0xd1d/0x16e0 [ 257.131689][ T62] __slab_alloc.constprop.0+0x56/0xb0 [ 257.133072][ T62] __kmalloc_noprof+0x2de/0x4f0 [ 257.134339][ T62] tomoyo_encode2+0x100/0x3e0 [ 257.135561][ T62] tomoyo_realpath_from_path+0x1a7/0x710 [ 257.137007][ T62] tomoyo_check_open_permission+0x2ad/0x3c0 [ 257.138529][ T62] tomoyo_file_open+0x6b/0x90 [ 257.139755][ T62] security_file_open+0x84/0x1e0 [ 257.141042][ T62] do_dentry_open+0x57e/0x1ea0 [ 257.142294][ T62] vfs_open+0x82/0x3f0 [ 257.143360][ T62] path_openat+0x1e6a/0x2d60 [ 257.144562][ T62] page last free pid 6336 tgid 6333 stack trace: [ 257.146197][ T62] free_unref_page+0x661/0x1080 [ 257.147396][ T62] tlb_finish_mmu+0x237/0x7b0 [ 257.148533][ T62] exit_mmap+0x3df/0xb20 [ 257.149632][ T62] __mmput+0x12a/0x4c0 [ 257.150668][ T62] mmput+0x62/0x70 [ 257.151593][ T62] do_exit+0x9bf/0x2d70 [ 257.152672][ T62] do_group_exit+0xd3/0x2a0 [ 257.153853][ T62] get_signal+0x2576/0x2610 [ 257.155033][ T62] arch_do_signal_or_restart+0x90/0x7e0 [ 257.156456][ T62] syscall_exit_to_user_mode+0x150/0x2a0 [ 257.157905][ T62] __do_fast_syscall_32+0x80/0x120 [ 257.159236][ T62] do_fast_syscall_32+0x32/0x80 [ 257.160498][ T62] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 257.162132][ T62] [ 257.162764][ T62] Memory state around the buggy address: [ 257.164195][ T62] ffff88806678b380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 257.166200][ T62] ffff88806678b400: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc [ 257.168231][ T62] >ffff88806678b480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 257.170207][ T62] ^ [ 257.171289][ T62] ffff88806678b500: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc [ 257.173302][ T62] ffff88806678b580: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc [ 257.175363][ T62] ================================================================== [ 257.177766][ T62] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 257.179616][ T62] CPU: 2 UID: 0 PID: 62 Comm: kworker/2:1 Not tainted 6.12.0-syzkaller-10689-g7af08b57bcb9 #0 [ 257.182173][ T62] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 257.184933][ T62] Workqueue: events binder_deferred_func [ 257.186399][ T62] Call Trace: [ 257.187276][ T62] <TASK> [ 257.188042][ T62] dump_stack_lvl+0x3d/0x1f0 [ 257.189246][ T62] panic+0x71d/0x800 [ 257.190270][ T62] ? mark_held_locks+0x9f/0xe0 [ 257.191510][ T62] ? __pfx_panic+0x10/0x10 [ 257.192668][ T62] ? irqentry_exit+0x3b/0x90 [ 257.193870][ T62] ? lockdep_hardirqs_on+0x7c/0x110 [ 257.195226][ T62] ? check_panic_on_warn+0x1f/0xb0 [ 257.196557][ T62] check_panic_on_warn+0xab/0xb0 [ 257.197840][ T62] end_report+0x117/0x180 [ 257.198977][ T62] kasan_report+0xe9/0x110 [ 257.200149][ T62] ? __list_del_entry_valid_or_report+0x14c/0x1c0 [ 257.201792][ T62] ? __list_del_entry_valid_or_report+0x14c/0x1c0 [ 257.203446][ T62] __list_del_entry_valid_or_report+0x14c/0x1c0 [ 257.205048][ T62] binder_release_work+0x9b/0x490 [ 257.206344][ T62] binder_deferred_func+0xe6e/0x12e0 [ 257.207712][ T62] process_one_work+0x958/0x1b30 [ 257.208977][ T62] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 257.210440][ T62] ? __pfx_process_one_work+0x10/0x10 [ 257.211832][ T62] ? rcu_is_watching+0x12/0xc0 [ 257.213077][ T62] ? assign_work+0x1a0/0x250 [ 257.214282][ T62] worker_thread+0x6c8/0xf00 [ 257.215483][ T62] ? __kthread_parkme+0x148/0x220 [ 257.216786][ T62] ? __pfx_worker_thread+0x10/0x10 [ 257.218106][ T62] kthread+0x2c1/0x3a0 [ 257.219177][ T62] ? _raw_spin_unlock_irq+0x23/0x50 [ 257.220530][ T62] ? __pfx_kthread+0x10/0x10 [ 257.221740][ T62] ret_from_fork+0x45/0x80 [ 257.222918][ T62] ? __pfx_kthread+0x10/0x10 [ 257.224111][ T62] ret_from_fork_asm+0x1a/0x30 [ 257.225380][ T62] </TASK> [ 257.226713][ T62] Kernel Offset: disabled [ 257.227846][ T62] Rebooting in 86400 seconds.. VM DIAGNOSIS: 20:42:41 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8509e4d5 RDI=ffffffff9a8a1280 RBP=ffffffff9a8a1240 RSP=ffffc90006b7f350 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000008 R12=0000000000000000 R13=0000000000000020 R14=ffffffff8509e470 R15=0000000000000000 RIP=ffffffff8509e4ff RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b400000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000020000240 CR3=0000000072ff4000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000000 RBX=ffff88802b6465e0 RCX=ffffc9000c001000 RDX=0000000000080000 RSI=ffffffff81820306 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc900043ef6a0 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000005 R12=ffffed10056c8cbd R13=0000000000000001 R14=ffff88802b6465e8 R15=ffff88802b53fe40 RIP=ffffffff8182030d RFL=00000287 [--S--PC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b500000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000000000040 CR3=000000004bf9c000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055bbb31a5850 000055bbb3199c40 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000ff00000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ff000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffff00 ffffffffffffffff ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4b238a1d3b67f518 737326cd9bd15146 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 73737373737373e2 7373737373737373 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=dffffc0000000005 RBX=00000000000003f9 RCX=0000000000000000 RDX=00000000000003f9 RSI=ffffffff8509e590 RDI=ffffffff9a8a1280 RBP=ffffffff9a8a1240 RSP=ffffc900007d7520 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=000000000000314e R12=0000000000000000 R13=ffffffff9a8a1240 R14=ffffffff9a8a1290 R15=0000000000000018 RIP=ffffffff8509e5b7 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000000c3a4ff1 CR3=0000000068eea000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000000 RBX=ffff88802b646600 RCX=ffffffff8182032c RDX=ffff88802513a440 RSI=ffffffff81820306 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc90003d4f458 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000002 R12=ffffed10056c8cc1 R13=0000000000000001 R14=ffff88802b646608 R15=ffff88802b73fe40 RIP=ffffffff81820308 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f73d6188 CR3=000000000dd7e000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000