last executing test programs: 3.720842287s ago: executing program 3 (id=1942): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_GET_WPAN_PHY(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="1bb30000000000005cc9c98700001495aadfa3b336f21e5a8da41ad821a01d6cdd4f6d5447f4ffcf65acf4123f75c3e16bbc4a77b3a25a585cdf64ca7096b5f08e52f3f2e07942a56c492c8bbfffc64671bb50de368f2271167dfc719c03c3da9cef792b9b94856db1f11584e3386c1df0fda3fbeb9131ea06cc86f0ab3255b55ccd67ab5f025e4bc892d358cd619f0e86982f5750bcfc8a7333bc0116cd6b47c15cdafe"], 0x14}}, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r3 = getpid() process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) socket$nl_generic(0x10, 0x3, 0x10) getsockopt$inet_sctp_SCTP_NODELAY(0xffffffffffffffff, 0x84, 0x4, 0x0, &(0x7f0000000940)) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000300)={0x1b, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x4, 0x2}, 0x48) r4 = io_uring_setup(0x1fc0, &(0x7f0000000400)={0x0, 0x0, 0x8, 0x1, 0x2fd}) r5 = socket$qrtr(0x2a, 0x2, 0x0) r6 = socket$qrtr(0x2a, 0x2, 0x0) connect$qrtr(r6, &(0x7f0000000040)={0x2a, 0x1}, 0xc) r7 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2) write$binfmt_aout(r7, &(0x7f0000000100)=ANY=[@ANYBLOB="03010000b5"], 0xc8) write$binfmt_script(r5, 0x0, 0x0) close_range(r4, 0xffffffffffffffff, 0x0) r8 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r9, 0x8933, 0x0) sendmsg$nl_route(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB="4400000010003904", @ANYRES32, @ANYBLOB="00000000000000001c0016801800018014000b0000"], 0x44}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000040)=ANY=[], &(0x7f0000000240)='GPL\x00', 0xfffffffc, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x90) prlimit64(0x0, 0x0, 0x0, 0x0) sched_setscheduler(0x0, 0xc00cc7929abc5676, &(0x7f0000000080)=0x7) getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r10 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) r11 = fcntl$dupfd(r10, 0x0, r10) ioctl$SG_IO(r11, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x300, 0x41001, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x0, 0x0, 0x0, 0x0}) syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2) 3.125199921s ago: executing program 0 (id=1964): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x1e000000, &(0x7f0000000780)={&(0x7f0000000f00)=ANY=[@ANYBLOB="300000001800dd8d0000000000030000020000000000000900000000060015000a0000000c00168008000100bc"], 0x30}}, 0x0) 3.038691311s ago: executing program 0 (id=1965): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x74, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @empty}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x10, 0x6, 0x0, 0x1, [@CTA_NAT_PROTO={0xc, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MAX={0x6}]}]}]}, 0x74}}, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0x14, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000006e14d19d9f43000018150000d536f2eea830b64500e9f43aab9491279944c0f16de5e91726237df25677c361d82b9f3a76dc3b9d0b2229"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) openat$cgroup_int(r2, &(0x7f0000000080)='cpuset.cpus\x00', 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000800000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r4}, 0x10) syz_open_procfs$namespace(0x0, 0xfffffffffffffffe) r5 = openat$cgroup_subtree(r2, &(0x7f0000000200), 0x2, 0x0) write$cgroup_subtree(r5, &(0x7f0000000040)=ANY=[@ANYRESHEX=0x0, @ANYRES64=r1, @ANYRESOCT=0x0, @ANYRES8=r2], 0x94) openat$cgroup_root(0xffffff9c, &(0x7f0000000240)='./cgroup.net/syz0\x00', 0x200002, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) (async) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x74, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @empty}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x10, 0x6, 0x0, 0x1, [@CTA_NAT_PROTO={0xc, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MAX={0x6}]}]}]}, 0x74}}, 0x0) (async) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0x14, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000006e14d19d9f43000018150000d536f2eea830b64500e9f43aab9491279944c0f16de5e91726237df25677c361d82b9f3a76dc3b9d0b2229"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff) (async) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) (async) openat$cgroup_int(r2, &(0x7f0000000080)='cpuset.cpus\x00', 0x2, 0x0) (async) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000800000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) (async) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r4}, 0x10) (async) syz_open_procfs$namespace(0x0, 0xfffffffffffffffe) (async) openat$cgroup_subtree(r2, &(0x7f0000000200), 0x2, 0x0) (async) write$cgroup_subtree(r5, &(0x7f0000000040)=ANY=[@ANYRESHEX=0x0, @ANYRES64=r1, @ANYRESOCT=0x0, @ANYRES8=r2], 0x94) (async) openat$cgroup_root(0xffffff9c, &(0x7f0000000240)='./cgroup.net/syz0\x00', 0x200002, 0x0) (async) 2.963015183s ago: executing program 0 (id=1966): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000080), 0x6) write$bt_hci(r0, &(0x7f0000000000)=ANY=[], 0x138) 2.921563143s ago: executing program 0 (id=1968): write$cgroup_int(0xffffffffffffffff, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000300)='net/fib_triestat\x00') socket$alg(0x26, 0x5, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) r1 = getpid() process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x33, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x7, 0x10, 0xffffffffffffffff, 0x0) r2 = socket$unix(0x1, 0x2, 0x0) bind$unix(r2, &(0x7f0000000100)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) r3 = socket$unix(0x1, 0x2, 0x0) connect$unix(r3, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000000)="d2", 0x1}], 0x1) setsockopt$SO_TIMESTAMP(r2, 0x1, 0x23, &(0x7f0000000080)=0x6, 0x26) setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x41, &(0x7f0000000200)=0x41d1, 0x4) recvmmsg(r2, &(0x7f0000000300), 0x40000000000049e, 0x1000000000fe, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@bloom_filter={0x1e, 0xfffffff8, 0x0, 0x0, 0x800, 0xffffffffffffffff, 0x7, '\x00', 0x0, r0, 0x2, 0x1, 0x1, 0x9}, 0x48) openat$cgroup_root(0xffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x200002, 0x0) mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x300000b, 0x11, 0xffffffffffffffff, 0x0) 2.808083597s ago: executing program 3 (id=1969): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000080), 0x6) write$bt_hci(r0, &(0x7f0000000000)=ANY=[], 0x138) (fail_nth: 1) 2.595509308s ago: executing program 3 (id=1970): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_X86_SETUP_MCE(r2, 0x4008ae9c, &(0x7f0000000000)={0x13, 0x4}) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="01000000000000009102"]) mkdir(&(0x7f0000002740)='./file0\x00', 0x0) mount(0x0, &(0x7f00000001c0)='./file0/../file0\x00', &(0x7f0000000100)='ramfs\x00', 0x480, 0x0) r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0/../file0\x00', 0x0, 0x0) lseek(r3, 0x2, 0x1) 2.45493782s ago: executing program 3 (id=1971): mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount(&(0x7f0000000000)=@nullb, &(0x7f0000000040)='./bus\x00', &(0x7f00000000c0)='ufs\x00', 0x18642, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000080), 0x6) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000040)={'netdevsim0\x00', &(0x7f0000000000)=@ethtool_channels={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}}) socket$nl_netfilter(0x10, 0x3, 0xc) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a40000000160a03020000000000000000020000000900020073797a30000000000900010073797a3000000000140003800800014000000000080002400000000014000000110001"], 0x68}}, 0x0) sendmsg$NFT_BATCH(r2, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000017c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000ac1000000180a05000000000000000000020000000900010073797a3000000000efff010073797a3000000000140000001100010000000000000000040000000a"], 0x54}}, 0x0) write$bt_hci(r0, &(0x7f0000000000)=ANY=[], 0x138) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xb, 0x8, 0x10001, 0x9, 0x1}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYRES16=r1], 0x0, 0xfffffffe, 0x0, 0x0, 