last executing test programs: 3.35098454s ago: executing program 1 (id=1014): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'team_slave_1\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000080)={'team0\x00', 0x0}) r5 = syz_genetlink_get_family_id$team(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$TEAM_CMD_OPTIONS_SET(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)={0x60, r5, 0x809, 0x0, 0x0, {}, [{{0x8, 0x1, r4}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8}}, {0x8, 0x6, r3}}}]}}]}, 0x60}, 0x1, 0x2000000, 0x0, 0x4000}, 0x40000) 3.35075363s ago: executing program 1 (id=1015): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r0, 0x0, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x6, &(0x7f0000000240)=0x67, 0x4) r1 = syz_init_net_socket$llc(0x1a, 0x801, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r2 = getpid() sched_setscheduler(r2, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r3, &(0x7f0000002540)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x0, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000100)=0x6) bind$llc(r1, &(0x7f0000000080)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x10) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) ioctl$EVIOCSKEYCODE_V2(0xffffffffffffffff, 0x40284504, &(0x7f00000004c0)={0x4, 0x15, 0x20, 0x0, "c3fea293681a0fa1ff856aa471fe2617dfb4eb45d73158000000568e00"}) syz_kvm_setup_cpu$x86(r6, 0xffffffffffffffff, &(0x7f00002ac000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000300)="b84ed8000000d064de0526f30fc733f30f1efc66b8008800000f23c80f21f866350000b0000f23f8f4baf80c66b8edf24c8766efbafc0cb000ee2e640f01d10f20d86635200000000f22d8656464660f6c34"}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_CPUID2(r7, 0x4008ae90, &(0x7f00000002c0)=ANY=[@ANYRES32=r7]) ioctl$KVM_SET_VCPU_EVENTS(r7, 0x4400ae8f, &(0x7f0000000140)=@x86={0x4}) ioctl$KVM_SET_PIT(r0, 0x8048ae66, &(0x7f0000000580)={[{0x2, 0x101, 0x6, 0x0, 0x81, 0x20, 0x9, 0x7, 0x9e, 0x5, 0x2, 0x2, 0x6}, {0x1ff, 0x2, 0x1, 0x0, 0x7, 0xf7, 0x7, 0x6, 0x2, 0x0, 0x7, 0x2, 0x3}, {0x401, 0x8, 0x8, 0x2, 0xc5, 0x25, 0x0, 0xaf, 0x7, 0x60, 0x0, 0x9, 0x1}], 0x80000000}) socket$nl_generic(0x10, 0x3, 0x10) r8 = socket$inet6_sctp(0xa, 0x801, 0x84) connect$inet6(r8, &(0x7f0000000540)={0xa, 0x0, 0x4, @private1, 0x10200004}, 0x1c) 2.33126593s ago: executing program 1 (id=1020): bind$l2tp(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @multicast2}, 0x10) r0 = syz_io_uring_setup(0x1f87, &(0x7f0000000100)={0x0, 0xd097, 0x1000, 0x0, 0x2}, &(0x7f0000000080), &(0x7f0000000280)) io_uring_enter(r0, 0x54, 0x0, 0xf, 0x0, 0x18) r1 = epoll_create1(0x80000) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000)={0xa000000a}) finit_module(r2, 0x0, 0x2) finit_module(r2, 0x0, 0x0) 1.529272934s ago: executing program 0 (id=1024): mknod(&(0x7f0000000040)='./file1\x00', 0x0, 0x0) chmod(&(0x7f0000000080)='./file1\x00', 0x1258bab1c8332e9a) r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) read$FUSE(r0, &(0x7f00000024c0)={0x2020}, 0x2020) read$FUSE(r0, &(0x7f0000004500)={0x2020}, 0x2020) r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x2) r2 = eventfd(0x8) ioctl$VHOST_SET_VRING_BASE(r1, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f}) ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r2) ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x1, r2}) r3 = userfaultfd(0x80001) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000380)) ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f00000002c0)={0x0, 0x1, 0x0, &(0x7f0000000600)=""/42, 0x0, 0xffff1000}) ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/236, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/66}) ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]}) ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x1) r4 = io_uring_setup(0x3eae, &(0x7f0000000080)) io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) 1.410939841s ago: executing program 1 (id=1026): socket$netlink(0x10, 0x3, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000003b810100850000006d000000850000005000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000340)='kfree\x00', r0}, 0x18) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000000)={0x0, 0xcc}, 0x8) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) sendmmsg$inet6(r1, &(0x7f0000000480)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000000c0)='\b', 0x1}], 0x1}}], 0x1, 0x34000811) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000100)=ANY=[@ANYRES32=0x0, @ANYRES16=r1], 0x1000f) 1.410436278s ago: executing program 1 (id=1027): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = syz_open_dev$dri(&(0x7f00000005c0), 0x2, 0x0) ioctl$DRM_IOCTL_MODE_GETCRTC(r1, 0xc06864a1, 0x0) ioctl$DRM_IOCTL_MODE_DIRTYFB(r1, 0xc01864b1, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000000000000061, &(0x7f0000000040)=[{0x0, 0x0, 0x1fc, 0x2}]}) r2 = dup(r0) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) socket$inet(0x2, 0x3, 0x2) close(0xffffffffffffffff) r3 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) r6 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) mkdir(&(0x7f0000000080)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="140100000000b2000500000000000000850000007b00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000140)='contention_end\x00', r7}, 0x10) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f0000000140)='./bus\x00') pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff}, 0x0) r9 = creat(&(0x7f0000000100)='./bus\x00', 0x0) splice(r8, 0x0, r9, 0x0, 0x10000000000016, 0x0) inotify_add_watch(0xffffffffffffffff, 0x0, 0x200) creat(&(0x7f00000002c0)='./bus\x00', 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x44, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r5, {0x0, 0xa}, {0x5, 0xffff}, {0x0, 0xfff2}}, [@qdisc_kind_options=@q_rr={{0x7}, {0x18, 0x2, {0x8001, "ce22d1d55f358b6af5a1073a80d5e3c8"}}}]}, 0x44}}, 0x44080) 1.36112531s ago: executing program 2 (id=1028): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x88, 0x30, 0x1, 0x0, 0x0, {}, [{0x74, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x5, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x2c, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x800}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ptype\x00') bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000600)={&(0x7f0000000740)=ANY=[@ANYRESDEC=r1, @ANYBLOB="9feb010018000000000000003c0000003c000000020000000000000002000084ffffffff000000000300000000000000000000000200000000000000000000000000000d030000000000000000000002", @ANYRESDEC=r0, @ANYRESOCT=r0, @ANYRES8=r0, @ANYRES32=r0, @ANYRESDEC=r1], 0x0, 0x56, 0x0, 0x0, 0x4000003, 0x0, @void, @value}, 0x28) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYRESOCT], 0x0, 0x4a, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28) r4 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001bc0)=ANY=[@ANYBLOB="5c0000000206010100000000000000000000000005000100070000000900020073797a32000000000500050000000000050004000000000014000780080008400000009008000640000600000d0003006c6973743a736574"], 0x5c}}, 0x0) sendmsg$IPSET_CMD_DESTROY(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000180)=ANY=[@ANYBLOB="280000000306050400000000000000000a00000505000100070000000900020073797a3200eaeb2ce1a789597d70e4d677ec96c7689e5fbc8b79d93878f62b4bbd5a4822d9d6"], 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x8010) r6 = socket$netlink(0x10, 0x3, 0x6) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r6, 0x10e, 0xb, &(0x7f0000000000)=0x3, 0x4) sendmsg$nl_route_sched(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=@gettclass={0x24, 0x2a, 0x300, 0x70bd2a, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0xc, 0x4}, {0xc, 0x4}, {0xb, 0xa}}, [""]}, 0x24}}, 0xc0) ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000400)=0x11) r7 = socket$netlink(0x10, 0x3, 0x14) ioctl$sock_SIOCBRDELBR(r7, 0x89a2, &(0x7f0000000000)='bridge0\x00') bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x6, 0x6, &(0x7f0000000500)=ANY=[@ANYBLOB="b409000000000000611110000000000085100000020000008500000008000000950000000000000095000000000000001dbe1ac61335a78d03e433e1280a0027a22fedde53bb23db721bdc917f1fdb7adf9dbaa948ecc4f98727e7308ab164ae44a267aaa44dba10bb0381f9776caa1b2c37b3df39b40132fd8374e55b138778245e740a86341d2cd41b9e4fd8cef49c1e138f2a118a47b61bd045ec307fa25e90a11da1068a4a77f0336e5b833996be36caaf2358adb8a28a423c3bb2b56eedc698bef1dd3717954373715908acc3c19ee3598d5e414ae779ed5ebf72403ec4d30edd5c881fa0819575b200be945ba62e1b7134a15e35ae2b467234706f"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r8 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) ioctl$sock_bt_hidp_HIDPCONNADD(0xffffffffffffffff, 0x400448c8, &(0x7f0000000340)={r8, r8, 0x8, 0x0, 0x0, 0x2, 0x11, 0x15be, 0x5, 0x801, 0x0, 0x8, 'syz1\x00'}) socket$nl_netfilter(0x10, 0x3, 0xc) r9 = getpgrp(0x0) syz_pidfd_open(r9, 0x0) 1.227823895s ago: executing program 0 (id=1029): ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0xfffffffd, 0x0, 0x34324152, 0x7, 0xa, [{0x2}, {0x10}]}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setscheduler(0x0, 0x3, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_io_uring_setup(0x110, 0x0, 0x0, 0x0) syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) r1 = syz_open_dev$ttys(0xc, 0x2, 0x1) ioctl$TIOCSETD(r1, 0x5423, 0x0) ioctl$KVM_RESET_DIRTY_RINGS(0xffffffffffffffff, 0xaec7) getsockname$packet(0xffffffffffffffff, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0xd, &(0x7f0000000000), 0x3a) ioctl$TCFLSH(r1, 0x40204706, 0x20000000) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f00000002c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000040)="00000097c3199945e3eadae14708c82ec713c20000070002", 0x20) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 1.120184176s ago: executing program 3 (id=1031): r0 = syz_open_dev$video4linux(&(0x7f0000000280), 0x5, 0x80203) r1 = openat$cdrom(0xffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$CDROM_LAST_WRITTEN(r1, 0x5395, 0x0) ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f0000000200)={0x0, 0xdb5a}) statx(0xffffffffffffffff, &(0x7f0000000180)='./file0\x00', 0x800, 0x1, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fchown(r0, 0xee00, r3) mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000108500000075000000a50000002300000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000001740)={&(0x7f00000005c0)=ANY=[@ANYRES64=r2, @ANYRES32=0x0, @ANYBLOB="13952769eedfe4460948d22696a86ac360c98ba5"], 0x1c}, 0x1, 0x0, 0x0, 0x4028840}, 0x4008004) syz_emit_vhci(&(0x7f0000001700)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2) r5 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000500)=ANY=[@ANYBLOB="80000000", @ANYRESDEC=r6, @ANYBLOB="050000000000000000000200000008000300", @ANYRES64=r2, @ANYBLOB="2d000e0080000000ffffffffffff08021100000008021100000000000000000000000000640000002503000000000000080026006c09"], 0x80}}, 0x24000000) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r4}, 0x10) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_service_time\x00', 0x275a, 0x0) pwritev(r7, &(0x7f0000000280)=[{&(0x7f0000000340)="f7", 0x1}], 0x300, 0x0, 0x0) r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0) ioctl$TIOCSETD(r8, 0x5423, &(0x7f0000000040)=0xd) ioctl$TIOCSETD(r8, 0x5412, &(0x7f0000000000)) timer_create(0x3, &(0x7f0000001680)={0x0, 0x6, 0x1, @thr={&(0x7f0000000600)="b626b8e33ddb185fd3832d84cc29591b829a1a1ca2d76b27372e8805a2fea94998316fb01720be6c8519f1ea5980b226710a3b14791a3928215bcafb2e7b933ee61d10f27ec92c8d8d0159b7ac69d17def799804c1012fdffee02451997293d57bdef75754fa361600a097c48a267e4f669724ed81c9655a9b2fd760c192fe39ad28ec7f5164957a65a9eabbfae201fe9dc5f25b93650aa120205e17d83a3bf7b39875c4e622c124e467f7c21bafff0816c30dc133ca48cd8648871040e9bab93860c6e1fbf8db9e8432c30019336e500d5ad658094adfef7c0282bc609c984a46f4dea373f1258dc38e59abbf841a16c506b427828d39230bab0a0181e915e74cf43847a4c5dd332f00325e4367355bb587e0b04bfd2452010840bcf6f045e84751abca85e58c64ed63bce01016829efb09045a22fad044ecf9dd067604fb23d0e861a6863d1e36d97509d0cd589c14aa0fcc9079a96d77da50920f58ac2819c488617951f0b66ed28b989052562c45ecb1a489265e0138126879bd956f7f36d84509da94f54e5180693c5137ddc56343b4615ce5df1cbfacf001a88d8c331403aa12c1e55e9be93323bc40378302f3afe6018cca3c3394e68be7bacbeab4a0375d0a92dd07f5aee0833321baaa8350e1aa3524b46fcb1970b7f45455973ed7b9e6c68c74c4a329e64303dcf3853911765258b5fc791667d96e9d541a1cc910f9451d9f192a30fa93a75c66526043cd21ea8b9bb7c59bf60bf601d5dc9bdbc4b7b745ad1b3cf06531793c59470a866d5236318f118f2d5e8a830b26a371df0d44b2d16e228134ceae28816d76424c06e33268be8ab48d45637f2696269a6c523a62f3096c910841fb07d55f38b1c7abb3dea40351bc17ed9c5b903b8efba0c4775c61bbaae4cb87510452d23d4895f141135983f5ce1d70ad4a646bcdcb1cab8053a6df25126caac005a7ad115e0a228d9baed4c3153d99c9587556b2ca587dd1a73d5686005234347e4f72e1493a1a385b4b8b5c436291deb7e4f5b3b9e33179ce29868849e931c25b72ef365795db9cac4259f17e65c449455bdb162e7deda9ec163ed8bd9dfbcfd130b9031a24e0d40706516961f8b7431bb89c4f0c1a7c2ee7cc869393642029cef71b084aebe81f8d104ef7fa2b6c67b3359df5df54cd6230d9a481361cf1ede42ecbaabe88a414f8d954fc5ca43f7ab92903578c2a99fb1b7a0d8368e7bc4695dd6afd5bf522da1a123f0791e4094a3bc3cc507d9a0ffd5fa92ae9de200450583ba15111999cce7bb784b57a29b7802f0ac8d7396c65d9a2bae0c01305f6e5b61a32c369e0c6bb4de41f88938a46fa5214005a3a77ceabee15ffc47983102461e8c7acde10442f753064b48839659cad3be5e1607f12604136e081ab95e3fa1a091bd3791d27e5da2a0e65a5099521c303ff7b6a6b9885ae6d27b88d6899e70685935f18222dd3ab78e17b0c518486b78cfca3b7bb5c3dde9ae4595e10d93b773c7347d35dfb26630c80f55facd5d71d224cb34622a4cfe51985129b2412b06a9028222ff0cb20bae5d51e989df65f8a3849e774cf82ea3297f27f2d5638e7d71f7b649b5a4c8386b731d21f5ef2b3486ab905d920acda1fc82e7bf8f6158286950ad6d7ebec452eeebab9163dab885b7fde12311fdd4e9fead906e949d8df029d810b24404f98426144944d5968760c4d41cc30bc1a28af5751b190d4854ed0b24cb121e52bac50f267bcdc661f6bb59d77c34da288a19131db497f0f8b69ef80792d7751c125bac42bae9e1b432d5f85d6e7ef259e7b8cb95020d24fc99bc971155e858df8343483303df62631f15d5c385eb796f3d41101fee1ce408602d6296d45ddd2f3b8886af628bcf0ee911f6def2d2a05d6c94fea95cadf916f304a0c59a34822be50113f0a03785f6e580c46a657a01c9ab736f9be93bc936dc790433b640c54a389f183015477e49a53a0746e887e1788344f0c4bc4364087c1aa647204f0c14039ea6dc029a7655dc9b7238ae92ba44d1c1fd370f1d6082a8fb7262a9d9ad633d627f4e635ab29c4910905f40d35bd3b6b124fe5ac7b0a9ffd53764b9dc15296353bef5ee2969a1ec0119c03ca4c31e38a567adb45dce1b778a656ee895dea70045815e655723790ba74b858b399dd2a63df9a853fb39500fa4891493fc7b5e0eb60ac41e3aa194a1cafcacb4fd65338e64a3347aac0064b93da2509166ffcc5680576b6871b34dd343dbb0bcdc5ef3235ee68eba1be9feb089a3b40694a52ebb0f35e503bd375b333334a88c30fe1a86cbe38f7976c124775dda0a5bf79cdf0462f1775cae5401924548ce7f31f69918123d6dd60645120118f13bb42e5793dec40cf02ab710c17a5e4f717b926959025536f805b4dba15c859e046badaf6c50702f5f1088ecd68b5c7000e9e6c1cc0656e1a73138ce3109bb085698f688241c2234422040b6ebee7680d7b24be6d2db5fd6a6a57d8ab1da5561c73dab5387712791034f182886913f785681fa83b3810ee311cd09e4b169257f5c37df4e9766cc4242ed2981c0b0c478a5d79fce2de9042b15dd2b830671acefc7bed35010088d8b1ef2410e072013052e857b9f79d579ae0bf3696a69dccb5b7e8831f8615ecfa1a178abd01cc4a8e7122308ee8ce7769437f238b9c107da448a80e510715dcf0ee76edbe9d04a4d116fe5d566ca202472ef9430a6b42ef4ec1d2c5c5132119eb1afe995052e23f7e7f41e647bb438dd7d699e13ce13c61b23e9b5fdce5e6a1655e73f8bbbc13220fff37e6d775aefb01c188ad9bfc95f9f903651bf30fa6b2e96f6eebf82736b00f1f0de8a6f0b690cf6e095844932f694bdb126ce6fea71823bd9312bc3674d4c9e0059e7f035596e5e9010afaad17203a222303f5dc116005d567c7f962dc1f984b03f93a305489bbaad1aadd38195f8393281fcc92181a7fa194f46cd7f079b7d1c6c81f188b5602b4f7cc05c85819571edc45412afbf66c8036326d266011840d6a826049eaf5877f59cb1fbdfb15dcd7b1eae56fd42e24aa272a3cd5b9c04770987f6189ee6010389836f40a31dfcadb2c6e5a1cd5a778feb51477e79f80aa598e97b5f8491082d7bcbc393b5a7d7abfe88c38326c36ec28126d56ef146fac3a01aa408451a4da5cf6e00b0331f1c2b4bfb1b4c8bbde13768b6eeeb520e986e0f684848491c988c7cfd23c1838c6c4ca62f361e4ddf75fd1197a645c381360629439017724fb88a319e1cdd2ffceb50f9be095440b588bd7f290d86263df2148c18f20b6417f7b78e8f4aa0afe8da501db6b7b7bf277cdddaedd189b1f826dfeb7e68cf9471685eaf86d9f897c46952aac7c01962a056736a67a546fdb509fbf3e84817a3aea278951d57d84b9b807488b5f6bd7b6ae1ab652f2e72bca43a03a51adcdc4ff16e0827ddf5aa4f088bcc35ece806212c711005ca917660b6131b233e665f8736f8838344cba15b4543893dcae1ecae5432b996179be0686e9ee9cef767406aad57a6b4b9d0a676cb9b8544853b256604193504ab57d0fa70307c111151e56ca030d0cba96d930a46eab58a6bc98a69e7ce3876120241f57b64505b0a9aea572b4cdf9b2565ca1beeb51fbc2701ee7198959fc9cd59de0f40eceedf67255443f0c1a14858e8c6d5b5ce38664b49fc6682befe964e11be1ba0eacb2e9815c320cc1e6d736f37048046b5d7f6a9ee534116bd418fdb4a4145e46279bc92b7f572c10ef6841a0276c8f1572c2c3346192da3fbf8f504b385aa451040a42c68fc0607258ec602f2a018b4dd6c8591d3fe5df7fb77476e9b64a1da75a838b7de70cb9147b08cc62716f7f63800ef8751061eee0f0be6aa2731b273862a3163df708c06cc384648137b91b63c09f87d5e54835ce80a2958772c327b32951d3aadca0b671792c873fc0afee72de342f6b31f4fe4301c321327e79b14fc839f05bb4e2b620549f439a5c7f9cd2762d92e9dc1adc5edcdf66094570116a2553a603f4708bf3e64fdca7d8ced1b7c38d9eab3a11225383a5827343ad57e13dd90be9393090f1f3bfbca0fa54a77fd80ea54b6639296c92ff529b50a95c65cef1b96b15092f9a0eedf9cb86a4e21355c37b5f6f8ab0b8e8e1f91a038a4cb15e3351e3eaa31255b8a784fb5536e74953df75be4281372d5007c979cb4a83f84c8eaee61687fb646ab0e215723391b2d206ff8c141211204b218221d14dbf1e22bf9379ef4b4b16694293e8262dd42e81ed028214aeb7db2215774bad02fcbb9d114c5499e55f1550fd81ef2b624be3768820540cee68c871d6d59ea5cc102024121a9563a463877c360fdc4732cee9e3a5e80e269925e1bab51901a0e2688a6f65a407f086f056c9287d7071b229cabf6ea6585955b21e44310559b680d2d978d4a3bc010515305f3d3c5ba4e81b023ae396a48fd7ad747854e0e1bf520bec8589b854f0d8eef7654556ae3d0e94ad619062d7532e938996aac297ac7bb2b1004c36d1a3af97cacc6d7086885fe72f37c2e7f0aa53ce023f1d89a0dd104494fb3d61d1f04e431d0486fb3ac1d0b6e078b72c941b28f2cf7c6765862ad179b94d9b317fe3412300888dc2aa8e616232e1e6f3f40cca8b0aa5ba8ecb42ca7ed838c3b39142752010c78345a24c3850d384f72e8c397964178ac6e7383a4909a56702060760c603e3d13e38470e252f912e1d872bf651845446e7d883f76e6b308cfae2df16e706e8661e3650bbbb46292af63a8a50255471f95fafef349866531b931883f910c72c4acc70c509a5f2b00da840d4b0004917f3816fbad55638e43c2a3f4a8646f80114bbee3c615c24811a1773946fcd37cbd7cc4f9c1e4e78ba0107945747df2279d972519a667e32763e9ff771e3c6021a704fe1b433df40250942ac20203a44c1c1fcbd83f484901da3a189c80b19bad51d56224be41d3584d13123419d4ac200bc7633ec2a0de4cf7cc9fba10993f90be282a7c535db12c06532c9de971f2044b22ab6e4022a13d2b8ae82f51379a2701790fd10edcf319c6133de451435ddcec76cdc596bccfbdbab668e1a1972e64f0554600994cd445251c19776764167ee96dacffeb0cc9dec1e8e7cf78dcdc229fede6ae352b877e43b774bd46faf3ba56e7a4edb527f7cdddb3be7257261d93802206b169119c516c3273da4791488c54d035db7eca33f1c89243866e4ac28b2b62dbd8e1fcae793e6bf1e631b5f2301f3543dc04e47183728a860eeadf9fd66abdecc081a3857ab4be15cf976f8f66258acab869c4fe27b099fe73cf8cdaebc15a1dd7dd5ff7115a75bf57aa0f910201b74045f5978cb97153409766f31d458ab7f0edf67ddbee51bb39b9f51a15ec679520830241d0b4a834d237331652160613bca93f546bf0f10198072445697a7f713cabfe1a3afaa538dc7f96e06045a362df3072ae4854977dde5725b3c726fddc7feef6af700253844b5a340024b0da825a612c92fa4d6b0d220be6caddd89ac4380b71ca38bfcdb6a03854dd4c6c56c55b388245c25e3dfe14348eb7644aa773a68793cc1abf3344a5234f6fe69ceac2686552657d4cc166b044e4deb958fd1ed7d784a65f3118920496e8870d01d60a3437259b59a34ca412b59fe742648331ba3d5ad0ce964548bb60cfac00feae3c86680dcd5331fa548ea6d82f1cec27804de3edafa808c2d1af06547d8c5e7ed6a1023aed233cd9fa98b515591abadcbfc1a745e9a53fd8413247e6653bcce155b063c0f6542158d2f6e43ae7527", &(0x7f0000001640)="bfbe18856462b099e18b8bfe2bb5fe195eaedd172881dc76ce65443007c1d1"}}, &(0x7f00000016c0)) write$FUSE_NOTIFY_STORE(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB='/'], 0x2) r9 = openat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x80000, 0x183) r10 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x40042) write$binfmt_aout(r10, &(0x7f0000000000)=ANY=[@ANYBLOB="000000000000000000000080008000022f9bb177b214b1004500f5ff06ff00010100fc5e15f4c3d3fbd80dad0000", @ANYRES16], 0x125) ioctl$sock_SIOCSIFVLAN_DEL_VLAN_CMD(r5, 0x8983, &(0x7f0000000580)={0x1, 'sit0\x00', {}, 0x8000}) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000140)={r9, 0xffffffffffffffff, 0x14, 0x0, @val=@netfilter={0x7, 0x1, 0x2}}, 0x20) mount$fuse(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0xa6d214, 0x0) ioctl$VIDIOC_DQEVENT(r7, 0x80805659, &(0x7f0000000480)={0x0, @data}) umount2(&(0x7f0000000040)='./file0\x00', 0x0) 991.224425ms ago: executing program 3 (id=1032): socket$inet_icmp_raw(0x2, 