last executing test programs: 8.490312632s ago: executing program 1 (id=371): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = dup(r0) write$UHID_INPUT(r1, &(0x7f0000002080)={0x9b, {"a2e3ad09ed0d09f91a5e1f0987f70e06d038e7ff7fc6e5539b0d3e0e8b089b3f383563030890e0879b0af8c6e70a9b334a959b669a240d0a0af3988f7ef319520100ffe8d178708c526db51b1b5b31070d0773090acd3b78130daa61d8e8040001000000b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f6709000000a141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7af1d0e54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c01008e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e1a63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0d8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) 8.399918367s ago: executing program 1 (id=372): r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x84ac1, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, 0x0) ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f0000000180)=@attr_arm64={0x0, 0x1, 0x1, &(0x7f0000000080)=0x5}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x20) r3 = syz_open_dev$dri(&(0x7f00000002c0), 0x0, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_QUERY(r3, 0xc01864cb, &(0x7f0000002ec0)={0x0, 0x0}) setsockopt$inet6_buf(r2, 0x29, 0x1c, &(0x7f0000000340)="0742237c9e69fd2ae0e7580822ff5405a4fc", 0x12) r4 = socket$alg(0x26, 0x5, 0x0) bind$alg(r4, &(0x7f0000001dc0)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-clmulni\x00'}, 0x58) r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6}]}) chdir(0x0) close_range(r5, 0xffffffffffffffff, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) r7 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e00000000000000050000000700000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000010000000000000000000000000000000000000063443f965129880eebf42989ca8a506214b30aed98b475b089fb871ed95a2c6c42d6f4f774acc15ee6a823"], 0x48) r8 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r9, 0xf, 0x0, 0x0, 0x0, 0x0, 0xb08e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r7, 0xffffffffffffffff}, &(0x7f0000000200), &(0x7f0000000280)=r8}, 0x1c) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000003c0)={r10, &(0x7f0000000380)="3a64c010297f07751226bb7c01a40d080d6c93ee19ba3f77c79412a2708459d3b0dd4964f37d76cf67bd85bd76c2e45b4ee8482adaa2b012"}, 0x1c) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000640)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a54000000060a0b0400000000e15172d90200000028000480240001800b000100736f636b657400d3140002800800024000000000080001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000090}, 0x0) sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYRES8, @ANYRES32=0x0, @ANYRESOCT=r6], 0x50}}, 0x4000000) socket(0x10, 0x3, 0x0) r11 = syz_open_procfs(0x0, &(0x7f0000000080)='smaps_rollup\x00') close(r11) read$msr(r11, &(0x7f0000000540)=""/225, 0xe1) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='sysfs\x00', 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0/file0\x00', 0x1c0) 7.510447095s ago: executing program 1 (id=380): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000d1c78879910000000000000000009500000020000000dfb4ed132e1064cc4a06614ea8c8ca6ac8bddd69dc06e5b9bf8694682178b66469ff44c6cd50c2c366b29e7cf07852ef6b54e29ff46922ed8e8665498f6d0000a92b6950d41e02fa07e70afa10ac7b71c6ff4aa5d4c7"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r0 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='source', &(0x7f0000000100)='c:::\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r1, 0x402, 0x8000003d) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, 0x0, 0x1f00, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) rseq(&(0x7f0000000040), 0x20, 0x0, 0x0) ptrace(0xffffffffffffffff, 0x0) process_vm_writev(0x0, &(0x7f0000000000), 0x0, &(0x7f0000000180), 0x0, 0x0) move_pages(0x0, 0x0, 0x0, &(0x7f0000000200), 0x0, 0x0) r2 = socket(0x1, 0x803, 0x0) getsockname$packet(r2, 0x0, &(0x7f00000001c0)) socket$packet(0x11, 0x3, 0x300) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3400000013000100000000000000000007000000", @ANYRES32, @ANYBLOB="000000000000000014001a80100005800c000380080001"], 0x34}}, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYRES32=r0], 0x0, 0x1a, 0x0, 0x1, 0xffffffff, 0x0, @void, @value}, 0x28) 6.603452517s ago: executing program 1 (id=386): syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) connect$inet(r1, 0x0, 0x0) fcntl$getown(r0, 0x9) fcntl$setownex(r1, 0xf, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, 0x0, &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000000)=[@sack_perm, @window, @sack_perm, @sack_perm, @timestamp, @timestamp, @timestamp, @timestamp], 0x20000149) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff) r4 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_ipv6_tunnel_SIOCDELPRL(r4, 0x89f6, &(0x7f0000000680)={'sit0\x00', &(0x7f00000005c0)={@private=0xa010101, 0x1, 0x0, 0x10, 0x0, [{@multicast2}]}}) write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000100)={'syz0\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x5, 0x40], [0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0xc4d], [0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc09]}, 0x45c) ioctl$UI_DEV_CREATE(0xffffffffffffffff, 0x5501) syz_open_dev$evdev(&(0x7f0000000600), 0x8000004, 0x474381) r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4138ae84, &(0x7f0000000040)) ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000140)) getpid() r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) 6.603036659s ago: executing program 2 (id=387): r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_ENUM_FREQ_BANDS(r0, 0xc0405665, 0x0) r1 = openat$dsp1(0xffffffffffffff9c, &(0x7f00000000c0), 0x109801, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000580)=ANY=[@ANYBLOB="14000000100001000000000000000000a700000a6c020000060a01020000000000000000000000070c000340000000000000000440020480100001800a0001007265646972000000200001800a00010071756f7461000000100002800c0001400000000000000007100001800b000100736f636b65740000fc01018008000100636d7000f001028008000240000000020200000081000100d5c0fda6f8e20b905efbecab5709593d6d316c828e981bffa727055ac16189c3461957e536d7b7df2f210976f142955d4eb7f155e2fa48e9ab48475de0bd650cad36f6861297ee71e52160acc65ed92578499a4dede934710b125b26db12bef8a083d2698cc8ee916f1af882e4bd341de7e922792d0a3f1e851d50bac6000000280003800c0002800800034000000002180002800900020073797a300000000008000180fffffffb1c01038004000100480002800900020073797a3100000000080003400000000208000340000000010800034000000001080001800000000008000180ffffffff080003400000000208000180fffffffe340002800900020073797a3200000000080003400000000308000180fffffffd0900020073797a320000000008000180fffffffc720001005cf58bb3e669f24d7a86cf93cf973b6860be3d492a4868f578eee4740def844182ff1db7e9627d15fbb2e1b3a5e13f31509507e3dbf39d134a151584038db642bf519e67c52ea19b43e4907f642198bea24f2011cfc831b623fa26e3c6c506913b4e77e7bd28e0972a808c7ec2be0000240002800900020073797a320000000008000340000000010900020073797a32000000000800024000000005080002400000000408000240000000040c0006400000000000000004340000000e0a05000000000000000000070000072000038004000080140000800900090073797a31000000000400064004000080140000001100010000000000000000000100000a"], 0x2c8}, 0x1, 0x0, 0x0, 0x80c0}, 0x40010) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0x0, [], 0x0, 0x0, 0x8}}) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) r2 = gettid() r3 = syz_init_net_socket$llc(0x1a, 0x801, 0x0) bind$llc(r3, &(0x7f0000000080), 0x10) listen(r3, 0x0) accept4$llc(r3, 0x0, 0x0, 0x0) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff) ioctl$SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, &(0x7f0000000080)=0x74000000) io_uring_enter(0xffffffffffffffff, 0x2def, 0x4000, 0x0, 0x0, 0x0) syz_open_dev$admmidi(&(0x7f0000000140), 0x20, 0x0) 6.18636288s ago: executing program 3 (id=389): socket$nl_route(0x10, 0x3, 0x0) r0 = openat$autofs(0xffffff9c, &(0x7f0000000500), 0x410002, 0x0) ioctl$AUTOFS_IOC_ASKUMOUNT(r0, 0x80049370, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) r2 = creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb) close(r2) r3 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fcntl$setlease(r3, 0x400, 0x1) r4 = socket(0x25, 0x1, 0x0) setsockopt$TIPC_IMPORTANCE(r4, 0x10f, 0x7f, &(0x7f00000000c0), 0x4) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0) sched_setaffinity(0x0, 0x0, 0x0) syz_open_dev$evdev(&(0x7f0000000000), 0xc0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8) getpid() mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040), 0x0, 0x0) open(&(0x7f0000000380)='./file0\x00', 0x0, 0x0) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x14, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020732500000000000700207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000008500000050000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000006000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r7 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x0) ioctl$CEC_S_MODE(r7, 0x40046109, &(0x7f0000000140)=0x11) socketpair$nbd(0x1, 0x1, 0x0, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0x541b, &(0x7f0000000000)={0xffffffffffffffff}) close_range(r8, 0xffffffffffffffff, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) 5.670344403s ago: executing program 2 (id=390): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_PRE_FAULT_MEMORY(r3, 0xc040aed5, &(0x7f00000000c0)={0x5028, 0x110000}) ptrace(0x10, r0) openat$snapshot(0xffffff9c, &(0x7f0000000080), 0x100, 0x0) r4 = syz_open_dev$tty1(0xc, 0x4, 0x1) r5 = syz_init_net_socket$x25(0x9, 0x5, 0x0) connect$x25(r5, &(0x7f0000000a80)={0x9, @remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x1, 0x2}}, 0x12) r6 = dup(r4) write$UHID_INPUT(r6, &(0x7f0000002080)={0x9b, {"a2e3ad09ed0d09f91a5e070987f70e06d038e7ff7fc6e5539b0d3e0e8b089b3f383563030890e0879b0af8c6e70a9b334a959b669a240d0a0af3988f7ef319520100ffe8d178708c526db51b1b5b31070d0773090acd3b78130daa61d8e8040001000000b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f6709000000a141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7af1d0e54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c01008e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e1a63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0d8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) 5.157028152s ago: executing program 3 (id=391): connect$bt_l2cap(0xffffffffffffffff, 0x0, 0x0) syz_usb_connect(0x0, 0x3f, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000540)={@rand_addr=' \x01\x00', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @private1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4400046}) 5.154485737s ago: executing program 0 (id=399): socket$nl_route(0x10, 0x3, 0x0) r0 = openat$autofs(0xffffff9c, &(0x7f0000000500), 0x410002, 0x0) ioctl$AUTOFS_IOC_ASKUMOUNT(r0, 0x80049370, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) r2 = creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb) close(r2) r3 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fcntl$setlease(r3, 0x400, 0x1) r4 = socket(0x25, 0x1, 0x0) setsockopt$TIPC_IMPORTANCE(r4, 0x10f, 0x7f, &(0x7f00000000c0), 0x4) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0) sched_setaffinity(0x0, 0x0, 0x0) syz_open_dev$evdev(&(0x7f0000000000), 0xc0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8) getpid() mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040), 0x0, 0x0) open(&(0x7f0000000380)='./file0\x00', 0x0, 0x0) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x14, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020732500000000000700207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000008500000050000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000006000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r7 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x0) ioctl$CEC_S_MODE(r7, 0x40046109, &(0x7f0000000140)=0x11) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$F2FS_IOC_MOVE_RANGE(r8, 0x541b, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) 4.138623517s ago: executing program 0 (id=392): r0 = socket$packet(0x11, 0x3, 0x300) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$SNDCTL_DSP_SPEED(r3, 0xc0045002, &(0x7f0000000080)=0x10000) read$dsp(r3, &(0x7f00000002c0)=""/4096, 0x1000) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_CMD_RESET_LINK_STATS(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x30, r4, 0x1, 0x0, 0x0, {{}, {}, {0x14, 0x14, 'broadcast-link\x00'}}}, 0x30}}, 0x0) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="1005a7"], 0x7) syz_open_dev$cec(&(0x7f0000000680), 0x0, 0x0) writev(r0, 0x0, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f0000000040)='nv\x00', 0x3) r6 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff) getdents(0xffffffffffffffff, &(0x7f0000002380)=""/129, 0x18) sendmsg$ETHTOOL_MSG_LINKMODES_GET(r6, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0) socket$unix(0x1, 0x5, 0x0) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) mlock2(&(0x7f000064f000/0x1000)=nil, 0x1000, 0x0) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) socket$inet(0x2, 0x4000000000000001, 0x0) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, &(0x7f0000000000)=""/188) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) 3.240330632s ago: executing program 3 (id=393): pipe2$watch_queue(0x0, 0x80) getsockname$packet(0xffffffffffffffff, 0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r2 = dup(r1) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x38011, r2, 0x0) mlock(&(0x7f0000a74000/0x1000)=nil, 0x1000) mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000007c0)=ANY=[@ANYBLOB="480000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="000000000000000014001280090001007665746800000000000080800a000100aaaaaaaaabc10400080004"], 0x48}}, 0x0) r3 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) setsockopt$netrom_NETROM_T1(r3, 0x103, 0x4, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x0, 0x0) r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) pipe2$9p(&(0x7f0000000240), 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) pipe(&(0x7f0000000100)) r6 = socket$nl_route(0x10, 0x3, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001ac0)=@newlink={0x4c, 0x10, 0x609, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x88a8ffad}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}]}}}, @IFLA_LINK={0x8, 0x5, r7}, @IFLA_MASTER={0x8}]}, 0x4c}}, 0x0) preadv(r4, &(0x7f0000000240)=[{&(0x7f0000001a80)=""/102386, 0x18ff2}], 0x1, 0x0, 0x0) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc)) r8 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0) r9 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/compact_memory\x00', 0x1, 0x0) sendfile(r9, r8, &(0x7f00000000c0)=0x58, 0x7) r10 = syz_clone(0x40002400, &(0x7f0000000180)="bf43ed3673820482b27d9080ee139fcfb0807d0e3fc1ed71ad89e7a977745908ca2e7340ec53866b09eea81a770247f013f85837230ce73fc0e77f2ea434a5e2f6539340867ecffa5de3cd764b6088709ea9a14f67f182976273ce6431e65277b26994a6b7d886060d6be4149c0186e29821c357541a5e0f3ac9dff1f4ad2475dbb01707cdfe2b5c40228ef87288cc84eb0b972ebcb5e829af74cff715c619ed314bfb57f74ac09cb60cc1511316c443b4e27df04f26161940c74ac6b30c4c62", 0xc0, &(0x7f0000000300), &(0x7f0000000380), &(0x7f00000003c0)="3f75ee2a12c6d242d8439c08741f905ec5855e386ea6f4bf17da9eafb48459fdc7dce7f23ebe03d1860fc551e1215d67930157f75fa82597f7d50005ddd99f3ab23940945b0dab38dc95ba0787bc5ed74368e919e3c0cf7f8182d8907c1c224b7d629329da4106cfe9891f9c80f56986802448b8f8b1a457d5c0aa39c06325e264a1936a5ec546c4da") ptrace$getenv(0x4201, r10, 0x6, &(0x7f0000000480)) 3.223623673s ago: executing program 0 (id=394): setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000040)={@ipv4={'\x00', '\xff\xff', @dev}, 0x3, 0x0, 0x0, 0x3}, 0x20) r0 = syz_open_dev$video(&(0x7f0000000000), 0x4, 0x62080) ioctl$VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f00000000c0)={0x7, 0xa, 0x1, "69706dbdccfa1f50082039cd3690500ee567acc88d1bd23465280f9f68c7a345", 0x30323953}) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'}) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl(r1, 0x8b32, &(0x7f0000000040)) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000d80)={0x58, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}]}, 0x58}}, 0x0) 3.160256316s ago: executing program 0 (id=395): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "7f12ddc1517600"}) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000000)={0xffffffffffffffff}) tee(r3, r2, 0x80000001, 0x0) ioctl$TCSETSF2(r3, 0x402c542d, &(0x7f0000000000)={0x4, 0x6, 0x3, 0x1, 0x27, "fe599b9ab7965298d16d316b50184c0416a7d2", 0x72, 0x8}) dup3(r0, r1, 0x0) capset(&(0x7f00000002c0)={0x20071026}, &(0x7f0000000300)={0x0, 0x2}) ioctl$TCSETA(r1, 0x5406, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x11, "0900e9ffffff00"}) ioctl$TIOCGPTPEER(r0, 0x5441, 0x0) getpid() 2.528097934s ago: executing program 2 (id=396): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000d1c78879910000000000000000009500000020000000dfb4ed132e1064cc4a06614ea8c8ca6ac8bddd69dc06e5b9bf8694682178b66469ff44c6cd50c2c366b29e7cf07852ef6b54e29ff46922ed8e8665498f6d0000a92b6950d41e02fa07e70afa10ac7b71c6ff4aa5d4c7"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r0 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='source', &(0x7f0000000100)='c:::\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r1, 0x402, 0x8000003d) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, 0x0, 0x1f00, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) rseq(&(0x7f0000000040), 0x20, 0x0, 0x0) ptrace(0xffffffffffffffff, 0x0) process_vm_writev(0x0, &(0x7f0000000000), 0x0, &(0x7f0000000180), 0x0, 0x0) move_pages(0x0, 0x0, 0x0, &(0x7f0000000200), 0x0, 0x0) r2 = socket(0x1, 0x803, 0x0) getsockname$packet(r2, 0x0, &(0x7f00000001c0)) socket$packet(0x11, 0x3, 0x300) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3400000013000100000000000000000007000000", @ANYRES32, @ANYBLOB="000000000000000014001a80100005800c000380080001"], 