0x41000}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000208500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000040)='sys_exit\x00', r5}, 0x10) getsockopt$bt_BT_POWER(r3, 0x112, 0x9, &(0x7f0000000080)=0x1f, &(0x7f00000000c0)=0x1) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0xa, 0x2b, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000008000000000000000200000018110000", @ANYRES32, @ANYRES32, @ANYBLOB, @ANYRES32, @ANYBLOB="00000000ff03a29a702b0000", @ANYRES32=r3, @ANYBLOB="00000000020000009500000000000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000010000008500000006000000db49ffff080000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r6 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000540), r7) sendmsg$SEG6_CMD_DUMPHMAC(r7, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="14000000b373becbfc61", @ANYRES16=r8, @ANYBLOB="01032cbd70000000df2502000000"], 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x4) fsmount(r6, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_rdma(0x10, 0x3, 0x14) syz_emit_vhci(&(0x7f00000004c0)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x100010, 0xffffffffffffffff, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'veth1_to_batadv\x00'}) 2.431900611s ago: executing program 2 (id=1972): socket$inet6(0xa, 0x3, 0x3c) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() close(0xffffffffffffffff) process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) socket(0x1e, 0x2, 0x0) r2 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TCSETSW(r2, 0x5403, &(0x7f0000000080)={0x0, 0xfffffff9, 0x0, 0xff, 0x0, "00000008000000fe630500000000000000001f"}) ioctl$TIOCL_PASTESEL(r2, 0x541c, &(0x7f0000000040)) r3 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r3, 0x0, &(0x7f00000000c0)) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r4) sendmsg$NFC_CMD_DEV_UP(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x1c}}, 0x0) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), r5) r7 = syz_open_dev$sndpcmp(&(0x7f0000000000), 0x1, 0x0) ioctl$SNDRV_PCM_IOCTL_HW_REFINE(r7, 0xc25c4110, &(0x7f0000000080)={0x3000000, [[0x7fff, 0x0, 0x0, 0x0, 0x0, 0x8000000], [0xfffffffc], [0x403]], '\x00', [{0x0, 0x5}], '\x00', 0x100}) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'wpan3\x00', 0x0}) sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r6, @ANYRES32=0x0, @ANYBLOB="080003", @ANYBLOB, @ANYRES32=r8, @ANYBLOB], 0x50}, 0x1, 0x0, 0x0, 0x10}, 0x4000080) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'wpan3\x00', 0x0}) sendmsg$NL802154_CMD_DEL_SEC_KEY(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB="03000000", @ANYRES16=r6, @ANYBLOB="00042abd7000fbdbdf251800000008000300", @ANYRES32=r9, @ANYBLOB="0c00060002000000020000000c00060002000000020000002800308024000300fe1dbd525c4a95312520a7d9a8d2a7ae1457e5b5148ce6f3c4d31da02c981d190c0006000200000002000000800030805800018008000400cb8600004c0003800c000400000000000000000006000300a1aa0000060001000000000006000300ffff0000060001000300000006000100ffff00000c0004000200aaaaaaaaaaaa0600010003000000240003009dfe11c2338e647c"], 0x184}, 0x1, 0x0, 0x0, 0x1041}, 0x4040004) ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000000)=0x8) 2.233917466s ago: executing program 3 (id=1973): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_MPATH(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2e, &(0x7f0000000200), 0x4) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_emit_ethernet(0x7a, &(0x7f0000002080)={@broadcast, @empty, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "f2a400", 0x44, 0x2f, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x1, 0x88be}, {}, {}, {0x543}}}}}}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = shmget$private(0x0, 0x9000, 0x0, &(0x7f0000ff7000/0x9000)=nil) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$IP6T_SO_GET_REVISION_TARGET(r3, 0x29, 0x45, 0x0, &(0x7f0000000200)=0x1e) shmat(r2, &(0x7f0000ffc000/0x2000)=nil, 0x4000) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x2, 0xc}, 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r5}, 0x10) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000fff000/0x1000)=nil) shmdt(0x0) r7 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'bridge0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="540000001000010400"/20, @ANYRES32=r8, @ANYBLOB="0180000000000000340012800b0001006272696467650000240002800c001e0004000000000000000c001f000000000000000000060027"], 0x54}}, 0x0) 1.904978104s ago: executing program 0 (id=1975): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000001c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(cast6)\x00'}, 0x58) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000900), 0x0, 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0) r3 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) read(r3, 0x0, 0x0) r4 = getpid() process_vm_readv(r4, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) write$uinput_user_dev(r3, &(0x7f0000000100)={'syz0\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4000, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x2, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000], [0x59a7314d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x2, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x3, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x810, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc], [0x100, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x1, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000]}, 0x45c) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) ioctl$UI_DEV_SETUP(r3, 0x5501, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota') chdir(&(0x7f0000000140)='./file1\x00') r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0) quotactl_fd$Q_SETQUOTA(r5, 0xffffffff80000700, 0xee01, &(0x7f00000000c0)) r6 = socket$rds(0x15, 0x5, 0x0) lseek(r6, 0x7c82, 0x3) bind$rds(r6, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10) sendmsg$rds(r6, &(0x7f00000011c0)={&(0x7f0000000940)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000580)=[@rdma_args={0x48, 0x114, 0x2, {{0x7, 0x4}, {0x0}, 0x0, 0x27}}], 0x48}, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, 0x0) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)) syz_io_uring_setup(0x2ddd, &(0x7f00000006c0)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000140)=0x0) r8 = syz_io_uring_setup(0x5e2, &(0x7f0000000080), &(0x7f0000000180), &(0x7f0000000380)) syz_io_uring_submit(0x0, r7, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x4}) io_uring_enter(r8, 0x381b, 0x0, 0x0, 0x0, 0x0) 1.599955546s ago: executing program 1 (id=1977): socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000009c0)=ANY=[@ANYBLOB="3c00000011000100000000000000000007000000", @ANYRES32=r1, @ANYBLOB="00000000000000001c001a8018000580140005800800020000000000080001"], 0x3c}}, 0x0) r3 = socket$inet_sctp(0x2, 0x1, 0x84) ioctl$sock_inet_SIOCSIFBRDADDR(r3, 0x891a, &(0x7f0000000000)={'syz_tun\x00', {0x2, 0x4e20, @empty}}) syz_genetlink_get_family_id$nl80211(&(0x7f0000005080), 0xffffffffffffffff) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, 0x0, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000100)='dctcp\x00', 0x6) getpid() r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xf8db}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002140)={&(0x7f0000000180)='tlb_flush\x00', r5}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x0, 0x1}, 0x48) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r6 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0) ioctl$SNDCTL_DSP_CHANNELS(r6, 0xc0045006, &(0x7f0000000100)) r7 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r7, &(0x7f00000001c0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1c9ae7fffe9a6f34}}, 0x1c) setsockopt$inet_sctp6_SCTP_EVENTS(r7, 0x84, 0xb, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0xe) shutdown(r7, 0x1) setsockopt$inet_sctp6_SCTP_RECVNXTINFO(r7, 0x84, 0x21, 0x0, 0x0) recvmmsg(r2, &(0x7f0000001a40)=[{{&(0x7f0000000340)=@nl, 0x80, &(0x7f0000000780)=[{&(0x7f0000001a80)=""/42, 0x2a}, {&(0x7f0000000400)=""/87, 0x57}, {&(0x7f0000000240)=""/21, 0x15}, {&(0x7f0000000480)=""/163, 0xa3}, {&(0x7f0000000540)=""/136, 