0x3, 0x1) r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(0x0, r1) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000000c0)=ANY=[@ANYBLOB="010028057000fc", @ANYRES32=r2, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffff"], 0x398}}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r4 = dup(r3) write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c) mount$overlay(0x0, 0x0, 0x0, 0x0, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1, 0x5, 0x9, 0x84, 0x145, 0xffffffffffffffff, 0x4000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1000, 0x0, 0x0, @void, @value, @void, @value}, 0x50) write(0xffffffffffffffff, &(0x7f0000000740)="fc0000001c000704ab5b2509b868030002ab087a0100000005481093210001c0f003058425006010", 0x28) bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0) bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000000800)={0x0, &(0x7f0000000840)=""/121, 0x0, &(0x7f0000000540), 0x6c, r5}, 0x38) r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0) dup(r6) getpgid(0x0) getsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000ac0)={{{@in=@local, @in6=@ipv4={""/10, ""/2, @local}}}, {{@in6=@private1}, 0x0, @in=@remote}}, 0x0) syz_open_dev$dmmidi(0x0, 0x2, 0x682041) 791.225343ms ago: executing program 3 (id=1033): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x200) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) 569.989524ms ago: executing program 3 (id=1034): socket$kcm(0x29, 0x2, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4000844) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f0000000680)=ANY=[@ANYBLOB="18020000000000000000000000000030850000002c00000095000000000000002b4003fe37a077ae55f52c0d80a2649baca85309be96d5a45bbbdb5ff7ffffffd075b3eee14473f51be98db7efbb059842badcfc81364470e8e04acb807fbbabc68abdcce9f672b6bb61c302dfd5c11071adac29fd64d33a3502fbeb1ed99dd0e792f24c420bfcc2635421d339ad521d6953b1137850d9e9ebf65ee988ea2dbee528678eb47efb7b3f19046c6f1bd1bf56e5853ed96137f95b3a11954ed1c8a8676468cf2405e48723d4b1ff"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x1000, &(0x7f0000001400)=""/4106, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x18) socket$pptp(0x18, 0x1, 0x2) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r1) r2 = syz_open_procfs(0x0, &(0x7f0000000140)='wchan\x00') read$FUSE(r2, &(0x7f0000000580)={0x2020}, 0x2020) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c0002800500010000000000080007"], 0x64}}, 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x6c, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x2c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2=0xe0000001}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}]}, 0x6c}}, 0x0) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)={0x68, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2=0xe0000001}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0) sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0xfffffe01, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x34, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8, 0x1, r0}]}, @IFLA_GROUP={0x8}]}, 0x34}}, 0x0) r7 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r7, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="2e00000010008188040f80ec59acbc0413a181000b00000000010000000000000e000a000f000000028002002d1f", 0x2e}], 0x1}, 0x0) 480.730496ms ago: executing program 3 (id=1035): socket$netlink(0x10, 0x3, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000003b810100850000006d000000850000005000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000340)='kfree\x00', r0}, 0x18) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000000)={0x0, 0xcc}, 0x8) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) sendmmsg$inet6(r1, &(0x7f0000000480)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000000c0)='\b', 0x1}], 0x1}}], 0x1, 0x34000811) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000100)=ANY=[@ANYRES32=0x0, @ANYRES16=r1], 0x1000f) 479.312523ms ago: executing program 3 (id=1036): r0 = socket$alg(0x26, 0x5, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$l2tp(0x0, 0xffffffffffffffff) sendmsg$L2TP_CMD_TUNNEL_CREATE(r1, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000000c0)=0xf) openat$ptmx(0xffffff9c, &(0x7f0000000300), 0x80, 0x0) ioctl$TCFLSH(r3, 0x400455c8, 0x40000000) ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000040)=0x32) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)=ANY=[@ANYBLOB="05000073797a310000000052cfad0739fdc3e65b16a08ada0ad6ee16f6403dcd"], 0x34}}, 0x0) syz_io_uring_setup(0x24fa, &(0x7f0000000080)={0x0, 0x0, 0x10100}, 0x0, 0x0) getpeername(0xffffffffffffffff, 0x0, 0x0) syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x5df, 0x0, 0x32314247, 0x87430af74561b8e7, 0x3, [{0x2, 0xffff0000}, {}, {}, {0x0, 0x32a}, {}, {0xfffffffa, 0x6}, {0x0, 0xfffffff7}, {0x9}], 0x0, 0x0, 0x7, 0x2, 0x5}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2000005, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) syz_open_dev$vim2m(&(0x7f0000000180), 0x0, 0x2) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) write$binfmt_script(0xffffffffffffffff, &(0x7f00000004c0)={'#! ', './file0'}, 0x1f7000) openat$procfs(0xffffff9c, &(0x7f0000001080)='/proc/meminfo\x00', 0x0, 0x0) r5 = syz_io_uring_setup(0x10b, &(0x7f00000000c0)={0x0, 0x68f0, 0x2000, 0xfffffffd, 0x1df}, &(0x7f00000001c0)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x29c780}) io_uring_enter(r5, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf) bind$alg(r0, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'nhpoly1305-sse2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="8a", 0x440) 431.270083ms ago: executing program 2 (id=1037): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020200600000000000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b0000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000006480)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a14000000020a010800000000000000000500000514faffff1000010000000000000000000300000a"], 0x3c}, 0x1, 0x0, 0x0, 0x4084}, 0x0) 431.060711ms ago: executing program 2 (id=1038): r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000080), 0x801, 0x0) writev(r0, &(0x7f0000000b00)=[{&(0x7f0000000940)='\n', 0xfdef}], 0x1) ioctl$TIOCSSOFTCAR(r0, 0x541a, &(0x7f0000000000)) 211.16149ms ago: executing program 2 (id=1039): syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x2b, 0x80801, 0x1) connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x0, 0x0, @empty, 0x1}, 0x1c) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x4, 0x5, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_io_uring_setup(0x48ce, &(0x7f0000000200)={0x0, 0xffffffff, 0x10100}, &(0x7f00000000c0), &(0x7f0000000000)=0x0) syz_io_uring_setup(0x6fe7, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2, 0xffffffff}, &(0x7f0000000080)=0x0, &(0x7f00000005c0)) syz_io_uring_submit(r3, r2, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, 0x6e6a9ace1e35a607}) io_uring_enter(r1, 0xec4, 0x0, 0x0, 0x0, 0x0) (fail_nth: 5) 51.045089ms ago: executing program 0 (id=1040): ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0) r0 = openat$sndseq(0xffffff9c, &(0x7f0000001240), 0x20300) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a45320, &(0x7f00000000c0)={{0x80}, 'port0\x00', 0x3eb, 0x2062f, 0x3, 0x0, 0x0, 0xc, 0x400, 0x0, 0x6}) openat$sequencer(0xffffff9c, &(0x7f0000000000), 0x20000, 0xc8) 50.874615ms ago: executing program 2 (id=1041): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff08000400", 0x32}], 0x1) syz_io_uring_setup(0x1fcd, &(0x7f0000000380)={0x0, 0x1ffffe, 0x100, 0x7ffc, 0xffffffff}, &(0x7f00000002c0), &(0x7f0000000000)) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000ac0)=""/4096) 50.778875ms ago: executing program 0 (id=1042): sendto$inet6(0xffffffffffffffff, &(0x7f0000000080)="b3019c28", 0x4, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x33, &(0x7f0000000140)=0x10001, 0x4) r0 = syz_open_dev$vcsn(&(0x7f0000000000), 0x1, 0x800) read$FUSE(r0, &(0x7f0000000c00)={0x2020}, 0x2020) read$FUSE(r0, &(0x7f0000002d00)={0x2020}, 0x2020) recvmmsg(0xffffffffffffffff, &(0x7f0000000d80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x10162, 0x0) 50.409755ms ago: executing program 2 (id=1043): socket$netlink(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x8000000004) r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f00000000c0)='rpc_request\x00', r1, 0x0, 0x5}, 0x18) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) recvfrom$inet_nvme(0xffffffffffffffff, &(0x7f0000000640)=""/4096, 0x1000, 0x2000, &(0x7f0000000380)=@generic={0x11, "d71d9c1bf36be386b8195be2f96732daece168ab8c4756fcaaaaa57ab4d9fa9c5e136c872457faea878081b25c7ac9863e328325d3608f7b92b91789fb2322981d60e78ecebc51a8a848ac66a135cbf9adb555f5fff1d2552ce4b120288f1c606bebc17e3b75c547a1c41ac89d1be3f0e179d586d665ef8397dfdbdaa865"}, 0x80) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) openat$vim2m(0xffffff9c, 0x0, 0x2, 0x0) sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x97, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140003002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0) 880.726µs ago: executing program 0 (id=1044): socket$netlink(0x10, 0x3, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000003b810100850000006d000000850000005000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000340)='kfree\x00', r0}, 0x18) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000000)={0x0, 0xcc}, 0x8) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) sendmmsg$inet6(r1, &(0x7f0000000480)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000000c0)='\b', 0x1}], 0x1}}], 0x1, 0x34000811) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000100)=ANY=[@ANYRES32=0x0, @ANYRES16=r1], 0x1000f) 513.615µs ago: executing program 1 (id=1045): ioctl$DVD_READ_STRUCT(0xffffffffffffffff, 0x301, &(0x7f0000000080)=@disckey={0x2, 0x0, "3f5a0b15d6d8c11322248376e18bdc159f58094f0e3c2fec6c647e9c8d55c1993f7187a146c0b74c0c74344c7143491f367f52871070eb286b553c575be58e781d3d7d3de2eae9f2aa3b2871dfe5a56e9e738dcd1ec11717e90c23b9183a684d5acb0b3dfe0a0f12f5eb2981090b583bf4129d4b67bfe4f7be64738e98d4d10a9f94ff6e53b70a57ef176e072a1de8f97ab7bbb117c4de7f3cbdad78bb13eff80ae321e61632745d68d83121f558d6886723a5e5252eb3883209da65f4aeeff6f83f6911238ee44299a6f2e6254994bf907ab1bfe41cfd4aa8095bb24d6244748546b41c47524aca6fa483b534490822127e4736670f7cc43d86b9a714a01221fb6d187ea244db1ae5a08e67a332110908b027e2d651ca51f78f07503626265f18df7462c7e4be42fdf52444e981a7cc3fcc4e8d69acd92dc7c91e933368a644c436d709b52f5a0e69dfe5f50cff270bbf0267b0eb98de13293bc4ee7b1e09ce2cbbae1b6b25011f46bf4ab163a8c0023c5e525d54233041d2d1af974440888d25a61defdacdb59b689be18c9e9aceb55061307155cb4928b7d69e8fab0b0a7ca6a883193c89d50e096b8e0dc3ce2299015d9c6fe9143d226f4ab405939b48702d85a0020fad20f479666004eb1c68e2796bce4ff7c3be4a3965ba1a2d4fc26434ddafd3191ef7eede9e3b592cd4f2b723641a2bc0e516aaf1c5e553b4c77f7806d9f61b7e15b7b28d5366d993bbfa6790128446a01df8259f23195f23b0dcec287018abdb2c7b7f1cd98c5eae859b23f38bff93648e0d5b58afdd1109f1bd08754839a90a436363d826387af9ec660726d12c550819ac9a6c56d9383f98ce6766cb173d89adab0137adb2a5795733a926350bbd589b116d84c45bd8072542ff73c4ff981d0b703db5071e21da8d60bf0c782d2d60c6f521f0a5f23c712c13ecf2ce9f135c3ebef463df487e74517aa8f03375a2db54a0bf1b2c24a6472b1c7d640d9a9a79f827330e99ccbd10ecd63c82cad107c2f3a4de59ecf4f8d8bd26087679d92106021aad61a76de43715493c1bef8ec798f89d34ac8c17f66c1bcdfc9a444b315e34437e8323e6daac8a4fe79bacbf1b49319de9bb68b85b8882b1f3a7fa24a8d5856091cb91093fa9b86f6c66da2ffdc7d9772388778cd9c1f2fa216aa8a747e5ae587d00db65125a1213cf86bc7fa0b98607a0e991ce4d1b0c0e62743f4fcf99e333913afabd7d6b51a2d7178eaeed8f54fea2903efee8cca0b74b889b97d3a117dd0e63a8094559aef181ccc1516945f6383806d49a518981d224f6e481e35dbbd45f01d69bff3c9938d3ee5a7f8aab3b52e83027cdc39c7e1fa6649f4fe1c7dd73e67f66dd884f072d59dbb76beebeaa39f904be3110fe9979fce39fbaabd4788f0d793a799393a773776aa7eb2fed502ad184003718f04192efe59f09cb506d07a69f3a99dbc58fb5cf5a36b434459c57b3c937287a76f4fa7c6c3bafcec86a2616501b6ca477f1642b5e75491c6b93cf9af785ab368f6b1ca34a16ad491bbfc856c2c4d1b8aeb3aa1d8584d3682dfb594a42e62e1ad9d96f1aa87cd7fdb5703995f3506b610816739e75f986f0ec9209d2b5545ae12d483dca4730398a1a0ad31a7b1c9dac6e67c3abd6882efc61af7336bd40ba123616b667ca056b5baca85a105f3f4f943df088f8f6223a89fc0a5540b5da0fda970a009f9f05970837563d8996e2cc461bcf2745db6f5ca87cd84bf8abda3ee4ad9107a11ddb5088f92ee7ef0022e00c9d5f58867411cd1a71ca9a7fb26c77eabfa793654509ba476eab448db0cc7eac696aea82235b41e51ff02d22d3c3e1e007e10c1addf4d12d2d6ccf654d95f539664c317d473e4271c26d497f03441344629ef9dba438974f1e86413142646ae24cd8a83893d8dd4541b9f374e2d9ba3ed47bb04462d1b5329d707add6e29c1daa429c025c66898212e535af4fdacabf4e4ba091b9899a15b754d24d464be9303999cb4a3a4772d0064912e5c9208f65e9f68882e547ecf14abba2c74112353142549e63d2349a624e2b44944a22d8d6ba04c53fd3846f1d46d309b903b72577a2b39e2182d4ef3275c36f9cdc794cb98e7d31bb0e17343febf5ae6aea0b42098939f13d3636e44967f3266eec49b74698d70834e6bf6f42bd5452a9b564d6bb384f77a82bfc4936682c09374b57e8f1b2a88104f21733c08c293d7ac89b04b30e8343ae8d148e28fd86666d4247ea6f4d3e049141d01e917ea517ac3ba7cd7a7ebd51663838f6784a04957c531797d5a24dfc88dd79ca42db3486092ae7cb47fcd894a0a7b1606fbcef424441597a437cf9fa52d617536618b5469aa10695123e549e56891e2b50cee45e71c5a10f5226fb540feb952c149bf2ce7f02063c0a41249860eb328e7fc1005046f5a403d2ceeb0638fbafa465c941b493c940d8f9514eac8f6be37de660d32305075e965403900ab7ff2380f70a4ae3390a4ee5bc756ae4a06ddd9cecaf13eda42c52e132fb25a16697a71a57ff0352b86df76652702be84971a8857cdcbbdbf492a5782c4abeb51ceecbf7e1bb8e00d8b8387c795f9c2f0d658c322d1dcbec05667f7048a44532c66bd25ea1b5be284d12d2f3167974e7f3a5b6c2bd7d630e4d60891b025e6c50f62ebe91882c31ee16b33568f5cbb61daa327fe4c4433679d5a71da0ad00a83001cec6ba3e7f9ced5d46def24aeb3c2de248aa02832d4922f762981c4f342fb17eed4d797980202b2a0cacadaa2951fc28ee9df685a846d8ae273981b1be255aed62af7521b75afee0f47e9400173508b3083629719ac2c8b4b670f7798ec21770ba8a276663d9f608ce27de0c3e0a289d9d300"}) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x405c5503, 0x0) r0 = io_uring_setup(0x7ee7, &(0x7f0000000080)={0x0, 0xe5d4, 0x4, 0x0, 0x217}) openat$rtc(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_io_uring_setup(0x767f, &(0x7f00000005c0)={0x0, 0xd9d, 0x100, 0xfffffff7, 0x299, 0x0, r0}, 0x0, 0x0) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x0, 0x0, 0x34324152, 0x6, 0x0, [{}, {0x0, 0xffffffff}, {}, {0x1}, {}, {0xfffffffa, 0x6}], 0x0, 0x0, 0x8, 0x0, 0x1}}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000008c0)=ANY=[@ANYRESDEC, @ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x8, 0xb2, &(0x7f0000000140)=""/178, 0x41000, 0x1b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0x1, @void, @value}, 0x94) prlimit64(0x0, 0x7, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x3, &(0x7f0000000640)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = openat$kvm(0xffffff9c, &(0x7f0000000000), 0x40, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r2, &(0x7f0000001a40)={0x1f, 0xffff, 0x3}, 0x6) write(r2, &(0x7f0000000000)="2e000300010000", 0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800060000000000000400"/24], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='contention_end\x00', r4}, 0x10) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$tipc(&(0x7f0000000940), 0xffffffffffffffff) sendmsg$TIPC_CMD_SET_NODE_ADDR(r5, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000009c0)={&(0x7f0000000100)={0x24, r6, 0x1, 0xfffffffd, 0x0, {{}, {}, {0x8, 0x11, 0xffffffff}}}, 0x24}}, 0x0) ioctl$SNDRV_TIMER_IOCTL_GINFO(0xffffffffffffffff, 0xc0e05403, &(0x7f0000000480)={{0x1, 0x1, 0x300, 0x3, 0x4}, 0x3, 0x1, 'id1\x00', 'timer1\x00', 0x0, 0x6, 0xd2, 0x4, 0xc}) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000140)={{&(0x7f0000170000/0x3000)=nil, 0x3000}, 0x5}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0) syz_genetlink_get_family_id$smc(0x0, 0xffffffffffffffff) 0s ago: executing program 0 (id=1046): r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4) r1 = syz_open_procfs(0x0, &(0x7f0000000300)='mounts\x00') preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000280)=""/76, 0xff0d}], 0x1, 0x0, 0x0) r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="030000000400005893d099811525302508000000d32f9268c952ae4e67fb8f9e82606c", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=r0, @ANYBLOB="000000000400"/28], 0x50) r3 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) r4 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8) close(r4) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r3, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) bpf$LINK_DETACH(0x22, 0x0, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a8000000850000000500000095", @ANYRESOCT=r3], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r6 = openat$nullb(0xffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$BLKTRACESETUP(r6, 0xc0401273, &(0x7f0000000380)={'\x00', 0x0, 0x1, 0xfffffff8, 0x0, 0x4}) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) kernel console output (not intermixed with test programs): 691] overlayfs: missing 'workdir' [ 121.162920][ T7691] netlink: 20 bytes leftover after parsing attributes in process `syz.1.458'. [ 121.370605][ T5986] libceph: connect (1)[c::]:6789 error -101 [ 121.375404][ T5986] libceph: mon0 (1)[c::]:6789 connect error [ 121.559840][ T5959] Bluetooth: hci3: command 0x0c1a tx timeout [ 121.568463][ T7708] random: crng reseeded on system resumption [ 121.569862][ T5959] Bluetooth: hci2: command 0x0c1a tx timeout [ 121.570451][ T5950] Bluetooth: hci1: command 0x0c1a tx timeout [ 121.759682][ T7688] ceph: No mds server is up or the cluster is laggy [ 121.920573][ T39] audit: type=1326 audit(1737408080.067:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7716 comm="syz.0.464" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x0 [ 121.972436][ T7728] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 122.388255][ T7750] Bluetooth: MGMT ver 1.23 [ 122.398514][ T7747] ceph: No mds server is up or the cluster is laggy [ 122.400825][ T5986] libceph: connect (1)[c::]:6789 error -13 [ 122.402648][ T5986] libceph: mon0 (1)[c::]:6789 connect error [ 123.079945][ T5950] Bluetooth: hci0: command 0x0c1a tx timeout [ 123.241918][ T7765] FAULT_INJECTION: forcing a failure. [ 123.241918][ T7765] name failslab, interval 1, probability 0, space 0, times 0 [ 123.245639][ T7765] CPU: 2 UID: 0 PID: 7765 Comm: syz.1.478 Not tainted 6.13.0-syzkaller #0 [ 123.248791][ T7765] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 123.252312][ T7765] Call Trace: [ 123.253347][ T7765] [ 123.254228][ T7765] dump_stack_lvl+0x16c/0x1f0 [ 123.255608][ T7765] should_fail_ex+0x497/0x5b0 [ 123.256962][ T7765] ? fs_reclaim_acquire+0xae/0x150 [ 123.258428][ T7765] should_failslab+0xc2/0x120 [ 123.259813][ T7765] __kmalloc_node_track_caller_noprof+0xcf/0x520 [ 123.261615][ T7765] ? ip6_setup_cork+0x61e/0x1460 [ 123.263056][ T7765] kmemdup_noprof+0x29/0x60 [ 123.264381][ T7765] ip6_setup_cork+0x61e/0x1460 [ 123.265762][ T7765] ip6_make_skb+0x24b/0x4e0 [ 123.267074][ T7765] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 123.268675][ T7765] ? __pfx_ip6_make_skb+0x10/0x10 [ 123.270072][ T7765] ? sk_dst_check+0x1da/0x540 [ 123.271452][ T7765] ? udpv6_sendmsg+0x2510/0x3040 [ 123.272869][ T7765] udpv6_sendmsg+0x2510/0x3040 [ 123.274245][ T7765] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 123.275839][ T7765] ? __pfx_udpv6_sendmsg+0x10/0x10 [ 123.277304][ T7765] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 123.278882][ T7765] ? __pfx_aa_sk_perm+0x10/0x10 [ 123.280298][ T7765] ? __pfx_cmsghdr_from_user_compat_to_kern+0x10/0x10 [ 123.282315][ T7765] ? __pfx_udpv6_sendmsg+0x10/0x10 [ 123.283813][ T7765] ? inet6_sendmsg+0x105/0x140 [ 123.285251][ T7765] inet6_sendmsg+0x105/0x140 [ 123.286578][ T7765] ____sys_sendmsg+0x649/0xb40 [ 123.287980][ T7765] ? __pfx_____sys_sendmsg+0x10/0x10 [ 123.289500][ T7765] ? get_compat_msghdr+0x11b/0x170 [ 123.290990][ T7765] ___sys_sendmsg+0x135/0x1e0 [ 123.292355][ T7765] ? __pfx____sys_sendmsg+0x10/0x10 [ 123.293848][ T7765] ? trace_lock_acquire+0x14e/0x1f0 [ 123.295356][ T7765] __sys_sendmmsg+0x2fa/0x420 [ 123.296709][ T7765] ? __pfx___sys_sendmmsg+0x10/0x10 [ 123.298202][ T7765] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 123.299919][ T7765] ? fput+0x67/0x440 [ 123.301047][ T7765] ? ksys_write+0x1ba/0x250 [ 123.302341][ T7765] ? __pfx_ksys_write+0x10/0x10 [ 123.303659][ T7765] __ia32_compat_sys_sendmmsg+0x9d/0x100 [ 123.303687][ T7760] capability: warning: `syz.0.477' uses deprecated v2 capabilities in a way