0x34}}, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYRES32=r0], 0x0, 0x1a, 0x0, 0x1, 0xffffffff, 0x0, @void, @value}, 0x28) 2.527893751s ago: executing program 3 (id=397): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) r3 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000880)=@bridge_setlink={0x270, 0x13, 0xa29, 0x300, 0x0, {0x7, 0x0, 0x0, r2}, [@IFLA_AF_SPEC={0x8, 0x1a, 0x0, 0x1, [@AF_INET={0x10, 0x3, 0x0, 0x1, {0xc, 0x5, 0x0, 0x1, [{0x8}]}}]}, @IFLA_VF_PORTS={0x10, 0x3, 0x0, 0x1, [{0x30, 0x1, 0x0, 0x1, [@IFLA_PORT_REQUEST={0x5, 0xc}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "714abbd2547de97cbbf6efb226f19bf9"}, @IFLA_PORT_PROFILE={0xd, 0x2, ':(\x8e^[[Z@\x00'}]}, {0x60, 0x7, 0x0, 0x1, [@IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "293a02149f3b75a67093c28fd6f55a23"}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "e48f01e49713f0c2d839f940d9f088d8"}, @IFLA_PORT_REQUEST={0x5}, @IFLA_PORT_PROFILE={0x13, 0x2, 'bridge_ilave_0\x00'}, @IFLA_PORT_PROFILE={0x7, 0x2, '):\x00'}, @IFLA_PORT_REQUEST={0x5}, @IFLA_PORT_VF={0x8}]}, {0x18, 0x1, 0x0, 0x1, [@IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "4d2906d0880fc8acc30fe2020f984967"}]}, {0x50, 0x1, 0x0, 0x1, [@IFLA_PORT_HOST_UUID={0x14, 0x5, "a1085e7df341b9dc3d8008a2fe5bdaad"}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "9c7e472c916020fe41bcc5aa8f56c947"}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "80ab8be51421cfa3c9e5cbfe8217e0af"}, @IFLA_PORT_VF={0x8}, @IFLA_PORT_VF={0x8}]}, {0x60, 0x1, 0x0, 0x1, [@IFLA_PORT_REQUEST={0x5}, @IFLA_PORT_REQUEST={0x5}, @IFLA_PORT_VF={0x8}, @IFLA_PORT_REQUEST={0x5}, @IFLA_PORT_PROFILE={0xc, 0x2, 'syztnl0\x00'}, @IFLA_PORT_VF={0x8}, @IFLA_PORT_PROFILE={0x13, 0x2, 'bridge_slave_0\x00'}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "e078d277f38ed3a40a448f3f6b6763e8"}]}, {0xe0, 0xc, 0x0, 0x1, [@IFLA_PORT_VF={0x8, 0x25}, @IFLA_PORT_REQUEST={0x5}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x19, "03dd96197aca85b64424a37dbda7b694"}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x7, "eb052fcd3dd4d3e8bbcbf1de857c0e1c"}]}, {0xa4, 0x18, 0x0, 0x1, [@IFLA_PORT_VF={0x4}, @IFLA_PORT_VF={0x8}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "b2112a97bf9704ee57915340334b8271"}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "e8635392a70f36f95f4b9b352920ebec"}]}]}, @IFLA_GSO_MAX_SEGS={0x8}, @IFLA_AF_SPEC={0x60, 0x1a, 0x0, 0x1, [@AF_INET6={0x20, 0xa, 0x0, 0x1, [@IFLA_INET6_ADDR_GEN_MODE={0x5}, @IFLA_INET6_TOKEN={0x14, 0x7, @local}]}, @AF_INET6={0x34, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x0, 0x7, @local}, @IFLA_INET6_TOKEN={0x14, 0x7, @ipv4={'\x00', '\xff\xff', @broadcast}}, @IFLA_INET6_TOKEN={0x14, 0x7, @mcast1}]}, @AF_BRIDGE={0x4}, @AF_INET6={0x0, 0xa, 0x0, 0x1, [@IFLA_INET6_ADDR_GEN_MODE, @IFLA_INET6_TOKEN={0x0, 0x7, @remote}, @IFLA_INET6_TOKEN={0x0, 0x7, @loopback}, @IFLA_INET6_ADDR_GEN_MODE, @IFLA_INET6_ADDR_GEN_MODE, @IFLA_INET6_TOKEN={0x0, 0x7, @private2}, @IFLA_INET6_TOKEN={0x0, 0x7, @private1}]}]}]}, 0x270}}, 0x0) 2.51328831s ago: executing program 3 (id=398): r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_ENUM_FREQ_BANDS(r0, 0xc0405665, 0x0) r1 = openat$dsp1(0xffffffffffffff9c, &(0x7f00000000c0), 0x109801, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000580)=ANY=[@ANYBLOB="14000000100001000000000000000000a700000a6c020000060a01020000000000000000000000070c000340000000000000000440020480100001800a0001007265646972000000200001800a00010071756f7461000000100002800c0001400000000000000007100001800b000100736f636b65740000fc01018008000100636d7000f001028008000240000000020200000081000100d5c0fda6f8e20b905efbecab5709593d6d316c828e981bffa727055ac16189c3461957e536d7b7df2f210976f142955d4eb7f155e2fa48e9ab48475de0bd650cad36f6861297ee71e52160acc65ed92578499a4dede934710b125b26db12bef8a083d2698cc8ee916f1af882e4bd341de7e922792d0a3f1e851d50bac6000000280003800c0002800800034000000002180002800900020073797a300000000008000180fffffffb1c01038004000100480002800900020073797a3100000000080003400000000208000340000000010800034000000001080001800000000008000180ffffffff080003400000000208000180fffffffe340002800900020073797a3200000000080003400000000308000180fffffffd0900020073797a320000000008000180fffffffc720001005cf58bb3e669f24d7a86cf93cf973b6860be3d492a4868f578eee4740def844182ff1db7e9627d15fbb2e1b3a5e13f31509507e3dbf39d134a151584038db642bf519e67c52ea19b43e4907f642198bea24f2011cfc831b623fa26e3c6c506913b4e77e7bd28e0972a808c7ec2be0000240002800900020073797a320000000008000340000000010900020073797a32000000000800024000000005080002400000000408000240000000040c0006400000000000000004340000000e0a05000000000000000000070000072000038004000080140000800900090073797a31000000000400064004000080140000001100010000000000000000000100000a"], 0x2c8}, 0x1, 0x0, 0x0, 0x80c0}, 0x40010) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0x0, [], 0x0, 0x0, 0x8}}) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) r2 = gettid() r3 = syz_init_net_socket$llc(0x1a, 0x801, 0x0) bind$llc(r3, &(0x7f0000000080), 0x10) listen(r3, 0x0) accept4$llc(r3, 0x0, 0x0, 0x0) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff) ioctl$SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, &(0x7f0000000080)=0x74000000) io_uring_enter(0xffffffffffffffff, 0x2def, 0x4000, 0x0, 0x0, 0x0) syz_open_dev$admmidi(&(0x7f0000000140), 0x20, 0x0) 2.504008722s ago: executing program 1 (id=400): socket$nl_route(0x10, 0x3, 0x0) r0 = openat$autofs(0xffffff9c, &(0x7f0000000500), 0x410002, 0x0) ioctl$AUTOFS_IOC_ASKUMOUNT(r0, 0x80049370, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) r2 = creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb) close(r2) r3 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fcntl$setlease(r3, 0x400, 0x1) r4 = socket(0x25, 0x1, 0x0) setsockopt$TIPC_IMPORTANCE(r4, 0x10f, 0x7f, &(0x7f00000000c0), 0x4) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0) sched_setaffinity(0x0, 0x0, 0x0) syz_open_dev$evdev(&(0x7f0000000000), 0xc0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8) getpid() mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040), 0x0, 0x0) open(&(0x7f0000000380)='./file0\x00', 0x0, 0x0) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x14, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020732500000000000700207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000008500000050000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000006000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r7 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x0) ioctl$CEC_S_MODE(r7, 0x40046109, &(0x7f0000000140)=0x11) socketpair$nbd(0x1, 0x1, 0x0, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0x541b, &(0x7f0000000000)={0xffffffffffffffff}) close_range(r8, 0xffffffffffffffff, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) 2.256899s ago: executing program 0 (id=401): r0 = socket$packet(0x11, 0x3, 0x300) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$SNDCTL_DSP_SPEED(r3, 0xc0045002, &(0x7f0000000080)=0x10000) read$dsp(r3, &(0x7f00000002c0)=""/4096, 0x1000) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_CMD_RESET_LINK_STATS(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x30, r4, 0x1, 0x0, 0x0, {{}, {}, {0x14, 0x14, 'broadcast-link\x00'}}}, 0x30}}, 0x0) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="1005a7"], 0x7) syz_open_dev$cec(&(0x7f0000000680), 0x0, 0x0) writev(r0, 0x0, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f0000000040)='nv\x00', 0x3) r6 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff) getdents(0xffffffffffffffff, &(0x7f0000002380)=""/129, 0x18) sendmsg$ETHTOOL_MSG_LINKMODES_GET(r6, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0) socket$unix(0x1, 0x5, 0x0) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) mlock2(&(0x7f000064f000/0x1000)=nil, 0x1000, 0x0) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) socket$inet(0x2, 0x4000000000000001, 0x0) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, &(0x7f0000000000)=""/188) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) 1.607223744s ago: executing program 2 (id=402): r0 = socket(0x10, 0x3, 0x0) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x8, &(0x7f0000000dc0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0", @ANYRESDEC=r0, @ANYBLOB="c3bfec3fd9654ab5f76cb2a08c6c4f31d7b4906fd474ebc3f7339225b843d1425bd72fd854e70734205722ac970e1bec41d3987839050ec31f0589b39b111e40ff8cf8772041a6d541ab977e97ff179dba363ebcdc6618157ce0074543ef9b015bfd102164c7e4ec270df2c855d93069aac7d3c80829f29d87531b519d6d605b30f3c8478474a99de95abb106e9d9ee9ff8a048ba08c79da3f44e75dbdfc4888bbed4a609d77f6b6979117d1f9bd274d76a9e6d00f5becc846a5442916275a725e364229214fd773d0b0c2b2f1e024b4e99be74462a58d506b05d5f06b6889c43447a80971d2018136b821c155da058841", @ANYRES16=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r3 = socket$vsock_stream(0x28, 0x1, 0x0) bind$vsock_stream(r3, &(0x7f0000000440), 0x10) listen(r3, 0x0) r4 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r4, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10) writev(r4, &(0x7f00000002c0)=[{&(0x7f0000000080)='?', 0x1}], 0x1) r5 = accept4$unix(r3, 0x0, 0x0, 0x0) recvmmsg(r2, &(0x7f0000001680), 0x0, 0x20002002, 0x0) recvmsg(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000480)=""/68, 0x44}], 0x1}, 0x4c2103a0) r6 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r6, 0x107, 0xa, &(0x7f0000000080)=0x3, 0x4) setsockopt$packet_rx_ring(r6, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x1}, 0x1c) r7 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) r8 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) write$dsp(r8, &(0x7f00000001c0)="5cba91a4", 0xffffffd9) ioctl$SNDCTL_DSP_SYNC(r8, 0x5001, 0x0) ioctl$SNDCTL_DSP_SETFMT(r8, 0xc0045003, &(0x7f0000000300)) ioctl$SNDCTL_DSP_RESET(r8, 0x5000, 0x0) sendmsg$ETHTOOL_MSG_LINKINFO_SET(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[], 0x3c}}, 0x0) setsockopt$inet6_int(r2, 0x29, 0x24, &(0x7f00000000c0)=0x5, 0x4) connect$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1, 0x9}, 0x1c) write$binfmt_script(r2, &(0x7f0000000280)={'#! ', '', [], 0x8, "2c36ce35fe800000000000009d94165f433d388e6577f86274e326d04670000000002c00"}, 0x5ac) syz_open_dev$evdev(&(0x7f0000000000), 0x438c, 0x0) 1.42492908s ago: executing program 1 (id=403): r0 = socket$packet(0x11, 0x3, 0x300) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$SNDCTL_DSP_SPEED(r3, 0xc0045002, &(0x7f0000000080)=0x10000) read$dsp(r3, &(0x7f00000002c0)=""/4096, 0x1000) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_CMD_RESET_LINK_STATS(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x30, r4, 0x1, 0x0, 0x0, {{}, {}, {0x14, 0x14, 'broadcast-link\x00'}}}, 0x30}}, 0x0) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="1005a7"], 0x7) syz_open_dev$cec(&(0x7f0000000680), 0x0, 0x0) writev(r0, 0x0, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f0000000040)='nv\x00', 0x3) r6 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000300)='proc\x00', 0x0, 0x0) getdents(0xffffffffffffffff, &(0x7f0000002380)=""/129, 0x18) sendmsg$ETHTOOL_MSG_LINKMODES_GET(r6, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0) socket$unix(0x1, 0x5, 0x0) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) mlock2(&(0x7f000064f000/0x1000)=nil, 0x1000, 0x0) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) socket$inet(0x2, 0x4000000000000001, 0x0) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, &(0x7f0000000000)=""/188) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) 920.448561ms ago: executing program 3 (id=404): r0 = socket$packet(0x11, 0x3, 0x300) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$SNDCTL_DSP_SPEED(r3, 0xc0045002, &(0x7f0000000080)=0x10000) read$dsp(r3, &(0x7f00000002c0)=""/4096, 0x1000) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_CMD_RESET_LINK_STATS(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x30, r4, 0x1, 0x0, 0x0, {{}, {}, {0x14, 0x14, 'broadcast-link\x00'}}}, 0x30}}, 0x0) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="1005a7"], 0x7) syz_open_dev$cec(&(0x7f0000000680), 0x0, 0x0) writev(r0, 0x0, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f0000000040)='nv\x00', 0x3) r6 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff) getdents(0xffffffffffffffff, &(0x7f0000002380)=""/129, 0x18) sendmsg$ETHTOOL_MSG_LINKMODES_GET(r6, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0) socket$unix(0x1, 0x5, 0x0) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) mlock2(&(0x7f000064f000/0x1000)=nil, 0x1000, 0x0) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) socket$inet(0x2, 0x4000000000000001, 0x0) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, &(0x7f0000000000)=""/188) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) 588.994687ms ago: executing program 2 (id=405): connect$bt_l2cap(0xffffffffffffffff, 0x0, 0x0) syz_usb_connect(0x0, 0x3f, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth1_to_bridge\x00'}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, 0x0) 437.179556ms ago: executing program 0 (id=406): pipe2$watch_queue(0x0, 0x80) getsockname$packet(0xffffffffffffffff, 0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r2 = dup(r1) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x38011, r2, 0x0) mlock(&(0x7f0000a74000/0x1000)=nil, 0x1000) mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000007c0)=ANY=[@ANYBLOB="480000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="000000000000000014001280090001007665746800000000000080800a000100aaaaaaaaabc10400080004"], 0x48}}, 0x0) r3 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) setsockopt$netrom_NETROM_T1(r3, 0x103, 0x4, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x0, 0x0) r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) pipe2$9p(&(0x7f0000000240), 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) pipe(&(0x7f0000000100)) r6 = socket$nl_route(0x10, 0x3, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001ac0)=@newlink={0x4c, 0x10, 0x609, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x88a8ffad}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}]}}}, @IFLA_LINK={0x8, 0x5, r7}, @IFLA_MASTER={0x8}]}, 0x4c}}, 0x0) preadv(r4, &(0x7f0000000240)=[{&(0x7f0000001a80)=""/102386, 0x18ff2}], 0x1, 0x0, 0x0) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc)) r8 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0) r9 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/compact_memory\x00', 0x1, 0x0) sendfile(r9, r8, &(0x7f00000000c0)=0x58, 0x7) r10 = syz_clone(0x40002400, &(0x7f0000000180)="bf43ed3673820482b27d9080ee139fcfb0807d0e3fc1ed71ad89e7a977745908ca2e7340ec53866b09eea81a770247f013f85837230ce73fc0e77f2ea434a5e2f6539340867ecffa5de3cd764b6088709ea9a14f67f182976273ce6431e65277b26994a6b7d886060d6be4149c0186e29821c357541a5e0f3ac9dff1f4ad2475dbb01707cdfe2b5c40228ef87288cc84eb0b972ebcb5e829af74cff715c619ed314bfb57f74ac09cb60cc1511316c443b4e27df04f26161940c74ac6b30c4c62", 0xc0, &(0x7f0000000300), &(0x7f0000000380), &(0x7f00000003c0)="3f75ee2a12c6d242d8439c08741f905ec5855e386ea6f4bf17da9eafb48459fdc7dce7f23ebe03d1860fc551e1215d67930157f75fa82597f7d50005ddd99f3ab23940945b0dab38dc95ba0787bc5ed74368e919e3c0cf7f8182d8907c1c224b7d629329da4106cfe9891f9c80f56986802448b8f8b1a457d5c0aa39c06325e264a1936a5ec546c4da") ptrace$getenv(0x4201, r10, 0x6, &(0x7f0000000480)) 0s ago: executing program 2 (id=407): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x2e3419662f9d1aee, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast}) socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup(0x0, &(0x7f00000002c0)) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000000000)=0x7) recvfrom$inet6(0xffffffffffffffff, &(0x7f00000000c0)=""/3, 0x3, 0x0, 0x0, 0x0) shutdown(0xffffffffffffffff, 0x0) connect$inet(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_inet_tcp_SIOCATMARK(0xffffffffffffffff, 0x541b, 0x0) pread64(0xffffffffffffffff, 0x0, 0x0, 0x0) socket(0x0, 0x0, 0x0) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000100)=@req={0x3fc, 0x0, 0x0, 0x6}, 0x10) r3 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10) recvmmsg$unix(r2, &(0x7f0000003100)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000480)=""/4096, 0x1000}], 0x1}}], 0x1, 0x0, 0x0) recvmmsg(r2, &(0x7f0000008140)=[{{0x0, 0x0, &(0x7f00000015c0)=[{&(0x7f0000001480)=""/74, 0x4a}], 0x1}}], 0x1, 0x0, 0x0) close(r3) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000d00)={r5, 0xf, 0x0, 0x0, 0x0, 0x0, 0xc00d, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r6 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r7 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x8, 0xd, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r6}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xa}, {}, {0x7, 0x0, 0xb, 0x7}}, @tail_call={{0x18, 0x2, 0x1, 0x0, r7}, {}, {0x85, 0x0, 0x0, 0x5}}]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000000)={r6, &(0x7f0000000300)="7479150201695a2adb36246587bafcd2104dad80cb97ed1342b01202c13d22a47419e06c47aa6b365e76b02f9930c44cf2f5badddab47457fd635285bf948bc34bb2e1fd0eff00683b879d4986094a1b1ed19ccda3"}, 0x1c) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:45235' (ED25519) to the list of known hosts. [ 34.385580][ T5321] cgroup: Unknown subsys name 'net' [ 34.987406][ T5321] cgroup: Unknown subsys name 'cpuset' [ 34.994675][ T5321] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 36.164755][ T5321] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 38.298361][ T5348] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 38.302597][ T5348] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 38.320041][ T5354] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 38.322587][ T5354] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 38.325538][ T5354] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 38.325822][ T5355] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 38.328964][ T5354] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 38.331203][ T5355] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 38.331831][ T5354] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 38.335439][ T5355] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 38.336056][ T5354] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 38.338010][ T5360] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 38.340045][ T5354] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 38.340503][ T5358] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 38.341235][ T5358] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 38.341359][ T5358] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 38.342126][ T5360] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 38.342177][ T5355] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 38.345929][ T5355] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 38.356462][ T5355] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 38.359101][ T5355] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 38.365656][ T4780] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 38.368035][ T5355] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 38.372114][ T5355] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 38.560438][ T5344] chnl_net:caif_netlink_parms(): no params data found [ 38.571114][ T5343] chnl_net:caif_netlink_parms(): no params data found [ 38.576522][ T5345] chnl_net:caif_netlink_parms(): no params data found [ 38.614821][ T5356] chnl_net:caif_netlink_parms(): no params data found [ 38.732032][ T5344] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.733954][ T5344] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.735985][ T5344] bridge_slave_0: entered allmulticast mode [ 38.739532][ T5344] bridge_slave_0: entered promiscuous mode [ 38.792860][ T5343] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.795286][ T5343] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.797228][ T5343] bridge_slave_0: entered allmulticast mode [ 38.800883][ T5343] bridge_slave_0: entered promiscuous mode [ 38.803552][ T5343] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.805442][ T5343] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.807325][ T5343] bridge_slave_1: entered allmulticast mode [ 38.809590][ T5343] bridge_slave_1: entered promiscuous mode [ 38.812037][ T5344] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.814209][ T5344] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.816282][ T5344] bridge_slave_1: entered allmulticast mode [ 38.818553][ T5344] bridge_slave_1: entered promiscuous mode [ 38.918926][ T5345] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.920911][ T5345] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.922895][ T5345] bridge_slave_0: entered allmulticast mode [ 38.924941][ T5345] bridge_slave_0: entered promiscuous mode [ 38.929600][ T5343] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 38.933331][ T5344] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 38.935845][ T5356] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.937767][ T5356] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.940528][ T5356] bridge_slave_0: entered allmulticast mode [ 38.942746][ T5356] bridge_slave_0: entered promiscuous mode [ 38.945550][ T5345] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.947510][ T5345] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.949907][ T5345] bridge_slave_1: entered allmulticast mode [ 38.951912][ T5345] bridge_slave_1: entered promiscuous mode [ 38.955116][ T5343] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 38.958681][ T5344] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 38.961236][ T5356] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.963112][ T5356] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.965033][ T5356] bridge_slave_1: entered allmulticast mode [ 38.967427][ T5356] bridge_slave_1: entered promiscuous mode [ 39.051823][ T5345] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 39.056182][ T5343] team0: Port device team_slave_0 added [ 39.059062][ T5345] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 39.062782][ T5344] team0: Port device team_slave_0 added [ 39.074855][ T5356] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 39.079419][ T5343] team0: Port device team_slave_1 added [ 39.082208][ T5344] team0: Port device team_slave_1 added [ 39.101383][ T5356] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 39.142965][ T5345] team0: Port device team_slave_0 added [ 39.162540][ T5343] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 39.164578][ T5343] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 39.171469][ T5343] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 39.175950][ T5344] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 39.177941][ T5344] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 39.185499][ T5344] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 39.190516][ T5344] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 39.192359][ T5344] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 39.200764][ T5344] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 39.206090][ T5345] team0: Port device team_slave_1 added [ 39.210250][ T5356] team0: Port device team_slave_0 added [ 39.212985][ T5343] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 39.215371][ T5343] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 39.222753][ T5343] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 39.247066][ T5356] team0: Port device team_slave_1 added [ 39.261480][ T5345] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 39.263356][ T5345] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 39.270363][ T5345] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 39.274927][ T5345] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 39.276765][ T5345] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 39.284677][ T5345] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 39.318311][ T5356] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 39.320618][ T5356] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 39.329189][ T5356] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 39.343137][ T5344] hsr_slave_0: entered promiscuous mode [ 39.345231][ T5344] hsr_slave_1: entered promiscuous mode [ 39.362621][ T5356] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 39.364935][ T5356] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 39.373625][ T5356] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 39.395419][ T5343] hsr_slave_0: entered promiscuous mode [ 39.397401][ T5343] hsr_slave_1: entered promiscuous mode [ 39.399923][ T5343] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 39.402097][ T5343] Cannot create hsr debugfs directory [ 39.422676][ T5345] hsr_slave_0: entered promiscuous mode [ 39.424770][ T5345] hsr_slave_1: entered promiscuous mode [ 39.426676][ T5345] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 39.428743][ T5345] Cannot create hsr debugfs directory [ 39.482782][ T5356] hsr_slave_0: entered promiscuous mode [ 39.485074][ T5356] hsr_slave_1: entered promiscuous mode [ 39.487651][ T5356] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 39.489928][ T5356] Cannot create hsr debugfs directory [ 39.712023][ T5344] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 39.717812][ T5344] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 39.722907][ T5344] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 39.731971][ T5344] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 39.750621][ T5343] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 39.755031][ T5343] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 39.759504][ T5343] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 39.770432][ T5343] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 39.795118][ T5356] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 39.813641][ T5356] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 39.818800][ T5356] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 39.823813][ T5356] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 39.837791][ T5345] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 39.844141][ T5345] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 39.849037][ T5345] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 39.855372][ T5345] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 39.921399][ T5344] 8021q: adding VLAN 0 to HW filter on device bond0 [ 39.942158][ T5344] 8021q: adding VLAN 0 to HW filter on device team0 [ 39.946677][ T5343] 8021q: adding VLAN 0 to HW filter on device bond0 [ 39.954331][ T5343] 8021q: adding VLAN 0 to HW filter on device team0 [ 39.962718][ T45] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.965020][ T45] bridge0: port 1(bridge_slave_0) entered forwarding state [ 39.976391][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.978410][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 39.985725][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.987970][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 39.993626][ T5345] 8021q: adding VLAN 0 to HW filter on device bond0 [ 40.004887][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.007036][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.015857][ T5356] 8021q: adding VLAN 0 to HW filter on device bond0 [ 40.031167][ T5345] 8021q: adding VLAN 0 to HW filter on device team0 [ 40.035995][ T1186] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.038577][ T1186] bridge0: port 1(bridge_slave_0) entered forwarding state [ 40.045646][ T5356] 8021q: adding VLAN 0 to HW filter on device team0 [ 40.063647][ T45] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.065713][ T45] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.070757][ T45] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.072652][ T45] bridge0: port 1(bridge_slave_0) entered forwarding state [ 40.083696][ T5344] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 40.086519][ T5344] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 40.101630][ T45] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.104041][ T45] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.224598][ T5343] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 40.248164][ T5345] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 40.257416][ T5344] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 40.269785][ T5343] veth0_vlan: entered promiscuous mode [ 40.287087][ T5356] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 40.290953][ T5343] veth1_vlan: entered promiscuous mode [ 40.312919][ T5344] veth0_vlan: entered promiscuous mode [ 40.324861][ T5345] veth0_vlan: entered promiscuous mode [ 40.330661][ T5344] veth1_vlan: entered promiscuous mode [ 40.340729][ T5345] veth1_vlan: entered promiscuous mode [ 40.347179][ T5343] veth0_macvtap: entered promiscuous mode [ 40.360883][ T5343] veth1_macvtap: entered promiscuous mode [ 40.366186][ T5356] veth0_vlan: entered promiscuous mode [ 40.385762][ T5344] veth0_macvtap: entered promiscuous mode [ 40.389864][ T5343] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 40.398565][ T5356] veth1_vlan: entered promiscuous mode [ 40.401783][ T5345] veth0_macvtap: entered promiscuous mode [ 40.406309][ T5345] veth1_macvtap: entered promiscuous mode [ 40.413745][ T5344] veth1_macvtap: entered promiscuous mode [ 40.418794][ T5348] Bluetooth: hci0: command tx timeout [ 40.419016][ T5352] Bluetooth: hci1: command tx timeout [ 40.420350][ T5343] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 40.421309][ T5355] Bluetooth: hci2: command tx timeout [ 40.423191][ T5352] Bluetooth: hci3: command tx timeout [ 40.423914][ T5345] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 40.423966][ T5345] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.424915][ T5345] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 40.425981][ T5345] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 40.440419][ T5345] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.443696][ T5345] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 40.446381][ T5343] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.449320][ T5343] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.452277][ T5343] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.455486][ T5343] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.469347][ T5344] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 40.472495][ T5344] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.475229][ T5344] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 40.481299][ T5344] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.485011][ T5344] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 40.488816][ T5345] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.491358][ T5345] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.494501][ T5345] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.497150][ T5345] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.510313][ T5344] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 40.513521][ T5344] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.516119][ T5344] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 40.519212][ T5344] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.523124][ T5344] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 40.532006][ T5344] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.534462][ T5344] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.536806][ T5344] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.539621][ T5344] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.572413][ T5356] veth0_macvtap: entered promiscuous mode [ 40.589507][ T5356] veth1_macvtap: entered promiscuous mode [ 40.601643][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 40.607231][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 40.609246][ T5356] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 40.609260][ T5356] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.609265][ T5356] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 40.609271][ T5356] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.609276][ T5356] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 40.609283][ T5356] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.610162][ T5356] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 40.636444][ T5356] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 40.639628][ T5356] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.642344][ T5356] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 40.645142][ T5356] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.647811][ T5356] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 40.651314][ T5356] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.654575][ T5356] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 40.667093][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 40.669720][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 40.670766][ T5356] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.674293][ T5356] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.676674][ T5356] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.679110][ T5356] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.692191][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 40.694703][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 40.709644][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 40.711738][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 40.733807][ T1186] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 40.736459][ T1186] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 40.753444][ T5343] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 40.754343][ T1103] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 40.763462][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 40.763481][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 40.769955][ T1103] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 40.783745][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 40.786176][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 40.878460][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 40.882328][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 40.893068][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 40.899612][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 40.903046][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 40.954808][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 40.961660][ T5417] overlayfs: missing 'lowerdir' [ 41.034409][ T5413] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 41.261682][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 41.908329][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 42.352104][ T5430] process 'syz.3.7' launched './file0' with NULL argv: empty string added [ 42.498813][ T5352] Bluetooth: hci3: command tx timeout [ 42.508716][ T5352] Bluetooth: hci0: command tx timeout [ 42.509606][ T5348] Bluetooth: hci2: command tx timeout [ 42.510157][ T5352] Bluetooth: hci1: command tx timeout [ 42.578703][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 42.899785][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 44.158112][ T63] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 44.267912][ T56] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 44.319783][ T63] usb 8-1: config index 0 descriptor too short (expected 23569, got 27) [ 44.322056][ T63] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 44.330071][ T63] usb 8-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 44.332473][ T63] usb 8-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 44.334929][ T63] usb 8-1: Manufacturer: syz [ 44.341946][ T63] usb 8-1: config 0 descriptor?? [ 44.408430][ T63] rc_core: IR keymap rc-hauppauge not found [ 44.410191][ T63] Registered IR keymap rc-empty [ 44.413516][ T63] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/rc/rc0 [ 44.416626][ T63] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/rc/rc0/input5 [ 44.437919][ T56] usb 7-1: Using ep0 maxpacket: 8 [ 44.442198][ T56] usb 7-1: config index 0 descriptor too short (expected 301, got 45) [ 44.444569][ T56] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 44.447033][ T56] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 44.450945][ T56] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 44.453506][ T56] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 44.457189][ T56] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 44.459936][ T56] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 44.578044][ T4780] Bluetooth: hci1: command tx timeout [ 44.579633][ T4780] Bluetooth: hci2: command tx timeout [ 44.581167][ T4780] Bluetooth: hci0: command tx timeout [ 44.582629][ T4780] Bluetooth: hci3: command tx timeout [ 44.609851][ T8] usb 8-1: USB disconnect, device number 2 [ 44.890139][ T5448] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 44.894311][ T5448] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 45.112120][ T57] usb 7-1: USB disconnect, device number 2 [ 45.183183][ T5462] can0: slcan on ttyS3. [ 45.260658][ T5461] can0 (unregistered): slcan off ttyS3. [ 46.663731][ T5348] Bluetooth: hci3: command tx timeout [ 46.665428][ T5348] Bluetooth: hci0: command tx timeout [ 46.666976][ T5348] Bluetooth: hci2: command tx timeout [ 46.669453][ T5348] Bluetooth: hci1: command tx timeout [ 47.520611][ T5503] overlayfs: missing 'lowerdir' [ 47.756936][ T5507] ======================================================= [ 47.756936][ T5507] WARNING: The mand mount option has been deprecated and [ 47.756936][ T5507] and is ignored by this kernel. Remove the mand [ 47.756936][ T5507] option from the mount to silence this warning. [ 47.756936][ T5507] ======================================================= [ 47.805578][ T5507] ntfs3(sr0): Primary boot signature is not NTFS. [ 47.810281][ T5507] ntfs3(sr0): try to read out of volume at offset 0xf800 [ 48.308035][ T5406] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 48.508028][ T5406] usb 6-1: Using ep0 maxpacket: 8 [ 48.511750][ T5406] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 48.514920][ T5406] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 48.517557][ T5406] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 48.522521][ T5406] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 48.526177][ T5406] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 48.530473][ T5406] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 48.753813][ T5524] overlayfs: missing 'lowerdir' [ 48.831709][ T5406] usb 6-1: usb_control_msg returned -71 [ 48.851457][ T5406] usbtmc 6-1:16.0: can't read capabilities [ 48.872713][ T5406] usb 6-1: USB disconnect, device number 2 [ 48.875088][ T5527] netlink: 4 bytes leftover after parsing attributes in process `syz.0.25'. [ 49.646596][ T5535] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 50.546214][ T5544] program syz.3.30 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 50.592088][ T5544] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 51.937623][ T5560] NILFS (nullb0): couldn't find nilfs on the device [ 52.861938][ T5572] netlink: 8 bytes leftover after parsing attributes in process `syz.2.37'. [ 55.330197][ T5596] misc userio: No port type given on /dev/userio [ 55.401198][ T5598] netlink: 'syz.3.43': attribute type 1 has an invalid length. [ 55.403348][ T5598] netlink: 168864 bytes leftover after parsing attributes in process `syz.3.43'. [ 55.408430][ T5598] netlink: 'syz.3.43': attribute type 4 has an invalid length. [ 55.433241][ T5598] netlink: 'syz.3.43': attribute type 17 has an invalid length. [ 56.826358][ T35] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 56.987942][ T35] usb 6-1: Using ep0 maxpacket: 8 [ 56.993980][ T35] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 56.998259][ T35] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 57.001761][ T35] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 57.005270][ T35] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 57.017966][ T35] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 57.021396][ T35] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 57.241782][ T35] usb 6-1: GET_CAPABILITIES returned 0 [ 57.243270][ T35] usbtmc 6-1:16.0: can't read capabilities [ 57.462263][ T5615] overlayfs: lowerdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 57.472705][ T5615] 9pnet_fd: Insufficient options for proto=fd [ 57.672431][ T8] usb 6-1: USB disconnect, device number 3 [ 58.991662][ T5631] netlink: 36 bytes leftover after parsing attributes in process `syz.2.53'. [ 58.998145][ T5631] netlink: 16 bytes leftover after parsing attributes in process `syz.2.53'. [ 59.000484][ T5631] netlink: 36 bytes leftover after parsing attributes in process `syz.2.53'. [ 59.002787][ T5631] netlink: 36 bytes leftover after parsing attributes in process `syz.2.53'. [ 59.022413][ T5348] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 59.025609][ T5348] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 59.028613][ T5348] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 59.031867][ T5348] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 59.034234][ T5348] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 59.036722][ T5348] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 59.188655][ T5632] chnl_net:caif_netlink_parms(): no params data found [ 59.207679][ T5638] netfs: Couldn't get user pages (rc=-14) [ 59.253832][ T5632] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.255780][ T5632] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.257795][ T5632] bridge_slave_0: entered allmulticast mode [ 59.260085][ T5632] bridge_slave_0: entered promiscuous mode [ 59.262654][ T5632] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.264570][ T5632] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.266592][ T5632] bridge_slave_1: entered allmulticast mode [ 59.276793][ T5632] bridge_slave_1: entered promiscuous mode [ 59.302071][ T5647] Zero length message leads to an empty skb [ 59.303981][ T5647] netlink: 24 bytes leftover after parsing attributes in process `syz.3.56'. [ 59.334861][ T5632] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 59.339890][ T5632] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 59.364023][ T57] libceph: connect (1)[c::]:6789 error -101 [ 59.365860][ T57] libceph: mon0 (1)[c::]:6789 connect error [ 59.384580][ T5632] team0: Port device team_slave_0 added [ 59.390596][ T5632] team0: Port device team_slave_1 added [ 59.417300][ T5632] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 59.419094][ T5632] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 59.425432][ T5632] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 59.429087][ T5632] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 59.430885][ T5632] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 59.437222][ T5632] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 59.466931][ T5632] hsr_slave_0: entered promiscuous mode [ 59.467440][ T5649] ceph: No mds server is up or the cluster is laggy [ 59.470549][ T5632] hsr_slave_1: entered promiscuous mode [ 59.472299][ T5632] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 59.474724][ T5632] Cannot create hsr debugfs directory [ 59.604889][ T5632] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 59.610841][ T5659] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 59.730787][ T5632] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 59.849880][ T5632] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 59.920232][ T5632] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 60.076429][ T5632] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 60.082176][ T5632] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 60.097983][ T5632] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 60.107360][ T5632] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 60.133854][ T5632] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.136560][ T5632] bridge0: port 2(bridge_slave_1) entered forwarding state [ 60.139072][ T5632] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.140922][ T5632] bridge0: port 1(bridge_slave_0) entered forwarding state [ 60.183981][ T1186] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.187531][ T1186] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.250732][ T5632] 8021q: adding VLAN 0 to HW filter on device bond0 [ 60.309795][ T5632] 8021q: adding VLAN 0 to HW filter on device team0 [ 60.323692][ T1186] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.325666][ T1186] bridge0: port 1(bridge_slave_0) entered forwarding state [ 60.334361][ T1186] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.336322][ T1186] bridge0: port 2(bridge_slave_1) entered forwarding state [ 60.443849][ T5632] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 60.464644][ T5632] veth0_vlan: entered promiscuous mode [ 60.470168][ T5632] veth1_vlan: entered promiscuous mode [ 60.484225][ T5632] veth0_macvtap: entered promiscuous mode [ 60.487613][ T5632] veth1_macvtap: entered promiscuous mode [ 60.497764][ T5632] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.500537][ T5632] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.502971][ T5632] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.505491][ T5632] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.508837][ T5632] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.511468][ T5632] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.513927][ T5632] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.516476][ T5632] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.519793][ T5632] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 60.526723][ T5632] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.529520][ T5632] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.531972][ T5632] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.534672][ T5632] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.537022][ T5632] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.539679][ T5632] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.542131][ T5632] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.544683][ T5632] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.547927][ T5632] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 60.552235][ T5632] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.554447][ T5632] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.556628][ T5632] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.560228][ T5632] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.567913][ T35] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 60.585724][ T1186] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.595432][ T1186] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.606186][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.609827][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.739070][ T35] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 60.741842][ T35] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 60.744061][ T35] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 60.747029][ T35] usb 6-1: New USB device found, idVendor=056a, idProduct=0303, bcdDevice= 0.00 [ 60.757870][ T35] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 60.761132][ T35] usb 6-1: config 0 descriptor?? [ 60.976611][ T39] audit: type=1804 audit(1728529903.347:2): pid=5672 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.62" name="/newroot/15/file0/bus" dev="ramfs" ino=9925 res=1 errno=0 [ 61.068184][ T4780] Bluetooth: hci4: command tx timeout [ 62.008803][ T35] usbhid 6-1:0.0: can't add hid device: -71 [ 62.010273][ T35] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 62.016183][ T35] usb 6-1: USB disconnect, device number 4 [ 62.572192][ T5692] overlayfs: missing 'lowerdir' [ 62.941529][ T5711] netlink: 40 bytes leftover after parsing attributes in process `syz.2.68'. [ 62.954369][ T5712] overlayfs: missing 'lowerdir' [ 63.102687][ T5714] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 63.148760][ T4780] Bluetooth: hci4: command tx timeout [ 63.529118][ T30] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 63.677926][ T30] usb 7-1: Using ep0 maxpacket: 8 [ 63.823906][ T30] usb 7-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 63.827672][ T30] usb 7-1: config 246 descriptor has 1 excess byte, ignoring [ 63.830035][ T30] usb 7-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 63.832511][ T30] usb 7-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 63.835690][ T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 63.838795][ T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 63.841708][ T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 63.855905][ T30] usb 7-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 63.858624][ T30] usb 7-1: config 246 descriptor has 1 excess byte, ignoring [ 63.863474][ T30] usb 7-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 63.865980][ T30] usb 7-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 63.869474][ T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 63.873354][ T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 63.877145][ T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 63.887715][ T30] usb 7-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 63.890836][ T30] usb 7-1: config 246 descriptor has 1 excess byte, ignoring [ 63.893181][ T30] usb 7-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 63.895731][ T30] usb 7-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 63.899755][ T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 63.903572][ T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 63.906718][ T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 63.915549][ T30] usb 7-1: string descriptor 0 read error: -22 [ 63.917250][ T30] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 63.974941][ T30] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 64.013767][ T30] adutux 7-1:246.0: ADU100 now attached to /dev/usb/adutux0 [ 64.471651][ T5739] overlayfs: missing 'lowerdir' [ 65.218110][ T4780] Bluetooth: hci4: command tx timeout [ 66.141545][ T5761] 9pnet_fd: Insufficient options for proto=fd [ 66.157926][ T5405] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 66.309361][ T5405] usb 8-1: Using ep0 maxpacket: 8 [ 66.314138][ T5405] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 66.317689][ T5405] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 66.321509][ T5405] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 66.324982][ T5405] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 66.329875][ T5405] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 66.333010][ T5405] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 66.544202][ T5405] usb 8-1: usb_control_msg returned -32 [ 66.546888][ T5405] usbtmc 8-1:16.0: can't read capabilities [ 66.550861][ T5781] overlayfs: missing 'lowerdir' [ 67.309033][ T4780] Bluetooth: hci4: command tx timeout [ 67.337162][ T5787] warning: `syz.0.89' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 67.418244][ T5790] capability: warning: `syz.1.90' uses 32-bit capabilities (legacy support in use) [ 67.495305][ T5793] 9pnet_fd: Insufficient options for proto=fd [ 67.593072][ T5803] sctp: [Deprecated]: syz.0.96 (pid 5803) Use of struct sctp_assoc_value in delayed_ack socket option. [ 67.593072][ T5803] Use struct sctp_sack_info instead [ 67.722388][ T5815] netlink: 20 bytes leftover after parsing attributes in process `syz.1.98'. [ 67.850399][ T5823] 9pnet_fd: Insufficient options for proto=fd [ 68.008010][ T5406] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 68.159811][ T5406] usb 5-1: config index 0 descriptor too short (expected 23569, got 27) [ 68.162089][ T5406] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 68.165835][ T5406] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 68.168375][ T5406] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 68.170544][ T5406] usb 5-1: Manufacturer: syz [ 68.174389][ T5406] usb 5-1: config 0 descriptor?? [ 68.178943][ T30] usb 7-1: USB disconnect, device number 3 [ 68.239527][ T5837] netlink: 4 bytes leftover after parsing attributes in process `syz.2.105'. [ 68.259971][ T5406] rc_core: IR keymap rc-hauppauge not found [ 68.261716][ T5406] Registered IR keymap rc-empty [ 68.264239][ T5406] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0 [ 68.269024][ T5406] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0/input6 [ 68.293446][ T5841] syzkaller1: entered promiscuous mode [ 68.294975][ T5841] syzkaller1: entered allmulticast mode [ 68.456101][ T56] usb 5-1: USB disconnect, device number 2 [ 68.554607][ T5844] overlayfs: missing 'lowerdir' [ 69.212954][ T830] usb 8-1: USB disconnect, device number 3 [ 69.280980][ T5857] syzkaller1: entered promiscuous mode [ 69.282492][ T5857] syzkaller1: entered allmulticast mode [ 69.361423][ T5861] netlink: 184472 bytes leftover after parsing attributes in process `syz.0.112'. [ 69.975853][ T5879] overlayfs: missing 'lowerdir' [ 70.745841][ T1375] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.040689][ T5899] netlink: 'syz.1.125': attribute type 1 has an invalid length. [ 71.051856][ T5899] netlink: 224 bytes leftover after parsing attributes in process `syz.1.125'. [ 71.662194][ T5919] overlayfs: missing 'lowerdir' [ 72.389484][ T5928] sp0: Synchronizing with TNC [ 72.432298][ T5928] mkiss: ax0: crc mode is auto. [ 73.098435][ T9] usb 5-1: new full-speed USB device number 3 using dummy_hcd [ 73.237953][ T9] usb 5-1: device descriptor read/64, error -71 [ 73.498019][ T9] usb 5-1: new full-speed USB device number 4 using dummy_hcd [ 73.668967][ T5955] pim6reg: entered allmulticast mode [ 73.678718][ T9] usb 5-1: device descriptor read/64, error -71 [ 73.796528][ T9] usb usb5-port1: attempt power cycle [ 74.147956][ T9] usb 5-1: new full-speed USB device number 5 using dummy_hcd [ 74.180557][ T9] usb 5-1: device descriptor read/8, error -71 [ 74.428291][ T9] usb 5-1: new full-speed USB device number 6 using dummy_hcd [ 74.458739][ T9] usb 5-1: device descriptor read/8, error -71 [ 74.568273][ T9] usb usb5-port1: unable to enumerate USB device [ 75.863856][ T1846] cfg80211: failed to load regulatory.db [ 76.673776][ T6014] kernel read not supported for file /blkio.throttle.io_service_bytes_recursive (pid: 6014 comm: syz.3.159) [ 76.682190][ T39] audit: type=1800 audit(1728529919.057:3): pid=6014 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.159" name="blkio.throttle.io_service_bytes_recursive" dev="mqueue" ino=12502 res=0 errno=0 [ 76.693417][ T6010] block nbd1: shutting down sockets [ 76.743323][ T6017] netlink: 32 bytes leftover after parsing attributes in process `syz.2.160'. [ 76.810346][ T39] audit: type=1326 audit(1728529919.187:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6020 comm="syz.1.162" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f63579 code=0x7ffc0000 [ 76.836698][ T39] audit: type=1326 audit(1728529919.187:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6020 comm="syz.1.162" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f63579 code=0x7ffc0000 [ 76.850226][ T39] audit: type=1326 audit(1728529919.197:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6020 comm="syz.1.162" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f63579 code=0x7ffc0000 [ 76.856083][ T39] audit: type=1326 audit(1728529919.197:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6020 comm="syz.1.162" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f63579 code=0x7ffc0000 [ 76.862527][ T39] audit: type=1326 audit(1728529919.197:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6020 comm="syz.1.162" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f63579 code=0x7ffc0000 [ 76.868302][ T39] audit: type=1326 audit(1728529919.197:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6020 comm="syz.1.162" exe="/syz-executor" sig=0 arch=40000003 syscall=340 compat=1 ip=0xf7f63579 code=0x7ffc0000 [ 76.874864][ T39] audit: type=1326 audit(1728529919.197:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6020 comm="syz.1.162" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f63579 code=0x7ffc0000 [ 76.883172][ T39] audit: type=1326 audit(1728529919.197:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6020 comm="syz.1.162" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f63579 code=0x7ffc0000 [ 76.889196][ T39] audit: type=1326 audit(1728529919.197:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6020 comm="syz.1.162" exe="/syz-executor" sig=0 arch=40000003 syscall=156 compat=1 ip=0xf7f63579 code=0x7ffc0000 [ 76.979695][ T6029] /dev/sr0: Can't open blockdev [ 77.069089][ T6032] /dev/sr0: Can't open blockdev [ 77.101905][ T6040] sctp: [Deprecated]: syz.3.168 (pid 6040) Use of struct sctp_assoc_value in delayed_ack socket option. [ 77.101905][ T6040] Use struct sctp_sack_info instead [ 77.119959][ T6040] can0: slcan on ttyS3. [ 77.198918][ T6039] can0 (unregistered): slcan off ttyS3. [ 77.413749][ T6056] 9pnet_fd: Insufficient options for proto=fd [ 77.417003][ T6053] 9pnet_fd: Insufficient options for proto=fd [ 77.515037][ T6066] FAULT_INJECTION: forcing a failure. [ 77.515037][ T6066] name failslab, interval 1, probability 0, space 0, times 1 [ 77.518600][ T6066] CPU: 2 UID: 0 PID: 6066 Comm: syz.3.173 Not tainted 6.12.0-rc2-syzkaller-00061-gb983b271662b #0 [ 77.521529][ T6066] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 77.524380][ T6066] Call Trace: [ 77.525298][ T6066] [ 77.526123][ T6066] dump_stack_lvl+0x16c/0x1f0 [ 77.527602][ T6066] should_fail_ex+0x497/0x5b0 [ 77.528939][ T6066] ? fs_reclaim_acquire+0xae/0x160 [ 77.530400][ T6066] should_failslab+0xc2/0x120 [ 77.531659][ T6066] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 77.533090][ T6066] ? security_file_alloc+0x34/0x2b0 [ 77.534475][ T6066] ? rcu_is_watching+0x12/0xc0 [ 77.535820][ T6066] security_file_alloc+0x34/0x2b0 [ 77.537181][ T6066] init_file+0x93/0x230 [ 77.538319][ T6066] alloc_empty_file+0x91/0x1e0 [ 77.539697][ T6066] path_openat+0xe1/0x2d60 [ 77.540894][ T6066] ? hlock_class+0x4e/0x130 [ 77.542106][ T6066] ? __lock_acquire+0x163e/0x3ce0 [ 77.543444][ T6066] ? __pfx_path_openat+0x10/0x10 [ 77.544764][ T6066] ? __pfx___lock_acquire+0x10/0x10 [ 77.546181][ T6066] do_filp_open+0x1dc/0x430 [ 77.547481][ T6066] ? __pfx_do_filp_open+0x10/0x10 [ 77.548894][ T6066] ? find_held_lock+0x2d/0x110 [ 77.550185][ T6066] ? _raw_spin_unlock+0x28/0x50 [ 77.551507][ T6066] ? alloc_fd+0x2d7/0x6c0 [ 77.552679][ T6066] do_sys_openat2+0x17a/0x1e0 [ 77.553956][ T6066] ? __pfx_do_sys_openat2+0x10/0x10 [ 77.555381][ T6066] ? __fget_files+0x244/0x3f0 [ 77.556627][ T6066] __ia32_compat_sys_openat+0x16e/0x210 [ 77.558095][ T6066] ? __pfx___ia32_compat_sys_openat+0x10/0x10 [ 77.559800][ T6066] ? ksys_write+0x1ad/0x260 [ 77.561185][ T6066] __do_fast_syscall_32+0x73/0x120 [ 77.562657][ T6066] do_fast_syscall_32+0x32/0x80 [ 77.563936][ T6066] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 77.565613][ T6066] RIP: 0023:0xf747e579 [ 77.566704][ T6066] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 77.571712][ T6066] RSP: 002b:00000000f574556c EFLAGS: 00000296 ORIG_RAX: 0000000000000127 [ 77.573901][ T6066] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000340 [ 77.575990][ T6066] RDX: 000000000008a800 RSI: 0000000000000000 RDI: 0000000000000000 [ 77.578143][ T6066] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 77.580314][ T6066] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 77.582399][ T6066] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 77.584456][ T6066] [ 77.791796][ T6074] netlink: 16 bytes leftover after parsing attributes in process `syz.1.176'. [ 78.332906][ T6078] autofs: Bad value for 'fd' [ 78.772272][ T6103] overlayfs: missing 'lowerdir' [ 78.955215][ T6098] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 78.959566][ T6098] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 78.971816][ T6098] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 79.052824][ T6098] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 79.054755][ T6098] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 79.101783][ T6098] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 79.106930][ T6098] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 79.111645][ T6098] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 79.122978][ T6098] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 79.132094][ T6098] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 79.134536][ T6098] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 79.139652][ T6098] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 79.152540][ T6098] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 79.154317][ T6098] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 79.161683][ T6098] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 79.339485][ T6109] FAULT_INJECTION: forcing a failure. [ 79.339485][ T6109] name failslab, interval 1, probability 0, space 0, times 0 [ 79.344231][ T6109] CPU: 2 UID: 0 PID: 6109 Comm: syz.0.188 Not tainted 6.12.0-rc2-syzkaller-00061-gb983b271662b #0 [ 79.347806][ T6109] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 79.351837][ T6109] Call Trace: [ 79.353076][ T6109] [ 79.354164][ T6109] dump_stack_lvl+0x16c/0x1f0 [ 79.355840][ T6109] should_fail_ex+0x497/0x5b0 [ 79.357471][ T6109] ? fs_reclaim_acquire+0xae/0x160 [ 79.359238][ T6109] should_failslab+0xc2/0x120 [ 79.360822][ T6109] kmem_cache_alloc_node_noprof+0x71/0x310 [ 79.362807][ T6109] ? __alloc_skb+0x2b3/0x380 [ 79.364688][ T6109] __alloc_skb+0x2b3/0x380 [ 79.366530][ T6109] ? __pfx___alloc_skb+0x10/0x10 [ 79.368423][ T6109] alloc_skb_with_frags+0xe4/0x850 [ 79.370355][ T6109] ? lock_acquire.part.0+0x11b/0x380 [ 79.372382][ T6109] sock_alloc_send_pskb+0x7f1/0x980 [ 79.374238][ T6109] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 79.376207][ T6109] ? lock_acquire.part.0+0x11b/0x380 [ 79.378049][ T6109] __ip_append_data+0x1949/0x4090 [ 79.379426][ T6109] ? rt_set_nexthop.constprop.0+0x323/0x12d0 [ 79.381227][ T6109] ? __pfx_lock_release+0x10/0x10 [ 79.382708][ T6109] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 79.384341][ T6109] ? lockdep_hardirqs_on+0x7c/0x110 [ 79.385826][ T6109] ? __pfx___ip_append_data+0x10/0x10 [ 79.387299][ T6109] ? find_held_lock+0x2d/0x110 [ 79.388963][ T6109] ip_make_skb+0x27d/0x300 [ 79.390231][ T6109] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 79.391825][ T6109] ? __pfx_ip_make_skb+0x10/0x10 [ 79.393242][ T6109] ? __pfx_lock_release+0x10/0x10 [ 79.394674][ T6109] ? udp_sendmsg+0x19be/0x2b40 [ 79.396176][ T6109] udp_sendmsg+0x19be/0x2b40 [ 79.397407][ T6109] ? aa_label_sk_perm+0x19d/0x5a0 [ 79.398717][ T6109] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 79.400141][ T6109] ? __pfx_udp_sendmsg+0x10/0x10 [ 79.401714][ T6109] ? __up_read+0x1fb/0x760 [ 79.403202][ T6109] ? __pfx_aa_sk_perm+0x10/0x10 [ 79.405124][ T6109] ? __import_iovec+0x1fd/0x6e0 [ 79.406981][ T6109] ? __pfx_udp_sendmsg+0x10/0x10 [ 79.408850][ T6109] ? inet_sendmsg+0x105/0x140 [ 79.410425][ T6109] inet_sendmsg+0x105/0x140 [ 79.411957][ T6109] ____sys_sendmsg+0x907/0xb40 [ 79.413615][ T6109] ? __pfx_____sys_sendmsg+0x10/0x10 [ 79.415421][ T6109] ? get_compat_msghdr+0x11b/0x170 [ 79.417152][ T6109] ? __pfx___lock_acquire+0x10/0x10 [ 79.418890][ T6109] ___sys_sendmsg+0x135/0x1e0 [ 79.420523][ T6109] ? __pfx____sys_sendmsg+0x10/0x10 [ 79.422454][ T6109] ? lock_acquire+0x2f/0xb0 [ 79.424145][ T6109] ? __fget_files+0x40/0x3f0 [ 79.425995][ T6109] ? fdget+0x176/0x210 [ 79.427579][ T6109] __sys_sendmmsg+0x2a5/0x450 [ 79.429305][ T6109] ? __pfx___sys_sendmmsg+0x10/0x10 [ 79.431033][ T6109] ? vfs_write+0x14d/0x1140 [ 79.432557][ T6109] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 79.434551][ T6109] ? fput+0x30/0x390 [ 79.435915][ T6109] ? ksys_write+0x1ad/0x260 [ 79.437375][ T6109] ? __pfx_ksys_write+0x10/0x10 [ 79.439045][ T6109] __ia32_compat_sys_sendmmsg+0x9d/0x100 [ 79.440961][ T6109] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 79.443263][ T6109] __do_fast_syscall_32+0x73/0x120 [ 79.445069][ T6109] do_fast_syscall_32+0x32/0x80 [ 79.446917][ T6109] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 79.449335][ T6109] RIP: 0023:0xf743e579 [ 79.450935][ T6109] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 79.457619][ T6109] RSP: 002b:00000000f572656c EFLAGS: 00000296 ORIG_RAX: 0000000000000159 [ 79.460485][ T6109] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020007fc0 [ 79.463191][ T6109] RDX: 000000000800001d RSI: 0000000000006000 RDI: 0000000000000000 [ 79.466218][ T6109] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 79.469383][ T6109] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 79.472258][ T6109] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 79.474997][ T6109] [ 80.124400][ T6137] binder: 6129:6137 ioctl 541b 0 returned -22 [ 80.335207][ T6153] FAULT_INJECTION: forcing a failure. [ 80.335207][ T6153] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 80.341600][ T6153] CPU: 2 UID: 0 PID: 6153 Comm: syz.1.198 Not tainted 6.12.0-rc2-syzkaller-00061-gb983b271662b #0 [ 80.344984][ T6153] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 80.347918][ T6153] Call Trace: [ 80.349163][ T6153] [ 80.350057][ T6153] dump_stack_lvl+0x16c/0x1f0 [ 80.351440][ T6153] should_fail_ex+0x497/0x5b0 [ 80.352843][ T6153] _copy_to_user+0x30/0xc0 [ 80.354052][ T6153] finalize_log+0x175/0x220 [ 80.355388][ T6153] ? __pfx_finalize_log+0x10/0x10 [ 80.356793][ T6153] ? btf_new_fd+0x4587/0x53b0 [ 80.358571][ T6153] btf_new_fd+0x4060/0x53b0 [ 80.360377][ T6153] ? __pfx_btf_new_fd+0x10/0x10 [ 80.362150][ T6153] ? __pfx_lock_release+0x10/0x10 [ 80.363668][ T6153] ? trace_lock_acquire+0x14a/0x1d0 [ 80.365193][ T6153] ? bpf_lsm_capable+0x9/0x10 [ 80.366562][ T6153] ? security_capable+0x7e/0x260 [ 80.368069][ T6153] ? ns_capable+0xd7/0x110 [ 80.369476][ T6153] __sys_bpf+0x23fb/0x5780 [ 80.370837][ T6153] ? ksys_write+0x21e/0x260 [ 80.372216][ T6153] ? __pfx___sys_bpf+0x10/0x10 [ 80.373748][ T6153] ? vfs_write+0x14d/0x1140 [ 80.374984][ T6153] ? __mutex_unlock_slowpath+0x164/0x650 [ 80.376503][ T6153] ? fput+0x30/0x390 [ 80.377568][ T6153] ? ksys_write+0x1ad/0x260 [ 80.378785][ T6153] ? __pfx_ksys_write+0x10/0x10 [ 80.380106][ T6153] __ia32_sys_bpf+0x76/0xe0 [ 80.381394][ T6153] __do_fast_syscall_32+0x73/0x120 [ 80.383245][ T6153] do_fast_syscall_32+0x32/0x80 [ 80.385155][ T6153] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 80.387120][ T6153] RIP: 0023:0xf7f63579 [ 80.388221][ T6153] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 80.393550][ T6153] RSP: 002b:00000000f56e656c EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 80.395766][ T6153] RAX: ffffffffffffffda RBX: 0000000000000012 RCX: 0000000020000140 [ 80.397864][ T6153] RDX: 0000000000000020 RSI: 0000000000000000 RDI: 0000000000000000 [ 80.399953][ T6153] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 80.402032][ T6153] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 80.404496][ T6153] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 80.407217][ T6153] [ 80.597757][ T6160] FAULT_INJECTION: forcing a failure. [ 80.597757][ T6160] name failslab, interval 1, probability 0, space 0, times 0 [ 80.601146][ T6160] CPU: 3 UID: 0 PID: 6160 Comm: syz.1.201 Not tainted 6.12.0-rc2-syzkaller-00061-gb983b271662b #0 [ 80.603962][ T6160] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 80.606576][ T6160] Call Trace: [ 80.607487][ T6160] [ 80.608300][ T6160] dump_stack_lvl+0x16c/0x1f0 [ 80.609777][ T6160] should_fail_ex+0x497/0x5b0 [ 80.611616][ T6160] ? fs_reclaim_acquire+0xae/0x160 [ 80.613425][ T6160] should_failslab+0xc2/0x120 [ 80.614653][ T6160] __kmalloc_node_noprof+0xd1/0x440 [ 80.616002][ T6160] ? __vmalloc_node_range_noprof+0x3d8/0x15a0 [ 80.617566][ T6160] __vmalloc_node_range_noprof+0x3d8/0x15a0 [ 80.619110][ T6160] ? find_held_lock+0x2d/0x110 [ 80.620407][ T6160] ? __pfx_lock_release+0x10/0x10 [ 80.621737][ T6160] ? bpf_check+0x201/0xc7c0 [ 80.622962][ T6160] ? __lruvec_stat_mod_folio+0xa4/0x370 [ 80.624843][ T6160] ? lock_acquire+0x2f/0xb0 [ 80.626425][ T6160] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 80.628582][ T6160] ? ___kmalloc_large_node+0x166/0x1b0 [ 80.630465][ T6160] ? lockdep_hardirqs_on+0x7c/0x110 [ 80.632247][ T6160] ? bpf_check+0x201/0xc7c0 [ 80.633838][ T6160] vzalloc_noprof+0x6b/0x90 [ 80.635406][ T6160] ? bpf_check+0x201/0xc7c0 [ 80.636980][ T6160] bpf_check+0x201/0xc7c0 [ 80.638477][ T6160] ? __pfx_bpf_check+0x10/0x10 [ 80.640124][ T6160] ? find_held_lock+0x2d/0x110 [ 80.641832][ T6160] ? ktime_get_with_offset+0x13a/0x240 [ 80.643897][ T6160] ? trace_lock_acquire+0x14a/0x1d0 [ 80.645863][ T6160] ? ktime_get_with_offset+0x13a/0x240 [ 80.647598][ T6160] ? timekeeping_debug_get_ns+0x3e0/0x5b0 [ 80.649155][ T6160] ? lockdep_hardirqs_on+0x7c/0x110 [ 80.650541][ T6160] ? read_tsc+0x9/0x20 [ 80.652126][ T6160] ? timekeeping_debug_get_ns+0x334/0x5b0 [ 80.653694][ T6160] ? bpf_obj_name_cpy+0x156/0x1b0 [ 80.655070][ T6160] bpf_prog_load+0xe3f/0x2670 [ 80.656336][ T6160] ? __pfx_bpf_prog_load+0x10/0x10 [ 80.657723][ T6160] ? find_held_lock+0x2d/0x110 [ 80.659033][ T6160] __sys_bpf+0x4c8c/0x5780 [ 80.660256][ T6160] ? ksys_write+0x21e/0x260 [ 80.661539][ T6160] ? __pfx___sys_bpf+0x10/0x10 [ 80.662834][ T6160] ? vfs_write+0x14d/0x1140 [ 80.664063][ T6160] ? __mutex_unlock_slowpath+0x164/0x650 [ 80.665582][ T6160] ? fput+0x30/0x390 [ 80.666769][ T6160] ? ksys_write+0x1ad/0x260 [ 80.667969][ T6160] ? __pfx_ksys_write+0x10/0x10 [ 80.669440][ T6160] __ia32_sys_bpf+0x76/0xe0 [ 80.670708][ T6160] __do_fast_syscall_32+0x73/0x120 [ 80.672108][ T6160] do_fast_syscall_32+0x32/0x80 [ 80.673460][ T6160] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 80.675372][ T6160] RIP: 0023:0xf7f63579 [ 80.676705][ T6160] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 80.682191][ T6160] RSP: 002b:00000000f56e656c EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 80.684555][ T6160] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000840 [ 80.686732][ T6160] RDX: 0000000000000094 RSI: 0000000000000000 RDI: 0000000000000000 [ 80.688884][ T6160] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 80.690988][ T6160] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 80.693053][ T6160] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 80.695119][ T6160] [ 80.705636][ T6160] syz.1.201: vmalloc error: size 4096, failed to allocated page array size 8, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 80.711514][ T6160] CPU: 3 UID: 0 PID: 6160 Comm: syz.1.201 Not tainted 6.12.0-rc2-syzkaller-00061-gb983b271662b #0 [ 80.714683][ T6160] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 80.717547][ T6160] Call Trace: [ 80.718464][ T6160] [ 80.719220][ T6160] dump_stack_lvl+0x16c/0x1f0 [ 80.720467][ T6160] warn_alloc+0x24d/0x3a0 [ 80.721690][ T6160] ? __pfx_warn_alloc+0x10/0x10 [ 80.723028][ T6160] ? dump_stack_lvl+0x197/0x1f0 [ 80.724320][ T6160] ? dump_stack_lvl+0x1a1/0x1f0 [ 80.725935][ T6160] ? should_fail_ex+0x2de/0x5b0 [ 80.727627][ T6160] ? rcu_is_watching+0x12/0xc0 [ 80.729203][ T6160] ? trace_kmalloc+0x2d/0xe0 [ 80.730479][ T6160] ? __kmalloc_node_noprof+0x22f/0x440 [ 80.731861][ T6160] __vmalloc_node_range_noprof+0x114a/0x15a0 [ 80.733435][ T6160] ? find_held_lock+0x2d/0x110 [ 80.734975][ T6160] ? bpf_check+0x201/0xc7c0 [ 80.736530][ T6160] ? __lruvec_stat_mod_folio+0xa4/0x370 [ 80.738389][ T6160] ? lock_acquire+0x2f/0xb0 [ 80.739848][ T6160] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 80.742069][ T6160] ? ___kmalloc_large_node+0x166/0x1b0 [ 80.743921][ T6160] ? lockdep_hardirqs_on+0x7c/0x110 [ 80.745708][ T6160] ? bpf_check+0x201/0xc7c0 [ 80.747266][ T6160] vzalloc_noprof+0x6b/0x90 [ 80.748819][ T6160] ? bpf_check+0x201/0xc7c0 [ 80.750046][ T6160] bpf_check+0x201/0xc7c0 [ 80.751526][ T6160] ? __pfx_bpf_check+0x10/0x10 [ 