0x88}, {&(0x7f0000000600)=""/85, 0x55}, {&(0x7f0000000680)=""/236, 0xec}], 0x7, &(0x7f00000007c0)=""/245, 0xf5}, 0x200}, {{0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000a00)=""/4096, 0x1000}, {&(0x7f00000008c0)=""/191, 0xbf}], 0x2, &(0x7f0000001a00)=""/43, 0x2b}, 0x8}], 0x2, 0x41, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) r8 = socket$inet6_sctp(0xa, 0x801, 0x84) connect$inet6(r8, &(0x7f0000000100)={0xa, 0x0, 0x0, @private1}, 0x1c) 1.371955041s ago: executing program 2 (id=1978): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'macvlan0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000005c0)=@newlink={0x58, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0xff7f}, [@IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x20, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x10}, @IFLA_MACVLAN_MACADDR_MODE={0x8, 0x3, 0x3}, @IFLA_MACVLAN_MACADDR={0xa, 0x4, @remote}]}}}, @IFLA_LINK={0x8, 0x5, r2}]}, 0x58}}, 0x0) 1.29520075s ago: executing program 1 (id=1979): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'wp256-generic\x00'}, 0x58) r1 = accept4$alg(r0, 0x0, 0x0, 0x0) sendmmsg$sock(r1, &(0x7f0000002480)=[{{0x0, 0x0, &(0x7f0000001780)=[{&(0x7f0000000340)="8224aca5f41b9e0ec5e7a706c919e7c0e343f0cd0a779c17e7f992396b09252009d2d12e9475a57ec39f71417044cf4151af34ac1dfd5d87cdd80bc4c24478821f64d4d971bbc1fc7bdd181a839344917165bb9cd0fa568aac55d8e38ee30fd3a9bc63e2656b6941c812e6ea0692ec276deb2b7b817906cf8c5429a42164e8bb521e216e554d509a0fd0d86729b5f4b9a01fb336bef1be8a68a628452b83a7404087d4bcb64f6ecad05459d12595d5b8b2657f2f29656a15e5a18e3168946dcb5faa59f7b404bad393ba06734d170b0513aeb0d051", 0xd5}, {&(0x7f00000004c0)="62c99e05d98775ed1beb5d67431ead896f7060f03e5b8671b283168d0df1573bef271f3a22b9cac06e27c7e87b34a19188d3e10e670bc070f0d3eb88d2f891d242747e0deec4a10609b12d4058b0fbff28bb01e6e49b533b03b11288ff4da1ab3226a2e3ba5fc47969142f1a1a0ca9ba4cece2ac9a5fcd89343de7e57dfcbb6216499555bd04f2fcb91c3c6c72868a3797ec63f8138ab74b5034878812df8b0445704cb33f81bffed93c3e645a206db134f626a59f4fac53fbf23489cf2f45d05d735e64033376671da045df97bcb989bda1d17ba14afbfd19e32a8222ebf934c17fed237b86aef2e830", 0xea}, {&(0x7f00000005c0)="f2b314c96d500b66f7fd46493862d9eb11d188464208592330ac482436286448", 0x20000}], 0x3}}], 0x1, 0x2000000) 1.294802958s ago: executing program 2 (id=1980): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x12, 0xc, &(0x7f0000000340)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x184}, [@alu={0x4, 0x1, 0x3, 0x9, 0xa, 0x50, 0xffffffffffffffff}, @printk={@d}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0xb, 0x0, 0x1e00, 0x40, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff31, 0x0, 0x0, 0x0, 0x7fffffc}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0x0, 0x28, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_GET(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000a00)={&(0x7f0000000000)={0x34, r2, 0xf03, 0x0, 0x0, {0x34}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}}, 0x0) r3 = syz_genetlink_get_family_id$l2tp(&(0x7f0000001540), 0xffffffffffffffff) sendmsg$L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000001600)={&(0x7f0000001500)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000015c0)={&(0x7f0000000040)={0x14, r3, 0x20, 0x70bd29, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x24000010}, 0x4000001) sendmsg$L2TP_CMD_NOOP(r0, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000001680)={0x50, 0x0, 0x0, 0x70bd26, 0x25dfdbff, {}, [@L2TP_ATTR_MRU={0x6, 0x1d, 0x9}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x4}, @L2TP_ATTR_PW_TYPE={0x6, 0x1, 0x4}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x5}, @L2TP_ATTR_L2SPEC_LEN={0x5, 0x6, 0x9}, @L2TP_ATTR_COOKIE={0xc, 0xf, 0x6}, @L2TP_ATTR_VLAN_ID={0x6, 0xe, 0x7}]}, 0x50}, 0x1, 0x0, 0x0, 0x4}, 0x800) r4 = socket$inet_tcp(0x2, 0x1, 0x0) r5 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f0000000180)={'vxcan0\x00', 0x0}) bind$can_j1939(r5, &(0x7f00000001c0)={0x1d, r6}, 0x18) sendmsg$can_j1939(r5, &(0x7f0000000380)={&(0x7f0000000200), 0x18, &(0x7f0000000340)={&(0x7f00000000c0)="10", 0x6fffff9}, 0x3f}, 0xfeffff) r7 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@ipv4_newroute={0x30, 0x18, 0x35f32a6dfa748ddd, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, [@RTA_ENCAP={0x14, 0x16, 0x0, 0x1, @LWTUNNEL_IP_OPTS={0x10, 0x8, 0x0, 0x1, @LWTUNNEL_IP_OPTS_VXLAN={0xc, 0x3, 0x0, 0x1, @LWTUNNEL_IP_OPT_VXLAN_GBP={0x8, 0x2}}}}]}, 0x30}}, 0x0) setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x48f, &(0x7f00000000c0)={0x11, @remote, 0x0, 0x0, 'sh\x00', 0x0, 0xa453, 0x23}, 0x2c) 1.233403241s ago: executing program 1 (id=1981): syz_open_dev$tty20(0xc, 0x4, 0x1) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = getpid() process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) close_range(r1, 0xffffffffffffffff, 0x2) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x4c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @counter={{0xc}, @void}}, {0x10, 0x1, 0x0, 0x1, @redir={{0xa}, @void}}]}]}], {0x14}}, 0xd4}}, 0x0) (fail_nth: 23) 1.232840522s ago: executing program 2 (id=1982): r0 = socket$alg(0x26, 0x5, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() process_vm_readv(r1, 0x0, 0x0, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0) bind$alg(r0, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-asm\x00'}, 0x58) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x13, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000001b3bb000000000000850000001900000095000000000000007e5a9ae777ecc15374"], &(0x7f0000000100)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0xfffffffc}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) close(r5) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6], 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x8000, 0x0, 0x0, 0x0, 0x45f7ac3b4d3e0332, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10) r8 = syz_open_procfs(0x0, &(0x7f0000000200)='map_files\x00') r9 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000340)='oom_score_adj\x00') seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000200)={0x1, &(0x7f0000000000)=[{0x6}]}) ioctl$F2FS_IOC_GET_PIN_FILE(0xffffffffffffffff, 0x8004f50e, 0x0) pread64(r9, 0x0, 0x0, 0x0) getdents(r8, &(0x7f0000000380)=""/24, 0x18) getdents64(r8, 0xffffffffffffffff, 0x43) 479.043764ms ago: executing program 2 (id=1983): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_DELFLOWTABLE={0x60, 0x16, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x3}, @NFTA_FLOWTABLE_HOOK={0x2c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'netdevsim0\x00'}]}]}]}], {0x14, 0x10}}, 0xa8}}, 0x0) (fail_nth: 12) 476.293911ms ago: executing program 0 (id=1984): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="78226e6f65786163638173733d616e792c63616368653d66736361636865"]) chdir(&(0x7f0000000280)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB="2c721d61746d6f64653d090000002030306ede3030303230303030725f69643d", @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00']) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1, 0x4, 0x7fe2, 0x1}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb503000008000000b704000000000000850000000300000095000000000000009bf45e82729e0d9c02d20bf7919068c2015cf3abe72309374a285c6c18f5485e8729f8faf8b6b2dcab3d5cd09e683a6943b817"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) r3 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', 0x0}) setsockopt$packet_int(r3, 0x107, 0x14, &(0x7f0000000480)=0x102, 0x4) setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62) sendto$packet(r3, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c152bfdf9435e3ffe46", 0xe90c, 0xa0c4, &(0x7f0000000540)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @multicast}, 0x14) read$FUSE(r0, &(0x7f0000006840)={0x2020, 0x0, 0x0}, 