that may be insecure [ 123.305141][ T7765] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 123.311105][ T7765] __do_fast_syscall_32+0x73/0x120 [ 123.312967][ T7765] do_fast_syscall_32+0x32/0x80 [ 123.314410][ T7765] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 123.316628][ T7765] RIP: 0023:0xf7f85579 [ 123.318169][ T7765] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 123.324008][ T7765] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000159 [ 123.326370][ T7765] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000240 [ 123.328571][ T7765] RDX: 0000000000000001 RSI: 0000000004001c00 RDI: 0000000000000000 [ 123.330733][ T7765] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 123.332953][ T7765] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 123.335222][ T7765] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 123.337527][ T7765] [ 123.357109][ T7771] FAULT_INJECTION: forcing a failure. [ 123.357109][ T7771] name failslab, interval 1, probability 0, space 0, times 0 [ 123.361872][ T7771] CPU: 0 UID: 0 PID: 7771 Comm: syz.0.480 Not tainted 6.13.0-syzkaller #0 [ 123.364398][ T7771] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 123.367505][ T7771] Call Trace: [ 123.368475][ T7771] [ 123.369333][ T7771] dump_stack_lvl+0x16c/0x1f0 [ 123.370696][ T7771] should_fail_ex+0x497/0x5b0 [ 123.372052][ T7771] ? fs_reclaim_acquire+0xae/0x150 [ 123.373534][ T7771] should_failslab+0xc2/0x120 [ 123.374895][ T7771] __kmalloc_cache_noprof+0x68/0x420 [ 123.376432][ T7771] btrfs_scan_one_device+0x88b/0xab0 [ 123.377990][ T7771] ? __pfx_btrfs_scan_one_device+0x10/0x10 [ 123.379681][ T7771] btrfs_get_tree+0x3f3/0x1b80 [ 123.381089][ T7771] ? __pfx_btrfs_get_tree+0x10/0x10 [ 123.382594][ T7771] ? rcu_is_watching+0x12/0xc0 [ 123.383969][ T7771] ? lockdep_init_map_type+0x16d/0x7d0 [ 123.385513][ T7771] ? __kmalloc_node_track_caller_noprof+0x23b/0x520 [ 123.387434][ T7771] ? lockdep_init_map_type+0x16d/0x7d0 [ 123.389012][ T7771] ? __raw_spin_lock_init+0x3a/0x110 [ 123.390569][ T7771] vfs_get_tree+0x8f/0x380 [ 123.391892][ T7771] fc_mount+0x16/0xc0 [ 123.393044][ T7771] btrfs_get_tree+0xa43/0x1b80 [ 123.394426][ T7771] ? __pfx_aa_get_newest_label+0x10/0x10 [ 123.396039][ T7771] ? __do_sys_fsconfig+0x747/0xbe0 [ 123.397544][ T7771] ? __pfx_btrfs_get_tree+0x10/0x10 [ 123.399054][ T7771] ? apparmor_capable+0x114/0x1d0 [ 123.400517][ T7771] ? bpf_lsm_capable+0x9/0x10 [ 123.401897][ T7771] vfs_get_tree+0x8f/0x380 [ 123.403187][ T7771] vfs_cmd_create+0xd7/0x2a0 [ 123.404532][ T7771] __do_sys_fsconfig+0x7ba/0xbe0 [ 123.406071][ T7771] ? __pfx___do_sys_fsconfig+0x10/0x10 [ 123.407646][ T7771] __do_fast_syscall_32+0x73/0x120 [ 123.409117][ T7771] do_fast_syscall_32+0x32/0x80 [ 123.410553][ T7771] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 123.412361][ T7771] RIP: 0023:0xf7fb4579 [ 123.413533][ T7771] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 123.419003][ T7771] RSP: 002b:00000000f510655c EFLAGS: 00000296 ORIG_RAX: 00000000000001af [ 123.421382][ T7771] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000006 [ 123.423703][ T7771] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 123.425949][ T7771] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 123.428237][ T7771] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 123.430501][ T7771] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 123.432768][ T7771] [ 123.482971][ T7780] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 123.582066][ T7761] block nbd3: shutting down sockets [ 123.639833][ T5959] Bluetooth: hci2: command 0x0c1a tx timeout [ 123.649831][ T5959] Bluetooth: hci1: command 0x0c1a tx timeout [ 123.649992][ T5956] Bluetooth: hci3: command 0x0c1a tx timeout [ 123.657710][ T7776] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 123.660219][ T7776] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 123.662496][ T7776] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 123.665802][ T7776] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 123.722981][ T7789] FAULT_INJECTION: forcing a failure. [ 123.722981][ T7789] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 123.728021][ T7789] CPU: 0 UID: 0 PID: 7789 Comm: syz.0.494 Not tainted 6.13.0-syzkaller #0 [ 123.731314][ T7789] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 123.735476][ T7789] Call Trace: [ 123.736807][ T7789] [ 123.738029][ T7789] dump_stack_lvl+0x16c/0x1f0 [ 123.739895][ T7789] should_fail_ex+0x497/0x5b0 [ 123.741753][ T7789] _copy_to_user+0x32/0xd0 [ 123.743522][ T7789] vmci_host_unlocked_ioctl+0x97e/0x1fb0 [ 123.745704][ T7789] ? __pfx_vmci_host_unlocked_ioctl+0x10/0x10 [ 123.748102][ T7789] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 123.750098][ T7789] ? __pfx_lock_release+0x10/0x10 [ 123.752100][ T7789] ? trace_lock_acquire+0x14e/0x1f0 [ 123.754179][ T7789] ? __fget_files+0x206/0x3a0 [ 123.756048][ T7789] ? __pfx_vmci_host_unlocked_ioctl+0x10/0x10 [ 123.758435][ T7789] compat_ptr_ioctl+0x6b/0xa0 [ 123.760293][ T7789] ? __pfx_compat_ptr_ioctl+0x10/0x10 [ 123.762344][ T7789] __do_compat_sys_ioctl+0x1cb/0x2c0 [ 123.764505][ T7789] __do_fast_syscall_32+0x73/0x120 [ 123.766512][ T7789] do_fast_syscall_32+0x32/0x80 [ 123.768627][ T7789] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 123.771089][ T7789] RIP: 0023:0xf7fb4579 [ 123.772719][ T7789] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 123.780109][ T7789] RSP: 002b:00000000f510655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 123.783376][ T7789] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000000007ab [ 123.786551][ T7789] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 0000000000000000 [ 123.789684][ T7789] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 123.792778][ T7789] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 123.795901][ T7789] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 123.799073][ T7789] [ 124.759617][ T7813] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 125.026932][ T7826] raw_sendmsg: syz.1.496 forgot to set AF_INET. Fix it! [ 125.640006][ T5950] Bluetooth: hci0: command 0x0c1a tx timeout [ 125.748781][ T5950] Bluetooth: hci3: command 0x0c1a tx timeout [ 125.748836][ T5959] Bluetooth: hci1: command 0x0c1a tx timeout [ 125.752457][ T5956] Bluetooth: hci2: command 0x0c1a tx timeout [ 125.921238][ T7841] netlink: 4 bytes leftover after parsing attributes in process `syz.3.501'. [ 125.925575][ T7841] netlink: 140 bytes leftover after parsing attributes in process `syz.3.501'. [ 126.269991][ T7850] mkiss: ax0: crc mode is auto. [ 126.347318][ T7853] netlink: 'syz.0.504': attribute type 4 has an invalid length. [ 126.371998][ T7853] netlink: 'syz.0.504': attribute type 4 has an invalid length. [ 126.472865][ T7858] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 126.514870][ T7860] ieee802154 phy0 wpan0: encryption failed: -22 [ 127.749966][ T5956] Bluetooth: hci0: ACL packet for unknown connection handle 200 [ 127.809866][ T5956] Bluetooth: hci3: command 0x0c1a tx timeout [ 127.976236][ T7889] netlink: 8 bytes leftover after parsing attributes in process `syz.0.516'. [ 127.991545][ T7912] netlink: 32 bytes leftover after parsing attributes in process `syz.3.520'. [ 128.002682][ T7912] netlink: 8 bytes leftover after parsing attributes in process `syz.3.520'. [ 129.386838][ T7941] netlink: 4 bytes leftover after parsing attributes in process `syz.1.531'. [ 129.494643][ T7945] FAULT_INJECTION: forcing a failure. [ 129.494643][ T7945] name failslab, interval 1, probability 0, space 0, times 0 [ 129.499672][ T7945] CPU: 3 UID: 0 PID: 7945 Comm: syz.1.532 Not tainted 6.13.0-syzkaller #0 [ 129.503087][ T7945] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 129.507280][ T7945] Call Trace: [ 129.508233][ T7945] [ 129.509089][ T7945] dump_stack_lvl+0x16c/0x1f0 [ 129.510520][ T7945] should_fail_ex+0x497/0x5b0 [ 129.511900][ T7945] ? fs_reclaim_acquire+0xae/0x150 [ 129.513355][ T7945] should_failslab+0xc2/0x120 [ 129.514698][ T7945] kmem_cache_alloc_node_noprof+0x72/0x3b0 [ 129.516365][ T7945] ? __alloc_skb+0x2b3/0x380 [ 129.517714][ T7945] ? bpf_lsm_capable+0x9/0x10 [ 129.519027][ T7945] __alloc_skb+0x2b3/0x380 [ 129.520314][ T7945] ? __pfx___alloc_skb+0x10/0x10 [ 129.521744][ T7945] ? genl_rcv_msg+0x540/0x800 [ 129.523099][ T7945] ? genl_rcv_msg+0x4bd/0x800 [ 129.524478][ T7945] netlink_ack+0x164/0xb20 [ 129.525761][ T7945] netlink_rcv_skb+0x327/0x410 [ 129.527145][ T7945] ? __pfx_genl_rcv_msg+0x10/0x10 [ 129.528615][ T7945] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 129.530129][ T7945] ? down_read+0xc9/0x330 [ 129.531380][ T7945] ? __pfx_down_read+0x10/0x10 [ 129.532759][ T7945] ? netlink_deliver_tap+0x1ae/0xca0 [ 129.534177][ T7945] genl_rcv+0x28/0x40 [ 129.535330][ T7945] netlink_unicast+0x53c/0x7f0 [ 129.536704][ T7945] ? __pfx_netlink_unicast+0x10/0x10 [ 129.538202][ T7945] ? __phys_addr_symbol+0x30/0x80 [ 129.539644][ T7945] ? __check_object_size+0x488/0x710 [ 129.541165][ T7945] netlink_sendmsg+0x8b8/0xd70 [ 129.542551][ T7945] ? __pfx_netlink_sendmsg+0x10/0x10 [ 129.544079][ T7945] ____sys_sendmsg+0x9ae/0xb40 [ 129.545453][ T7945] ? __pfx_____sys_sendmsg+0x10/0x10 [ 129.546964][ T7945] ? get_compat_msghdr+0x11b/0x170 [ 129.548453][ T7945] ___sys_sendmsg+0x135/0x1e0 [ 129.549812][ T7945] ? __pfx____sys_sendmsg+0x10/0x10 [ 129.551325][ T7945] ? __pfx_lock_release+0x10/0x10 [ 129.552764][ T7945] ? trace_lock_acquire+0x14e/0x1f0 [ 129.554261][ T7945] ? __fget_files+0x206/0x3a0 [ 129.555615][ T7945] __sys_sendmsg+0x16e/0x220 [ 129.556952][ T7945] ? __pfx___sys_sendmsg+0x10/0x10 [ 129.558427][ T7945] __do_fast_syscall_32+0x73/0x120 [ 129.559908][ T7945] do_fast_syscall_32+0x32/0x80 [ 129.561302][ T7945] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 129.563116][ T7945] RIP: 0023:0xf7f85579 [ 129.564293][ T7945] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 129.569728][ T7945] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 129.572094][ T7945] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020003700 [ 129.574323][ T7945] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 129.576559][ T7945] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 129.578792][ T7945] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 129.581144][ T7945] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 129.584029][ T7945] [ 129.585352][ C3] vkms_vblank_simulate: vblank timer overrun [ 129.880167][ T5950] Bluetooth: hci3: command 0x0c1a tx timeout [ 129.918168][ T7957] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 129.921393][ T7957] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 129.923984][ T7957] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 129.926489][ T7957] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 130.765055][ T7983] netlink: 8 bytes leftover after parsing attributes in process `syz.2.543'. [ 130.892506][ T7990] FAULT_INJECTION: forcing a failure. [ 130.892506][ T7990] name failslab, interval 1, probability 0, space 0, times 0 [ 130.965692][ T7990] CPU: 0 UID: 0 PID: 7990 Comm: syz.2.545 Not tainted 6.13.0-syzkaller #0 [ 130.969187][ T7990] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 130.972466][ T7990] Call Trace: [ 130.973455][ T7990] [ 130.974322][ T7990] dump_stack_lvl+0x16c/0x1f0 [ 130.975713][ T7990] should_fail_ex+0x497/0x5b0 [ 130.977128][ T7990] ? fs_reclaim_acquire+0xae/0x150 [ 130.978666][ T7990] should_failslab+0xc2/0x120 [ 130.980082][ T7990] kmem_cache_alloc_node_noprof+0x72/0x3b0 [ 130.982376][ T7990] ? __alloc_skb+0x2b3/0x380 [ 130.983731][ T7990] __alloc_skb+0x2b3/0x380 [ 130.985037][ T7990] ? __pfx___alloc_skb+0x10/0x10 [ 130.986477][ T7990] ? __pfx_tcp_call_bpf+0x10/0x10 [ 130.987902][ T7990] ? trace_lock_acquire+0x120/0x1f0 [ 130.989415][ T7990] tcp_stream_alloc_skb+0x34/0x570 [ 130.990893][ T7990] tcp_connect+0xc70/0x4880 [ 130.992238][ T7990] ? __pfx_tcp_fastopen_defer_connect+0x10/0x10 [ 130.994161][ T7990] ? get_random_u32+0x443/0x7e0 [ 130.996042][ T7990] ? __pfx_tcp_connect+0x10/0x10 [ 130.997883][ T7990] tcp_v6_connect+0x153e/0x20d0 [ 130.999316][ T7990] ? __pfx_register_lock_class+0x10/0x10 [ 131.000944][ T7990] ? __pfx_tcp_v6_connect+0x10/0x10 [ 131.002473][ T7990] ? __pfx_mark_lock+0x10/0x10 [ 131.003887][ T7990] ? __inet_stream_connect+0x3c7/0x1020 [ 131.005492][ T7990] __inet_stream_connect+0x3c7/0x1020 [ 131.007050][ T7990] ? find_held_lock+0x2d/0x110 [ 131.008477][ T7990] ? __pfx___inet_stream_connect+0x10/0x10 [ 131.010221][ T7990] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 131.011812][ T7990] ? __pfx_inet_stream_connect+0x10/0x10 [ 131.013540][ T7990] ? mark_held_locks+0x9f/0xe0 [ 131.014949][ T7990] ? __local_bh_enable_ip+0xa4/0x120 [ 131.016493][ T7990] ? __pfx_inet_stream_connect+0x10/0x10 [ 131.018141][ T7990] inet_stream_connect+0x57/0xa0 [ 131.019587][ T7990] __sys_connect_file+0x13e/0x1a0 [ 131.021084][ T7990] __sys_connect+0x14f/0x170 [ 131.022455][ T7990] ? __pfx___sys_connect+0x10/0x10 [ 131.023967][ T7990] ? __pfx_ksys_write+0x10/0x10 [ 131.025455][ T7990] __ia32_sys_connect+0x71/0xb0 [ 131.026880][ T7990] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 131.028777][ T7990] __do_fast_syscall_32+0x73/0x120 [ 131.030261][ T7990] do_fast_syscall_32+0x32/0x80 [ 131.031673][ T7990] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 131.033503][ T7990] RIP: 0023:0xf710e579 [ 131.034685][ T7990] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 131.040270][ T7990] RSP: 002b:00000000f50df55c EFLAGS: 00000296 ORIG_RAX: 000000000000016a [ 131.042667][ T7990] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000020000100 [ 131.044944][ T7990] RDX: 000000000000001c RSI: 0000000000000000 RDI: 0000000000000000 [ 131.047218][ T7990] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 131.049494][ T7990] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 131.051774][ T7990] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 131.054091][ T7990] [ 131.837387][ T8005] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 131.839283][ T8005] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 131.841358][ T8005] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 131.861013][ T8005] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 132.003696][ T8013] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.040110][ T39] audit: type=1326 audit(1737408090.177:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8016 comm="syz.0.552" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000 [ 132.051141][ T39] audit: type=1326 audit(1737408090.187:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8016 comm="syz.0.552" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000 [ 132.060018][ T39] audit: type=1326 audit(1737408090.187:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8016 comm="syz.0.552" exe="/syz-executor" sig=0 arch=40000003 syscall=448 compat=1 ip=0xf7fb4579 code=0x7ffc0000 [ 132.067910][ T39] audit: type=1326 audit(1737408090.197:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8016 comm="syz.0.552" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000 [ 132.076633][ T39] audit: type=1326 audit(1737408090.197:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8016 comm="syz.0.552" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000 [ 132.089609][ T39] audit: type=1326 audit(1737408090.197:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8016 comm="syz.0.552" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fb4579 code=0x7ffc0000 [ 132.096492][ T39] audit: type=1326 audit(1737408090.197:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8016 comm="syz.0.552" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000 [ 132.103205][ T39] audit: type=1326 audit(1737408090.197:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8016 comm="syz.0.552" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000 [ 132.111650][ T39] audit: type=1326 audit(1737408090.197:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8016 comm="syz.0.552" exe="/syz-executor" sig=0 arch=40000003 syscall=41 compat=1 ip=0xf7fb4579 code=0x7ffc0000 [ 132.120256][ T39] audit: type=1326 audit(1737408090.197:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8016 comm="syz.0.552" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000 [ 132.201488][ T1413] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.204080][ T1413] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.240509][ T8041] FAULT_INJECTION: forcing a failure. [ 133.240509][ T8041] name failslab, interval 1, probability 0, space 0, times 0 [ 133.244746][ T8041] CPU: 3 UID: 0 PID: 8041 Comm: syz.2.557 Not tainted 6.13.0-syzkaller #0 [ 133.247896][ T8041] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 133.251838][ T8041] Call Trace: [ 133.253090][ T8041] [ 133.254192][ T8041] dump_stack_lvl+0x16c/0x1f0 [ 133.255954][ T8041] should_fail_ex+0x497/0x5b0 [ 133.257740][ T8041] ? fs_reclaim_acquire+0xae/0x150 [ 133.259647][ T8041] should_failslab+0xc2/0x120 [ 133.261393][ T8041] __kmalloc_cache_noprof+0x68/0x420 [ 133.263379][ T8041] ? trace_lock_acquire+0x14e/0x1f0 [ 133.265225][ T8041] alloc_pipe_info+0x10e/0x590 [ 133.266720][ T8041] splice_direct_to_actor+0x793/0xa40 [ 133.268741][ T8041] ? __pfx_direct_splice_actor+0x10/0x10 [ 133.270875][ T8041] ? __pfx_aa_file_perm+0x10/0x10 [ 133.272746][ T8041] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 133.274930][ T8041] ? __fget_files+0x1fc/0x3a0 [ 133.276680][ T8041] do_splice_direct+0x178/0x250 [ 133.278486][ T8041] ? __pfx_do_splice_direct+0x10/0x10 [ 133.280475][ T8041] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 133.282709][ T8041] ? bpf_lsm_file_permission+0x9/0x10 [ 133.284732][ T8041] ? security_file_permission+0x71/0x210 [ 133.286834][ T8041] do_sendfile+0xaed/0xe30 [ 133.288509][ T8041] ? __pfx_do_sendfile+0x10/0x10 [ 133.290342][ T8041] ? __fget_files+0x206/0x3a0 [ 133.292100][ T8041] __ia32_compat_sys_sendfile+0x1e7/0x230 [ 133.294189][ T8041] ? ksys_write+0x1ba/0x250 [ 133.295871][ T8041] ? __pfx___ia32_compat_sys_sendfile+0x10/0x10 [ 133.298180][ T8041] __do_fast_syscall_32+0x73/0x120 [ 133.300101][ T8041] do_fast_syscall_32+0x32/0x80 [ 133.301515][ T8041] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 133.303878][ T8041] RIP: 0023:0xf710e579 [ 133.305386][ T8041] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 133.312598][ T8041] RSP: 002b:00000000f510055c EFLAGS: 00000296 ORIG_RAX: 00000000000000bb [ 133.315683][ T8041] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000000004 [ 133.318628][ T8041] RDX: 0000000000000000 RSI: 0000000000000017 RDI: 0000000000000000 [ 133.320901][ T8041] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 133.323839][ T8041] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 133.326706][ T8041] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 133.329046][ T8041] [ 133.330061][ C3] vkms_vblank_simulate: vblank timer overrun [ 133.719854][ T5950] Bluetooth: hci0: command 0x0c1a tx timeout [ 133.889911][ T5950] Bluetooth: hci3: command 0x0c1a tx timeout [ 133.890001][ T5956] Bluetooth: hci2: command 0x0c1a tx timeout [ 133.892369][ T5950] Bluetooth: hci1: command 0x0c1a tx timeout [ 134.256230][ T8063] netlink: 20 bytes leftover after parsing attributes in process `syz.0.563'. [ 134.956323][ T8099] Cannot find add_set index 0 as target [ 134.996232][ T8105] loop6: detected capacity change from 0 to 524287999 [ 135.002436][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 135.004877][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 135.009149][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 135.011898][ C3] Buffer I/O error on dev loop6, logical block 0, async page read [ 135.014802][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 135.017528][ C3] Buffer I/O error on dev loop6, logical block 0, async page read [ 135.023970][ C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 135.026648][ C2] Buffer I/O error on dev loop6, logical block 0, async page read [ 135.029160][ C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 135.032483][ C2] Buffer I/O error on dev loop6, logical block 0, async page read [ 135.035883][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 135.039311][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 135.042501][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 135.045776][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 135.047910][ T8105] ldm_validate_partition_table(): Disk read failed. [ 135.048000][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 135.052520][ C3] Buffer I/O error on dev