80.753202][ T6160] ? find_held_lock+0x2d/0x110 [ 80.754888][ T6160] ? ktime_get_with_offset+0x13a/0x240 [ 80.756782][ T6160] ? trace_lock_acquire+0x14a/0x1d0 [ 80.758545][ T6160] ? ktime_get_with_offset+0x13a/0x240 [ 80.760406][ T6160] ? timekeeping_debug_get_ns+0x3e0/0x5b0 [ 80.762360][ T6160] ? lockdep_hardirqs_on+0x7c/0x110 [ 80.764125][ T6160] ? read_tsc+0x9/0x20 [ 80.765524][ T6160] ? timekeeping_debug_get_ns+0x334/0x5b0 [ 80.767465][ T6160] ? bpf_obj_name_cpy+0x156/0x1b0 [ 80.769120][ T6160] bpf_prog_load+0xe3f/0x2670 [ 80.770431][ T6160] ? __pfx_bpf_prog_load+0x10/0x10 [ 80.771970][ T6160] ? find_held_lock+0x2d/0x110 [ 80.773357][ T6160] __sys_bpf+0x4c8c/0x5780 [ 80.774594][ T6160] ? ksys_write+0x21e/0x260 [ 80.775820][ T6160] ? __pfx___sys_bpf+0x10/0x10 [ 80.777107][ T6160] ? vfs_write+0x14d/0x1140 [ 80.778317][ T6160] ? __mutex_unlock_slowpath+0x164/0x650 [ 80.779819][ T6160] ? fput+0x30/0x390 [ 80.780892][ T6160] ? ksys_write+0x1ad/0x260 [ 80.782154][ T6160] ? __pfx_ksys_write+0x10/0x10 [ 80.783453][ T6160] __ia32_sys_bpf+0x76/0xe0 [ 80.784732][ T6160] __do_fast_syscall_32+0x73/0x120 [ 80.786212][ T6160] do_fast_syscall_32+0x32/0x80 [ 80.787530][ T6160] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 80.789720][ T6160] RIP: 0023:0xf7f63579 [ 80.791155][ T6160] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 80.797983][ T6160] RSP: 002b:00000000f56e656c EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 80.801054][ T6160] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000840 [ 80.803376][ T6160] RDX: 0000000000000094 RSI: 0000000000000000 RDI: 0000000000000000 [ 80.805372][ T6160] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 80.807389][ T6160] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 80.809390][ T6160] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 80.811346][ T6160] [ 80.815061][ T6160] Mem-Info: [ 80.815932][ T6160] active_anon:3053 inactive_anon:8 isolated_anon:0 [ 80.815932][ T6160] active_file:3618 inactive_file:32236 isolated_file:0 [ 80.815932][ T6160] unevictable:2518 dirty:416 writeback:0 [ 80.815932][ T6160] slab_reclaimable:4700 slab_unreclaimable:53381 [ 80.815932][ T6160] mapped:21989 shmem:878 pagetables:704 [ 80.815932][ T6160] sec_pagetables:309 bounce:0 [ 80.815932][ T6160] kernel_misc_reclaimable:0 [ 80.815932][ T6160] free:85437 free_pcp:2345 free_cma:0 [ 80.829968][ T6160] Node 0 active_anon:24kB inactive_anon:28kB active_file:56kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:8364kB dirty:52kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9588kB pagetables:1336kB sec_pagetables:1216kB all_unreclaimable? no [ 80.838091][ T4780] Bluetooth: hci0: command 0x0c1a tx timeout [ 80.838849][ T6160] Node 1 active_anon:12188kB inactive_anon:4kB active_file:14416kB inactive_file:128944kB unevictable:9036kB isolated(anon):0kB isolated(file):0kB mapped:79592kB dirty:1612kB writeback:0kB shmem:1976kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:1732kB pagetables:1480kB sec_pagetables:20kB all_unreclaimable? no [ 80.853814][ T6160] Node 0 DMA free:916kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB active_anon:4kB inactive_anon:0kB active_file:8kB inactive_file:0kB unevictable:0kB writepending:8kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:200kB local_pcp:4kB free_cma:0kB [ 80.861529][ T6160] lowmem_reserve[]: 0 273 0 0 0 [ 80.862918][ T6160] Node 0 DMA32 free:21436kB boost:0kB min:13904kB low:17380kB high:20856kB reserved_highatomic:4096KB active_anon:20kB inactive_anon:28kB active_file:48kB inactive_file:0kB unevictable:1536kB writepending:44kB present:1032196kB managed:306280kB mlocked:0kB bounce:0kB free_pcp:384kB local_pcp:0kB free_cma:0kB [ 80.873062][ T6160] lowmem_reserve[]: 0 0 0 0 0 [ 80.874366][ T6160] Node 1 DMA32 free:315076kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB active_anon:12240kB inactive_anon:4kB active_file:14416kB inactive_file:128944kB unevictable:9660kB writepending:1612kB present:1048432kB managed:948252kB mlocked:8164kB bounce:0kB free_pcp:12020kB local_pcp:4196kB free_cma:0kB [ 80.882754][ T6160] lowmem_reserve[]: 0 0 0 0 0 [ 80.884161][ T6160] Node 0 DMA: 6*4kB (U) 1*8kB (U) 3*16kB (U) 28*32kB (U) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 976kB [ 80.887650][ T6160] Node 0 DMA32: 151*4kB (UMEH) 49*8kB (UMEH) 75*16kB (UMEH) 67*32kB (UMEH) 29*64kB (UMEH) 30*128kB (UMEH) 9*256kB (MH) 7*512kB (M) 4*1024kB (UM) 1*2048kB (M) 0*4096kB = 22068kB [ 80.895168][ T6160] Node 1 DMA32: 1*4kB (M) 6*8kB (ME) 16*16kB (E) 9*32kB (E) 11*64kB (UME) 76*128kB (UME) 35*256kB (UME) 28*512kB (UM) 20*1024kB (UME) 15*2048kB (UE) 56*4096kB (UM) = 314900kB [ 80.900151][ T6160] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 80.902653][ T6160] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 80.905039][ T6160] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 80.907534][ T6160] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 80.915788][ T6160] 37502 total pagecache pages [ 80.917121][ T6160] 770 pages in swap cache [ 80.919032][ T6160] Free swap = 110896kB [ 80.921184][ T6160] Total swap = 124996kB [ 80.922813][ T6160] 524155 pages RAM [ 80.923828][ T6160] 0 pages HighMem/MovableOnly [ 80.925076][ T6160] 206682 pages reserved [ 80.926185][ T6160] 0 pages cma reserved [ 81.057970][ T4780] Bluetooth: hci1: command 0x0c1a tx timeout [ 81.138191][ T4780] Bluetooth: hci3: command 0x0c1a tx timeout [ 81.139825][ T4780] Bluetooth: hci2: command 0x0c1a tx timeout [ 81.147250][ T6170] sg_write: data in/out 92/70 bytes for SCSI command 0x0-- guessing data in; [ 81.147250][ T6170] program syz.1.204 not setting count and/or reply_len properly [ 81.228491][ T5348] Bluetooth: hci4: command 0x0405 tx timeout [ 81.277800][ T6174] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22 [ 81.280430][ T6174] netdevsim netdevsim1: Direct firmware load for . failed with error -22 [ 81.282521][ T6174] netdevsim netdevsim1: Falling back to sysfs fallback for: . [ 81.816513][ T6177] syz.3.205 uses obsolete (PF_INET,SOCK_PACKET) [ 82.086288][ T6185] FAULT_INJECTION: forcing a failure. [ 82.086288][ T6185] name failslab, interval 1, probability 0, space 0, times 0 [ 82.089739][ T6185] CPU: 2 UID: 0 PID: 6185 Comm: syz.2.207 Not tainted 6.12.0-rc2-syzkaller-00061-gb983b271662b #0 [ 82.092505][ T6185] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 82.095291][ T6185] Call Trace: [ 82.096168][ T6185] [ 82.096956][ T6185] dump_stack_lvl+0x16c/0x1f0 [ 82.098256][ T6185] should_fail_ex+0x497/0x5b0 [ 82.099459][ T6185] ? fs_reclaim_acquire+0xae/0x160 [ 82.100798][ T6185] should_failslab+0xc2/0x120 [ 82.102072][ T6185] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 82.103476][ T6185] ? copy_process+0x2381/0x6ee0 [ 82.104779][ T6185] ? copy_fs_struct+0x2a0/0x340 [ 82.106071][ T6185] copy_process+0x2381/0x6ee0 [ 82.107301][ T6185] ? get_pid_task+0xfc/0x250 [ 82.108506][ T6185] ? __pfx_copy_process+0x10/0x10 [ 82.109779][ T6185] ? find_held_lock+0x2d/0x110 [ 82.111046][ T6185] kernel_clone+0xfd/0x960 [ 82.112227][ T6185] ? __pfx_kernel_clone+0x10/0x10 [ 82.113586][ T6185] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 82.115142][ T6185] __do_compat_sys_ia32_clone+0xb7/0x100 [ 82.116547][ T6185] ? __pfx___do_compat_sys_ia32_clone+0x10/0x10 [ 82.118193][ T6185] __do_fast_syscall_32+0x73/0x120 [ 82.119477][ T6185] do_fast_syscall_32+0x32/0x80 [ 82.120776][ T6185] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 82.122428][ T6185] RIP: 0023:0xf7fc3579 [ 82.123500][ T6185] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 82.128480][ T6185] RSP: 002b:00000000f574651c EFLAGS: 00000206 ORIG_RAX: 0000000000000078 [ 82.130655][ T6185] RAX: ffffffffffffffda RBX: 0000000004021400 RCX: 0000000000009000 [ 82.132718][ T6185] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 82.134792][ T6185] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 82.136756][ T6185] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 82.138694][ T6185] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 82.140781][ T6185] [ 82.908477][ T5348] Bluetooth: hci0: command 0x0c1a tx timeout [ 83.148091][ T4780] Bluetooth: hci1: command 0x0c1a tx timeout [ 83.203187][ T6220] netlink: 12 bytes leftover after parsing attributes in process `syz.2.218'. [ 83.218070][ T5348] Bluetooth: hci3: command 0x0c1a tx timeout [ 83.219871][ T4780] Bluetooth: hci2: command 0x0c1a tx timeout [ 83.297972][ T4780] Bluetooth: hci4: command 0x0405 tx timeout [ 83.753235][ T6230] netdevsim netdevsim3: Direct firmware load for .Þ failed with error -2 [ 83.755594][ T6230] netdevsim netdevsim3: Falling back to sysfs fallback for: .Þ [ 84.088288][ T6237] loop7: detected capacity change from 0 to 16384 [ 84.767913][ T5405] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 84.868028][ T56] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 84.918100][ T5405] usb 6-1: Using ep0 maxpacket: 8 [ 84.922789][ T5405] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 84.925851][ T5405] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 84.929171][ T5405] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 84.931992][ T5405] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 84.936654][ T5405] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 84.940521][ T5405] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 84.978051][ T4780] Bluetooth: hci0: command 0x0c1a tx timeout [ 85.043446][ T56] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 85.046307][ T56] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 85.050054][ T56] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 85.056441][ T56] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 85.064935][ T56] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 85.067330][ T56] usb 5-1: Product: syz [ 85.078075][ T56] usb 5-1: Manufacturer: syz [ 85.079519][ T56] usb 5-1: SerialNumber: syz [ 85.099739][ T6256] netlink: 4 bytes leftover after parsing attributes in process `syz.3.230'. [ 85.151736][ T5405] usb 6-1: usb_control_msg returned -71 [ 85.153841][ T5405] usbtmc 6-1:16.0: can't read capabilities [ 85.161938][ T5405] usb 6-1: USB disconnect, device number 5 [ 85.218039][ T4780] Bluetooth: hci1: command 0x0c1a tx timeout [ 85.294198][ T56] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 7 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 85.298648][ T4780] Bluetooth: hci2: command 0x0c1a tx timeout [ 85.298687][ T5348] Bluetooth: hci3: command 0x0c1a tx timeout [ 85.388009][ T5348] Bluetooth: hci4: command 0x0405 tx timeout [ 85.500011][ T5405] usb 5-1: USB disconnect, device number 7 [ 85.504914][ T5405] usblp0: removed [ 86.052158][ T39] kauditd_printk_skb: 13 callbacks suppressed [ 86.052170][ T39] audit: type=1326 audit(1728529928.427:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6268 comm="syz.0.235" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x0 [ 86.247915][ T5405] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 86.300498][ T6274] ERROR: Out of memory at tomoyo_memory_ok. [ 86.418145][ T5405] usb 7-1: Using ep0 maxpacket: 8 [ 86.424037][ T5405] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 86.427470][ T5405] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 86.430429][ T5405] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 86.433140][ T5405] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 86.436748][ T5405] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 86.439374][ T5405] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 86.663076][ T5405] usb 7-1: usb_control_msg returned -71 [ 86.665114][ T5405] usbtmc 7-1:16.0: can't read capabilities [ 86.674067][ T5405] usb 7-1: USB disconnect, device number 4 [ 87.477972][ T5405] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 87.627998][ T5405] usb 7-1: Using ep0 maxpacket: 8 [ 87.631943][ T5405] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 87.634982][ T5405] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 87.638588][ T5405] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 87.642207][ T5405] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 87.647014][ T5405] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 87.650358][ T5405] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 87.878471][ T5405] usb 7-1: usb_control_msg returned -71 [ 87.880819][ T5405] usbtmc 7-1:16.0: can't read capabilities [ 87.888545][ T5405] usb 7-1: USB disconnect, device number 5 [ 88.292716][ T6300] block nbd0: shutting down sockets [ 88.447765][ T39] audit: type=1326 audit(1728529930.817:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6306 comm="syz.2.247" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x0 [ 88.581373][ T6316] overlayfs: missing 'lowerdir' [ 88.843519][ T6320] overlayfs: missing 'lowerdir' [ 89.572066][ T6325] team0: entered promiscuous mode [ 89.577231][ T6325] team_slave_0: entered promiscuous mode [ 89.583283][ T6325] team_slave_1: entered promiscuous mode [ 89.615200][ T6324] team0: left promiscuous mode [ 89.617253][ T6324] team_slave_0: left promiscuous mode [ 89.635103][ T6324] team_slave_1: left promiscuous mode [ 89.842562][ T6335] netlink: 'syz.0.254': attribute type 9 has an invalid length. [ 89.844915][ T6335] netlink: 8 bytes leftover after parsing attributes in process `syz.0.254'. [ 90.109020][ T830] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 90.239350][ T6347] usb 2-1: USB disconnect, device number 2 [ 90.267452][ T6347] hub 2-0:1.0: USB hub found [ 90.273460][ T6347] hub 2-0:1.0: 6 ports detected [ 90.288044][ T830] usb 6-1: Using ep0 maxpacket: 8 [ 90.294316][ T830] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 90.297744][ T830] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 90.300405][ T830] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 90.303668][ T830] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 90.307626][ T830] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 90.310465][ T830] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 90.437945][ T5404] usb 2-1: new high-speed USB device number 3 using ehci-pci [ 90.520771][ T830] usb 6-1: usb_control_msg returned -71 [ 90.524398][ T830] usbtmc 6-1:16.0: can't read capabilities [ 90.528145][ T830] usb 6-1: USB disconnect, device number 6 [ 90.644766][ T5404] usb 2-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00 [ 90.650245][ T5404] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10 [ 90.657934][ T5404] usb 2-1: Product: QEMU USB Tablet [ 90.659416][ T5404] usb 2-1: Manufacturer: QEMU [ 90.661399][ T5404] usb 2-1: SerialNumber: 28754-0000:00:1d.7-1 [ 90.714457][ T5404] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb2/2-1/2-1:1.0/0003:0627:0001.0002/input/input7 [ 90.807312][ T5404] hid-generic 0003:0627:0001.0002: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0 [ 90.962436][ T6357] overlayfs: missing 'lowerdir' [ 91.398272][ T6360] vlan2: entered promiscuous mode [ 91.400161][ T6360] mac80211_hwsim hwsim2 wlan0: entered promiscuous mode [ 91.408554][ T6360] mac80211_hwsim hwsim2 wlan0: left promiscuous mode [ 92.597955][ T5404] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 92.748038][ T5404] usb 7-1: Using ep0 maxpacket: 8 [ 92.750807][ T5404] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 92.753675][ T5404] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 92.756274][ T5404] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 92.762435][ T5404] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 92.766211][ T5404] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 92.769118][ T5404] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 92.985908][ T6377] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 92.988310][ T6377] overlayfs: failed to set xattr on upper [ 92.989876][ T6377] overlayfs: ...falling back to redirect_dir=nofollow. [ 92.993228][ T5404] usb 7-1: usb_control_msg returned -71 [ 92.994684][ T6377] overlayfs: ...falling back to uuid=null. [ 92.996300][ T5404] usbtmc 7-1:16.0: can't read capabilities [ 93.003733][ T5404] usb 7-1: USB disconnect, device number 6 [ 93.206999][ T6381] mmap: syz.0.267 (6381) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 93.307925][ T35] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 93.457985][ T35] usb 8-1: Using ep0 maxpacket: 8 [ 93.461871][ T35] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 93.464963][ T35] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 93.468945][ T35] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 93.472020][ T35] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 93.475261][ T35] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 93.477519][ T35] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 93.545268][ T39] audit: type=1326 audit(1728529935.917:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6383 comm="syz.2.270" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x0 [ 93.685531][ T35] usb 8-1: usb_control_msg returned -71 [ 93.687205][ T35] usbtmc 8-1:16.0: can't read capabilities [ 93.695607][ T35] usb 8-1: USB disconnect, device number 4 [ 94.330833][ T6399] NILFS (loop1): device size too small [ 94.410268][ T6401] FAULT_INJECTION: forcing a failure. [ 94.410268][ T6401] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 94.415516][ T6401] CPU: 3 UID: 0 PID: 6401 Comm: syz.2.275 Not tainted 6.12.0-rc2-syzkaller-00061-gb983b271662b #0 [ 94.419191][ T6401] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 94.422205][ T6401] Call Trace: [ 94.423066][ T6401] [ 94.423796][ T6401] dump_stack_lvl+0x16c/0x1f0 [ 94.424964][ T6401] should_fail_ex+0x497/0x5b0 [ 94.426154][ T6401] _copy_to_user+0x30/0xc0 [ 94.427295][ T6401] simple_read_from_buffer+0xd0/0x160 [ 94.429544][ T6401] proc_fail_nth_read+0x198/0x270 [ 94.431503][ T6401] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 94.433551][ T6401] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 94.435408][ T6401] vfs_read+0x1ce/0xbd0 [ 94.436797][ T6401] ? __fget_files+0x23a/0x3f0 [ 94.438450][ T6401] ? fdget_pos+0x24c/0x360 [ 94.440010][ T6401] ? __pfx_lock_release+0x10/0x10 [ 94.441776][ T6401] ? trace_lock_acquire+0x14a/0x1d0 [ 94.443652][ T6401] ? __pfx_vfs_read+0x10/0x10 [ 94.445351][ T6401] ? __pfx___mutex_lock+0x10/0x10 [ 94.447198][ T6401] ? __fget_files+0x244/0x3f0 [ 94.448916][ T6401] ksys_read+0x12f/0x260 [ 94.450380][ T6401] ? __pfx_ksys_read+0x10/0x10 [ 94.452084][ T6401] __do_fast_syscall_32+0x73/0x120 [ 94.453928][ T6401] do_fast_syscall_32+0x32/0x80 [ 94.455719][ T6401] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 94.457990][ T6401] RIP: 0023:0xf7fc3579 [ 94.459423][ T6401] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 94.466292][ T6401] RSP: 002b:00000000f57465a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 94.469275][ T6401] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5746620 [ 94.472058][ T6401] RDX: 000000000000000f RSI: 00000000f744bff4 RDI: 0000000000000000 [ 94.475019][ T6401] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000 [ 94.478060][ T6401] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 94.480972][ T6401] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 94.483813][ T6401] [ 94.637431][ T6409] 9pnet_fd: Insufficient options for proto=fd [ 94.770202][ T6419] overlayfs: missing 'lowerdir' [ 95.398869][ T6423] netlink: 8 bytes leftover after parsing attributes in process `syz.1.283'. [ 95.696038][ T6433] FAULT_INJECTION: forcing a failure. [ 95.696038][ T6433] name failslab, interval 1, probability 0, space 0, times 0 [ 95.701302][ T6433] CPU: 0 UID: 0 PID: 6433 Comm: syz.0.286 Not tainted 6.12.0-rc2-syzkaller-00061-gb983b271662b #0 [ 95.704341][ T6433] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 95.707048][ T6433] Call Trace: [ 95.707831][ T6433] [ 95.708522][ T6433] dump_stack_lvl+0x16c/0x1f0 [ 95.709663][ T6433] should_fail_ex+0x497/0x5b0 [ 95.711647][ T6433] ? fs_reclaim_acquire+0xae/0x160 [ 95.713185][ T6433] should_failslab+0xc2/0x120 [ 95.714687][ T6433] __kmalloc_noprof+0xcb/0x410 [ 95.716417][ T6433] ? __pfx_d_absolute_path+0x10/0x10 [ 95.717856][ T6433] tomoyo_encode2+0x100/0x3e0 [ 95.719229][ T6433] tomoyo_realpath_from_path+0x1a7/0x710 [ 95.720864][ T6433] tomoyo_path_number_perm+0x245/0x5b0 [ 95.722340][ T6433] ? tomoyo_path_number_perm+0x232/0x5b0 [ 95.723980][ T6433] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 95.725605][ T6433] ? find_held_lock+0x2d/0x110 [ 95.726899][ T6433] ? trace_lock_acquire+0x14a/0x1d0 [ 95.728455][ T6433] ? lock_acquire+0x2f/0xb0 [ 95.730036][ T6433] ? __fget_files+0x40/0x3f0 [ 95.731451][ T6433] ? __fget_files+0x244/0x3f0 [ 95.732745][ T6433] security_file_ioctl_compat+0x9b/0x240 [ 95.734320][ T6433] __do_compat_sys_ioctl+0x52/0x2b0 [ 95.735794][ T6433] __do_fast_syscall_32+0x73/0x120 [ 95.737265][ T6433] do_fast_syscall_32+0x32/0x80 [ 95.738610][ T6433] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 95.740283][ T6433] RIP: 0023:0xf743e579 [ 95.741374][ T6433] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 95.746396][ T6433] RSP: 002b:00000000f572656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 95.748697][ T6433] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c1007c00 [ 95.750928][ T6433] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 95.753224][ T6433] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 95.755325][ T6433] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 95.757971][ T6433] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 95.760278][ T6433] [ 95.762932][ T6433] ERROR: Out of memory at tomoyo_realpath_from_path. [ 96.751429][ T6476] netlink: 12 bytes leftover after parsing attributes in process `syz.0.304'. [ 96.769295][ T6478] binder: 6477:6478 ioctl c0306201 200002c0 returned -14 [ 96.984668][ T6493] netlink: 20 bytes leftover after parsing attributes in process `syz.2.310'. [ 96.987429][ T6493] FAULT_INJECTION: forcing a failure. [ 96.987429][ T6493] name failslab, interval 1, probability 0, space 0, times 0 [ 96.991649][ T6493] CPU: 3 UID: 0 PID: 6493 Comm: syz.2.310 Not tainted 6.12.0-rc2-syzkaller-00061-gb983b271662b #0 [ 96.994946][ T6493] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 96.998525][ T6493] Call Trace: [ 96.999676][ T6493] [ 97.000656][ T6493] dump_stack_lvl+0x16c/0x1f0 [ 97.002200][ T6493] should_fail_ex+0x497/0x5b0 [ 97.003919][ T6493] ? fs_reclaim_acquire+0xae/0x160 [ 97.005778][ T6493] should_failslab+0xc2/0x120 [ 97.007263][ T6493] __kmalloc_cache_noprof+0x6b/0x310 [ 97.009070][ T6493] ? alloc_netdev_mqs+0xdde/0x12a0 [ 97.010714][ T6493] alloc_netdev_mqs+0xdde/0x12a0 [ 97.012187][ T6493] rtnl_create_link+0xbed/0xf10 [ 97.013732][ T6493] __rtnl_newlink+0x10b3/0x1920 [ 97.015218][ T6493] ? __pfx___rtnl_newlink+0x10/0x10 [ 97.016924][ T6493] rtnl_newlink+0x67/0xa0 [ 97.018393][ T6493] ? __pfx_rtnl_newlink+0x10/0x10 [ 97.020052][ T6493] rtnetlink_rcv_msg+0x3c7/0xea0 [ 97.021590][ T6493] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 97.023261][ T6493] ? __pfx___dev_queue_xmit+0x10/0x10 [ 97.024966][ T6493] netlink_rcv_skb+0x165/0x410 [ 97.026486][ T6493] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 97.028195][ T6493] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 97.029847][ T6493] ? netlink_deliver_tap+0x1ae/0xcf0 [ 97.031489][ T6493] netlink_unicast+0x53c/0x7f0 [ 97.033055][ T6493] ? __pfx_netlink_unicast+0x10/0x10 [ 97.034748][ T6493] ? __phys_addr_symbol+0x30/0x80 [ 97.036402][ T6493] ? __check_object_size+0x488/0x710 [ 97.038096][ T6493] netlink_sendmsg+0x8b8/0xd70 [ 97.039590][ T6493] ? __pfx_netlink_sendmsg+0x10/0x10 [ 97.041246][ T6493] ? lock_acquire+0x2f/0xb0 [ 97.042671][ T6493] ____sys_sendmsg+0x9ae/0xb40 [ 97.044182][ T6493] ? __pfx_____sys_sendmsg+0x10/0x10 [ 97.045819][ T6493] ? get_compat_msghdr+0x11b/0x170 [ 97.047382][ T6493] ? __pfx___lock_acquire+0x10/0x10 [ 97.049037][ T6493] ___sys_sendmsg+0x135/0x1e0 [ 97.050528][ T6493] ? __pfx____sys_sendmsg+0x10/0x10 [ 97.052207][ T6493] ? lock_acquire+0x2f/0xb0 [ 97.053700][ T6493] ? __fget_files+0x40/0x3f0 [ 97.055145][ T6493] ? fdget+0x176/0x210 [ 97.056400][ T6493] __sys_sendmsg+0x117/0x1f0 [ 97.057683][ T6493] ? __pfx___sys_sendmsg+0x10/0x10 [ 97.059007][ T6493] ? __fget_files+0x244/0x3f0 [ 97.060247][ T6493] __do_fast_syscall_32+0x73/0x120 [ 97.061613][ T6493] do_fast_syscall_32+0x32/0x80 [ 97.062914][ T6493] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 97.064569][ T6493] RIP: 0023:0xf7fc3579 [ 97.065689][ T6493] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 97.070943][ T6493] RSP: 002b:00000000f574656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 97.073178][ T6493] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200002c0 [ 97.075227][ T6493] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 97.077294][ T6493] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 97.079310][ T6493] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 97.081376][ T6493] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 97.083521][ T6493] [ 97.208280][ T35] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 97.358012][ T35] usb 8-1: Using ep0 maxpacket: 8 [ 97.363516][ T35] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 97.367502][ T35] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 97.371173][ T35] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 97.374222][ T35] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 97.377714][ T35] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 97.380830][ T35] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 97.600466][ T35] usb 8-1: usb_control_msg returned -71 [ 97.602239][ T35] usbtmc 8-1:16.0: can't read capabilities [ 97.610806][ T35] usb 8-1: USB disconnect, device number 5 [ 98.147357][ T6516] ref_tracker: memory allocation failure, unreliable refcount tracker. [ 98.796357][ T6522] netlink: 20 bytes leftover after parsing attributes in process `syz.0.319'. [ 98.815208][ T6522] ipvlan2: entered allmulticast mode [ 98.817026][ T6522] veth0_vlan: entered allmulticast mode [ 98.891959][ T6525] input: syz0 as /devices/virtual/input/input9 [ 99.456147][ T39] audit: type=1326 audit(1728529941.827:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6535 comm="syz.2.322" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x0 [ 99.918081][ T35] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 100.067972][ T35] usb 6-1: Using ep0 maxpacket: 8 [ 100.079148][ T35] usb 6-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 100.082417][ T35] usb 6-1: config 246 descriptor has 1 excess byte, ignoring [ 100.085276][ T35] usb 6-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 100.089299][ T35] usb 6-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 100.093571][ T35] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 100.097610][ T35] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 100.102083][ T35] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 100.107210][ T35] usb 6-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 100.111478][ T35] usb 6-1: config 246 descriptor has 1 excess byte, ignoring [ 100.114178][ T35] usb 6-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 100.117696][ T35] usb 6-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 100.122316][ T35] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 100.126588][ T35] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 100.131965][ T35] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 100.136804][ T35] usb 6-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 100.140514][ T35] usb 6-1: config 246 descriptor has 1 excess byte, ignoring [ 100.143468][ T35] usb 6-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 100.146803][ T35] usb 6-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 100.151356][ T35] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 100.155415][ T35] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 100.159875][ T35] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 100.167059][ T35] usb 6-1: string descriptor 0 read error: -22 [ 100.169809][ T35] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 100.173177][ T35] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 100.185761][ T35] adutux 6-1:246.0: ADU100 now attached to /dev/usb/adutux0 [ 100.318110][ T5405] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 100.406339][ T6549] overlayfs: missing 'lowerdir' [ 100.468019][ T5405] usb 8-1: Using ep0 maxpacket: 8 [ 100.476371][ T5405] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 100.479540][ T5405] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 100.482786][ T5405] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 100.488958][ T5405] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 100.492777][ T5405] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 100.502477][ T5405] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 100.721467][ T5405] usb 8-1: usb_control_msg returned -71 [ 100.726650][ T5405] usbtmc 8-1:16.0: can't read capabilities [ 100.742253][ T5405] usb 8-1: USB disconnect, device number 6 [ 101.269795][ T9] usb 6-1: USB disconnect, device number 7 [ 101.316240][ T6559] netlink: 'syz.2.328': attribute type 5 has an invalid length. [ 101.319010][ T6559] netlink: 8 bytes leftover after parsing attributes in process `syz.2.328'. [ 102.022934][ T6615] tmpfs: Bad value for 'huge' [ 102.093014][ T6620] Invalid ELF header magic: != ELF [ 102.174701][ T6623] overlayfs: missing 'lowerdir' [ 102.658177][ T30] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 102.807904][ T30] usb 5-1: Using ep0 maxpacket: 8 [ 102.810883][ T30] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 102.814252][ T30] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 102.817214][ T30] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 102.821812][ T30] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 102.825529][ T30] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 102.832064][ T30] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 103.045561][ T30] usb 5-1: usb_control_msg returned -71 [ 103.047038][ T30] usbtmc 5-1:16.0: can't read capabilities [ 103.056048][ T30] usb 5-1: USB disconnect, device number 8 [ 103.309720][ T6641] capability: warning: `syz.2.342' uses deprecated v2 capabilities in a way that may be insecure [ 103.542074][ T6650] ipvlan2: entered promiscuous mode [ 103.586316][ T6655] FAULT_INJECTION: forcing a failure. [ 103.586316][ T6655] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 103.589951][ T6655] CPU: 2 UID: 0 PID: 6655 Comm: syz.0.348 Not tainted 6.12.0-rc2-syzkaller-00061-gb983b271662b #0 [ 103.592758][ T6655] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 103.595589][ T6655] Call Trace: [ 103.596497][ T6655] [ 103.597306][ T6655] dump_stack_lvl+0x16c/0x1f0 [ 103.598876][ T6655] should_fail_ex+0x497/0x5b0 [ 103.600325][ T6655] _copy_to_user+0x30/0xc0 [ 103.601561][ T6655] simple_read_from_buffer+0xd0/0x160 [ 103.603010][ T6655] proc_fail_nth_read+0x198/0x270 [ 103.604360][ T6655] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 103.605850][ T6655] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 103.607319][ T6655] vfs_read+0x1ce/0xbd0 [ 103.608438][ T6655] ? __fget_files+0x23a/0x3f0 [ 103.609710][ T6655] ? fdget_pos+0x24c/0x360 [ 103.610910][ T6655] ? __pfx_lock_release+0x10/0x10 [ 103.612285][ T6655] ? trace_lock_acquire+0x14a/0x1d0 [ 103.613708][ T6655] ? __pfx_vfs_read+0x10/0x10 [ 103.614969][ T6655] ? __pfx___mutex_lock+0x10/0x10 [ 103.616289][ T6655] ? __fget_files+0x244/0x3f0 [ 103.617532][ T6655] ksys_read+0x12f/0x260 [ 103.618675][ T6655] ? __pfx_ksys_read+0x10/0x10 [ 103.620088][ T6655] __do_fast_syscall_32+0x73/0x120 [ 103.621494][ T6655] do_fast_syscall_32+0x32/0x80 [ 103.622828][ T6655] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 103.624559][ T6655] RIP: 0023:0xf743e579 [ 103.625664][ T6655] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 103.630751][ T6655] RSP: 002b:00000000f57265a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 103.633045][ T6655] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5726620 [ 103.635229][ T6655] RDX: 000000000000000f RSI: 00000000f742bff4 RDI: 0000000000000000 [ 103.637413][ T6655] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 103.639537][ T6655] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 103.641737][ T6655] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 103.643909][ T6655] [ 103.670129][ T39] audit: type=1326 audit(1728529946.047:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6657 comm="syz.0.349" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x0 [ 103.712096][ T39] audit: type=1326 audit(1728529946.087:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6660 comm="syz.3.350" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x0 [ 104.560854][ T6667] tmpfs: Bad value for 'mpol' [ 105.551569][ T6692] Cannot find set identified by id 0 to match [ 105.559539][ T6692] fuse: Unknown parameter 'dfTXÞF@"i‡ÜnI–›Ý‹…ÈM' [ 105.563115][ T6692] team0: Device bridge0 is up. Set it down before adding it as a team port [ 105.570126][ T6692] bridge_slave_1: left allmulticast mode [ 105.573128][ T6692] bridge_slave_1: left promiscuous mode [ 105.574810][ T6692] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.580758][ T6692] bridge_slave_0: left allmulticast mode [ 105.582306][ T6692] bridge_slave_0: left promiscuous mode [ 105.583965][ T6692] bridge0: port 1(bridge_slave_0) entered disabled state [ 105.775136][ T39] audit: type=1326 audit(1728529948.147:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6694 comm="syz.0.360" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x0 [ 105.946663][ T6699] overlayfs: missing 'lowerdir' [ 106.672341][ T6706] FAULT_INJECTION: forcing a failure. [ 106.672341][ T6706] name failslab, interval 1, probability 0, space 0, times 0 [ 106.677519][ T6706] CPU: 1 UID: 0 PID: 6706 Comm: syz.0.363 Not tainted 6.12.0-rc2-syzkaller-00061-gb983b271662b #0 [ 106.680529][ T6706] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 106.683518][ T6706] Call Trace: [ 106.684467][ T6706] [ 106.685310][ T6706] dump_stack_lvl+0x16c/0x1f0 [ 106.686699][ T6706] should_fail_ex+0x497/0x5b0 [ 106.688032][ T6706] should_failslab+0xc2/0x120 [ 106.689392][ T6706] __kmalloc_cache_noprof+0x6b/0x310 [ 106.690901][ T6706] ? sctp_add_bind_addr+0x9d/0x3e0 [ 106.692442][ T6706] sctp_add_bind_addr+0x9d/0x3e0 [ 106.693954][ T6706] sctp_copy_local_addr_list+0x39e/0x5a0 [ 106.695540][ T6706] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 106.697332][ T6706] ? sctp_auth_asoc_copy_shkeys+0x2a7/0x360 [ 106.698984][ T6706] ? sctp_bind_addr_copy+0xe0/0x530 [ 106.700558][ T6706] sctp_bind_addr_copy+0xe0/0x530 [ 106.701995][ T6706] sctp_connect_new_asoc+0x1d8/0x790 [ 106.703496][ T6706] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 106.705140][ T6706] ? mark_held_locks+0x9f/0xe0 [ 106.706499][ T6706] ? sctp_sendmsg+0x112f/0x1f10 [ 106.707877][ T6706] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 106.709446][ T6706] sctp_sendmsg+0x162a/0x1f10 [ 106.710805][ T6706] ? __pfx___lock_acquire+0x10/0x10 [ 106.712319][ T6706] ? __pfx_sctp_sendmsg+0x10/0x10 [ 106.713791][ T6706] ? find_held_lock+0x2d/0x110 [ 106.715141][ T6706] ? __pfx___might_resched+0x10/0x10 [ 106.716700][ T6706] ? __pfx_aa_sk_perm+0x10/0x10 [ 106.718050][ T6706] ? __import_iovec+0x1fd/0x6e0 [ 106.719436][ T6706] ? __pfx_sctp_sendmsg+0x10/0x10 [ 106.721242][ T6706] inet_sendmsg+0x119/0x140 [ 106.723027][ T6706] ____sys_sendmsg+0x907/0xb40 [ 106.724782][ T6706] ? __pfx_____sys_sendmsg+0x10/0x10 [ 106.726335][ T6706] ? get_compat_msghdr+0x11b/0x170 [ 106.727804][ T6706] ? __pfx___lock_acquire+0x10/0x10 [ 106.729305][ T6706] ___sys_sendmsg+0x135/0x1e0 [ 106.730671][ T6706] ? __pfx____sys_sendmsg+0x10/0x10 [ 106.732135][ T6706] ? lock_acquire+0x2f/0xb0 [ 106.733506][ T6706] ? __fget_files+0x40/0x3f0 [ 106.734797][ T6706] ? fdget+0x176/0x210 [ 106.735938][ T6706] __sys_sendmmsg+0x2a5/0x450 [ 106.737319][ T6706] ? __pfx___sys_sendmmsg+0x10/0x10 [ 106.738788][ T6706] ? vfs_write+0x14d/0x1140 [ 106.740203][ T6706] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 106.742400][ T6706] ? fput+0x30/0x390 [ 106.743866][ T6706] ? ksys_write+0x1ad/0x260 [ 106.745305][ T6706] ? __pfx_ksys_write+0x10/0x10 [ 106.746666][ T6706] __ia32_compat_sys_sendmmsg+0x9d/0x100 [ 106.748282][ T6706] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 106.750215][ T6706] __do_fast_syscall_32+0x73/0x120 [ 106.751752][ T6706] do_fast_syscall_32+0x32/0x80 [ 106.753181][ T6706] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 106.754967][ T6706] RIP: 0023:0xf743e579 [ 106.756099][ T6706] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 106.761564][ T6706] RSP: 002b:00000000f572656c EFLAGS: 00000296 ORIG_RAX: 0000000000000159 [ 106.764244][ T6706] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000880 [ 106.766400][ T6706] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000 [ 106.768578][ T6706] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 106.770747][ T6706] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 106.772924][ T6706] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 106.775104][ T6706] [ 106.899350][ T5348] Bluetooth: hci4: unexpected event for opcode 0x203d [ 107.389460][ T6730] netlink: 8 bytes leftover after parsing attributes in process `syz.3.370'. [ 107.405919][ T6730] vlan2: entered promiscuous mode [ 107.505538][ T6728] netlink: 72 bytes leftover after parsing attributes in process `syz.3.370'. [ 107.516162][ T6728] netlink: 12 bytes leftover after parsing attributes in process `syz.3.370'. [ 107.566932][ T39] audit: type=1326 audit(1728529949.937:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6736 comm="syz.1.372" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f63579 code=0x0 [ 108.233217][ T6755] FAULT_INJECTION: forcing a failure. [ 108.233217][ T6755] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 108.236656][ T6755] CPU: 2 UID: 0 PID: 6755 Comm: syz.3.378 Not tainted 6.12.0-rc2-syzkaller-00061-gb983b271662b #0 [ 108.239431][ T6755] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 108.242250][ T6755] Call Trace: [ 108.243145][ T6755] [ 108.243936][ T6755] dump_stack_lvl+0x16c/0x1f0 [ 108.245202][ T6755] should_fail_ex+0x497/0x5b0 [ 108.246458][ T6755] _copy_from_user+0x30/0xf0 [ 108.247699][ T6755] video_usercopy+0xc62/0x1500 [ 108.249046][ T6755] ? __pfx___video_do_ioctl+0x10/0x10 [ 108.250531][ T6755] ? __pfx_video_usercopy+0x10/0x10 [ 108.251949][ T6755] v4l2_ioctl+0x1ba/0x250 [ 108.253120][ T6755] v4l2_compat_ioctl32+0x214/0x2c0 [ 108.254472][ T6755] ? __pfx_v4l2_compat_ioctl32+0x10/0x10 [ 108.255951][ T6755] __do_compat_sys_ioctl+0x259/0x2b0 [ 108.257522][ T6755] __do_fast_syscall_32+0x73/0x120 [ 108.258918][ T6755] do_fast_syscall_32+0x32/0x80 [ 108.260214][ T6755] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 108.261890][ T6755] RIP: 0023:0xf747e579 [ 108.262977][ T6755] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 108.268031][ T6755] RSP: 002b:00000000f576656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 108.270316][ T6755] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000004020565a [ 108.272389][ T6755] RDX: 0000000020000140 RSI: 0000000000000000 RDI: 0000000000000000 [ 108.274493][ T6755] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 108.276583][ T6755] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 108.278734][ T6755] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 108.280864][ T6755] [ 108.556544][ T39] audit: type=1326 audit(1728529950.927:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6758 comm="syz.1.380" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f63579 code=0x7ffc0000 [ 108.609733][ T39] audit: type=1326 audit(1728529950.927:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6758 comm="syz.1.380" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f63579 code=0x7ffc0000 [ 108.636543][ T39] audit: type=1326 audit(1728529950.937:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6758 comm="syz.1.380" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f63579 code=0x7ffc0000 [ 108.663559][ T39] audit: type=1326 audit(1728529950.937:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6758 comm="syz.1.380" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f63579 code=0x7ffc0000 [ 108.684996][ T39] audit: type=1326 audit(1728529950.937:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6758 comm="syz.1.380" exe="/syz-executor" sig=0 arch=40000003 syscall=120 compat=1 ip=0xf7f63579 code=0x7ffc0000 [ 108.690690][ T39] audit: type=1326 audit(1728529950.937:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6768 comm="syz.1.380" exe="/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf7f63579 code=0x7ffc0000 [ 108.698290][ T39] audit: type=1326 audit(1728529950.957:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6758 comm="syz.1.380" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f63579 code=0x7ffc0000 [ 108.705694][ T39] audit: type=1326 audit(1728529950.957:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6758 comm="syz.1.380" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f63579 code=0x7ffc0000 [ 108.735807][ T6775] syzkaller1: entered promiscuous mode [ 108.737477][ T6775] syzkaller1: entered allmulticast mode [ 108.804418][ T6776] syzkaller1: entered promiscuous mode [ 108.806238][ T6776] syzkaller1: entered allmulticast mode [ 109.033849][ T6783] UBIFS error (pid: 6783): cannot open "", error -22 [ 109.286030][ T6759] ceph: No mds server is up or the cluster is laggy [ 109.408041][ T11] bridge_slave_1: left allmulticast mode [ 109.409723][ T11] bridge_slave_1: left promiscuous mode [ 109.412266][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 109.421778][ T11] bridge_slave_0: left allmulticast mode [ 109.424588][ T11] bridge_slave_0: left promiscuous mode [ 109.426225][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 109.829519][ T6801] overlayfs: missing 'lowerdir' [ 109.964374][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 110.008945][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 110.024542][ T11] bond0 (unregistering): Released all slaves [ 110.377367][ T11] hsr_slave_0: left promiscuous mode [ 110.384258][ T11] hsr_slave_1: left promiscuous mode [ 110.390665][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 110.392281][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 110.398827][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 110.398873][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 110.431689][ T11] veth1_macvtap: left promiscuous mode [ 110.433515][ T11] veth0_macvtap: left promiscuous mode [ 110.435018][ T11] veth1_vlan: left promiscuous mode [ 110.436641][ T11] veth0_vlan: left promiscuous mode [ 110.887408][ T6812] overlayfs: missing 'lowerdir' [ 110.998404][ T5348] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 111.007060][ T5348] Bluetooth: hci4: Injecting HCI hardware error event [ 111.022586][ T4780] Bluetooth: hci4: hardware error 0x00 [ 111.422798][ T11] team0 (unregistering): Port device team_slave_1 removed [ 111.502645][ T11] team0 (unregistering): Port device team_slave_0 removed [ 112.765140][ T6820] netlink: 4 bytes leftover after parsing attributes in process `syz.3.393'. [ 113.059318][ T4780] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 113.277428][ T6804] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 113.279408][ T6804] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 113.280988][ T6804] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 113.403892][ T6831] netlink: 'syz.3.397': attribute type 25 has an invalid length. [ 113.407071][ T6831] netlink: 'syz.3.397': attribute type 7 has an invalid length. [ 113.474950][ T39] kauditd_printk_skb: 56 callbacks suppressed [ 113.474961][ T39] audit: type=1326 audit(1728529955.847:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6832 comm="syz.2.396" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 113.485918][ T39] audit: type=1326 audit(1728529955.857:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6832 comm="syz.2.396" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 113.498120][ T39] audit: type=1326 audit(1728529955.857:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6832 comm="syz.2.396" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 113.505604][ T39] audit: type=1326 audit(1728529955.857:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6832 comm="syz.2.396" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 113.511589][ T39] audit: type=1326 audit(1728529955.867:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6832 comm="syz.2.396" exe="/syz-executor" sig=0 arch=40000003 syscall=120 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 113.517317][ T39] audit: type=1326 audit(1728529955.867:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6832 comm="syz.2.396" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 113.523569][ T39] audit: type=1326 audit(1728529955.867:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6832 comm="syz.2.396" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 113.529499][ T39] audit: type=1326 audit(1728529955.867:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6841 comm="syz.2.396" exe="/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 113.567786][ T6843] overlayfs: missing 'lowerdir' [ 113.606244][ T39] audit: type=1326 audit(1728529955.967:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6832 comm="syz.2.396" exe="/syz-executor" sig=0 arch=40000003 syscall=386 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 113.612210][ T39] audit: type=1326 audit(1728529955.967:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6832 comm="syz.2.396" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 114.241266][ T6833] ceph: No mds server is up or the cluster is laggy [ 114.342940][ T4780] Bluetooth: hci0: command 0x0c1a tx timeout [ 115.297993][ T4780] Bluetooth: hci3: command 0x0c1a tx timeout [ 115.300296][ T4780] Bluetooth: hci2: command 0x0c1a tx timeout [ 115.655261][ T6869] netlink: 4 bytes leftover after parsing attributes in process `syz.0.406'. [ 115.950423][ T6872] page: refcount:2 mapcount:0 mapping:0000000000000000 index:0xffff88804a0fe2d0 pfn:0x4a0fe [ 115.953695][ T6872] flags: 0x4fff00000010001(locked|reclaim|node=1|zone=1|lastcpupid=0x7ff) [ 115.956046][ T6872] raw: 04fff00000010001 ffffc90003137070 ffffc90003137070 ffffffff8b5d54a2 [ 115.960325][ T11] list_add corruption. next->prev should be prev (ffffe8ffac42fe10), but was ffff8880438cc800. (next=ffff888022476800). [ 115.967245][ T11] ------------[ cut here ]------------ [ 115.968781][ T11] kernel BUG at lib/list_debug.c:29! [ 115.970221][ T11] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI [ 115.972391][ T11] CPU: 2 UID: 0 PID: 11 Comm: kworker/u32:0 Not tainted 6.12.0-rc2-syzkaller-00061-gb983b271662b #0 [ 115.977272][ T11] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 115.981200][ T11] Workqueue: zswap1 compact_page_work [ 115.983110][ T11] RIP: 0010:__list_add_valid_or_report+0xa9/0x100 [ 115.983138][ T11] Code: 23 b1 8b e8 19 fa de fc 90 0f 0b 48 c7 c7 40 24 b1 8b e8 0a fa de fc 90 0f 0b 48 89 d9 48 c7 c7 a0 24 b1 8b e8 f8 f9 de fc 90 <0f> 0b 48 89 f1 48 c7 c7 20 25 b1 8b 48 89 de e8 e3 f9 de fc 90 0f [ 115.989576][ T6872] raw: ffff88804a0fe2d0 0000000000000004 00000002ffffffff 0000000000000000 [ 115.991665][ T11] RSP: 0018:ffffc900003d7c00 EFLAGS: 00010282 [ 115.991686][ T11] RAX: 0000000000000075 RBX: ffff888022476800 RCX: ffffffff816cccf9 [ 115.991697][ T11] RDX: 0000000000000000 RSI: ffffffff816d73c6 RDI: 0000000000000005 [ 115.991707][ T11] RBP: ffff88804a0fe000 R08: 0000000000000005 R09: 0000000000000000 [ 115.991718][ T11] R10: 0000000000000002 R11: 0000000000000000 R12: 0000000000000002 [ 115.991727][ T11] R13: ffff88804a0fe008 R14: ffff88804a0fe000 R15: ffffea0001283f80 [ 115.991738][ T11] FS: 0000000000000000(0000) GS:ffff88802b600000(0000) knlGS:0000000000000000 [ 115.994466][ T6872] page dumped because: VM_BUG_ON_PAGE(!((__builtin_constant_p(PAGE_CLAIMED) && __builtin_constant_p((uintptr_t)(&page->private) != (uintptr_t)((void *)0)) && (uintptr_t)(&page->private) != (uintptr_t)((void *)0) && __builtin_constant_p(*(const unsigned long *)(&page->private))) ? const_test_bit(PAGE_CLAIMED, &page->private) : _test_bit(PAGE_CLAIMED, &page->private))) [ 115.995884][ T11] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 115.995895][ T11] CR2: 00000000f7438ea0 CR3: 000000000db7c000 CR4: 0000000000352ef0 [ 115.995901][ T11] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 115.995907][ T11] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 115.995913][ T11] Call Trace: [ 115.995917][ T11] [ 115.998902][ T6872] page_owner tracks the page as allocated [ 116.000099][ T11] ? die+0x31/0x80 [ 116.000123][ T11] ? do_trap+0x232/0x430 [ 116.000139][ T11] ? __list_add_valid_or_report+0xa9/0x100 [ 116.000151][ T11] ? __list_add_valid_or_report+0xa9/0x100 [ 116.000161][ T11] ? do_error_trap+0xf4/0x230 [ 116.000174][ T11] ? __list_add_valid_or_report+0xa9/0x100 [ 116.000185][ T11] ? handle_invalid_op+0x34/0x40 [ 116.000198][ T11] ? __list_add_valid_or_report+0xa9/0x100 [ 116.000208][ T11] ? exc_invalid_op+0x2e/0x50 [ 116.000224][ T11] ? asm_exc_invalid_op+0x1a/0x20 [ 116.000238][ T11] ? __wake_up_klogd.part.0+0x99/0xf0 [ 116.010026][ T6872] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12800(GFP_NOWAIT|__GFP_NORETRY), pid 112, tgid 112 (kswapd0), ts 115796725287, free_ts 115780743963 [ 116.019880][ T11] ? vprintk+0x86/0xa0 [ 116.019905][ T11] ? __list_add_valid_or_report+0xa9/0x100 [ 116.019918][ T11] do_compact_page+0x10b9/0x25d0 [ 116.019931][ T11] ? lock_acquire+0x2f/0xb0 [ 116.019946][ T11] ? process_one_work+0x8bb/0x1b30 [ 116.019963][ T11] process_one_work+0x958/0x1b30 [ 116.019978][ T11] ? __pfx_free_pages_work+0x10/0x10 [ 116.019994][ T11] ? __pfx_process_one_work+0x10/0x10 [ 116.020009][ T11] ? assign_work+0x1a0/0x250 [ 116.020023][ T11] worker_thread+0x6c8/0xf00 [ 116.020039][ T11] ? __pfx_worker_thread+0x10/0x10 [ 116.020053][ T11] kthread+0x2c1/0x3a0 [ 116.020064][ T11] ? _raw_spin_unlock_irq+0x23/0x50 [ 116.020076][ T11] ? __pfx_kthread+0x10/0x10 [ 116.020086][ T11] ret_from_fork+0x45/0x80 [ 116.020096][ T11] ? __pfx_kthread+0x10/0x10 [ 116.020106][ T11] ret_from_fork_asm+0x1a/0x30 [ 116.020125][ T11] [ 116.020128][ T11] Modules linked in: [ 116.020473][ T11] ---[ end trace 0000000000000000 ]--- [ 116.020481][ T11] RIP: 0010:__list_add_valid_or_report+0xa9/0x100 [ 116.020495][ T11] Code: 23 b1 8b e8 19 fa de fc 90 0f 0b 48 c7 c7 40 24 b1 8b e8 0a fa de fc 90 0f 0b 48 89 d9 48 c7 c7 a0 24 b1 8b e8 f8 f9 de fc 90 <0f> 0b 48 89 f1 48 c7 c7 20 25 b1 8b 48 89 de e8 e3 f9 de fc 90 0f [ 116.020504][ T11] RSP: 0018:ffffc900003d7c00 EFLAGS: 00010282 [ 116.020513][ T11] RAX: 0000000000000075 RBX: ffff888022476800 RCX: ffffffff816cccf9 [ 116.020520][ T11] RDX: 0000000000000000 RSI: ffffffff816d73c6 RDI: 0000000000000005 [ 116.020526][ T11] RBP: ffff88804a0fe000 R08: 0000000000000005 R09: 0000000000000000 [ 116.020532][ T11] R10: 0000000000000002 R11: 0000000000000000 R12: 0000000000000002 [ 116.020538][ T11] R13: ffff88804a0fe008 R14: ffff88804a0fe000 R15: ffffea0001283f80 [ 116.020544][ T11] FS: 0000000000000000(0000) GS:ffff88802b600000(0000) knlGS:0000000000000000 [ 116.020564][ T11] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 116.020573][ T11] CR2: 00000000f7438ea0 CR3: 000000000db7c000 CR4: 0000000000352ef0 [ 116.020580][ T11] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 116.020585][ T11] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 116.020592][ T11] Kernel panic - not syncing: Fatal exception [ 116.021277][ T11] Kernel Offset: disabled VM DIAGNOSIS: 03:12:38 Registers: info registers vcpu 0 CPU#0 RAX=ffffed1005687dd0 RBX=ffffed1005687dd1 RCX=ffffffff816aae4e RDX=ffffed1005687dd1 RSI=0000000000000004 RDI=ffff88802b43ee80 RBP=ffffed1005687dd0 RSP=ffffffff8da07a58 R8 =0000000000000001 R9 =ffffed1005687dd0 R10=ffff88802b43ee83 R11=0000000000000001 R12=ffff88802b43ee88 R13=ffff88802b43ee90 R14=ffff88802b43fca0 R15=0000000000000000 RIP=ffffffff81edfb53 RFL=00000086 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b400000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000031fedff8 CR3=000000002695c000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000c400000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=000000000055f5a4 RBX=0000000000000001 RCX=ffffffff8b131a39 RDX=ffffed10056a7026 RSI=ffffffff8bb122a0 RDI=ffffffff816418fc RBP=ffffed10036ec910 RSP=ffffc90000477e08 R8 =0000000000000000 R9 =ffffed10056a7025 R10=ffff88802b53812b R11=0000000000000001 R12=0000000000000001 R13=ffff88801b764880 R14=ffffffff901cd248 R15=0000000000000000 RIP=ffffffff8b132e1f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b500000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f574560c CR3=0000000021792000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000c400000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000049 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff850374c5 RDI=ffffffff9a63a220 RBP=ffffffff9a63a1e0 RSP=ffffc900003d7520 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=6b726f776b203a43 R12=0000000000000000 R13=0000000000000049 R14=ffffffff85037460 R15=0000000000000000 RIP=ffffffff850374ef RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f7438ea0 CR3=000000000db7c000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=000000000018f074 RBX=0000000000000003 RCX=ffffffff8b131a39 RDX=ffffed10056e7026 RSI=ffffffff8bb122a0 RDI=ffffffff816418fc RBP=ffffed100376d488 RSP=ffffc90000497e08 R8 =0000000000000000 R9 =ffffed10056e7025 R10=ffff88802b73812b R11=0000000000000001 R12=0000000000000003 R13=ffff88801bb6a440 R14=ffffffff901cd248 R15=0000000000000000 RIP=ffffffff8b132e1f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f73f88a8 CR3=0000000049a24000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000