0x2020) syz_fuse_handle_req(r0, &(0x7f00000042c0)="9ab1446569aa24b774753c9e994c09c24df9d42fa5a228e469b44cecf6f9f5ce5f77c93b1895aaac9cf34b37415f11fe22d6fa0162aa743b242e8fe0a8659e32fb543d7969d6513136a9f332a8074f8ee1e445277ddd5859eb5ac3321eb710be880a441031da9b31f791d54fb3c97cd8ee92b00cbf962be8eb5fd0b7cab207645f59cf87a8c41e2739dd8386b6bb84b627cbf5e09bac876ad4b215f0e510a853c5e8b9f7822b26771d72972290a1f9a6f0a46942be0d0eb7aa5145ff368863b14e9845926088f9f92d554e572926290dc6e6b574aea8c500fbe5697f881c0cec48282c6d07619248da0c3b9aa6f7c778525d1760051e4ba8ef31d3c8d3e1d4214ffa5261ce1fdbc12eba889968137f5c06fea233000296cf18df494b4e7b1bee7dc2f3751c37415d46f6d7ffb3d0f788f2100ee41266e6fba75b61af22e1d7b286507ff100cc34ed28d5a2c8be3231446874bbbde6f3c367ca802d64192ffcce1ea41b2cbc57f7500fc4f8f12fe02690c1c9785bbc35542b59d05600783cf4f4633b374101d8ed395303392b238d198f9f68c8ae928cbf3b558deec6d38ebaa526e749ac4e47dd5b838ec34f2820a1134252ae60159d4e030cf5e5d6f8de799a31e12ae57cfe5a1a3ded525c6e71271271d35a0056265362387a361f21ea0f4b6d46f6a83a8512687e43b31e11b1396d6e9e49cf42b693732e226b55d21a1203022f6be9f8ecccb68de3bf4ce99689514bd752f4e60bd2f8e376d7fae5b5fc8db0f53db8c52746671e361b9319419c1b3f3168b4797ebd2d118ee42dda4bc59dd0251236195c8cdafc0546354eeb28f4c7e71e8245a6ccaddfb858f61039c0ccf5acd924680aab38dd061fc7b123f24ac7f3d3c0cee43b61045bb1efea25af86088a0591f166e2f11ea4089860893b17ca5e3d99ec75131268e2e4e290c2bf15e4dde23284e4bdf6e549c096ce221d9c8a6c0fc78aa6a1c8b547c0e10738de2a1e8663e03ab0ce4594e244989f75b6672de1eee97ba7e6467a0da51c0e75d5866c405b03c4744d8d3fbb01eddba5a0361662269154c2f0e61a9433982eb904ff562896cbfa692eb1e6c644fcf6cbc103a76b712af706a47608d3e2f5d54d47d8e9906ab37ddf04004d32ce00200fc3c274666aeb618b27424d87b6a4b0262de4436b9e6f150bc798394c298b25a2c318fbe786185464057c0bcfcd1917230d78ee1a49eca12068fa676852c1099096c6cb98dfda27fedac41826516e42cc116f0cbb68f0f810418258dc5a65c0e1ada296176e17f8d762894c80542a79383cc1674a4f3d6520633ce80baba214c20628899f9ac826484c887713aed9c5caf13b40a598cb1e81f7b18dae39efc22dc99ff497e11f158edc2716ebe3bcd593691aa26523efc168e1394ab439c9a9270575ef34eeee9084b0a31b2d81d47c964ac61e600f75d9321d7474dde45bb8d0cc46510488ab68486d3ba6cc9c3ddb6f66f2e5d251ee285121e1645a2f5167fc5fb8ac4491c0d9d0423c7a8452efea2f5a30096a0fa47173f3a68500a5c755ea939c838d3be126a87ff6baa5a1fba638a5c64767d17f04201b935fcb1cb6afa175594f410f2ff773194c703e623876051e46bb0850a5016e65f8fa34b96bafdfe851a0756fe26fb63d52113c0935b0867f7dc8a94d887484b15e8f92b6a316a22c04a985cc94e432cd43f44001bcdbd48efcd463c402d3d181298e96db60fdb714b82e146567af5ae3fc0c3f9d241471b4d129f928d286f780facb1e84434610ab3379dfff0f64d57b4a1c2e96c98b693de952d26773d24e7a95eddbc450f79932d5332d27991c7bfbd3bc35bfeb9496fbebccb5e4c35c368e021dea643cb292d794d3d3bbcc960f989bef09763dc73d83cbf907485635265e81f87b712d958a66719230fc6466615a0e3bb998d48159e9e9c51959354a545966bcffa298c7673b4d32b991c886a997236642c0f104f6795feab9f48d0ffc74667f3f3e82473ac892ad25f4b13029b0b27fb1d86991ddc42bbc3fe584ed364e769f3bc72ed8749e7a654ec1a2ec7a01bd2d5caccdc6241a1b1ef2726db54d2c34ab47020b4c729b5994b43deb00ad959950e0051d2c0f27217397055e78f1dd3bd867a45e06c2134ae8981021aae881cc7b2049fe7c82d2127ec81d6430c8116355c8d0ab8b9291c688ed9b8dbb1ed6f1a99bb58a1be8d5737acbf9461b142c8982f52481195d35ef82aed4fa52385ea4ed00a739d01cad7af9f7c27d357748e24f28d22065ccb37300e8f5d8dae5ca79af7a50edc3e05184d1a2a6d59784d5ceeb1f1550a44ea03bee4dc5c27eb78f0032593c7d082e59211f83a8b91aa78bfb7e959328ee63af26a37b79ce5e5139eeebd12e28b2a26ad2fcbdca652524d036b324782d54247a48b9f8200b2d6d2c091c41366d677e3be6e136cec6c3080d608849135c6e3c7d695d2e226ae1ce999d730d7f79116ab85762e55a3e5a66a690ce0a4bb4fd1560c796e2797414b544ef78e29d55e4853fdbf3362085a65c46105f32c360a0a9867b984a5d0297fe0b06a45684ac801a8e66294cef6e5f3c48648884fbb2422fa00488df33a9a0ff1039c81f1939f2cd2f5fe8aa805af2d2332ac37244ed4a7b50265af8062752b0c16511e5f25e8aa2b60645675bc826557bb75474ca4787f6b584b2f83bc25192579104aa0baae79f396df0d31121f90db9acea9695ee0fe0c22df4db503ec8b2437b05f5d35a65722fa82eebd2aff4bcd3316a5cffc4b31913fd02f82130c77f320bf04bf8fa873d0e3f62122d6a5f87d3e908bedafed4a3cb6d9f73ff546f5a2b74a2493b1753e89b682352bb3166563518dcb190c7b3d9fd667c57978a670b192641a674dc92c2401d067b6767aa632ce32a401175c98200a52ab5d80dffa719746d0bff8a84bac4a56e0ab8124fc332b64ea662d01e1b73231a6638f01cf4d699448da228c16951149c8d3dab9a7e3be9a16c7d1ffb061818f8f9cb2b42739fae4a0d70c0701c8dceee785d36ef6413162de1917df01c693ef3e1f517e7fc46245209fee52f5c6a2f50ab3f56d67d1cd987282b24071d8ebb1bc5cd635957b2a7ad92d0650abd5bbc24b75885b6119592a3d715392718e52f9124c4ac95be3582abba4ac3a4049ee49fa8ceb9b59d4e1e2a069c9d482879fd8d27d5ac22ef870542453be22c2ec4ebf1472c19fbfb56aa0a3671297b020e3fe49d201a82a04420e90bda43691dacf92347bcbcae3742cc4abad4c8010c0afa15278795d4d76c482461ae78f30569e1dcf87b9b150d07a2bd81676ec6022422d490759ae1e861a6c4cd1f733bd772d60975a59356c385a4a390429f3d2131e7f616015261df6db3cc3ec261a53be10c4f197e71878984fee00e6d1069f79825194b7af434fb6bb86db18e11977f82928be35054543060cea94ebb4015d061f20f8454e056e7b6e4f9a1621ef2377d77659c20bf358c817519f1801be15ae3b5b42adfab367777a6789635a0dcdd1f2b97edecea0210768af67601d1b95a8850dddb6b1f4b0c2f52c835b0833d81966ad19e49ceb9dc9c729cd8334bc3ee5bb8c74186f5cc3e765b9fdd91d79baaab3d2ab64c15d655d1af7de9cf8d5d7c1baef24577843ce142331743b45b06104b6d0d4392e61ca8c07507ff5f831bbf720854db4debf64182aaebf899ba57626a48748fc2dcf016013d575595d24d383eef2da0ff0c9f6fe9c64b186cd4617e3f37635d7dacb58ec297f3ddb48ce4a5e00cc127267e18a1fdf209e098f2cb2e9c0630d15ec9b867b2b95ecf82ad2c0ba39df9c4d36d492bc9a55c4b767da966e4fd7f4d2fef5e91d0575177c05d240b50757031c76333d43bcc828ab2f0376e29d12d1261ce104a8ea488091326bc451c120c8c04d3e64835c893f55b312e248ad8fc1c32429d68e6b67bf45ab8a1cc3db22f9f01a2266b8349046d3d3e081eaa7f7020c73c0762d11a33b517b8f081da3c61ef63e1d40cd87d69c7ac7491fb61bb57c1fe2d218aff6d39b3e1fc847f0ed894e2f0b4d6a4ad03ba42e28bb1dfab645081f548e64ceb8ce15d2214bd66a14fe594aa447c3537eb493299fef0f9326236ea5dae44e23b34801fe06ee16c79545feaf2528421d6e7f9a256a7914d86bd053dc33c8c2043ba73714f5ff5f0507097a56c40b2190e77877d43be849ee2ac129e582930ced06d359eebb49eda4edb13819f91cecc449c9613d9659906179f8fefa34fecb7d21cdaf09a1ce8d094421da80796c97c02fc56171aaba53fd8a7f55de059044717df164f3571028f16995d51fc8829534cdf58dd134def1e43a34e4f5f372fa8e19d3b85881e99ecd45faa4fccfdb47e094ab06955f3960fac71294dd965f24a97cff36b9966cf1a4c3e96c3e14a3951dcc8a3e9371f7e1ae9df77ddb1a99172174adbee8ea57a0c9872a6d677c2875da88a6a7234bebf68a3cc0532a9809a4de4b4d419bff67b0ba825a7ae6e999087155378357ae67e2dd98697f1d10ffa4497dde6582571670456db995228b97d0ecb2fb30c2ba6c16038c40059815c56b35666cc1c5090f6c38e0f4c12abf79919951b85a2734d32dd12b239912d541f9163387a4aa0be0b7a12d9c6b56dbcf1e9aadcfd72e2664a84d6c5147c72bffe7c3560ccd8c447b748dcd26cc9ca2a85cded742a8dccdfd8e78c96e78d405a19faab9e57183b37583f94b3d416b2920c6b746427ed75c08dc3be02720c1edc4743229153c48f1239b222b9fe2e21c0ae28122bc44f9dc78a59f3485ac8057eb21f0857bcfea2d9ebbbcc197e7880d81515bb1cb7192d97c4258c09926d137e245977db40812b253f99a504bb68137d8d73ca4e7c808d50f1dcc600e6a6db90238ff44e075932fe668c066e6988a6a8b4a8485120c8e4d6511268a75d8f9b0f06689aac8cd621e90c62af1e59aa9efe928e9ea098661b408a2825c4f9aac1efd9d54d163a651054b9ab32719d2be3b176f6795ddad0f1310b9237181689f2f9dd34a41d4d4cd2d7569bf56e6a80bc24d90df3bdde0f9649e699f4ef70c4f3faf9553a231215416bba26c29f17861e0f265e9641b2307ed43d6fde23a378669f4ade874e54c20a5e902205dcaa79a3e8584a3f78a86e703451115a1717df882507c607297afac0a056a0f3509a57502fd2ffff6035d04b91f72f5e1a69ddafaf80f7b2f7a13f38c683988436585e6bc7fc2da328449675c234ec0acf5294ce06c72442beba15e65d6a3e1b5dc3c8f115e1005798383f79b0194f6b7d4b1b32371acbf22340af6e5ee3ea840f7ed451226daef3041fc194e051af2fb450022b394c774273b9575c974c324ecd7268435176ee28c54bb54c8e829232ca636f3bdef60ed460b5ff425936626dd16a3f436f08a863582a79f393378f60f6c8ecdd13d83073bfda2e9f8d0c74a841021cbb8c148e70bfc585627449cdd9fb3045db3ea08a96108b52ee8a4f5048a5d910355789f4bb85c1362955e267e719581c38a2648eaa0b516db6277d2ee3c6e1e1090df3f53a31b747d99887e337dadddab16a297d9e56797007a3d18ce333311c70bb1bf45bdae517ffc589419af643773bb30a1fbff7ecd4a8ae7456a608fe73547c2eda4f070d57dc70b65d867526c946a435ea581497da18646ce569eaf6ccf3474cd6e7aa3d6d4732836ff4167c9153757ce58a34864be6d479f7b4ea1d6480b9ac16c5bff346a74e74133234744df867e16b3d2f1f7db4b21b89019b520917ef863e60f52999d6946b9e09cb60054f49d8a255f02e4b62fff6e6adb9a167ea70a177d00b26f56e29b63138a2ebc30b956161a4ab25d5da1c207c3f762714f651341ae771e17d84fa1c86685f2fcb0a128c2e1208d1930e7ff0d8d55299154112af574b881be8b69cc1721d548ad4dc02632e184c47f9b394bf4a834e60fbead8c8bfbf5087f8454513b0b086ac97bbbb9aa342af9def758fe88f1e4570