loop6, logical block 0, async page read [ 135.054966][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 135.057644][ C3] Buffer I/O error on dev loop6, logical block 0, async page read [ 135.060159][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 135.062572][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 135.066752][ T8105] Dev loop6: unable to read RDB block 0 [ 135.070141][ T8105] loop6: unable to read partition table [ 135.071863][ T8105] loop_reread_partitions: partition scan of loop6 (3Ÿ ¾x³˜CÖ) failed (rc=-5) [ 135.118114][ T8084] netlink: 8 bytes leftover after parsing attributes in process `syz.2.569'. [ 135.959892][ T5950] Bluetooth: hci3: command 0x0c1a tx timeout [ 136.120695][ T8118] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 136.123207][ T8118] Bluetooth: hci0: Error when powering off device on rfkill (-4) [ 136.127465][ T8118] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 136.129613][ T8118] Bluetooth: hci1: Error when powering off device on rfkill (-4) [ 136.134754][ T8118] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 136.136570][ T8118] Bluetooth: hci2: Error when powering off device on rfkill (-4) [ 136.140589][ T8118] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 136.142626][ T8118] Bluetooth: hci3: Error when powering off device on rfkill (-4) [ 136.303614][ T8130] netlink: 8 bytes leftover after parsing attributes in process `syz.2.582'. [ 136.367900][ T8132] FAULT_INJECTION: forcing a failure. [ 136.367900][ T8132] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 136.372387][ T8132] CPU: 1 UID: 0 PID: 8132 Comm: syz.0.583 Not tainted 6.13.0-syzkaller #0 [ 136.374827][ T8132] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 136.377900][ T8132] Call Trace: [ 136.378871][ T8132] [ 136.379755][ T8132] dump_stack_lvl+0x16c/0x1f0 [ 136.381197][ T8132] should_fail_ex+0x497/0x5b0 [ 136.382587][ T8132] ? fs_reclaim_acquire+0xae/0x150 [ 136.384077][ T8132] should_fail_alloc_page+0xe7/0x130 [ 136.385604][ T8132] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 136.387402][ T8132] ? mark_held_locks+0x9f/0xe0 [ 136.388822][ T8132] __alloc_pages_noprof+0x190/0x25b0 [ 136.390395][ T8132] ? __switch_to+0x749/0x1190 [ 136.391778][ T8132] ? hlock_class+0x4e/0x130 [ 136.393113][ T8132] ? mark_lock+0xb5/0xc60 [ 136.394433][ T8132] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 136.396095][ T8132] ? __pfx_mark_lock+0x10/0x10 [ 136.397521][ T8132] ? __pfx___schedule+0x10/0x10 [ 136.399213][ T8132] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 136.401017][ T8132] ? policy_nodemask+0xea/0x4e0 [ 136.402444][ T8132] alloc_pages_mpol_noprof+0x2c8/0x620 [ 136.404027][ T8132] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 136.405757][ T8132] ? sg_alloc_append_table_from_pages+0x49f/0x1290 [ 136.407633][ T8132] get_free_pages_noprof+0xc/0x40 [ 136.409122][ T8132] sg_alloc_append_table_from_pages+0x985/0x1290 [ 136.410987][ T8132] sg_alloc_table_from_pages_segment+0xfa/0x2a0 [ 136.412812][ T8132] ? __pfx_sg_alloc_table_from_pages_segment+0x10/0x10 [ 136.414814][ T8132] ? dma_direct_all_ram_mapped+0x71/0x90 [ 136.416454][ T8132] ? dma_addressing_limited+0x192/0x200 [ 136.418055][ T8132] ? drm_prime_pages_to_sg+0xcb/0x140 [ 136.419627][ T8132] drm_prime_pages_to_sg+0xcb/0x140 [ 136.421130][ T8132] ? __pfx_drm_gem_shmem_object_get_sg_table+0x10/0x10 [ 136.423134][ T8132] drm_gem_map_dma_buf+0xd9/0x1f0 [ 136.424620][ T8132] __map_dma_buf+0x7f/0x240 [ 136.425994][ T8132] dma_buf_map_attachment+0x1cb/0x350 [ 136.427600][ T8132] dma_buf_map_attachment_unlocked+0x9e/0x150 [ 136.429373][ T8132] drm_gem_prime_import_dev+0x134/0x440 [ 136.430984][ T8132] drm_gem_prime_fd_to_handle+0x443/0x590 [ 136.432654][ T8132] drm_prime_fd_to_handle_ioctl+0xd6/0x110 [ 136.434347][ T8132] drm_ioctl_kernel+0x1e6/0x3d0 [ 136.435784][ T8132] ? __pfx_drm_prime_fd_to_handle_ioctl+0x10/0x10 [ 136.437636][ T8132] ? __might_fault+0xe3/0x190 [ 136.439009][ T8132] ? __pfx_drm_ioctl_kernel+0x10/0x10 [ 136.440584][ T8132] ? __might_fault+0xe3/0x190 [ 136.442020][ T8132] ? __pfx_drm_prime_fd_to_handle_ioctl+0x10/0x10 [ 136.444184][ T8132] drm_ioctl+0x57e/0xba0 [ 136.445716][ T8132] ? __pfx_drm_ioctl+0x10/0x10 [ 136.447142][ T8132] drm_compat_ioctl+0x327/0x460 [ 136.448591][ T8132] ? __pfx_drm_compat_ioctl+0x10/0x10 [ 136.450157][ T8132] __do_compat_sys_ioctl+0x1cb/0x2c0 [ 136.451698][ T8132] __do_fast_syscall_32+0x73/0x120 [ 136.453193][ T8132] do_fast_syscall_32+0x32/0x80 [ 136.454610][ T8132] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 136.456465][ T8132] RIP: 0023:0xf7fb4579 [ 136.457827][ T8132] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 136.463392][ T8132] RSP: 002b:00000000f50c455c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 136.465794][ T8132] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000c00c642e [ 136.468090][ T8132] RDX: 0000000020000800 RSI: 0000000000000000 RDI: 0000000000000000 [ 136.470360][ T8132] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 136.472655][ T8132] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 136.474955][ T8132] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 136.477323][ T8132] [ 136.580711][ T8137] syz.1.585: attempt to access beyond end of device [ 136.580711][ T8137] nbd1: rw=0, sector=2, nr_sectors = 2 limit=0 [ 136.586380][ T8137] syz.1.585: attempt to access beyond end of device [ 136.586380][ T8137] nbd1: rw=0, sector=16, nr_sectors = 2 limit=0 [ 136.687297][ T8143] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 136.877905][ T8148] 9pnet_fd: Insufficient options for proto=fd [ 136.959512][ T8153] ALSA: mixer_oss: invalid OSS volume 'ridge0' [ 137.711649][ T8171] sp0: Synchronizing with TNC [ 137.873556][ T8175] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 138.049926][ T8179] »»»»»» speed is unknown, defaulting to 1000 [ 138.084214][ T8179] »»»»»» speed is unknown, defaulting to 1000 [ 138.185987][ T8192] netlink: 'syz.3.600': attribute type 4 has an invalid length. [ 138.790030][ T5986] usb 8-1: new full-speed USB device number 4 using dummy_hcd [ 138.920376][ T5986] usb 8-1: device descriptor read/64, error -71 [ 139.229397][ T5986] usb 8-1: new full-speed USB device number 5 using dummy_hcd [ 139.371465][ T5986] usb 8-1: device descriptor read/64, error -71 [ 139.481130][ T5986] usb usb8-port1: attempt power cycle [ 139.840420][ T5986] usb 8-1: new full-speed USB device number 6 using dummy_hcd [ 139.860793][ T5986] usb 8-1: device descriptor read/8, error -71 [ 139.915257][ T8223] Bluetooth: MGMT ver 1.23 [ 140.130327][ T5986] usb 8-1: new full-speed USB device number 7 using dummy_hcd [ 140.150300][ T5986] usb 8-1: device descriptor read/8, error -71 [ 140.260207][ T5986] usb usb8-port1: unable to enumerate USB device [ 140.409317][ T8227] netlink: 4 bytes leftover after parsing attributes in process `syz.1.610'. [ 140.412232][ T8227] netlink: 4 bytes leftover after parsing attributes in process `syz.1.610'. [ 141.452295][ T8247] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 141.475774][ T8247] xt_TPROXY: Can be used only with -p tcp or -p udp [ 142.089121][ T8259] batman_adv: batadv0: Adding interface: veth1_to_batadv [ 142.091287][ T8259] batman_adv: batadv0: The MTU of interface veth1_to_batadv is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 142.099898][ T8259] batman_adv: batadv0: Interface activated: veth1_to_batadv [ 142.219804][ T835] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 142.312745][ T8265] misc userio: The device must be registered before sending interrupts [ 142.371601][ T8271] syz.3.623[8271] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 142.371692][ T8270] syz.3.623[8270] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 142.371715][ T8271] syz.3.623[8271] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 142.375014][ T8271] syz.3.623[8271] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 142.389791][ T835] usb 6-1: Using ep0 maxpacket: 8 [ 142.399692][ T835] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 142.404621][ T835] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 142.407911][ T835] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 142.410839][ T835] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 142.415544][ T835] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 142.418446][ T835] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 142.631680][ T835] usb 6-1: GET_CAPABILITIES returned 0 [ 142.633910][ T835] usbtmc 6-1:16.0: can't read capabilities [ 142.842707][ C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 142.846610][ C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 142.850286][ C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 142.853899][ C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 142.858036][ C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 142.861697][ C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 142.865297][ C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 142.868907][ C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 142.872498][ C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 142.876102][ C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 142.880090][ C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 142.883709][ C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 142.887313][ C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 142.890910][ C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 142.894466][ C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 142.898054][ C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 142.904231][ T6528] usb 6-1: USB disconnect, device number 3 [ 143.244650][ T8278] netlink: 'syz.3.625': attribute type 3 has an invalid length. [ 143.247882][ T8278] FAULT_INJECTION: forcing a failure. [ 143.247882][ T8278] name failslab, interval 1, probability 0, space 0, times 0 [ 143.254925][ T8278] CPU: 3 UID: 0 PID: 8278 Comm: syz.3.625 Not tainted 6.13.0-syzkaller #0 [ 143.258692][ T8278] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 143.263438][ T8278] Call Trace: [ 143.264830][ T8278] [ 143.266010][ T8278] dump_stack_lvl+0x16c/0x1f0 [ 143.267753][ T8278] should_fail_ex+0x497/0x5b0 [ 143.269328][ T8278] ? fs_reclaim_acquire+0xae/0x150 [ 143.271402][ T8278] should_failslab+0xc2/0x120 [ 143.273282][ T8278] __kmalloc_node_noprof+0xd1/0x520 [ 143.275093][ T8278] ? __up_read+0x1fb/0x760 [ 143.276643][ T8278] ? crypto_alloc_tfmmem.isra.0+0x38/0x110 [ 143.279022][ T8278] ? __pfx_crypto_alg_extsize+0x10/0x10 [ 143.281180][ T8278] crypto_alloc_tfmmem.isra.0+0x38/0x110 [ 143.283421][ T8278] crypto_create_tfm_node+0x83/0x320 [ 143.285486][ T8278] crypto_spawn_tfm2+0x62/0xb0 [ 143.287397][ T8278] cryptd_aead_init_tfm+0x3d/0x130 [ 143.289262][ T8278] ? __pfx_cryptd_aead_init_tfm+0x10/0x10 [ 143.291519][ T8278] crypto_aead_init_tfm+0x149/0x1b0 [ 143.293593][ T8278] crypto_create_tfm_node+0x100/0x320 [ 143.295248][ T8278] crypto_alloc_tfm_node+0x102/0x260 [ 143.297373][ T8278] cryptd_alloc_aead+0x117/0x200 [ 143.299365][ T8278] ? __pfx_cryptd_alloc_aead+0x10/0x10 [ 143.301469][ T8278] ? rcu_is_watching+0x12/0xc0 [ 143.303364][ T8278] ? trace_kmalloc+0x2d/0xd0 [ 143.305109][ T8278] ? __kmalloc_node_noprof+0x23d/0x520 [ 143.307188][ T8278] simd_aead_init+0x69/0x1d0 [ 143.308988][ T8278] ? __pfx_simd_aead_init+0x10/0x10 [ 143.311022][ T8278] crypto_aead_init_tfm+0x149/0x1b0 [ 143.313081][ T8278] crypto_create_tfm_node+0x100/0x320 [ 143.315249][ T8278] crypto_alloc_tfm_node+0x102/0x260 [ 143.317337][ T8278] macsec_alloc_tfm+0x24/0xc0 [ 143.319199][ T8278] macsec_validate_attr+0x5f3/0x7f0 [ 143.321355][ T8278] ? __pfx_macsec_validate_attr+0x10/0x10 [ 143.323428][ T8278] ? __nla_parse+0x40/0x60 [ 143.324730][ T8278] ? __pfx_macsec_validate_attr+0x10/0x10 [ 143.326367][ T8278] rtnl_newlink+0x3cc/0x1d70 [ 143.327751][ T8278] ? hlock_class+0x4e/0x130 [ 143.329059][ T8278] ? __lock_acquire+0xcc5/0x3c40 [ 143.330487][ T8278] ? __pfx_rtnl_newlink+0x10/0x10 [ 143.332024][ T8278] ? __pfx___lock_acquire+0x10/0x10 [ 143.333963][ T8278] ? kmem_cache_free+0x152/0x4c0 [ 143.335772][ T8278] ? aa_get_newest_label+0x376/0x680 [ 143.337867][ T8278] ? find_held_lock+0x2d/0x110 [ 143.339783][ T8278] ? find_held_lock+0x2d/0x110 [ 143.341501][ T8278] ? rtnetlink_rcv_msg+0x93a/0xea0 [ 143.343417][ T8278] ? __pfx_lock_release+0x10/0x10 [ 143.345394][ T8278] ? trace_lock_acquire+0x14e/0x1f0 [ 143.347487][ T8278] ? __pfx_rtnl_newlink+0x10/0x10 [ 143.349480][ T8278] rtnetlink_rcv_msg+0x95b/0xea0 [ 143.351445][ T8278] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 143.353603][ T8278] ? __pfx___dev_queue_xmit+0x10/0x10 [ 143.355735][ T8278] netlink_rcv_skb+0x165/0x410 [ 143.357545][ T8278] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 143.359580][ T8278] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 143.361702][ T8278] ? netlink_deliver_tap+0x1ae/0xca0 [ 143.363806][ T8278] netlink_unicast+0x53c/0x7f0 [ 143.365395][ T8278] ? __pfx_netlink_unicast+0x10/0x10 [ 143.367358][ T8278] ? __phys_addr_symbol+0x30/0x80 [ 143.369254][ T8278] ? __check_object_size+0x488/0x710 [ 143.371363][ T8278] netlink_sendmsg+0x8b8/0xd70 [ 143.373270][ T8278] ? __pfx_netlink_sendmsg+0x10/0x10 [ 143.374998][ T8278] ____sys_sendmsg+0x9ae/0xb40 [ 143.376885][ T8278] ? __pfx_____sys_sendmsg+0x10/0x10 [ 143.378983][ T8278] ? get_compat_msghdr+0x11b/0x170 [ 143.381003][ T8278] ___sys_sendmsg+0x135/0x1e0 [ 143.382894][ T8278] ? __pfx____sys_sendmsg+0x10/0x10 [ 143.384974][ T8278] ? __pfx_lock_release+0x10/0x10 [ 143.386856][ T8278] ? trace_lock_acquire+0x14e/0x1f0 [ 143.388927][ T8278] ? __fget_files+0x206/0x3a0 [ 143.390805][ T8278] __sys_sendmsg+0x16e/0x220 [ 143.392619][ T8278] ? __pfx___sys_sendmsg+0x10/0x10 [ 143.394172][ T8278] __do_fast_syscall_32+0x73/0x120 [ 143.396195][ T8278] do_fast_syscall_32+0x32/0x80 [ 143.398141][ T8278] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 143.400632][ T8278] RIP: 0023:0xf7f72579 [ 143.402261][ T8278] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 143.408386][ T8278] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 143.411203][ T8278] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000140 [ 143.414289][ T8278] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 143.417484][ T8278] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 143.420200][ T8278] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 143.423311][ T8278] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 143.426257][ T8278] [ 143.427587][ C3] vkms_vblank_simulate: vblank timer overrun [ 143.489968][ T8286] FAULT_INJECTION: forcing a failure. [ 143.489968][ T8286] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 143.494642][ T8286] CPU: 1 UID: 0 PID: 8286 Comm: syz.2.626 Not tainted 6.13.0-syzkaller #0 [ 143.497036][ T8286] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 143.500671][ T8286] Call Trace: [ 143.501941][ T8286] [ 143.502996][ T8286] dump_stack_lvl+0x16c/0x1f0 [ 143.504371][ T8286] should_fail_ex+0x497/0x5b0 [ 143.505725][ T8286] ? fs_reclaim_acquire+0xae/0x150 [ 143.507202][ T8286] should_fail_alloc_page+0xe7/0x130 [ 143.508718][ T8286] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 143.510476][ T8286] __alloc_pages_noprof+0x190/0x25b0 [ 143.512007][ T8286] ? finish_task_switch.isra.0+0x217/0xcc0 [ 143.513672][ T8286] ? __switch_to+0x749/0x1190 [ 143.515033][ T8286] ? hlock_class+0x4e/0x130 [ 143.516366][ T8286] ? mark_lock+0xb5/0xc60 [ 143.517626][ T8286] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 143.519347][ T8286] ? __pfx_mark_lock+0x10/0x10 [ 143.520801][ T8286] ? __pfx___schedule+0x10/0x10 [ 143.522209][ T8286] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 143.523908][ T8286] ? policy_nodemask+0xea/0x4e0 [ 143.525312][ T8286] alloc_pages_mpol_noprof+0x2c8/0x620 [ 143.526884][ T8286] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 143.528627][ T8286] get_free_pages_noprof+0xc/0x40 [ 143.530067][ T8286] sg_alloc_append_table_from_pages+0x985/0x1290 [ 143.532074][ T8286] sg_alloc_table_from_pages_segment+0xfa/0x2a0 [ 143.533867][ T8286] ? __pfx_sg_alloc_table_from_pages_segment+0x10/0x10 [ 143.535823][ T8286] ? dma_direct_all_ram_mapped+0x71/0x90 [ 143.537447][ T8286] ? dma_addressing_limited+0x192/0x200 [ 143.539036][ T8286] ? drm_prime_pages_to_sg+0xcb/0x140 [ 143.540592][ T8286] drm_prime_pages_to_sg+0xcb/0x140 [ 143.542095][ T8286] ? __pfx_drm_gem_shmem_object_get_sg_table+0x10/0x10 [ 143.544055][ T8286] drm_gem_map_dma_buf+0xd9/0x1f0 [ 143.545507][ T8286] __map_dma_buf+0x7f/0x240 [ 143.546830][ T8286] dma_buf_map_attachment+0x1cb/0x350 [ 143.548397][ T8286] dma_buf_map_attachment_unlocked+0x9e/0x150 [ 143.550149][ T8286] drm_gem_prime_import_dev+0x134/0x440 [ 143.551744][ T8286] drm_gem_prime_fd_to_handle+0x443/0x590 [ 143.553352][ T8286] drm_prime_fd_to_handle_ioctl+0xd6/0x110 [ 143.555017][ T8286] drm_ioctl_kernel+0x1e6/0x3d0 [ 143.556611][ T8286] ? __pfx_drm_prime_fd_to_handle_ioctl+0x10/0x10 [ 143.558605][ T8286] ? __might_fault+0xe3/0x190 [ 143.560002][ T8286] ? __pfx_drm_ioctl_kernel+0x10/0x10 [ 143.561568][ T8286] ? __might_fault+0xe3/0x190 [ 143.562950][ T8286] ? __pfx_drm_prime_fd_to_handle_ioctl+0x10/0x10 [ 143.564839][ T8286] drm_ioctl+0x57e/0xba0 [ 143.566080][ T8286] ? __pfx_drm_ioctl+0x10/0x10 [ 143.567519][ T8286] drm_compat_ioctl+0x327/0x460 [ 143.568967][ T8286] ? __pfx_drm_compat_ioctl+0x10/0x10 [ 143.572561][ T8286] __do_compat_sys_ioctl+0x1cb/0x2c0 [ 143.572607][ T8286] __do_fast_syscall_32+0x73/0x120 [ 143.575813][ T8286] do_fast_syscall_32+0x32/0x80 [ 143.577242][ T8286] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 143.579088][ T8286] RIP: 0023:0xf710e579 [ 143.580279][ T8286] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 143.586119][ T8286] RSP: 002b:00000000f50be55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 143.589088][ T8286] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00000000c00c642e [ 143.591712][ T8286] RDX: 0000000020000800 RSI: 0000000000000000 RDI: 0000000000000000 [ 143.594223][ T8286] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 143.596506][ T8286] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 143.598827][ T8286] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 143.601297][ T8286] [ 143.687981][ T8299] FAULT_INJECTION: forcing a failure. [ 143.687981][ T8299] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 143.698737][ T8299] CPU: 2 UID: 0 PID: 8299 Comm: syz.3.631 Not tainted 6.13.0-syzkaller #0 [ 143.702165][ T8299] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 143.706407][ T8299] Call Trace: [ 143.707501][ T8299] [ 143.708361][ T8299] dump_stack_lvl+0x16c/0x1f0 [ 143.709879][ T8299] should_fail_ex+0x497/0x5b0 [ 143.711258][ T8299] _copy_from_user+0x2e/0xd0 [ 143.712948][ T8299] kvm_vm_ioctl+0x19c2/0x3df0 [ 143.714836][ T8299] ? stack_trace_save+0x95/0xd0 [ 143.716815][ T8299] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 143.718868][ T8299] ? __pfx_mark_lock+0x10/0x10 [ 143.720791][ T8299] ? stack_depot_save_flags+0x28/0x9e0 [ 143.722980][ T8299] ? kasan_save_stack+0x42/0x60 [ 143.724823][ T8299] ? kasan_save_stack+0x33/0x60 [ 143.726624][ T8299] ? kasan_save_track+0x14/0x30 [ 143.728617][ T8299] ? kasan_save_free_info+0x3b/0x60 [ 143.730728][ T8299] ? __kasan_slab_free+0x51/0x70 [ 143.732175][ T8299] ? kfree+0x14f/0x4b0 [ 143.733352][ T8299] ? tomoyo_path_number_perm+0x46d/0x5b0 [ 143.735055][ T8299] ? security_file_ioctl_compat+0x9b/0x240 [ 143.736782][ T8299] ? __do_compat_sys_ioctl+0x4e/0x2c0 [ 143.738373][ T8299] ? __do_fast_syscall_32+0x73/0x120 [ 143.739937][ T8299] ? do_fast_syscall_32+0x32/0x80 [ 143.741390][ T8299] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 143.743275][ T8299] ? kvm_arch_vm_compat_ioctl+0x2d1/0x480 [ 143.745038][ T8299] ? hlock_class+0x4e/0x130 [ 143.746351][ T8299] ? mark_lock+0xb5/0xc60 [ 143.747630][ T8299] ? __pfx_kvm_arch_vm_compat_ioctl+0x10/0x10 [ 143.749373][ T8299] ? __pfx_mark_lock+0x10/0x10 [ 143.750766][ T8299] ? find_held_lock+0x2d/0x110 [ 143.752158][ T8299] ? tomoyo_path_number_perm+0x298/0x5b0 [ 143.753772][ T8299] ? __pfx_lock_release+0x10/0x10 [ 143.755313][ T8299] ? tomoyo_path_number_perm+0x46d/0x5b0 [ 143.756912][ T8299] ? tomoyo_path_number_perm+0x190/0x5b0 [ 143.758559][ T8299] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 143.760299][ T8299] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 143.761996][ T8299] ? do_vfs_ioctl+0x513/0x1950 [ 143.763378][ T8299] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 143.764954][ T8299] kvm_vm_compat_ioctl+0x399/0x440 [ 143.766423][ T8299] ? __pfx_kvm_vm_compat_ioctl+0x10/0x10 [ 143.768075][ T8299] ? __pfx_lock_release+0x10/0x10 [ 143.769522][ T8299] ? trace_lock_acquire+0x14e/0x1f0 [ 143.771017][ T8299] ? __fget_files+0x206/0x3a0 [ 143.772420][ T8299] ? __pfx_kvm_vm_compat_ioctl+0x10/0x10 [ 143.774034][ T8299] __do_compat_sys_ioctl+0x1cb/0x2c0 [ 143.775876][ T8299] __do_fast_syscall_32+0x73/0x120 [ 143.777405][ T8299] do_fast_syscall_32+0x32/0x80 [ 143.778817][ T8299] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 143.780639][ T8299] RIP: 0023:0xf7f72579 [ 143.781772][ T8299] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 143.787394][ T8299] RSP: 002b:00000000f50a555c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 143.789751][ T8299] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000004020ae76 [ 143.791992][ T8299] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 143.794235][ T8299] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 143.796862][ T8299] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 143.799151][ T8299] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 143.801552][ T8299] [ 145.461959][ T8331] netlink: 'syz.0.638': attribute type 1 has an invalid length. [ 145.479012][ T8331] 8021q: adding VLAN 0 to HW filter on device bond1 [ 145.976938][ T8342] netlink: 44 bytes leftover after parsing attributes in process `syz.1.641'. [ 146.769810][ T8349] »»»»»» speed is unknown, defaulting to 1000 [ 146.816100][ T8349] »»»»»» speed is unknown, defaulting to 1000 [ 146.935467][ T8354] netlink: 12 bytes leftover after parsing attributes in process `syz.3.645'. [ 147.340610][ T5986] libceph: connect (1)[c::]:6789 error -101 [ 147.342688][ T5986] libceph: mon0 (1)[c::]:6789 connect error [ 147.604509][ T5986] libceph: connect (1)[c::]:6789 error -101 [ 147.606524][ T5986] libceph: mon0 (1)[c::]:6789 connect error [ 147.756832][ T8380] FAULT_INJECTION: forcing a failure. [ 147.756832][ T8380] name failslab, interval 1, probability 0, space 0, times 0 [ 147.763121][ T8380] CPU: 2 UID: 0 PID: 8380 Comm: syz.2.651 Not tainted 6.13.0-syzkaller #0 [ 147.765581][ T8380] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 147.769748][ T8380] Call Trace: [ 147.771238][ T8380] [ 147.772374][ T8380] dump_stack_lvl+0x16c/0x1f0 [ 147.773739][ T8380] should_fail_ex+0x497/0x5b0 [ 147.775120][ T8380] ? fs_reclaim_acquire+0xae/0x150 [ 147.776674][ T8380] should_failslab+0xc2/0x120 [ 147.778126][ T8380] kmem_cache_alloc_node_noprof+0x72/0x3b0 [ 147.779814][ T8380] ? __lock_acquire+0x15a9/0x3c40 [ 147.781258][ T8380] ? __alloc_skb+0x2b3/0x380 [ 147.782770][ T8380] __alloc_skb+0x2b3/0x380 [ 147.784164][ T8380] ? __pfx___alloc_skb+0x10/0x10 [ 147.785618][ T8380] netlink_alloc_large_skb+0x69/0x130 [ 147.787207][ T8380] netlink_sendmsg+0x689/0xd70 [ 147.788591][ T8380] ? __pfx_netlink_sendmsg+0x10/0x10 [ 147.790125][ T8380] ____sys_sendmsg+0x9ae/0xb40 [ 147.791509][ T8380] ? __pfx_____sys_sendmsg+0x10/0x10 [ 147.793029][ T8380] ? get_compat_msghdr+0x11b/0x170 [ 147.794518][ T8380] ___sys_sendmsg+0x135/0x1e0 [ 147.795899][ T8380] ? __pfx____sys_sendmsg+0x10/0x10 [ 147.797406][ T8380] ? __pfx_lock_release+0x10/0x10 [ 147.798869][ T8380] ? trace_lock_acquire+0x14e/0x1f0 [ 147.800483][ T8380] ? __fget_files+0x206/0x3a0 [ 147.801860][ T8380] __sys_sendmsg+0x16e/0x220 [ 147.803203][ T8380] ? __pfx___sys_sendmsg+0x10/0x10 [ 147.804693][ T8380] __do_fast_syscall_32+0x73/0x120 [ 147.806171][ T8380] do_fast_syscall_32+0x32/0x80 [ 147.807601][ T8380] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 147.809424][ T8380] RIP: 0023:0xf710e579 [ 147.810605][ T8380] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 147.816000][ T8380] RSP: 002b:00000000f510055c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 147.818375][ T8380] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000500 [ 147.820629][ T8380] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 147.822741][ T8380] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 147.824984][ T8380] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 147.827081][ T8380] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 147.829356][ T8380] [ 148.125667][ T5986] libceph: connect (1)[c::]:6789 error -101 [ 148.128900][ T5986] libceph: mon0 (1)[c::]:6789 connect error [ 148.153560][ T8372] ceph: No mds server is up or the cluster is laggy [ 149.119831][ T5986] usb 5-1: new full-speed USB device number 4 using dummy_hcd [ 149.289837][ T5986] usb 5-1: device descriptor read/64, error -71 [ 149.529837][ T5986] usb 5-1: new full-speed USB device number 5 using dummy_hcd [ 149.679910][ T5986] usb 5-1: device descriptor read/64, error -71 [ 149.800748][ T5986] usb usb5-port1: attempt power cycle [ 150.126879][ T8429] netlink: 12 bytes leftover after parsing attributes in process `syz.2.662'. [ 150.134766][ T8429] netlink: 'syz.2.662': attribute type 25 has an invalid length. [ 150.146870][ T8429] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 150.149712][ T8429] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 150.152508][ T8429] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 150.155091][ T8429] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 150.409814][ T5986] usb 5-1: new full-speed USB device number 6 using dummy_hcd [ 150.440315][ T5986] usb 5-1: device descriptor read/8, error -71 [ 150.679850][ T5986] usb 5-1: new full-speed USB device number 7 using dummy_hcd [ 150.710272][ T5986] usb 5-1: device descriptor read/8, error -71 [ 150.830296][ T5986] usb usb5-port1: unable to enumerate USB device [ 151.275790][ T8452] FAULT_INJECTION: forcing a failure. [ 151.275790][ T8452] name failslab, interval 1, probability 0, space 0, times 0 [ 151.279554][ T8452] CPU: 0 UID: 0 PID: 8452 Comm: syz.2.671 Not tainted 6.13.0-syzkaller #0 [ 151.282046][ T8452] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 151.285174][ T8452] Call Trace: [ 151.286175][ T8452] [ 151.287079][ T8452] dump_stack_lvl+0x16c/0x1f0 [ 151.288474][ T8452] should_fail_ex+0x497/0x5b0 [ 151.289860][ T8452] should_failslab+0xc2/0x120 [ 151.291495][ T8452] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 151.293099][ T8452] ? skb_clone+0x190/0x3f0 [ 151.294455][ T8452] skb_clone+0x190/0x3f0 [ 151.295721][ T8452] netlink_deliver_tap+0xafd/0xca0 [ 151.297275][ T8452] netlink_unicast+0x5e1/0x7f0 [ 151.298691][ T8452] ? __pfx_netlink_unicast+0x10/0x10 [ 151.300265][ T8452] ? __phys_addr_symbol+0x30/0x80 [ 151.301755][ T8452] ? __check_object_size+0x488/0x710 [ 151.303335][ T8452] netlink_sendmsg+0x8b8/0xd70 [ 151.304740][ T8452] ? __pfx_netlink_sendmsg+0x10/0x10 [ 151.306300][ T8452] ____sys_sendmsg+0x9ae/0xb40 [ 151.307741][ T8452] ? __pfx_____sys_sendmsg+0x10/0x10 [ 151.309303][ T8452] ? get_compat_msghdr+0x11b/0x170 [ 151.310792][ T8452] ___sys_sendmsg+0x135/0x1e0 [ 151.312198][ T8452] ? __pfx____sys_sendmsg+0x10/0x10 [ 151.313767][ T8452] ? __pfx_lock_release+0x10/0x10 [ 151.315252][ T8452] ? trace_lock_acquire+0x14e/0x1f0 [ 151.316800][ T8452] ? __fget_files+0x206/0x3a0 [ 151.318189][ T8452] __sys_sendmsg+0x16e/0x220 [ 151.319606][ T8452] ? __pfx___sys_sendmsg+0x10/0x10 [ 151.321123][ T8452] __do_fast_syscall_32+0x73/0x120 [ 151.322653][ T8452] do_fast_syscall_32+0x32/0x80 [ 151.324110][ T8452] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 151.325960][ T8452] RIP: 0023:0xf710e579 [ 151.327184][ T8452] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 151.332781][ T8452] RSP: 002b:00000000f510055c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 151.335260][ T8452] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 151.337582][ T8452] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 151.339909][ T8452] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 151.342214][ T8452] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 151.344526][ T8452] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 151.346839][ T8452] [ 151.436936][ T8459] netlink: 'syz.2.672': attribute type 16 has an invalid length. [ 151.439991][ T8459] netlink: 'syz.2.672': attribute type 3 has an invalid length. [ 151.442196][ T8459] netlink: 64066 bytes leftover after parsing attributes in process `syz.2.672'. [ 151.622452][ T8466] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 151.625418][ T8466] netlink: 4 bytes leftover after parsing attributes in process `syz.2.674'. [ 151.628390][ T8466] netlink: 12 bytes leftover after parsing attributes in process `syz.2.674'. [ 152.413128][ T8488] netlink: 'syz.1.681': attribute type 1 has an invalid length. [ 152.415978][ T8488] netlink: 'syz.1.681': attribute type 4 has an invalid length. [ 152.418945][ T8488] netlink: 15334 bytes leftover after parsing attributes in process `syz.1.681'. [ 153.219806][ T834] usb 6-1: new full-speed USB device number 4 using dummy_hcd [ 153.359883][ T834] usb 6-1: device descriptor read/64, error -71 [ 153.575414][ T8518] netlink: 12 bytes leftover after parsing attributes in process `syz.3.687'. [ 153.619967][ T834] usb 6-1: new full-speed USB device number 5 using dummy_hcd [ 153.981170][ T834] usb 6-1: device descriptor read/64, error -71 [ 154.370115][ T834] usb usb6-port1: attempt power cycle [ 154.710206][ T834] usb 6-1: new full-speed USB device number 6 using dummy_hcd [ 154.740895][ T834] usb 6-1: device descriptor read/8, error -71 [ 154.989824][ T834] usb 6-1: new full-speed USB device number 7 using dummy_hcd [ 155.010297][ T834] usb 6-1: device descriptor read/8, error -71 [ 155.120026][ T834] usb usb6-port1: unable to enumerate USB device [ 155.271446][ T8542] openvswitch: netlink: Invalid VLAN frame [ 155.420366][ T8544] netlink: 48 bytes leftover after parsing attributes in process `syz.3.695'. [ 155.510735][ T8547] mkiss: ax0: crc mode is auto. [ 155.586102][ T8548] mkiss: ax0: crc mode is auto. [ 155.912091][ T39] kauditd_printk_skb: 4 callbacks suppressed [ 155.912101][ T39] audit: type=1326 audit(1737408114.057:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8561 comm="syz.0.702" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x0 [ 155.938981][ T8568] netlink: 48 bytes leftover after parsing attributes in process `syz.2.704'. [ 156.052281][ T8575] netlink: 36 bytes leftover after parsing attributes in process `syz.1.697'. [ 156.078781][ T39] audit: type=1326 audit(1737408114.217:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8576 comm="syz.3.707" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f72579 code=0x7ffc0000 [ 156.088940][ T39] audit: type=1326 audit(1737408114.217:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8576 comm="syz.3.707" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f72579 code=0x7ffc0000 [ 156.095529][ T39] audit: type=1326 audit(1737408114.227:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8576 comm="syz.3.707" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7f72579 code=0x7ffc0000 [ 156.102362][ T39] audit: type=1326 audit(1737408114.227:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8576 comm="syz.3.707" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f72579 code=0x7ffc0000 [ 156.108794][ T39] audit: type=1326 audit(1737408114.227:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8576 comm="syz.3.707" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f72579 code=0x7ffc0000 [ 156.115495][ T39] audit: type=1326 audit(1737408114.227:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8576 comm="syz.3.707" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f72579 code=0x7ffc0000 [ 156.124099][ T39] audit: type=1326 audit(1737408114.227:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8576 comm="syz.3.707" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f72579 code=0x7ffc0000 [ 156.130964][ T39] audit: type=1326 audit(1737408114.227:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8576 comm="syz.3.707" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f72579 code=0x7ffc0000 [ 156.137619][ T39] audit: type=1326 audit(1737408114.237:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8576 comm="syz.3.707" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f72579 code=0x7ffc0000 [ 156.221490][ T8580] netlink: 12 bytes leftover after parsing attributes in process `syz.3.708'. [ 156.691697][ T8589] hsr0: left promiscuous mode [ 156.695153][ T8589] vlan3: entered allmulticast mode [ 156.696699][ T8589] hsr0: entered allmulticast mode [ 156.698187][ T8589] hsr_slave_0: entered allmulticast mode [ 156.699982][ T8589] hsr_slave_1: entered allmulticast mode [ 156.737191][ T8591] netlink: 236 bytes leftover after parsing attributes in process `syz.1.712'. [ 156.805302][ T8594] netlink: 4 bytes leftover after parsing attributes in process `syz.1.712'. [ 156.808457][ T8594] netlink: 173 bytes leftover after parsing attributes in process `syz.1.712'. [ 157.060270][ T8600] netlink: 48 bytes leftover after parsing attributes in process `syz.2.715'. [ 157.479856][ T57] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 157.630070][ T57] usb 7-1: Using ep0 maxpacket: 16 [ 157.642331][ T57] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 157.645441][ T57] usb 7-1: New USB device found, idVendor=172f, idProduct=0034, bcdDevice= 0.00 [ 157.647919][ T57] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 157.656002][ T57] usb 7-1: config 0 descriptor?? [ 157.695355][ T8618] netlink: 8 bytes leftover after parsing attributes in process `syz.0.721'. [ 157.698363][ T8615] netlink: 36 bytes leftover after parsing attributes in process `syz.3.719'. [ 157.699701][ T8616] netlink: 8 bytes leftover after parsing attributes in process `syz.1.722'. [ 157.803817][ T8624] usb usb1: usbfs: process 8624 (syz.1.725) did not claim interface 0 before use [ 157.967085][ T8626] netlink: 20 bytes leftover after parsing attributes in process `syz.0.723'. [ 157.999971][ T8628] netlink: 20 bytes leftover after parsing attributes in process `syz.1.726'. [ 158.004750][ T8626] netlink: 120 bytes leftover after parsing attributes in process `syz.0.723'. [ 158.132177][ T57] usbhid 7-1:0.0: can't add hid device: -71 [ 158.133954][ T57] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 158.137325][ T57] usb 7-1: USB disconnect, device number 4 [ 158.479915][ T8646] rtc_cmos 00:05: Alarms can be up to one day in the future [ 158.485981][ T8645] rtc_cmos 00:05: Alarms can be up to one day in the future [ 158.489285][ T835] rtc_cmos 00:05: Alarms can be up to one day in the future [ 158.492222][ T835] rtc_cmos 00:05: Alarms can be up to one day in the future [ 158.495032][ T835] rtc_cmos 00:05: Alarms can be up to one day in the future [ 158.497751][ T835] rtc_cmos 00:05: Alarms can be up to one day in the future [ 158.500367][ T835] rtc rtc0: __rtc_set_alarm: err=-22 [ 159.860456][ T8677] netlink: 'syz.3.740': attribute type 10 has an invalid length. [ 159.863355][ T8677] bridge0: port 3(team0) entered disabled state [ 159.867214][ T8677] bridge0: port 2(bridge_slave_1) entered disabled state [ 159.869372][ T8677] bridge0: port 1(bridge_slave_0) entered disabled state [ 159.875541][ T8677] bridge0: port 3(team0) entered blocking state [ 159.877382][ T8677] bridge0: port 3(team0) entered forwarding state [ 159.879322][ T8677] bridge0: port 2(bridge_slave_1) entered blocking state [ 159.881378][ T8677] bridge0: port 2(bridge_slave_1) entered forwarding state [ 159.883508][ T8677] bridge0: port 1(bridge_slave_0) entered blocking state [ 159.885526][ T8677] bridge0: port 1(bridge_slave_0) entered forwarding state [ 159.889579][ T8677] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 159.900553][ T8677] bridge0: port 3(team0) entered disabled state [ 159.904043][ T8677] bridge_slave_1: left allmulticast mode [ 159.905732][ T8677] bridge_slave_1: left promiscuous mode [ 159.907398][ T8677] bridge0: port 2(bridge_slave_1) entered disabled state [ 159.913925][ T8677] bridge_slave_0: left allmulticast mode [ 159.915601][ T8677] bridge_slave_0: left promiscuous mode [ 159.917231][ T8677] bridge0: port 1(bridge_slave_0) entered disabled state [ 159.930034][ T8677] bond0: (slave bridge0): Releasing backup interface [ 160.049870][ T8675] netlink: 'syz.0.741': attribute type 14 has an invalid length. [ 160.075071][ T8682] tmpfs: Unknown parameter 'indo64' [ 160.957035][ C2] vxcan0: j1939_xtp_rx_dat: no tx connection found [ 160.959943][ C2] vxcan0: j1939_xtp_rx_dat: no rx connection found [ 160.962566][ C2] vxcan0: j1939_xtp_rx_dat: no tx connection found [ 160.965088][ C2] vxcan0: j1939_xtp_rx_dat: no rx connection found [ 160.967683][ C2] vxcan0: j1939_xtp_rx_dat: no tx connection found [ 160.970319][ C2] vxcan0: j1939_xtp_rx_dat: no rx connection found [ 160.972921][ C2] vxcan0: j1939_xtp_rx_dat: no tx connection found [ 160.975460][ C2] vxcan0: j1939_xtp_rx_dat: no rx connection found [ 160.978032][ C2] vxcan0: j1939_xtp_rx_dat: no tx connection found [ 160.980618][ C2] vxcan0: j1939_xtp_rx_dat: no rx connection found [ 160.983214][ C2] vxcan0: j1939_xtp_rx_dat: no tx connection found [ 160.985747][ C2] vxcan0: j1939_xtp_rx_dat: no rx connection found [ 160.988303][ C2] vxcan0: j1939_xtp_rx_dat: no tx connection found [ 160.990865][ C2] vxcan0: j1939_xtp_rx_dat: no rx connection found [ 160.993433][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 160.996481][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 160.999608][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 161.001933][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 161.002857][ T39] kauditd_printk_skb: 21 callbacks suppressed [ 161.002865][ T39] audit: type=1326 audit(1737408119.147:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8698 comm="syz.2.751" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x0 [ 161.004249][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 161.014088][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 161.016374][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 161.018631][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 161.020969][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 161.023351][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 161.026620][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 161.028950][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 161.031538][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 161.033802][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 161.036117][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 161.038378][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 161.040708][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 161.043013][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 161.045273][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 161.047598][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 161.049911][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 161.052184][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 161.054538][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 161.056929][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 161.059285][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 161.061625][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 161.063911][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 161.066119][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 161.068500][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 161.070768][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 161.073155][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 161.075445][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 161.077760][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 161.080042][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 161.082303][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 161.086768][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 161.086811][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 161.086819][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 161.086847][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 161.095979][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 161.098312][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 161.100607][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 161.102861][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 161.105144][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 161.107459][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 161.109765][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 161.112021][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 161.114315][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 