e65f93fd4a9868665d08fac0cf6ebde786995c433504ca01cdf83311aaae20cc76f819a4344a8ee4e26c1094cb00d2c8a67c733fffcd89e97534cacb08a64d75e8594fa31f0dcfcafb0d1bc184c7067fec6a48ddefd580d4d9a4128d8f70f6fc6562da683904766e982ecd0286064db6844131bb7962a0a497f7b97fefad88a0b128bdf8cca774b1c32cb4af259bfebccda036e7e4ea8962838dbb5c04ffab0a2f1481848a27f06171645daf5246a2e563f3ed60097a9d7023d6ba5c8a58d39f733b12baf0863d82c427460f51cf9e3f77281a42221725b7bb75c2116ab31f704661f090d3eeddd2aa6efc619946b4933c398b635fd04ba3758294965c568997e1ef44b0562804e6c64558f6cfa87662a988c321a856ead51c848528a4954f9ff1948d517d67bc11db66801648848bfb7ee12296428bc3ffec863e9c77ff31ee386197679adab2a0e93bbe0c66ffe9c4b09b636f6216faa373aa8271678cc57ad46898222df7e2d8b14a5b70130596c0430997c4c04d9b5187fd9bb26b71fd19aacc8e08a3239f0eebca7b2873062a19f327a4a282012ebf9898a5ab6310b8623c864d4dada3ded00ad201ce8f3973f90396f5edc1ba466e16247fe6b0ee98acfd53792cc0fea33647b841596655b8d9efbc14b50fe0b588e4c41e2cbd0a700529e7ca91122d3d1b26e52bf44a0c9fe37cdbc352357f13b2adc68e78a00f6dc88a8e6ea54bd0b2c8276f9e1bfebc8655a1f47b72c25ffa97f4463630cc21428ca3bb381a6d3171d28bb946f746f820247bf3f7bb69caaeb5c47026ca9997e586e657a9e1569312bb443299ef4cfeacc9aaf4fc3aaa4a77a21579234d2aab6fd0234398ae07ca7c57ac6d6a51e025744b1430abce27f7f9b0d0e45c051e34d20db95cadcc0e4e327dbd979166b33e39a3951d0b8dd62c0d1542b69583cfc07b127243cac4b052cb29ccb3592972698fa4cd84633d222d78b8741d5f903f8636d95cddfe2ef13829df9ce32705edfda51ded2f0ef38f60a33a2e00373107eef56a01acb5e05d849279b5987343c8bbc73ea660ceaf7c9b90c0a8e1412ff3f517cef8fe604d7a26e085170a76e1bf43f5d1bb77ee771fe841d59fe2cc2874d25bf991b4af6bf9ffe1bfbf3a5587006b60bab5bdfd5a3192e82d474ecab0ab656967856c84cba9469c5823c1d1bf104d2a21c071bb08b2a137883dd9c8f545d6958db8efa45263ae303de76e70f2f6a10e1858e6654004f2a099dc31950ee730c465e0a1822935e309d41650fba489aa3050eedbf3f058d24d1f04fc340966e42d72052d84a66789ccf75000c3fc83b8842badd6b22ddaaaf53ed34e25c1b638e3630d66a7903405052902cf8e7395d54679e2f4a2bf7c8c89b0dc38969376ea164fe97b37b1172e6e8f05a929aa373108e891a64e38e18b432a115a44d754811e03c4f4ae7c525a6b9b92aab0d16967ee1a64eeeb2207c094f6aa96f126d058eff22435a4ae76c31f888ee13b327d2cab4ab5a56abf4cae88c583dd67129271708aa17f4f10886ead0e12734314bd4a49e64349beba4abdf94a1fb23a72cf7e16b5af2f1706d9646a5ff7dbf5c7b1cb2c3781346167b15d4625841d9f3d14392db1d39101d37175c42c522229db0708544058d75cebf3e399cd443d1b943c6f3017a898bd49836a8d92519deb810712aed76602682ef0df2be270734eeda7f289a76f4684baf75702a1ac3da005e62b83f794b934cf882db5d50e5ed4aca868e300d690c0b10daf0a47486e9f49d1b08eac6cf5090ddd2443b1459b2df86ab3447b2b5c6afe8aadb410de6a84b640e326eb882832d1a9cb12e0b8f13aef579f404af8631cdd5a30a031dad19cdf247575dd223229330f19fe4d88c51242217397acf66b86c743de283d5df7212fce59af17eb702eccab192f56f054a33709d41841e4a39638e02b4210559593f9b5c44fd22d9da637ef1a3a0a41c40469990dc4beec30a05b67931c0560d9a59fa875f3e26fd1eb32655aa30c7a1cd3d541716fdaacdda206328f3cbc8f16fc2be26690f18963a16febbaf2cb6c199330579ca067c60b54cbdd211c1350e066448fb50ae28ed58788ac98f0ded3414c8735ab90639916e26ab29102cc2609035e56d9b9d2dbc98118835bcf0e437c77052efe2293d9f19b7197aa1b94b10997b0b1efdef251de8945a97fec885f032c3bee2447335230b866d7aef515b04664d0c59e18233f9a229969e3e17d69716413ca3bc55f5959e340627ea803f7b26f4a74295b295344a3685287093998a1ce75b1ed5d730c9aec812617b4c200a0250c9ef8ef7d2fcfc59ef97422eca746bc6451a5b77307d14c1cfa0ea2c8eb7cf7819644577a6456efec0af058a0e3c8ec371019009462bfe174a11368b57fbe3090208a57b2236b97edc32cda5c6fc988cbaaf91c4020a06a7ad45519eaa761e045fc84d3219b287206282347a031ef1e7b7dbc67de738fa8f9fe71c44201fd1d548f8aebe93bf502d64d4b5f470a419e3fcd87f0616b9813048311ed20ac2efd7f18dcd6889542208b50c28c8c0700f73fa33a964e38d699819cab2098c6ff081266721cdced87ff41948c84037485f30d38a99eeeb3ff4c3049742a29eb09bb35c358e732546267c165a62fee9e25abdafdb8a48785bd432d160797e7a41d580f59d7d8e59b3e6b954d39f86db33b8f7cabde43e8e04cac1fcf9aa6fdbe4326e0d9c782d9a630055b36f85c2b8efebf18f42ef14ee5eb1d33ca322db69704f8bb90bf30eb05908b8d8ed169580923f53a6539cc3b55baa47718053d2ff103c23d90f9cb49ddc7d759950f605bafabcb7953c042c0523b84da994529a87ad68fc6f0709fd7af5fc20e53a17d3f5fd4d25fc5ff6598c6ddfc34668a08ee5e066d81a65e7979c50c08febf76dc5a3a405f551bb8449d94ea0dfdad6dd6dd6d6e4486f4ae1d2523c05f46198d8af4da12873ebdf7d6b5f2d0f1b2d29759ab0d78e34ae6f17b7ab83518cf8b18836ea5630ee934e5ecc123f0d3fe6b803ae1f735d65dcadcaaf6660e02ecad0290f6ead0594733a10b2b1654a44244424fa8b3180b551ac401828203e61603b017106e2256f01b9f26db33897167d9defb54ddfe49334150574493895370bad46cc658667aa9a8ed333c86f112b2a542936af92e2f933254b6fb0b1a599eec3bf2e476ae6714e2486dd31b29e4d26838d84bd7a62c62beab3ba71642278ecaf2e50d70670d9fdff105019791d36321bc57fdfd8f65f2ea1cb188035ecabf6140e777b7e6d2177ac29e9a1a2f87dd54d96184bb1a855bd9efdadfc606f13621f40e07cd8be9c2435c8c90b4ccba5eb7ddcf8cf1f76617c9a9e011abf4a63ffe31df63ecacb8b1d2d653e613cb399ce079392f9ca2e226c60b6e8103447c24c1f80d42e1ee747997602ae3ccff8f9f98ce9b56f6f3e3c0ba507df8b2169539cfc946c42da72644feb9b3b582ce332f8b2eda02192958194903d17b3e9b4bd60d08cd9a7989d946ece6d8dc01d6b66a7851bb11e4b075d38081d3ce7bf1875fec9daf47a589abdb72763c9747b83a28389238b0279c8e41db6521130420851acac463664a97be2190aff921923475f2c1f8a87d1169229e5f10dd0a92221e61358b156020f2c9ca2cb6580743a8d5e3c59e6fd97a7a246211450c7c62f1891cedb434102f8794d81c1caf2c1b4ae18b7c4b9c88de5c51da33e3343cef76da0d00341c2e60c4562c162e41a7efa8290cc9061f3d6a592d5f104c5018f31bcaf912bdd37370fbf8fedf0aa9026c1142299197d67ab026756927b5864ea42c45a82c23c275697d31a1b7900670c9a3c967d12974543c11f20c367a336bea9b9ebe480f9c806528138dff35c5f56b1199b75748e9c5cf50e6a32397dc3eeb04c3636c0848a5e13df8a9758bacea231f34cba13b466360b0dec69f74f8bf9a2dcf3dd94fa3a7d27e8caae00240559d75875ef9c619416593ca0072e7f38caae5a530c62dbe00e38c12cb8b924d63fca4d5c3a4c8f50e8f4f86fc1fe2b163219c46c21eb783e587e18e07ab7e1927a646c4f154c5000cb65ce9528457c3c66f43d9ab7d61580df0ecfb31cb38e4cbcdc3dafcca57311abec6b74048c8b74505ba678a4db07ed7243c70a821aee66a487bf91fd273418f8ef657d1eeb9ea6f095d47641e9f9fa30599e8b9c6b4453a1a5e8afd86fcafb46dd095fa4a98a2b26470e2c799b08c6000f5c3c4e28961463724377f37813f3922484fda986eb7c93ae8365baf648acbb344ca7e044d7ba93e7ba35c31085f3f99c5fdb2f9f2845f00b8590395e8ff730b86f5dd7f52297b8ecd5d5a6bb452bcd12b98d6adb27e7ef0e84b9567c66093ca3edab7e64ac4f56360501d81823ea2b1595f934c5f61c8558304c16154109a983a2af8725c7af91b5bc57e555768aa8115236a6ccc921d472b608eb6b82c4ba3747d79027d7856fae5369aa325df6a76138a5b41a94377eeeb251087e0b8510d8890e3f7a0cffaeddb9d2c29bc89f952489f82ee2e2b485cd297e6d30683701623cf73ee9ee606baeae9c3afba287eff57731b9cfaf034b1f56c8b31a32a1078c4fcab298c3f925a8e7cacceb9edf7ba2e54d31033a25462021e4a3c0bf5af341b462ee4417024da7c12c7f385de3af129aef1338a9c1fd68323d07ff47ec8bcca66b44300624d02c9202a2d093c3c85fd922b57b3bd14162c8ca5690734b7e4e4b8980b73a8e9908a9fa3dd508b30e3b1e1fd4ec388affa27c4bc26ca2820e0a902d51ff94984e8894fa5fca7b8704b7600ca6d6b1b1527ea999fcdf8fe3b290ec0036cad222f92cf8a5a54d0fa91de6e74ef61f60a233c9f15fdc86226c3f688de15ed8f0c3f1bc3afcad87cee47a19384afc6a804f197339ebce4aca211dbe0504a000755d18f20c4ecacd4123acdff7653cbb26456499495662508c8186afb883f5481c6bdf88cf137e263bde9d62f054573e0d1454cc119c95d4d9011332bd77682f79debcf5c21f0be7e9a83a58cec34e7cfb17a8122e030669228e4d3d9e274a678c5b77e6180aacc2fa8eb9952c5b04de6b2c7bee591badab96a3c3248c275b5b8faf5394eacc427a840570033be5006c33ce2d2c6e54f08681c3f74ad2fe54bca6dc62a9d84f6c58509c1e5dd5cfcc7a358493d428de48dfc1bc3f74154801c97e6aae38445045320b4cf66c1e56eb6ea2c1218de65f120b463c5cfb9255b3a25eb6e848cbd977f0605d71c561c2a754f5761c31f84101ee8178782cc8cf70b41a2204c5cb2f3134d572327fe4bbc1792249dfcf0ae7ba5d81fb5ae4a7978d044085f3b7f2e398c05733e2bf456cae898f8b5a81e9c79179bb5ca716713fce643dabe21eaee4386e646e25ad3adc5a4ad40f9bd6743f5f742efb1a674ffdbd2ced56c646ae590eb8f10283b47f57e6f96ad76adebecb24df74020b096fdee3c8d780d563a915f73c8b0246b861cd3a8580d5cf75798e8cf1c5875724661a39277e7165fe48ed8d5e6a20d68239f626fe8ea434a4e6e03ea434ec68c4b92a0fc2af15a135d6cbaeeca39a0c1896dab33daac", 0x2000, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r5}, 0x50) syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90}, 0x0, 0x0, 0x0, 0x0}) syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90, 0x0, 0x0, {0x4, 0x0, 0x1, 0x0, 0x0, 0x0, {0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x80000001}}}, 0x0, 0x0, 0x0, 0x0}) open(&(0x7f00000001c0)='./file0/file0\x00', 0x0, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_serviced\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r6, 0x0) ftruncate(r6, 0xc17c) r7 = socket(0x10, 0x3, 0x0) r8 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000080)={'veth1_to_bridge\x00', 0x0}) sendmsg$nl_route_sched(r7, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newqdisc={0x3c, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_DQ_RATE_ESTIMATOR={0x8}]}}]}, 0x3c}}, 0x0) 419.623315ms ago: executing program 2 (id=1985): sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async) r0 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) (async) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000000300)=""/102400, 0x19000) (async) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100), 0x141a42, 0x0) (async) mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0) (async) execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x0, 0x0, 0x0) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000019340)='/sys/block/loop0', 0x0, 0x0) symlinkat(&(0x7f0000000280)='./file2\x00', 0xffffffffffffffff, &(0x7f0000019440)='./file2\x00') (async) lsm_set_self_attr(0x65, &(0x7f0000000240)=ANY=[@ANYRESDEC=r2], 0x20, 0x0) (async) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x8, 0x5, &(0x7f0000019800)=ANY=[@ANYBLOB="1800000000300000002700001a6554eaa442bd1c90a9cb000300000000000000000000009500000000000000000000000000007d4f619304509276f7f39d912c538249ad9f415f3b0d3e24ff849cc9935af9f25963ec20c31cb49c1b259613adb76593ecc2827180f3398619e6fd0034a134ed4777250ede1e92a1a37521b4b349d2cb2c"], &(0x7f0000000000)='syzkaller\x00'}, 0x90) ioctl$FAT_IOCTL_SET_ATTRIBUTES(r0, 0x40047211, &(0x7f0000000180)=0x1) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RELDISP(r3, 0x5605) (async) r4 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x1f7ff6, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f0000000040)={0x8, 0x1, 0x1}) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1800007, 0x28011, r4, 0x0) (async) r5 = socket$inet(0x2, 0x0, 0x2) setsockopt$inet_msfilter(r5, 0x0, 0x29, &(0x7f0000000200)=ANY=[@ANYBLOB="e0000002ea0000000000000000"], 0x10) (async) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000080)) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000140)='contention_end\x00'}, 0x10) (async) syz_open_dev$radio(&(0x7f0000019300), 0x2, 0x2) writev(r3, &(0x7f0000019580)=[{&(0x7f0000019380)="9733824102000000", 0x8}, {&(0x7f00000198c0)="fd65e69af21386501e98f8f9d59e2c7fde1d2c3e785626c8496e055499693730a6684f5157ec72c3b8c8d3abeb3851ea6f44cd4a43bcc461756a7c75315be80f6ef2b89ecdd7b1694153768995631f2f906aba1036d9a9c481653fd36793f0e1b888610affa300c26ebc4b8249627aa8801822045bf803405aaf0d568e4dfa7390f593", 0x83}, {&(0x7f0000019480)="8452ec2756d2819952619a387bda8d92a946ec5191e91c0085518298b92a743fe2e19ab9b3004365ddc89cd55bc8e3759352caf627c2a0b428af8e7027ac8af1ef9eeb3b1c2b953576e496de968c37448a467223bfb2e00e874827f9b00e845cd7968db57193113dd71582245374dc2786ac39514cb1e9010190aa5d96b95bac7ff9fa71e3409274e6435d6a74d05515bad246a80cc19bc893f7d3e0d201d583dba3f7a50a71155cc01607d02b367167ec02ba903b2df2e788c4ad435233ed7e0bf98089703147358442f786357631158c87831308c010586dc49b60b2d097238ef9aa631d5be5f28967ecc25989f981fe5cdf41f039c5331308f62e", 0xfc}, {&(0x7f0000019700)="b48ae69ac92f2483911f96a71e49c6c88d97b805519939e415495398ad10195ccb9b6e44585d1d679b4566aa2ba169fd0518d98f0560ff4b25416bfc63aae71ad6fc6d9de92e48d546ead366506779d98b6b3c40e2c5c5a91bb4291829c200cdb1074c00433782c45c1ca8a61098ff421eeae2159317931490c4fb393f08c95aa0ebea16b26b3c331149d36847967bfbc2e3080bfe7763e145122313ef870fd6fe2f9d0345dabe53be46f3068f1cd3842cc5b0577dfdee0b36a10cfec88796da88aa610000", 0xc5}, {&(0x7f00000193c0)="c343e4a91b1b99ef9dba7df828dd56e2281eb9cbb0a37529d0e31748fe97578f9031d9ed7497b4c45acb21004de0a616edd662b881a700000000b866ab1f7b0c", 0x40}], 0x5) (async) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r7}, 0x10) epoll_create1(0x0) (async) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x0) 238.248222ms ago: executing program 3 (id=1986): setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x1e, &(0x7f0000000340)=0x3, 0x4) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x2, 0x8, &(0x7f0000000480)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x4}, 0x90) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) write(r4, &(0x7f0000000340), 0x11000) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r5 = getpid() sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f00008d0000/0xb000)=nil, 0xb000, 0xb635773f06ebbee6, 0x13, 0xffffffffffffffff, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r7, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="57ffffe5", @ANYRES16=r8, @ANYBLOB="090d2000000000f0ff000700000008000300", @ANYRES32=r9, @ANYRESHEX, @ANYRESDEC=r3, @ANYRESOCT=r1, @ANYRES8=r1, @ANYRESOCT=r5, @ANYBLOB="908c1133", @ANYRESHEX=r2, @ANYRESHEX=r4, @ANYRES64=r7], 0x58}}, 0x44) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) socket$nl_xfrm(0x10, 0x3, 0x6) bpf$PROG_LOAD(0x5, 0x0, 0x0) r10 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/route\x00') read$FUSE(r10, &(0x7f0000002800)={0x2020}, 0x18c5) pread64(0xffffffffffffffff, 0x0, 0x0, 0x1) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000040)=r2, 0x4) setsockopt$PNPIPE_ENCAP(r4, 0x113, 0x1, &(0x7f0000000000), 0x4) sendmsg$unix(r1, &(0x7f0000000780)={0x0, 0x0, 0x0}, 0x0) 196.154559ms ago: executing program 1 (id=1987): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000001c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(cast6)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000040)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000340)="7116f676df7afb55ee78a60ad4f40a97f426325e669a21ff96eda42cf108e036680b6c4a08fb83b9c75d4d640afbc7200a84df6c5e704c77d210e0d403cd49fdca95db51e5bb03b5be174f8238c0295980486e15cbbe7c9dee0850af5bff06eab8bbab228f3a2adcdb8414459d7174802cac6acbb3312cddbbb9eb374228f97a4415ac2a290b0a62b417dce261a5e775d4456a99c8b2dedf0060b3f1c6cb2ac8b4f674bdd6ced71280b9f1bc0ebedcdfe0be0ec2a2099f43fc96c7e966979d2cc0ec763a4ea034409e2cb12d49ea19188c7dc0e82eaf7abc4f058c4afbd210e405ade820995158b19919f4cc4da5e77b32c2fdcef30c41bd6ab712f87c572223", 0x100}], 0x1, 0x0, 0x0, 0x40000}, 0x810) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a010400000000000000000100000008000240000000020900010073797a300000000014000000110001"], 0x50}}, 0x0) sendmsg$NFT_BATCH(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000009006000000000000000000000a3c000000090a050600000000000000000100000008000a40000000000900020073797ab1000000000900010073797a3000000000080005400000001414000000110001"], 0x64}}, 0x0) sendmsg$NFT_BATCH(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={{0x14, 0x10, 0x9000, 0x6}, [@NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x14}]}], {0x14, 0x11, 0xf, 0x0, 0x0, {0x0, 0x84}}}, 0x64}}, 0x0) recvmmsg(r2, &(0x7f0000000240)=[{{0x0, 0x0, &(0x7f00000009c0)}, 0x5}], 0x1, 0x2161, 0x0) 83.931196ms ago: executing program 1 (id=1988): syz_emit_ethernet(0x86, &(0x7f0000000500)={@local, @multicast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x2, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x64, 0x0, @wg=@response={0x2, 0x0, 0x0, "9d42a08597d3b2f44ac89b1b52cc6728d6697d4cebc8f2f062c6f91f224aaacc", "99bd3410936eefeb3ea898dafab974aa", {"96deedc95f5d10a12027128db2e9bdf6", "f838a300b01b0e19ecdf00b20600"}}}}}}}, 0x0) (async) syz_emit_ethernet(0x18, &(0x7f0000000300)={@random="e90c630faca2", @dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0xe000, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x10, 0x0, @opaque="cbe66f1099d3a415"}}}}}, 0x0) 0s ago: executing program 1 (id=1989): r0 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0) r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) dup3(r1, r0, 0x0) r2 = openat$fb1(0xffffff9c, &(0x7f0000000180), 0x0, 0x0) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000003c0)={'wlan0\x00', 0x0}) pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = socket$inet_udp(0x2, 0x2, 0x0) close(r8) openat$random(0xffffffffffffff9c, &(0x7f0000000000), 