161.116592][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 161.118864][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 161.121212][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 161.123510][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 161.125809][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 161.128144][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 161.130472][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 161.132831][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 161.135405][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 161.137659][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 161.140070][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 161.142318][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 161.144638][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 161.146905][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 161.149209][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 161.151504][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 161.153774][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 161.156071][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 161.158349][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 161.160688][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 161.162962][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 161.165231][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 161.167944][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 161.171067][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 161.173998][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 161.176419][ C2] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 161.571868][ T8717] overlay: ./file0 is not a directory [ 161.655904][ T8722] FAULT_INJECTION: forcing a failure. [ 161.655904][ T8722] name failslab, interval 1, probability 0, space 0, times 0 [ 161.661237][ T8722] CPU: 3 UID: 0 PID: 8722 Comm: syz.1.759 Not tainted 6.13.0-syzkaller #0 [ 161.664531][ T8722] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 161.668670][ T8722] Call Trace: [ 161.669972][ T8722] [ 161.670847][ T8722] dump_stack_lvl+0x16c/0x1f0 [ 161.672485][ T8722] should_fail_ex+0x497/0x5b0 [ 161.674300][ T8722] ? fs_reclaim_acquire+0xae/0x150 [ 161.676299][ T8722] should_failslab+0xc2/0x120 [ 161.678171][ T8722] __kmalloc_cache_noprof+0x68/0x420 [ 161.680236][ T8722] allocate_file_region_entries+0x1a3/0x620 [ 161.682550][ T8722] ? __pfx_allocate_file_region_entries+0x10/0x10 [ 161.685059][ T8722] region_chg+0x85/0x140 [ 161.686738][ T8722] __vma_reservation_common+0x43d/0x740 [ 161.688901][ T8722] ? __pfx___vma_reservation_common+0x10/0x10 [ 161.691282][ T8722] ? __pfx___might_resched+0x10/0x10 [ 161.693347][ T8722] ? folio_zero_user+0x255/0x5f0 [ 161.695300][ T8722] hugetlb_fault+0x1cca/0x2fb0 [ 161.697177][ T8722] ? rwsem_read_trylock+0x12d/0x250 [ 161.699204][ T8722] ? __pfx_hugetlb_fault+0x10/0x10 [ 161.700909][ T8722] ? find_held_lock+0x2d/0x110 [ 161.702621][ T8722] ? __pfx___up_read+0x10/0x10 [ 161.704180][ T8722] handle_mm_fault+0x930/0xaa0 [ 161.705585][ T8722] __get_user_pages+0x8d9/0x3b50 [ 161.707072][ T8722] ? __pfx___get_user_pages+0x10/0x10 [ 161.708652][ T8722] ? down_read_killable+0xcc/0x380 [ 161.710145][ T8722] ? __pfx_down_read_killable+0x10/0x10 [ 161.711756][ T8722] ? __pfx_lock_release+0x10/0x10 [ 161.713216][ T8722] ? __pfx___lock_acquire+0x10/0x10 [ 161.715056][ T8722] __gup_longterm_locked+0x211/0x1870 [ 161.716778][ T8722] ? __pfx___gup_longterm_locked+0x10/0x10 [ 161.718654][ T8722] ? gup_fast_fallback+0x1218/0x2690 [ 161.720189][ T8722] ? __pfx_lock_release+0x10/0x10 [ 161.721659][ T8722] ? trace_lock_acquire+0x14e/0x1f0 [ 161.723193][ T8722] ? kasan_save_stack+0x33/0x60 [ 161.724691][ T8722] ? __kasan_kmalloc+0xaa/0xb0 [ 161.726076][ T8722] ? sanity_check_pinned_pages+0x23/0x11e0 [ 161.727810][ T8722] gup_fast_fallback+0x1802/0x2690 [ 161.729271][ T8722] ? __pfx_gup_fast_fallback+0x10/0x10 [ 161.730834][ T8722] pin_user_pages_fast+0xa8/0x100 [ 161.732392][ T8722] ? __pfx_pin_user_pages_fast+0x10/0x10 [ 161.734072][ T8722] ? __kmalloc_noprof+0x23b/0x4f0 [ 161.735542][ T8722] ? rds_info_getsockopt+0x376/0x4f0 [ 161.737071][ T8722] rds_info_getsockopt+0x39a/0x4f0 [ 161.738542][ T8722] ? __might_fault+0x13b/0x190 [ 161.739955][ T8722] ? __pfx_rds_info_getsockopt+0x10/0x10 [ 161.741606][ T8722] ? trace_lock_acquire+0x14e/0x1f0 [ 161.743182][ T8722] ? lock_acquire+0x2f/0xb0 [ 161.744526][ T8722] ? __might_fault+0xe3/0x190 [ 161.745949][ T8722] ? __might_fault+0xe3/0x190 [ 161.747349][ T8722] rds_getsockopt+0x173/0x2d0 [ 161.748721][ T8722] ? __pfx_rds_getsockopt+0x10/0x10 [ 161.750220][ T8722] do_sock_getsockopt+0x3fe/0x870 [ 161.751723][ T8722] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 161.753403][ T8722] ? lock_acquire+0x2f/0xb0 [ 161.754892][ T8722] ? __fget_files+0x40/0x3a0 [ 161.756316][ T8722] ? __fget_files+0x206/0x3a0 [ 161.757785][ T8722] __sys_getsockopt+0x12f/0x260 [ 161.759235][ T8722] __ia32_sys_getsockopt+0xbc/0x160 [ 161.760748][ T8722] ? lockdep_hardirqs_on+0x7c/0x110 [ 161.762378][ T8722] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 161.764358][ T8722] __do_fast_syscall_32+0x73/0x120 [ 161.765845][ T8722] do_fast_syscall_32+0x32/0x80 [ 161.767291][ T8722] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 161.769131][ T8722] RIP: 0023:0xf7f85579 [ 161.770361][ T8722] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 161.775935][ T8722] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 000000000000016d [ 161.778317][ T8722] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000114 [ 161.780569][ T8722] RDX: 0000000000002711 RSI: 0000000020c35fff RDI: 0000000020000000 [ 161.783504][ T8722] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 161.786749][ T8722] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 161.789073][ T8722] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 161.791344][ T8722] [ 161.792526][ C3] vkms_vblank_simulate: vblank timer overrun [ 162.987808][ T8741] __nla_validate_parse: 8 callbacks suppressed [ 162.987846][ T8741] netlink: 36 bytes leftover after parsing attributes in process `syz.3.762'. [ 163.393875][ T8745] openvswitch: netlink: Invalid VLAN frame [ 163.644247][ T8747] trusted_key: encrypted_key: hex blob is missing [ 163.683600][ T8749] netlink: 12 bytes leftover after parsing attributes in process `syz.3.768'. [ 164.553526][ T8779] netlink: 12 bytes leftover after parsing attributes in process `syz.2.777'. [ 164.713155][ T8787] netlink: 36 bytes leftover after parsing attributes in process `syz.1.775'. [ 165.130268][ T8805] FAULT_INJECTION: forcing a failure. [ 165.130268][ T8805] name failslab, interval 1, probability 0, space 0, times 0 [ 165.133252][ T8807] fuse: Bad value for 'fd' [ 165.139978][ T8805] CPU: 0 UID: 0 PID: 8805 Comm: syz.2.785 Not tainted 6.13.0-syzkaller #0 [ 165.142457][ T8805] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 165.145552][ T8805] Call Trace: [ 165.146531][ T8805] [ 165.147415][ T8805] dump_stack_lvl+0x16c/0x1f0 [ 165.148805][ T8805] should_fail_ex+0x497/0x5b0 [ 165.150200][ T8805] ? fs_reclaim_acquire+0xae/0x150 [ 165.151708][ T8805] should_failslab+0xc2/0x120 [ 165.153082][ T8805] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 165.154640][ T8805] ? mas_alloc_nodes+0x18b/0x880 [ 165.156097][ T8805] mas_alloc_nodes+0x18b/0x880 [ 165.157506][ T8805] mas_node_count_gfp+0x105/0x130 [ 165.158970][ T8805] mas_preallocate+0x53f/0xce0 [ 165.160368][ T8805] ? __pfx_mas_preallocate+0x10/0x10 [ 165.161923][ T8805] ? anon_vma_name+0x75/0x100 [ 165.163303][ T8805] __split_vma+0x474/0x1210 [ 165.164637][ T8805] ? __pfx___split_vma+0x10/0x10 [ 165.166084][ T8805] vms_gather_munmap_vmas+0x38b/0x1730 [ 165.167691][ T8805] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 165.169410][ T8805] ? mas_walk+0x6a6/0x910 [ 165.170678][ T8805] __mmap_region+0x32c/0x2760 [ 165.172054][ T8805] ? __pfx___mmap_region+0x10/0x10 [ 165.173547][ T8805] ? hlock_class+0x4e/0x130 [ 165.174876][ T8805] ? mark_lock+0xb5/0xc60 [ 165.176143][ T8805] ? process_measurement+0x1e8/0x2370 [ 165.177729][ T8805] ? __pfx_process_measurement+0x10/0x10 [ 165.179382][ T8805] ? mm_get_unmapped_area+0x95/0xe0 [ 165.180885][ T8805] mmap_region+0x270/0x320 [ 165.182145][ T8805] do_mmap+0xa09/0x1050 [ 165.183251][ T8805] vm_mmap_pgoff+0x1ba/0x360 [ 165.184593][ T8805] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 165.186063][ T8805] ? __fget_files+0x206/0x3a0 [ 165.187438][ T8805] ksys_mmap_pgoff+0x32c/0x5c0 [ 165.188828][ T8805] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 165.190381][ T8805] __do_fast_syscall_32+0x73/0x120 [ 165.191880][ T8805] do_fast_syscall_32+0x32/0x80 [ 165.193292][ T8805] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 165.195120][ T8805] RIP: 0023:0xf710e579 [ 165.196278][ T8805] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 165.201616][ T8805] RSP: 002b:00000000f510055c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 165.203991][ T8805] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000600402 [ 165.206248][ T8805] RDX: 00000000007ffffe RSI: 0000000004002011 RDI: 0000000000000004 [ 165.208510][ T8805] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 165.210762][ T8805] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 165.213044][ T8805] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 165.215329][ T8805] [ 165.625623][ T8817] openvswitch: netlink: Invalid VLAN frame [ 166.783020][ T8844] netlink: 36 bytes leftover after parsing attributes in process `syz.1.796'. [ 167.404689][ T8850] netlink: 4 bytes leftover after parsing attributes in process `syz.3.800'. [ 167.555760][ T8862] »»»»»» speed is unknown, defaulting to 1000 [ 167.704530][ T8862] »»»»»» speed is unknown, defaulting to 1000 [ 168.107196][ T8876] netlink: 'syz.2.804': attribute type 10 has an invalid length. [ 168.161692][ T8877] netlink: 4 bytes leftover after parsing attributes in process `syz.2.804'. [ 168.332774][ T8876] bridge0: port 2(bridge_slave_1) entered disabled state [ 168.335058][ T8876] bridge0: port 1(bridge_slave_0) entered disabled state [ 168.341186][ T8876] bridge0: port 2(bridge_slave_1) entered blocking state [ 168.343630][ T8876] bridge0: port 2(bridge_slave_1) entered forwarding state [ 168.345749][ T8876] bridge0: port 1(bridge_slave_0) entered blocking state [ 168.347771][ T8876] bridge0: port 1(bridge_slave_0) entered forwarding state [ 168.351393][ T8876] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 168.354064][ T8877] bridge0: port 3(team0) entered disabled state [ 168.357142][ T8877] bridge_slave_1: left allmulticast mode [ 168.358801][ T8877] bridge_slave_1: left promiscuous mode [ 168.360560][ T8877] bridge0: port 2(bridge_slave_1) entered disabled state [ 168.366562][ T8877] bridge_slave_0: left allmulticast mode [ 168.368446][ T8877] bridge_slave_0: left promiscuous mode [ 168.370227][ T8877] bridge0: port 1(bridge_slave_0) entered disabled state [ 168.474103][ T8877] bond0: (slave bridge0): Releasing backup interface [ 169.239508][ T8892] netlink: 36 bytes leftover after parsing attributes in process `syz.3.809'. [ 169.357422][ T8902] netlink: 32 bytes leftover after parsing attributes in process `syz.1.813'. [ 170.339801][ T835] usb 8-1: new high-speed USB device number 8 using dummy_hcd [ 170.507588][ T835] usb 8-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 170.510748][ T835] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 170.514015][ T835] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 170.516859][ T835] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 170.521803][ T835] usb 8-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 170.525323][ T835] usb 8-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 170.527782][ T835] usb 8-1: Manufacturer: syz [ 170.530109][ T835] usb 8-1: config 0 descriptor?? [ 170.676135][ T8933] netlink: 'syz.1.825': attribute type 1 has an invalid length. [ 170.725835][ T8935] 9pnet: Found fid 0 not clunked [ 170.908501][ T8943] fuse: Bad value for 'group_id' [ 170.910083][ T8943] fuse: Bad value for 'group_id' [ 170.952893][ T835] appleir 0003:05AC:8243.0002: unknown main item tag 0x0 [ 170.955913][ T835] appleir 0003:05AC:8243.0002: No inputs registered, leaving [ 170.965024][ T835] appleir 0003:05AC:8243.0002: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.3-1/input0 [ 171.060726][ T8947] netlink: 36 bytes leftover after parsing attributes in process `syz.0.827'. [ 171.223987][ T57] usb 8-1: USB disconnect, device number 8 [ 171.934700][ T8962] xt_CT: You must specify a L4 protocol and not use inversions on it [ 172.832008][ T8992] netlink: 'syz.3.844': attribute type 9 has an invalid length. [ 172.834553][ T8992] FAULT_INJECTION: forcing a failure. [ 172.834553][ T8992] name failslab, interval 1, probability 0, space 0, times 0 [ 172.838235][ T8992] CPU: 2 UID: 0 PID: 8992 Comm: syz.3.844 Not tainted 6.13.0-syzkaller #0 [ 172.840669][ T8992] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 172.843895][ T8992] Call Trace: [ 172.844859][ T8992] [ 172.845786][ T8992] dump_stack_lvl+0x16c/0x1f0 [ 172.847259][ T8992] should_fail_ex+0x497/0x5b0 [ 172.849020][ T8992] ? fs_reclaim_acquire+0xae/0x150 [ 172.850920][ T8992] should_failslab+0xc2/0x120 [ 172.852726][ T8992] __kmalloc_node_track_caller_noprof+0xcf/0x520 [ 172.855203][ T8992] ? kstrdup_const+0x63/0x80 [ 172.857013][ T8992] kstrdup+0x42/0xb0 [ 172.858609][ T8992] kstrdup_const+0x63/0x80 [ 172.860376][ T8992] __kernfs_new_node+0x9c/0x890 [ 172.861957][ T8992] ? hlock_class+0x4e/0x130 [ 172.863794][ T8992] ? __pfx___kernfs_new_node+0x10/0x10 [ 172.865369][ T8992] ? map_id_range_down+0x2bb/0x3a0 [ 172.866883][ T8992] ? __pfx_map_id_range_down+0x10/0x10 [ 172.868471][ T8992] ? __pfx___lock_acquire+0x10/0x10 [ 172.869959][ T8992] kernfs_new_node+0x186/0x240 [ 172.871382][ T8992] ? net_ns_get_ownership+0xf8/0x1b0 [ 172.873354][ T8992] kernfs_create_dir_ns+0x4c/0x150 [ 172.875149][ T8992] sysfs_create_dir_ns+0x13b/0x2b0 [ 172.876708][ T8992] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 172.878357][ T8992] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 172.880109][ T8992] ? kobject_add_internal+0x12d/0x990 [ 172.881752][ T8992] ? net_namespace+0x12/0x50 [ 172.883175][ T8992] ? device_namespace+0x76/0xa0 [ 172.884603][ T8992] kobject_add_internal+0x2c8/0x990 [ 172.886095][ T8992] kobject_add+0x16f/0x240 [ 172.887390][ T8992] ? __pfx_kobject_add+0x10/0x10 [ 172.888703][ T8992] ? lock_acquire+0x2f/0xb0 [ 172.889898][ T8992] ? get_device_parent+0x11f/0x4e0 [ 172.891315][ T8992] ? kobject_put+0xab/0x5a0 [ 172.892610][ T8992] ? device_add+0xc02/0x1a70 [ 172.893914][ T8992] device_add+0x289/0x1a70 [ 172.895194][ T8992] ? __pfx_dev_set_name+0x10/0x10 [ 172.896661][ T8992] ? __pfx_device_add+0x10/0x10 [ 172.898032][ T8992] ? __init_waitqueue_head+0xca/0x150 [ 172.899555][ T8992] netdev_register_kobject+0x183/0x3a0 [ 172.901137][ T8992] register_netdevice+0x1473/0x1e20 [ 172.902988][ T8992] ? __pfx_macvlan_compute_filter+0x10/0x10 [ 172.904693][ T8992] ? __pfx_register_netdevice+0x10/0x10 [ 172.906299][ T8992] macvlan_common_newlink+0x10d4/0x1a10 [ 172.907923][ T8992] ? __pfx_macvlan_common_newlink+0x10/0x10 [ 172.909818][ T8992] ? rtnl_create_link+0xa2e/0xf10 [ 172.911324][ T8992] ? __pfx_macvlan_newlink+0x10/0x10 [ 172.912873][ T8992] rtnl_newlink+0xbae/0x1d70 [ 172.914214][ T8992] ? __pfx_rtnl_newlink+0x10/0x10 [ 172.915730][ T8992] ? __pfx___lock_acquire+0x10/0x10 [ 172.917252][ T8992] ? kmem_cache_free+0x152/0x4c0 [ 172.918687][ T8992] ? aa_get_newest_label+0x376/0x680 [ 172.920223][ T8992] ? find_held_lock+0x2d/0x110 [ 172.921686][ T8992] ? find_held_lock+0x2d/0x110 [ 172.923122][ T8992] ? rtnetlink_rcv_msg+0x93a/0xea0 [ 172.924600][ T8992] ? __pfx_lock_release+0x10/0x10 [ 172.926050][ T8992] ? trace_lock_acquire+0x14e/0x1f0 [ 172.927564][ T8992] ? __pfx_rtnl_newlink+0x10/0x10 [ 172.929021][ T8992] rtnetlink_rcv_msg+0x95b/0xea0 [ 172.930454][ T8992] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 172.932150][ T8992] ? __pfx___dev_queue_xmit+0x10/0x10 [ 172.933778][ T8992] netlink_rcv_skb+0x165/0x410 [ 172.935138][ T8992] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 172.936736][ T8992] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 172.938263][ T8992] ? netlink_deliver_tap+0x1ae/0xca0 [ 172.939786][ T8992] netlink_unicast+0x53c/0x7f0 [ 172.941199][ T8992] ? __pfx_netlink_unicast+0x10/0x10 [ 172.942710][ T8992] ? __phys_addr_symbol+0x30/0x80 [ 172.944264][ T8992] ? __check_object_size+0x488/0x710 [ 172.945788][ T8992] netlink_sendmsg+0x8b8/0xd70 [ 172.947172][ T8992] ? __pfx_netlink_sendmsg+0x10/0x10 [ 172.948699][ T8992] ____sys_sendmsg+0x9ae/0xb40 [ 172.950075][ T8992] ? __pfx_____sys_sendmsg+0x10/0x10 [ 172.951684][ T8992] ? get_compat_msghdr+0x11b/0x170 [ 172.953181][ T8992] ___sys_sendmsg+0x135/0x1e0 [ 172.954575][ T8992] ? __pfx____sys_sendmsg+0x10/0x10 [ 172.956132][ T8992] ? __pfx_lock_release+0x10/0x10 [ 172.957590][ T8992] ? trace_lock_acquire+0x14e/0x1f0 [ 172.959099][ T8992] ? __fget_files+0x206/0x3a0 [ 172.960452][ T8992] __sys_sendmsg+0x16e/0x220 [ 172.961972][ T8992] ? __pfx___sys_sendmsg+0x10/0x10 [ 172.963889][ T8992] __do_fast_syscall_32+0x73/0x120 [ 172.965765][ T8992] do_fast_syscall_32+0x32/0x80 [ 172.967199][ T8992] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 172.969060][ T8992] RIP: 0023:0xf7f72579 [ 172.970236][ T8992] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 172.975772][ T8992] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 172.978165][ T8992] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000240 [ 172.980427][ T8992] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 172.982779][ T8992] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 172.985065][ T8992] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 172.987318][ T8992] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 172.989572][ T8992] [ 172.992908][ T8992] kobject: kobject_add_internal failed for macvlan2 (error: -12 parent: net) [ 173.022577][ T8993] netlink: 36 bytes leftover after parsing attributes in process `syz.0.841'. [ 173.065056][ T8999] netlink: zone id is out of range [ 173.067067][ T8999] netlink: del zone limit has 8 unknown bytes [ 173.089558][ T8997] netlink: 'syz.2.845': attribute type 4 has an invalid length. [ 173.096938][ T8997] netlink: 16 bytes leftover after parsing attributes in process `syz.2.845'. [ 173.501464][ T9020] netlink: 20 bytes leftover after parsing attributes in process `syz.2.854'. [ 173.504016][ T9020] netlink: 20 bytes leftover after parsing attributes in process `syz.2.854'. [ 174.176325][ T9037] netlink: 12 bytes leftover after parsing attributes in process `syz.1.858'. [ 174.330452][ T9040] netlink: 8 bytes leftover after parsing attributes in process `syz.1.859'. [ 174.333015][ T9040] netlink: 4 bytes leftover after parsing attributes in process `syz.1.859'. [ 174.335724][ T9040] netlink: 'syz.1.859': attribute type 12 has an invalid length. [ 174.338071][ T9040] netlink: 'syz.1.859': attribute type 11 has an invalid length. [ 174.643302][ T9059] netlink: 36 bytes leftover after parsing attributes in process `syz.3.863'. [ 174.652820][ T835] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 174.798054][ T9061] overlayfs: failed to resolve './file1': -2 [ 174.811858][ T835] usb 7-1: config index 0 descriptor too short (expected 23569, got 27) [ 174.818227][ T835] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 174.822850][ T835] usb 7-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 174.825825][ T835] usb 7-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 174.828335][ T835] usb 7-1: Manufacturer: syz [ 174.836589][ T835] usb 7-1: config 0 descriptor?? [ 174.889956][ T835] rc_core: IR keymap rc-hauppauge not found [ 174.892517][ T835] Registered IR keymap rc-empty [ 174.898079][ T835] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/rc/rc0 [ 174.902891][ T835] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/rc/rc0/input10 [ 175.172132][ T9069] netlink: 4 bytes leftover after parsing attributes in process `syz.1.868'. [ 177.264603][ T9102] trusted_key: encrypted_key: insufficient parameters specified [ 177.268214][ T9102] trusted_key: encrypted_key: insufficient parameters specified [ 177.272268][ T9102] trusted_key: encrypted_key: insufficient parameters specified [ 177.304650][ T9102] trusted_key: encrypted_key: insufficient parameters specified [ 177.307353][ T9102] trusted_key: encrypted_key: insufficient parameters specified [ 177.329061][ T9102] trusted_key: encrypted_key: insufficient parameters specified [ 177.338018][ T39] audit: type=1804 audit(1737408135.467:208): pid=9104 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.877" name="/newroot/255/file0/bus" dev="ramfs" ino=25448 res=1 errno=0 [ 177.445130][ T835] usb 7-1: USB disconnect, device number 5 [ 177.627695][ T9115] netlink: 'syz.2.878': attribute type 4 has an invalid length. [ 177.630256][ T9115] netlink: 'syz.2.878': attribute type 4 has an invalid length. [ 177.633660][ T9115] infiniband syz0: set active [ 177.640478][ T143] »»»»»» speed is unknown, defaulting to 1000 [ 177.643159][ T143] »»»»»» speed is unknown, defaulting to 1000 [ 177.644950][ T143] »»»»»» speed is unknown, defaulting to 1000 [ 178.907067][ T834] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 179.358731][ T834] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 179.363512][ T834] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 179.366634][ T834] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 179.369359][ T834] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 179.373509][ T834] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 179.376430][ T834] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 179.419258][ T834] usb 5-1: config 0 descriptor?? [ 179.879998][ T834] plantronics 0003:047F:FFFF.0003: ignoring exceeding usage max [ 179.884142][ T834] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving [ 179.893485][ T834] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 180.184113][ T9149] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 180.187222][ T9149] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 180.431403][ T9157] netlink: 36 bytes leftover after parsing attributes in process `syz.1.889'. [ 180.983726][ T9173] syz.3.895: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 180.989273][ T9173] CPU: 0 UID: 0 PID: 9173 Comm: syz.3.895 Not tainted 6.13.0-syzkaller #0 [ 180.991775][ T9173] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 180.994949][ T9173] Call Trace: [ 180.995952][ T9173] [ 180.996855][ T9173] dump_stack_lvl+0x16c/0x1f0 [ 180.998265][ T9173] warn_alloc+0x24d/0x3a0 [ 180.999560][ T9173] ? __pfx_warn_alloc+0x10/0x10 [ 181.001021][ T9173] ? __pfx_stack_trace_save+0x10/0x10 [ 181.002606][ T9173] ? kasan_save_stack+0x42/0x60 [ 181.004006][ T9173] ? kasan_save_stack+0x33/0x60 [ 181.005828][ T9173] ? kasan_save_track+0x14/0x30 [ 181.007775][ T9173] ? __kasan_kmalloc+0xaa/0xb0 [ 181.009685][ T9173] ? xskq_create+0x52/0x1d0 [ 181.011505][ T9173] ? do_sock_setsockopt+0x222/0x480 [ 181.013594][ T9173] ? __sys_setsockopt+0x1a0/0x230 [ 181.015353][ T9173] ? __ia32_sys_setsockopt+0xbc/0x160 [ 181.016905][ T9173] __vmalloc_node_range_noprof+0x10df/0x1530 [ 181.018620][ T9173] ? xskq_create+0xfb/0x1d0 [ 181.019935][ T9173] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 181.021751][ T9173] ? xskq_create+0xfb/0x1d0 [ 181.023057][ T9173] vmalloc_user_noprof+0x6b/0x90 [ 181.024552][ T9173] ? xskq_create+0xfb/0x1d0 [ 181.026346][ T9173] xskq_create+0xfb/0x1d0 [ 181.028091][ T9173] xsk_setsockopt+0x8b0/0xac0 [ 181.029951][ T9173] ? __pfx_xsk_setsockopt+0x10/0x10 [ 181.032059][ T9173] ? __queue_map_get+0x272/0x320 [ 181.034062][ T9173] ? find_held_lock+0x2d/0x110 [ 181.035993][ T9173] ? __pfx_xsk_setsockopt+0x10/0x10 [ 181.038065][ T9173] do_sock_setsockopt+0x222/0x480 [ 181.040119][ T9173] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 181.042330][ T9173] ? lock_acquire+0x2f/0xb0 [ 181.044190][ T9173] __sys_setsockopt+0x1a0/0x230 [ 181.045634][ T9173] __ia32_sys_setsockopt+0xbc/0x160 [ 181.047140][ T9173] ? syscall_trace_enter+0xf0/0x260 [ 181.048624][ T9173] __do_fast_syscall_32+0x73/0x120 [ 181.050089][ T9173] do_fast_syscall_32+0x32/0x80 [ 181.051496][ T9173] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 181.053289][ T9173] RIP: 0023:0xf7f72579 [ 181.054563][ T9173] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 181.062235][ T9173] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 000000000000016e [ 181.065333][ T9173] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000000011b [ 181.067616][ T9173] RDX: 0000000000000002 RSI: 0000000020000080 RDI: 0000000000000020 [ 181.069858][ T9173] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 181.072118][ T9173] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 181.074390][ T9173] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 181.076674][ T9173] [ 181.080301][ T9173] Mem-Info: [ 181.081270][ T9173] active_anon:7654 inactive_anon:432 isolated_anon:0 [ 181.081270][ T9173] active_file:18754 inactive_file:19921 isolated_file:0 [ 181.081270][ T9173] unevictable:3816 dirty:194 writeback:0 [ 181.081270][ T9173] slab_reclaimable:6702 slab_unreclaimable:58836 [ 181.081270][ T9173] mapped:25583 shmem:2474 pagetables:915 [ 181.081270][ T9173] sec_pagetables:308 bounce:0 [ 181.081270][ T9173] kernel_misc_reclaimable:0 [ 181.081270][ T9173] free:52446 free_pcp:8356 free_cma:0 [ 181.100547][ T9173] Node 0 active_anon:4536kB inactive_anon:1728kB active_file:8160kB inactive_file:0kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:5384kB dirty:20kB writeback:0kB shmem:4780kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9744kB pagetables:840kB sec_pagetables:1132kB all_unreclaimable? yes [ 181.110902][ T9173] Node 1 active_anon:26080kB inactive_anon:0kB active_file:66856kB inactive_file:79684kB unevictable:11728kB isolated(anon):0kB isolated(file):0kB mapped:96948kB dirty:756kB writeback:0kB shmem:5116kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:3304kB pagetables:2820kB sec_pagetables:100kB all_unreclaimable? no [ 181.122103][ T9173] Node 0 DMA free:2908kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB active_anon:84kB inactive_anon:0kB active_file:40kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:500kB local_pcp:168kB free_cma:0kB [ 181.130671][ T9173] lowmem_reserve[]: 0 299 0 0 0 [ 181.132662][ T9173] Node 0 DMA32 free:16680kB boost:0kB min:13904kB low:17380kB high:20856kB reserved_highatomic:2048KB active_anon:4452kB inactive_anon:1728kB active_file:8120kB inactive_file:0kB unevictable:3536kB writepending:20kB present:1032196kB managed:306284kB mlocked:0kB bounce:0kB free_pcp:3900kB local_pcp:0kB free_cma:0kB [ 181.143835][ T9173] lowmem_reserve[]: 0 0 0 0 0 [ 181.145250][ T9173] Node 1 DMA32 free:205696kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB active_anon:26080kB inactive_anon:0kB active_file:66856kB inactive_file:79684kB unevictable:11728kB writepending:756kB present:1048432kB managed:948252kB mlocked:8192kB bounce:0kB free_pcp:14540kB local_pcp:160kB free_cma:0kB [ 181.154133][ T9173] lowmem_reserve[]: 0 0 0 0 0 [ 181.155561][ T9173] Node 0 DMA: 11*4kB (UM) 23*8kB (UM) 18*16kB (UM) 47*32kB (UM) 14*64kB (UM) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 2916kB [ 181.159656][ T9173] Node 0 DMA32: 106*4kB (UME) 78*8kB (UME) 27*16kB (UME) 107*32kB (UEH) 50*64kB (UE) 23*128kB (UME) 8*256kB (U) 5*512kB (UM) 1*1024kB (M) 0*2048kB 0*4096kB = 16680kB [ 181.165041][ T9173] Node 1 DMA32: 1127*4kB (UME) 1105*8kB (UME) 615*16kB (UME) 395*32kB (UME) 180*64kB (UME) 129*128kB (UME) 83*256kB (UME) 68*512kB (UME) 37*1024kB (UM) 15*2048kB (UM) 4*4096kB (UM) = 204916kB [ 181.170813][ T9173] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 181.173585][ T9173] Node 0 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB [ 181.176293][ T9173] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 181.179034][ T9173] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 181.181751][ T9173] 41161 total pagecache pages [ 181.184145][ T9173] 11 pages in swap cache [ 181.185401][ T9173] Free swap = 117880kB [ 181.186670][ T9173] Total swap = 124996kB [ 181.187896][ T9173] 524155 pages RAM [ 181.188985][ T9173] 0 pages HighMem/MovableOnly [ 181.190910][ T9173] 206681 pages reserved [ 181.192121][ T9173] 0 pages cma reserved [ 181.359953][ T6528] usb 8-1: new high-speed USB device number 9 using dummy_hcd [ 181.579891][ T6528] usb 8-1: Using ep0 maxpacket: 8 [ 181.582988][ T6528] usb 8-1: config index 0 descriptor too short (expected 74, got 45) [ 181.585329][ T6528] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024 [ 181.588808][ T6528] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 181.591742][ T6528] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 181.594513][ T6528] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 181.598191][ T6528] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 181.600832][ T6528] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 181.700220][ T9192] process 'syz.1.901' launched '/dev/fd/11' with NULL argv: empty string added [ 181.876788][ T6005] usb 5-1: USB disconnect, device number 8 [ 181.902264][ T6528] usb 8-1: GET_CAPABILITIES returned 0 [ 181.903878][ T6528] usbtmc 8-1:16.0: can't read capabilities [ 182.022915][ C1] usbtmc 8-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 182.026494][ C1] usbtmc 8-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 182.029925][ C1] usbtmc 8-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 182.033327][ C1] usbtmc 8-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 182.036734][ C1] usbtmc 8-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 182.040168][ C1] usbtmc 8-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 182.045365][ T9173] usbtmc 8-1:16.0: Unable to send data, error -71 [ 182.047960][ T143] usb 8-1: USB disconnect, device number 9 [ 182.181381][ T6005] usb 5-1: new low-speed USB device number 9 using dummy_hcd [ 182.449853][ T6005] usb 5-1: Invalid ep0 maxpacket: 16 [ 182.579909][ T6005] usb 5-1: new low-speed USB device number 10 using dummy_hcd [ 182.750050][ T6005] usb 5-1: Invalid ep0 maxpacket: 16 [ 182.754863][ T6005] usb usb5-port1: attempt power cycle [ 182.849580][ T9221] netlink: 8 bytes leftover after parsing attributes in process `syz.3.913'. [ 182.883633][ T9225] 9pnet_fd: Insufficient options for proto=fd [ 183.089894][ T6005] usb 5-1: new low-speed USB device number 11 using dummy_hcd [ 183.111487][ T6005] usb 5-1: Invalid ep0 maxpacket: 16 [ 183.320062][ T6005] usb 5-1: new low-speed USB device number 12 using dummy_hcd [ 183.340260][ T6005] usb 5-1: Invalid ep0 maxpacket: 16 [ 183.345970][ T6005] usb usb5-port1: unable to enumerate USB device [ 184.923718][ T5950] block nbd3: Receive control failed (result -107) [ 184.956954][ T9275] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 184.960342][ T9275] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 184.970535][ T9268] syz.3.927: attempt to access beyond end of device [ 184.970535][ T9268] nbd3: rw=0, sector=64, nr_sectors = 2 limit=0 [ 184.975416][ T9268] syz.3.927: attempt to access beyond end of device [ 184.975416][ T9268] nbd3: rw=0, sector=512, nr_sectors = 2 limit=0 [ 184.979157][ T9268] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256 [ 184.982724][ T9268] syz.3.927: attempt to access beyond end of device [ 184.982724][ T9268] nbd3: rw=0, sector=1024, nr_sectors = 2 limit=0 [ 184.986531][ T9268] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512 [ 184.998965][ T9268] syz.3.927: attempt to access beyond end of device [ 184.998965][ T9268] nbd3: rw=0, sector=64, nr_sectors = 4 limit=0 [ 185.004585][ T9268] syz.3.927: attempt to access beyond end of device [ 185.004585][ T9268] nbd3: rw=0, sector=1024, nr_sectors = 4 limit=0 [ 185.010103][ T9267] nbd3: detected capacity change from 0 to 20 [ 185.017400][ T7070] block nbd3: Dead connection, failed to find a fallback [ 185.019621][ T7070] block nbd3: shutting down sockets [ 185.025647][ T9268] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256 [ 185.036725][ T7070] blk_print_req_error: 7 callbacks suppressed [ 185.036734][ T7070] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 185.041426][ T7070] buffer_io_error: 7 callbacks suppressed [ 185.041433][ T7070] Buffer I/O error on dev nbd3, logical block 0, async page read [ 185.048409][ T9268] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 185.052284][ T7070] I/O error, dev nbd3, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 185.055027][ T7070] Buffer I/O error on dev nbd3, logical block 1, async page read [ 185.059550][ T7070] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 185.062780][ T7070] Buffer I/O error on dev nbd3, logical block 0, async page read [ 185.065242][ T9268] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=0, location=0 [ 185.068008][ T7070] I/O error, dev nbd3, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 185.070694][ T7070] Buffer I/O error on dev nbd3, logical block 1, async page read [ 185.072910][ T9268] I/O error, dev nbd3, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 185.075535][ T9268] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=1, location=1 [ 185.075598][ T7070] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 185.078184][ T9268] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512 [ 185.081794][ T7070] Buffer I/O error on dev nbd3, logical block 0, async page read [ 185.086323][ T7070] I/O error, dev nbd3, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 185.090511][ T7070] Buffer I/O error on dev nbd3, logical block 1, async page read [ 185.092913][ T9268] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256 [ 185.092944][ T7070] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 185.095691][ T9268] I/O error, dev nbd3, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 185.098195][ T7070] Buffer I/O error on dev nbd3, logical block 0, async page read [ 185.101085][ T9268] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=1, location=1 [ 185.103196][ T7070] Buffer I/O error on dev nbd3, logical block 0, async page read [ 185.108136][ T7070] Buffer I/O error on dev nbd3, logical block 0, async page read [ 185.110491][ T9268] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=0, location=0 [ 185.110514][ T7070] Buffer I/O error on dev nbd3, logical block 0, async page read [ 185.113146][ T9268] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512 [ 185.115698][ T7070] ldm_validate_partition_table(): Disk read failed. [ 185.118324][ T9268] UDF-fs: warning (device nbd3): udf_fill_super: No partition found (1) [ 185.120680][ T7070] Dev nbd3: unable to read RDB block 0 [ 185.124454][ T7070] nbd3: unable to read partition table [ 185.126104][ T7070] nbd3: partition table beyond EOD, truncated [ 185.129419][ T7070] ldm_validate_partition_table(): Disk read failed. [ 185.131545][ T7070] Dev nbd3: unable to read RDB block 0 [ 185.133290][ T7070] nbd3: unable to read partition table [ 185.135054][ T7070] nbd3: partition table beyond EOD, truncated [ 186.349905][ T143] usb 8-1: new high-speed USB device number 10 using dummy_hcd [ 186.502165][ T143] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 186.505263][ T143] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 186.507941][ T143] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 186.512383][ T143] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 186.514892][ T143] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 186.518242][ T143] usb 8-1: config 0 descriptor?? [ 186.940987][ T143] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0 [ 186.944777][ T143] plantronics 0003:047F:FFFF.0004: No inputs registered, leaving [ 186.960117][ T143] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 187.363568][ T9340] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 187.367872][ T9340] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 187.780400][ T9356] netlink: 'syz.2.952': attribute type 4 has an invalid length. [ 187.789489][ T9356] infiniband syz0: set down [ 187.793435][ T5986] »»»»»» speed is unknown, defaulting to 1000 [ 187.795478][ T834] »»»»»» speed is unknown, defaulting to 1000 [ 187.798802][ T5986] »»»»»» speed is unknown, defaulting to 1000 [ 187.949654][ T9365] bridge_slave_0: entered promiscuous mode [ 188.128691][ T9372] netlink: 8 bytes leftover after parsing attributes in process `syz.0.957'. [ 188.133454][ T9372] IPv6: NLM_F_CREATE should be specified when creating new route [ 188.136394][ T9372] netlink: 1 bytes leftover after parsing attributes in process `syz.0.957'. [ 188.288811][ T9370] syz.2.956 (9370): drop_caches: 2 [ 188.335899][ T9378] FAULT_INJECTION: forcing a failure. [ 188.335899][ T9378] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 188.339710][ T9378] CPU: 0 UID: 0 PID: 9378 Comm: syz.1.958 Not tainted 6.13.0-syzkaller #0 [ 188.342068][ T9378] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 188.345110][ T9378] Call Trace: [ 188.346065][ T9378] [ 188.346923][ T9378] dump_stack_lvl+0x16c/0x1f0 [ 188.348280][ T9378] should_fail_ex+0x497/0x5b0 [ 188.349618][ T9378] _copy_from_user+0x2e/0xd0 [ 188.350938][ T9378] kstrtouint_from_user+0xd7/0x1c0 [ 188.352393][ T9378] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 188.354006][ T9378] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 188.355582][ T9378] proc_fail_nth_write+0x84/0x250 [ 188.357436][ T9378] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 188.359046][ T9378] ? ksys_write+0x12b/0x250 [ 188.360347][ T9378] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 188.361957][ T9378] vfs_write+0x24c/0x1150 [ 188.363193][ T9378] ? __fget_files+0x1fc/0x3a0 [ 188.364507][ T9378] ? __pfx___mutex_lock+0x10/0x10 [ 188.366137][ T9378] ? __pfx_vfs_write+0x10/0x10 [ 188.367893][ T9378] ? __fget_files+0x206/0x3a0 [ 188.369453][ T9378] ksys_write+0x12b/0x250 [ 188.370748][ T9378] ? __pfx_ksys_write+0x10/0x10 [ 188.372140][ T9378] __do_fast_syscall_32+0x73/0x120 [ 188.373586][ T9378] do_fast_syscall_32+0x32/0x80 [ 188.374994][ T9378] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 188.376829][ T9378] RIP: 0023:0xf7f85579 [ 188.378027][ T9378] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 188.383567][ T9378] RSP: 002b:00000000f50d6590 EFLAGS: 00000293 ORIG_RAX: 0000000000000004 [ 188.386217][ T9378] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f50d6620 [ 188.388782][ T9378] RDX: 0000000000000001 RSI: 00000000f7413ff4 RDI: 0000000000000000 [ 188.391700][ T9378] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 188.393832][ T9378] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 188.395960][ T9378] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 188.398725][ T9378] [ 188.809935][ T9390] FAULT_INJECTION: forcing a failure. [ 188.809935][ T9390] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 188.813846][ T9390] CPU: 3 UID: 0 PID: 9390 Comm: syz.0.963 Not tainted 6.13.0-syzkaller #0 [ 188.816255][ T9390] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 188.819443][ T9390] Call Trace: [ 188.820422][ T9390] [ 188.821305][ T9390] dump_stack_lvl+0x16c/0x1f0 [ 188.823057][ T9390] should_fail_ex+0x497/0x5b0 [ 188.824786][ T9390] _copy_to_user+0x32/0xd0 [ 188.826437][ T9390] simple_read_from_buffer+0xd0/0x160 [ 188.828055][ T9390] proc_fail_nth_read+0x198/0x270 [ 188.829503][ T9390] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 188.831083][ T9390] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 188.832632][ T9390] vfs_read+0x1df/0xbe0 [ 188.833805][ T9390] ? __fget_files+0x1fc/0x3a0 [ 188.835039][ T9390] ? __pfx___mutex_lock+0x10/0x10 [ 188.836316][ T9390] ? __pfx_vfs_read+0x10/0x10 [ 188.837606][ T9390] ? __fget_files+0x206/0x3a0 [ 188.838934][ T9390] ksys_read+0x12b/0x250 [ 188.840122][ T9390] ? __pfx_ksys_read+0x10/0x10 [ 188.841538][ T9390] __do_fast_syscall_32+0x73/0x120 [ 188.842954][ T9390] do_fast_syscall_32+0x32/0x80 [ 188.844311][ T9390] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 188.846081][ T9390] RIP: 0023:0xf7fb4579 [ 188.847299][ T9390] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 188.852744][ T9390] RSP: 002b:00000000f5106590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 188.855092][ T9390] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00000000f5106620 [ 188.857481][ T9390] RDX: 000000000000000f RSI: 00000000f7443ff4 RDI: 0000000000000000 [ 188.859690][ T9390] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 188.861842][ T9390] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 188.864072][ T9390] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 188.866748][ T9390] [ 188.867969][ C3] vkms_vblank_simulate: vblank timer overrun [ 188.946390][ T9405] rtc_cmos 00:05: Alarms can be up to one day in the future [ 188.948860][ T9404] netlink: 4 bytes leftover after parsing attributes in process `syz.0.968'. [ 