0x101082, 0x0) write$UHID_CREATE2(r7, &(0x7f0000000040)={0xb, {'syz0\x00', 'syz0\x00', 'syz0\x00', 0x43, 0x44d3, 0x6, 0xffff, 0xff, 0x4, "0c0774698dbe7fcbdcdb6eb02923496ab8be8c9e1fc935ee162ec94204a8188da165ef3fe3d054a568b2a17821594c7d1b433483d8ba4acea6d8610182d5312e5afdf6"}}, 0x15b) r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x90) r10 = socket$pppl2tp(0x18, 0x1, 0x1) socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r10, &(0x7f0000000240)=@pppol2tpv3in6={0x18, 0x1, {0x0, r4, 0x2, 0x1, 0x2, 0x3, {0xa, 0x4e24, 0xe0, @local, 0x9}}}, 0x3a) r11 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$L2TP_CMD_SESSION_DELETE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r11, @ANYBLOB="01000000000000000000030000000800090002"], 0x24}}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='tlb_flush\x00', r9}, 0x10) r12 = getpid() process_vm_readv(r12, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) open(0x0, 0x0, 0x146) write$binfmt_misc(r7, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r6, 0x0, r8, 0x0, 0x4ffe6, 0x0) sendmsg$NL80211_CMD_CHANNEL_SWITCH(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000440)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x7}], @NL80211_ATTR_CH_SWITCH_COUNT={0x8}]}, 0x34}}, 0x0) ioctl$FBIOPUT_VSCREENINFO(r2, 0x4601, &(0x7f0000000380)={0x3c0, 0x78, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) kernel console output (not intermixed with test programs): d pid=10398 comm="syz.3.1310" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ae579 code=0x0 [ 371.889455][T10407] netlink: 'syz.0.1313': attribute type 10 has an invalid length. [ 371.902945][T10407] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1313'. [ 372.062852][T10411] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1314'. [ 372.196872][ T39] audit: type=1326 audit(1724213629.997:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10404 comm="syz.2.1312" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x0 [ 373.416358][ T39] audit: type=1326 audit(1724213631.217:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10431 comm="syz.1.1321" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x0 [ 374.242232][T10443] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1324'. [ 374.634062][T10451] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 374.823235][ T39] audit: type=1326 audit(1724213632.627:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10439 comm="syz.1.1323" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x0 [ 375.260402][ T39] audit: type=1326 audit(1724213633.067:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10453 comm="syz.0.1326" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x0 [ 375.313414][T10459] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1327'. [ 376.467190][T10475] input: syz0 as /devices/virtual/input/input89 [ 376.710027][T10490] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 376.887858][ T39] audit: type=1326 audit(1724213634.687:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10483 comm="syz.3.1335" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ae579 code=0x0 [ 377.639328][ T39] audit: type=1326 audit(1724213635.437:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10503 comm="syz.1.1341" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x0 [ 377.811660][ T39] audit: type=1326 audit(1724213635.617:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10496 comm="syz.2.1339" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x0 [ 377.907815][T10510] nbd: must specify at least one socket [ 377.916209][T10510] block nbd3: not configured, cannot reconfigure [ 378.665560][T10524] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1346'. [ 379.052189][ T39] audit: type=1326 audit(1724213636.857:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10532 comm="syz.0.1348" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x0 [ 379.421241][T10537] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1349'. [ 379.451173][T10537] bridge_slave_1: left allmulticast mode [ 379.453457][T10537] bridge_slave_1: left promiscuous mode [ 379.455940][T10537] bridge0: port 2(bridge_slave_1) entered disabled state [ 379.749937][ T9] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 379.921759][ T9] usb 7-1: device descriptor read/64, error -71 [ 380.092393][ T39] audit: type=1326 audit(1724213637.897:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10546 comm="syz.1.1353" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x0 [ 380.130723][ T986] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 380.158717][T10558] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1354'. [ 380.190330][ T9] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 380.309945][ T986] usb 5-1: Using ep0 maxpacket: 8 [ 380.314464][ T986] usb 5-1: config 168 descriptor has 1 excess byte, ignoring [ 380.317734][ T986] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 380.322465][ T986] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 380.327281][ T986] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 380.331980][ T986] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 380.338801][ T986] usb 5-1: config 168 descriptor has 1 excess byte, ignoring [ 380.342932][ T9] usb 7-1: device descriptor read/64, error -71 [ 380.345656][ T986] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 380.350467][ T986] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 380.355315][ T986] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 380.359995][ T986] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 380.365986][ T986] usb 5-1: config 168 descriptor has 1 excess byte, ignoring [ 380.369163][ T986] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 380.375731][ T986] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 380.380683][ T986] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 380.385445][ T986] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 380.394762][ T986] usb 5-1: string descriptor 0 read error: -22 [ 380.397580][ T986] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 380.401485][ T986] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 380.415880][ T986] adutux 5-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 380.470694][ T9] usb usb7-port1: attempt power cycle [ 380.743908][ T833] usb 5-1: USB disconnect, device number 5 [ 380.826227][T10561] input: syz0 as /devices/virtual/input/input90 [ 380.912010][ T9] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 380.940703][ T9] usb 7-1: device descriptor read/8, error -71 [ 380.945537][T10569] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1358'. [ 381.180050][T10573] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1359'. [ 381.229975][ T9] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 381.270735][ T9] usb 7-1: device descriptor read/8, error -71 [ 381.392532][ T9] usb usb7-port1: unable to enumerate USB device [ 382.133938][ T39] audit: type=1326 audit(1724213639.937:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10579 comm="syz.0.1361" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x0 [ 382.406594][ T39] audit: type=1326 audit(1724213640.207:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10586 comm="syz.1.1363" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x0 [ 382.907736][ T39] audit: type=1326 audit(1724213640.707:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10596 comm="syz.0.1367" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x0 [ 383.027138][ T39] audit: type=1326 audit(1724213640.827:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10592 comm="syz.2.1366" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x0 [ 383.069965][ T39] audit: type=1326 audit(1724213640.867:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10600 comm="syz.3.1368" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ae579 code=0x0 [ 383.704232][ T1381] ieee802154 phy0 wpan0: encryption failed: -22 [ 383.726256][T10614] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1371'. [ 383.992827][ T39] audit: type=1326 audit(1724213641.797:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10615 