188.954320][ T9404] netlink: 4 bytes leftover after parsing attributes in process `syz.0.968'. [ 188.961355][ T9391] syz.2.962: attempt to access beyond end of device [ 188.961355][ T9391] nbd2: rw=4096, sector=0, nr_sectors = 1 limit=0 [ 188.965719][ T9391] XFS (nbd2): SB validate failed with error -5. [ 189.076089][ T9116] usb 8-1: USB disconnect, device number 10 [ 189.820002][ T9423] openvswitch: netlink: push_nsh: missing base or metadata attributes [ 189.822454][ T9423] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 190.049154][ T9434] ceph: No mds server is up or the cluster is laggy [ 190.205559][ T9442] FAULT_INJECTION: forcing a failure. [ 190.205559][ T9442] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 190.210696][ T9442] CPU: 2 UID: 0 PID: 9442 Comm: syz.1.976 Not tainted 6.13.0-syzkaller #0 [ 190.213963][ T9442] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 190.218079][ T9442] Call Trace: [ 190.219406][ T9442] [ 190.220575][ T9442] dump_stack_lvl+0x16c/0x1f0 [ 190.222444][ T9442] should_fail_ex+0x497/0x5b0 [ 190.224293][ T9442] _copy_from_user+0x2e/0xd0 [ 190.226098][ T9442] __do_splice+0x23e/0x360 [ 190.227867][ T9442] ? __pfx___do_splice+0x10/0x10 [ 190.229751][ T9442] ? __fget_files+0x206/0x3a0 [ 190.231577][ T9442] __ia32_sys_splice+0x189/0x250 [ 190.233487][ T9442] do_int80_emulation+0x104/0x200 [ 190.235443][ T9442] asm_int80_emulation+0x1a/0x20 [ 190.237356][ T9442] RIP: 0023:0xf7f85579 [ 190.238911][ T9442] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 190.246071][ T9442] RSP: 002b:00000000f50b555c EFLAGS: 00000296 ORIG_RAX: 0000000000000139 [ 190.249162][ T9442] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000000000000 [ 190.252163][ T9442] RDX: 0000000000000008 RSI: 0000000020000140 RDI: 0000000000000004 [ 190.255181][ T9442] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 190.258091][ T9442] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 190.261128][ T9442] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 190.264066][ T9442] [ 190.265669][ C2] hpet: Lost 3 RTC interrupts [ 193.135035][ T9482] FAULT_INJECTION: forcing a failure. [ 193.135035][ T9482] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 193.138813][ T9482] CPU: 2 UID: 0 PID: 9482 Comm: syz.0.984 Not tainted 6.13.0-syzkaller #0 [ 193.141274][ T9482] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 193.144356][ T9482] Call Trace: [ 193.145321][ T9482] [ 193.146179][ T9482] dump_stack_lvl+0x16c/0x1f0 [ 193.147580][ T9482] should_fail_ex+0x497/0x5b0 [ 193.148958][ T9482] save_fsave_header+0x17c/0x2e0 [ 193.150400][ T9482] ? __pfx_save_fsave_header+0x10/0x10 [ 193.151991][ T9482] ? __local_bh_enable_ip+0xa4/0x120 [ 193.153534][ T9482] copy_fpstate_to_sigframe+0x7b6/0xb20 [ 193.155147][ T9482] ? do_raw_spin_lock+0x12d/0x2c0 [ 193.156609][ T9482] ? __pfx_copy_fpstate_to_sigframe+0x10/0x10 [ 193.158378][ T9482] ? posixtimer_deliver_signal+0x1ad/0x650 [ 193.160090][ T9482] get_sigframe+0x4aa/0x9c0 [ 193.161432][ T9482] ? __pfx_get_sigframe+0x10/0x10 [ 193.162908][ T9482] ? _raw_spin_unlock_irq+0x29/0x50 [ 193.164414][ T9482] ? siginfo_layout+0x177/0x290 [ 193.165818][ T9482] ia32_setup_frame+0xe3/0xa50 [ 193.167216][ T9482] ? __put_unused_fd+0x179/0x280 [ 193.168645][ T9482] ? __pfx_ia32_setup_frame+0x10/0x10 [ 193.170206][ T9482] ? putname+0x13c/0x180 [ 193.171454][ T9482] ? do_sys_openat2+0xb1/0x1e0 [ 193.172852][ T9482] arch_do_signal_or_restart+0x5ce/0x7e0 [ 193.174476][ T9482] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 193.176267][ T9482] ? ksys_write+0x1ba/0x250 [ 193.177605][ T9482] syscall_exit_to_user_mode+0x150/0x2a0 [ 193.179237][ T9482] __do_fast_syscall_32+0x80/0x120 [ 193.180719][ T9482] do_fast_syscall_32+0x32/0x80 [ 193.182143][ T9482] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 193.183990][ T9482] RIP: 0023:0xf7fb4579 [ 193.185177][ T9482] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 193.190699][ T9482] RSP: 002b:00000000f5106490 EFLAGS: 00000293 ORIG_RAX: 0000000000000127 [ 193.193078][ T9482] RAX: fffffffffffffffe RBX: 00000000ffffff9c RCX: 00000000f51064e0 [ 193.195359][ T9482] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 00000000f7443ff4 [ 193.197660][ T9482] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000 [ 193.199927][ T9482] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 193.202198][ T9482] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 193.204480][ T9482] [ 193.644478][ T1413] ieee802154 phy0 wpan0: encryption failed: -22 [ 193.646349][ T1413] ieee802154 phy1 wpan1: encryption failed: -22 [ 193.724766][ T9513] netlink: 'syz.1.993': attribute type 4 has an invalid length. [ 194.854430][ T9528] bridge_slave_0: left allmulticast mode [ 194.856684][ T9528] bridge_slave_0: left promiscuous mode [ 194.858694][ T9528] bridge0: port 1(bridge_slave_0) entered disabled state [ 194.868740][ T9528] bridge_slave_1: left allmulticast mode [ 194.873082][ T9528] bridge_slave_1: left promiscuous mode [ 194.875287][ T9528] bridge0: port 2(bridge_slave_1) entered disabled state [ 194.887815][ T9528] bond0: (slave bond_slave_0): Releasing backup interface [ 194.901998][ T9528] bond0: (slave bond_slave_1): Releasing backup interface [ 194.936293][ T9528] team0: Port device team_slave_0 removed [ 194.973048][ T9528] team0: Port device team_slave_1 removed [ 194.975098][ T9528] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 194.977265][ T9528] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 194.982728][ T9528] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 194.984870][ T9528] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 195.134289][ T9534] netlink: 212408 bytes leftover after parsing attributes in process `syz.1.999'. [ 195.136987][ T9534] netlink: zone id is out of range [ 195.138447][ T9534] netlink: zone id is out of range [ 195.140086][ T9534] netlink: get zone limit has 8 unknown bytes [ 197.607268][ T9595] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1018'. [ 198.406189][ T9605] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1021'. [ 198.460498][ T9608] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1021'. [ 198.713332][ T9617] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1025'. [ 198.901604][ T9628] evm: overlay not supported [ 199.554965][ T9648] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check. [ 199.564571][ T9648] netlink: 'syz.3.1034': attribute type 10 has an invalid length. [ 199.567623][ T9648] syz_tun: entered promiscuous mode [ 199.712696][ T9656] [U] [ 199.714148][ T9656] [U] [ 199.714956][ T9656] [U] [ 199.715749][ T9656] [U] [ 199.716628][ T9656] [U] [ 199.717414][ T9656] [U] [ 199.718226][ T9656] [U] [ 199.719060][ T9656] [U] [ 199.720219][ T9656] [U] [ 199.721044][ T9656] [U] [ 199.721838][ T9656] [U] [ 199.722646][ T9656] [U] [ 199.723485][ T9656] [U] [ 199.724271][ T9656] [U] [ 199.725071][ T9656] [U] [ 199.725856][ T9656] [U] [ 199.726847][ T9656] [U] [ 199.727868][ T9656] [U] [ 199.728677][ T9656] [U] [ 199.729583][ T9656] [U] [ 199.730613][ T9656] [U] [ 199.731400][ T9656] [U] [ 199.732181][ T9656] [U] [ 199.732962][ T9656] [U] [ 199.733806][ T9656] [U] [ 199.734568][ T9656] [U] [ 199.735383][ T9656] [U] [ 199.736184][ T9656] [U] [ 199.737535][ T9656] [U] [ 199.738329][ T9656] [U] [ 199.739283][ T9656] [U] [ 199.740374][ T9656] [U] [ 199.741902][ T9656] [U] [ 199.742851][ T9656] [U] [ 199.743636][ T9656] [U] [ 199.744391][ T9656] [U] [ 199.745316][ T9656] [U] [ 199.746111][ T9656] [U] [ 199.746934][ T9656] [U] [ 199.747706][ T9656] [U] [ 199.748535][ T9656] [U] [ 199.749316][ T9656] [U] [ 199.750118][ T9656] [U] [ 199.750931][ T9656] [U] [ 199.752346][ T9656] [U] [ 199.753177][ T9656] [U] [ 199.753943][ T9656] [U] [ 199.754762][ T9656] [U] [ 199.755614][ T9656] [U] [ 199.756395][ T9656] [U] [ 199.757190][ T9656] [U] [ 199.757960][ T9656] [U] [ 199.758914][ T9656] [U] [ 199.759788][ T9656] [U] [ 199.760661][ T9656] [U] [ 199.761446][ T9656] [U] [ 199.763122][ T9656] [U] [ 199.764159][ T9656] [U] [ 199.765164][ T9656] [U] [ 199.766162][ T9656] [U] [ 199.767362][ T9656] [U] [ 199.768397][ T9656] [U] [ 199.769398][ T9656] [U] [ 199.770497][ T9656] [U] [ 199.776621][ T9656] [U] [ 199.777673][ T9656] [U] [ 199.778692][ T9656] [U] [ 199.779739][ T9656] [U] [ 199.781526][ T9656] [U] [ 199.782562][ T9656] [U] [ 199.783559][ T9656] [U] [ 199.784563][ T9656] [U] [ 199.785627][ T9656] [U] [ 199.786662][ T9656] [U] [ 199.787672][ T9656] [U] [ 199.788665][ T9656] [U] [ 199.793670][ T9656] [U] [ 199.794709][ T9656] [U] [ 199.795705][ T9656] [U] [ 199.796708][ T9656] [U] [ 199.797812][ T9656] [U] [ 199.798924][ T9656] [U] [ 199.799984][ T9656] [U] [ 199.800992][ T9656] [U] [ 199.802892][ T9656] [U] [ 199.803880][ T9656] [U] [ 199.804934][ T9656] [U] [ 199.805962][ T9656] [U] [ 199.807135][ T9656] [U] [ 199.808129][ T9656] [U] [ 199.809174][ T9656] [U] [ 199.810229][ T9656] [U] [ 199.812908][ T9656] [U] [ 199.813921][ T9656] [U] [ 199.814955][ T9656] [U] [ 199.815992][ T9656] [U] [ 199.817132][ T9656] [U] [ 199.818165][ T9656] [U] [ 199.819211][ T9656] [U] [ 199.820269][ T9656] [U] [ 199.823537][ T9656] [U] [ 199.824559][ T9656] [U] [ 199.825599][ T9656] [U] [ 199.826655][ T9656] [U] [ 199.828056][ T9656] [U] [ 199.829063][ T9656] [U] [ 199.830126][ T9656] [U] [ 199.831201][ T9656] [U] [ 199.834112][ T9656] [U] [ 199.835144][ T9656] [U] [ 199.836241][ T9656] [U] [ 199.837278][ T9656] [U] [ 199.838420][ T9656] [U] [ 199.839471][ T9656] [U] [ 199.840523][ T9656] [U] [ 199.841577][ T9656] [U] [ 199.843208][ T9656] [U] [ 199.844225][ T9656] [U] [ 199.845193][ T9656] [U] [ 199.846316][ T9656] [U] [ 199.847415][ T9656] [U] [ 199.848411][ T9656] [U] [ 199.849435][ T9656] [U] [ 199.850470][ T9656] [U] [ 199.852372][ T9656] [U] [ 199.853394][ T9656] [U] [ 199.854529][ T9656] [U] [ 199.862137][ T9655] [U] [ 200.146892][ T9681] [ 200.147789][ T9681] ====================================================== [ 200.150365][ T9681] WARNING: possible circular locking dependency detected [ 200.152913][ T9681] 6.13.0-syzkaller #0 Not tainted [ 200.155333][ T9681] ------------------------------------------------------ [ 200.158733][ T9681] syz.0.1046/9681 is trying to acquire lock: [ 200.160905][ T9681] ffff88807536cfe0 (&mm->mmap_lock){++++}-{4:4}, at: __might_fault+0xe3/0x190 [ 200.164147][ T9681] [ 200.164147][ T9681] but task is already holding lock: [ 200.166847][ T9681] ffff88804539ba00 (&q->debugfs_mutex){+.+.}-{4:4}, at: blk_trace_ioctl+0xc9/0x290 [ 200.170219][ T9681] [ 200.170219][ T9681] which lock already depends on the new lock. [ 200.170219][ T9681] [ 200.173135][ T9681] [ 200.173135][ T9681] the existing dependency chain (in reverse order) is: [ 200.175693][ T9681] [ 200.175693][ T9681] -> #4 (&q->debugfs_mutex){+.+.}-{4:4}: [ 200.177910][ T9681] __mutex_lock+0x19b/0xa60 [ 200.179375][ T9681] blk_register_queue+0x13c/0x4f0 [ 200.180952][ T9681] add_disk_fwnode+0x785/0x1300 [ 200.182493][ T9681] brd_alloc.isra.0+0x50a/0x7c0 [ 200.184046][ T9681] brd_init+0x12b/0x1d0 [ 200.185400][ T9681] do_one_initcall+0x128/0x630 [ 200.186925][ T9681] kernel_init_freeable+0x58f/0x8b0 [ 200.188562][ T9681] kernel_init+0x1c/0x2b0 [ 200.189971][ T9681] ret_from_fork+0x45/0x80 [ 200.191404][ T9681] ret_from_fork_asm+0x1a/0x30 [ 200.192914][ T9681] [ 200.192914][ T9681] -> #3 (&q->sysfs_lock){+.+.}-{4:4}: [ 200.195063][ T9681] __mutex_lock+0x19b/0xa60 [ 200.196517][ T9681] __blk_mq_update_nr_hw_queues+0x446/0x1460 [ 200.198361][ T9681] blk_mq_update_nr_hw_queues+0x2a/0x40 [ 200.200171][ T9681] nbd_start_device+0x15b/0xd70 [ 200.201729][ T9681] nbd_ioctl+0x21a/0xfd0 [ 200.203117][ T9681] compat_blkdev_ioctl+0x2f7/0x750 [ 200.204726][ T9681] __do_compat_sys_ioctl+0x1cb/0x2c0 [ 200.206395][ T9681] __do_fast_syscall_32+0x73/0x120 [ 200.208011][ T9681] do_fast_syscall_32+0x32/0x80 [ 200.209557][ T9681] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 200.211513][ T9681] [ 200.211513][ T9681] -> #2 (&q->q_usage_counter(io)#52){++++}-{0:0}: [ 200.213963][ T9681] blk_mq_submit_bio+0x1fb6/0x24c0 [ 200.215586][ T9681] __submit_bio+0x384/0x540 [ 200.217001][ T9681] submit_bio_noacct_nocheck+0x698/0xd70 [ 200.218756][ T9681] submit_bio_noacct+0x93a/0x1e20 [ 200.220345][ T9681] block_read_full_folio+0x812/0xa50 [ 200.222015][ T9681] filemap_read_folio+0xc6/0x2a0 [ 200.223585][ T9681] filemap_get_pages+0x155f/0x1be0 [ 200.225172][ T9681] filemap_read+0x3ca/0xd70 [ 200.226609][ T9681] blkdev_read_iter+0x187/0x480 [ 200.228120][ T9681] vfs_read+0x87f/0xbe0 [ 200.229458][ T9681] ksys_read+0x12b/0x250 [ 200.230836][ T9681] do_syscall_64+0xcd/0x250 [ 200.232298][ T9681] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 200.234089][ T9681] [ 200.234089][ T9681] -> #1 (mapping.invalidate_lock#2){.+.+}-{4:4}: [ 200.236493][ T9681] down_read+0x9a/0x330 [ 200.237854][ T9681] page_cache_ra_unbounded+0x173/0x750 [ 200.239568][ T9681] page_cache_ra_order+0x8f2/0xc80 [ 200.241137][ T9681] filemap_fault+0x14a5/0x2820 [ 200.242600][ T9681] __do_fault+0x10a/0x490 [ 200.243958][ T9681] do_pte_missing+0xebd/0x3e00 [ 200.245425][ T9681] __handle_mm_fault+0x103c/0x2a40 [ 200.247020][ T9681] handle_mm_fault+0x3fa/0xaa0 [ 200.248511][ T9681] __get_user_pages+0x8d9/0x3b50 [ 200.250052][ T9681] get_dump_page+0xff/0x230 [ 200.251505][ T9681] dump_user_range+0x135/0x8c0 [ 200.252979][ T9681] elf_core_dump+0x2baa/0x3df0 [ 200.254471][ T9681] do_coredump+0x2dd5/0x43e0 [ 200.255941][ T9681] get_signal+0x23f3/0x2610 [ 200.257377][ T9681] arch_do_signal_or_restart+0x90/0x7e0 [ 200.259118][ T9681] irqentry_exit_to_user_mode+0x13f/0x280 [ 200.260900][ T9681] asm_exc_page_fault+0x26/0x30 [ 200.262451][ T9681] [ 200.262451][ T9681] -> #0 (&mm->mmap_lock){++++}-{4:4}: [ 200.264614][ T9681] __lock_acquire+0x249e/0x3c40 [ 200.266130][ T9681] lock_acquire.part.0+0x11b/0x380 [ 200.267737][ T9681] __might_fault+0x11b/0x190 [ 200.269195][ T9681] _copy_from_user+0x29/0xd0 [ 200.270665][ T9681] compat_blk_trace_setup+0xc9/0x200 [ 200.272326][ T9681] blk_trace_ioctl+0x24a/0x290 [ 200.273827][ T9681] compat_blkdev_ioctl+0x13c/0x750 [ 200.275459][ T9681] __do_compat_sys_ioctl+0x1cb/0x2c0 [ 200.277174][ T9681] __do_fast_syscall_32+0x73/0x120 [ 200.278792][ T9681] do_fast_syscall_32+0x32/0x80 [ 200.280332][ T9681] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 200.282283][ T9681] [ 200.282283][ T9681] other info that might help us debug this: [ 200.282283][ T9681] [ 200.285178][ T9681] Chain exists of: [ 200.285178][ T9681] &mm->mmap_lock --> &q->sysfs_lock --> &q->debugfs_mutex [ 200.285178][ T9681] [ 200.288837][ T9681] Possible unsafe locking scenario: [ 200.288837][ T9681] [ 200.290950][ T9681] CPU0 CPU1 [ 200.290954][ T9681] ---- ---- [ 200.290957][ T9681] lock(&q->debugfs_mutex); [ 200.290965][ T9681] lock(&q->sysfs_lock); [ 200.290974][ T9681] lock(&q->debugfs_mutex); [ 200.290981][ T9681] rlock(&mm->mmap_lock); [ 200.290988][ T9681] [ 200.290988][ T9681] *** DEADLOCK *** [ 200.290988][ T9681] [ 200.290991][ T9681] 1 lock held by syz.0.1046/9681: [ 200.290997][ T9681] #0: ffff88804539ba00 (&q->debugfs_mutex){+.+.}-{4:4}, at: blk_trace_ioctl+0xc9/0x290 [ 200.291027][ T9681] [ 200.291027][ T9681] stack backtrace: [ 200.291032][ T9681] CPU: 3 UID: 0 PID: 9681 Comm: syz.0.1046 Not tainted 6.13.0-syzkaller #0 [ 200.291044][ T9681] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 200.291050][ T9681] Call Trace: [ 200.291054][ T9681] [ 200.291058][ T9681] dump_stack_lvl+0x116/0x1f0 [ 200.291072][ T9681] print_circular_bug+0x41c/0x610 [ 200.291088][ T9681] check_noncircular+0x31a/0x400 [ 200.291103][ T9681] ? __pfx_check_noncircular+0x10/0x10 [ 200.291119][ T9681] ? lockdep_lock+0xc6/0x200 [ 200.291132][ T9681] ? __pfx_lockdep_lock+0x10/0x10 [ 200.291146][ T9681] __lock_acquire+0x249e/0x3c40 [ 200.291162][ T9681] ? __pfx___lock_acquire+0x10/0x10 [ 200.291177][ T9681] ? bdev_name.constprop.0+0x298/0x490 [ 200.291190][ T9681] lock_acquire.part.0+0x11b/0x380 [ 200.291199][ T9681] ? __might_fault+0xe3/0x190 [ 200.291209][ T9681] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 200.291218][ T9681] ? rcu_is_watching+0x12/0xc0 [ 200.291230][ T9681] ? trace_lock_acquire+0x14e/0x1f0 [ 200.291243][ T9681] ? __might_fault+0xe3/0x190 [ 200.291252][ T9681] ? lock_acquire+0x2f/0xb0 [ 200.291262][ T9681] ? __might_fault+0xe3/0x190 [ 200.291272][ T9681] ? __might_fault+0xe3/0x190 [ 200.291281][ T9681] __might_fault+0x11b/0x190 [ 200.291290][ T9681] ? __might_fault+0xe3/0x190 [ 200.291299][ T9681] _copy_from_user+0x29/0xd0 [ 200.291313][ T9681] compat_blk_trace_setup+0xc9/0x200 [ 200.291325][ T9681] ? __pfx_compat_blk_trace_setup+0x10/0x10 [ 200.291337][ T9681] ? blk_trace_ioctl+0xc9/0x290 [ 200.291350][ T9681] ? snprintf+0xc8/0x100 [ 200.291360][ T9681] ? __pfx_snprintf+0x10/0x10 [ 200.291374][ T9681] blk_trace_ioctl+0x24a/0x290 [ 200.291387][ T9681] ? __pfx_blk_trace_ioctl+0x10/0x10 [ 200.291400][ T9681] ? __pfx_lock_release+0x10/0x10 [ 200.291408][ T9681] ? trace_lock_acquire+0x14e/0x1f0 [ 200.291421][ T9681] ? __pfx___schedule+0x10/0x10 [ 200.291433][ T9681] compat_blkdev_ioctl+0x13c/0x750 [ 200.291447][ T9681] ? __pfx_compat_blkdev_ioctl+0x10/0x10 [ 200.291460][ T9681] ? __fget_files+0x206/0x3a0 [ 200.291472][ T9681] ? __pfx_compat_blkdev_ioctl+0x10/0x10 [ 200.291486][ T9681] __do_compat_sys_ioctl+0x1cb/0x2c0 [ 200.291496][ T9681] __do_fast_syscall_32+0x73/0x120 [ 200.291509][ T9681] do_fast_syscall_32+0x32/0x80 [ 200.291522][ T9681] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 200.291538][ T9681] RIP: 0023:0xf7fb4579 [ 200.291546][ T9681] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 200.291556][ T9681] RSP: 002b:00000000f510655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 200.291566][ T9681] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000c0401273 [ 200.291572][ T9681] RDX: 0000000020000380 RSI: 0000000000000000 RDI: 0000000000000000 [ 200.291578][ T9681] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 200.291584][ T9681] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 200.291590][ T9681] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 200.291598][ T9681] [ 200.291693][ C3] vkms_vblank_simulate: vblank timer overrun [ 200.385985][ T9684] tipc: Started in network mode [ 200.423104][ T9684] tipc: Node identity ffffffff, cluster identity 4711 [ 200.425151][ T9684] tipc: Node number set to 4294967295 VM DIAGNOSIS: 21:22:38 Registers: info registers vcpu 0 CPU#0 RAX=00000002000008fd RBX=ffff88801d2b4880 RCX=0000000000000830 RDX=0000000000000002 RSI=00000000000000fd RDI=0000000000000002 RBP=0000000000000008 RSP=ffffc90000007d70 R8 =0000000000000000 R9 =fffffbfff203a53a R10=ffffffff901d29d7 R11=0000000000000000 R12=0000000000000003 R13=1ffff92000000faf R14=0000000000000001 R15=ffffc90000007d98 RIP=ffffffff8147a098 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b400000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000000c2e21ae CR3=000000000db7e000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000003800000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000a1c37c RBX=0000000000000001 RCX=ffffffff8b1a8899 RDX=ffffed10056a6fee RSI=ffffffff8bb19a40 RDI=ffffffff81702c79 RBP=ffffed1003a56910 RSP=ffffc9000047fe08 R8 =0000000000000000 R9 =ffffed10056a6fed R10=ffff88802b537f6b R11=0000000000000001 R12=0000000000000001 R13=ffff88801d2b4880 R14=ffffffff901d29d0 R15=0000000000000000 RIP=ffffffff8b1a9c7f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b500000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000002002c000 CR3=000000006a5e2000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000003800000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=ffff88802b746700 RCX=ffffffff818d540c RDX=ffff888025108000 RSI=ffffffff818d53e6 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc900069c79a0 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000 R12=ffffed10056e8ce1 R13=0000000000000001 R14=ffff88802b746708 R15=ffff88802b63ff80 RIP=ffffffff818d53e8 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f50dfda4 CR3=000000000db7e000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=000000000000002d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85145395 RDI=ffffffff9a66e200 RBP=ffffffff9a66e1c0 RSP=ffffc9000ccd7320 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d R12=0000000000000000 R13=000000000000002d R14=ffffffff85145330 R15=0000000000000000 RIP=ffffffff851453bf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b700000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000000c375cfa CR3=000000006ce66000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000