comm="syz.0.1372" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x0 [ 384.919404][ T39] audit: type=1326 audit(1724213642.717:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10631 comm="syz.0.1377" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x0 [ 385.449383][ T39] audit: type=1326 audit(1724213643.247:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10643 comm="syz.2.1381" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x0 [ 385.866961][T10662] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 385.933116][T10667] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 386.089197][ T39] audit: type=1326 audit(1724213643.887:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10659 comm="syz.1.1386" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x0 [ 386.853914][ T39] audit: type=1326 audit(1724213644.657:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10672 comm="syz.2.1389" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x0 [ 387.754472][T10686] input: syz0 as /devices/virtual/input/input91 [ 387.978099][T10693] input: syz0 as /devices/virtual/input/input92 [ 388.439781][T10712] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1400'. [ 388.624541][ T39] audit: type=1326 audit(1724213646.377:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10708 comm="syz.3.1399" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ae579 code=0x0 [ 389.537068][T10741] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1407'. [ 389.817574][ T39] audit: type=1326 audit(1724213647.617:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10742 comm="syz.3.1409" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ae579 code=0x0 [ 390.958615][ T39] audit: type=1326 audit(1724213648.757:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10764 comm="syz.2.1416" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x0 [ 391.343365][T10771] FAULT_INJECTION: forcing a failure. [ 391.343365][T10771] name failslab, interval 1, probability 0, space 0, times 0 [ 391.348786][T10771] CPU: 3 UID: 0 PID: 10771 Comm: syz.0.1417 Not tainted 6.11.0-rc4-syzkaller-00011-g521b1e7f4cf0 #0 [ 391.353316][T10771] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 391.357783][T10771] Call Trace: [ 391.358944][T10771] [ 391.360008][T10771] dump_stack_lvl+0x16c/0x1f0 [ 391.361948][T10771] should_fail_ex+0x497/0x5b0 [ 391.363750][T10771] ? fs_reclaim_acquire+0xae/0x160 [ 391.365717][T10771] should_failslab+0xc2/0x120 [ 391.367729][T10771] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 391.370183][T10771] ? alloc_empty_file+0x73/0x1e0 [ 391.372467][T10771] ? __lock_acquire+0xbdd/0x3cb0 [ 391.374654][T10771] alloc_empty_file+0x73/0x1e0 [ 391.376731][T10771] path_openat+0xe0/0x2d20 [ 391.378706][T10771] ? hlock_class+0x4e/0x130 [ 391.380701][T10771] ? __lock_acquire+0x1620/0x3cb0 [ 391.382828][T10771] ? __pfx_path_openat+0x10/0x10 [ 391.384888][T10771] ? __pfx___lock_acquire+0x10/0x10 [ 391.387059][T10771] ? find_held_lock+0x2d/0x110 [ 391.389160][T10771] do_filp_open+0x1dc/0x430 [ 391.391141][T10771] ? __pfx_do_filp_open+0x10/0x10 [ 391.393290][T10771] ? find_held_lock+0x2d/0x110 [ 391.395346][T10771] ? _raw_spin_unlock+0x28/0x50 [ 391.397391][T10771] ? alloc_fd+0x2d7/0x6c0 [ 391.399426][T10771] do_sys_openat2+0x17a/0x1e0 [ 391.401379][T10771] ? __pfx_do_sys_openat2+0x10/0x10 [ 391.403633][T10771] __ia32_compat_sys_openat+0x16e/0x210 [ 391.405822][T10771] ? __pfx___ia32_compat_sys_openat+0x10/0x10 [ 391.407877][T10771] do_int80_emulation+0x104/0x200 [ 391.410078][T10771] asm_int80_emulation+0x1a/0x20 [ 391.412232][T10771] RIP: 0023:0xf7f31579 [ 391.413900][T10771] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 391.422015][T10771] RSP: 002b:00000000f56d6110 EFLAGS: 00000293 ORIG_RAX: 0000000000000127 [ 391.425952][T10771] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000f56d6160 [ 391.428775][T10771] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000f73c0ff4 [ 391.432065][T10771] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 391.435532][T10771] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 391.438989][T10771] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 391.441815][T10771] [ 392.077199][ T39] audit: type=1326 audit(1724213649.877:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10780 comm="syz.2.1421" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x0 [ 392.258669][ T39] audit: type=1326 audit(1724213650.057:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10778 comm="syz.1.1420" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x0 [ 392.544990][T10795] input: syz0 as /devices/virtual/input/input94 [ 392.699733][T10798] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1426'. [ 393.050001][ T39] audit: type=1326 audit(1724213650.827:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10803 comm="syz.0.1428" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x0 [ 393.325967][T10813] fuse: Unknown parameter '01777777777777777777777ÿÿÿý{ÿ¨z‡±œ$õÙp‘+/Û#P{"1ƒ‹’†¤ý' [ 393.886578][T10822] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1432'. [ 393.924013][T10824] FAULT_INJECTION: forcing a failure. [ 393.924013][T10824] name failslab, interval 1, probability 0, space 0, times 0 [ 393.930080][T10824] CPU: 3 UID: 0 PID: 10824 Comm: syz.1.1433 Not tainted 6.11.0-rc4-syzkaller-00011-g521b1e7f4cf0 #0 [ 393.934482][T10824] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 393.938992][T10824] Call Trace: [ 393.940438][T10824] [ 393.941743][T10824] dump_stack_lvl+0x16c/0x1f0 [ 393.943789][T10824] should_fail_ex+0x497/0x5b0 [ 393.945753][T10824] should_failslab+0xc2/0x120 [ 393.947774][T10824] __kmalloc_node_track_caller_noprof+0xcf/0x440 [ 393.950394][T10824] ? lockdep_init_map_type+0x16d/0x7d0 [ 393.952704][T10824] ? nf_ct_ext_add+0x19d/0x3d0 [ 393.954686][T10824] krealloc_noprof+0x5d/0x100 [ 393.956678][T10824] nf_ct_ext_add+0x19d/0x3d0 [ 393.958648][T10824] init_conntrack.constprop.0+0x5af/0x1080 [ 393.961062][T10824] ? __pfx_init_conntrack.constprop.0+0x10/0x10 [ 393.963659][T10824] ? __local_bh_enable_ip+0xa4/0x120 [ 393.965850][T10824] ? lockdep_hardirqs_on+0x7c/0x110 [ 393.968063][T10824] nf_conntrack_in+0xa2f/0x1830 [ 393.970095][T10824] ? __pfx_nf_conntrack_in+0x10/0x10 [ 393.972278][T10824] ? __pfx_ipt_do_table+0x10/0x10 [ 393.974381][T10824] ? __pfx_ipv4_conntrack_local+0x10/0x10 [ 393.976682][T10824] ipv4_conntrack_local+0x160/0x250 [ 393.978834][T10824] nf_hook_slow+0xbb/0x200 [ 393.980709][T10824] nf_hook+0x386/0x6d0 [ 393.982403][T10824] ? __pfx_dst_output+0x10/0x10 [ 393.984492][T10824] ? __pfx_nf_hook+0x10/0x10 [ 393.986430][T10824] ? __pfx_dst_output+0x10/0x10 [ 393.988511][T10824] ? do_csum+0x280/0x2e0 [ 393.990270][T10824] __ip_local_out+0x33b/0x640 [ 393.992270][T10824] ? __pfx_dst_output+0x10/0x10 [ 393.994340][T10824] ip_local_out+0x2a/0x4a0 [ 393.996252][T10824] __ip_queue_xmit+0x747/0x1940 [ 393.998350][T10824] ? __pfx_ip_queue_xmit+0x10/0x10 [ 394.000626][T10824] __tcp_transmit_skb+0x2a3a/0x3da0 [ 394.002813][T10824] ? __pfx___tcp_transmit_skb+0x10/0x10 [ 394.005183][T10824] ? __pfx_lock_release+0x10/0x10 [ 394.007295][T10824] ? tcp_fastopen_no_cookie+0x158/0x1a0 [ 394.009638][T10824] tcp_connect+0x2197/0x4730 [ 394.011634][T10824] ? __pfx_tcp_fastopen_defer_connect+0x10/0x10 [ 394.014249][T10824] ? get_random_u16+0x444/0x7e0 [ 394.016291][T10824] ? __pfx_tcp_connect+0x10/0x10 [ 394.018338][T10824] ? __pfx_secure_tcp_ts_off+0x10/0x10 [ 394.020572][T10824] tcp_v4_connect+0x14f7/0x1b80 [ 394.022703][T10824] ? __pfx_tcp_v4_connect+0x10/0x10 [ 394.024847][T10824] __inet_stream_connect+0x3c7/0x1020 [ 394.027047][T10824] ? __pfx___inet_stream_connect+0x10/0x10 [ 394.029451][T10824] tcp_sendmsg_fastopen+0x3d7/0x700 [ 394.031681][T10824] tcp_sendmsg_locked+0x1fa9/0x3550 [ 394.033828][T10824] ? __pfx_mark_lock+0x10/0x10 [ 394.035692][T10824] ? lock_acquire+0x1b1/0x560 [ 394.037671][T10824] ? find_held_lock+0x2d/0x110 [ 394.039653][T10824] ? __pfx_tcp_sendmsg_locked+0x10/0x10 [ 394.041965][T10824] ? tcp_sendmsg+0x20/0x50 [ 394.043851][T10824] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 394.046141][T10824] ? __local_bh_enable_ip+0xa4/0x120 [ 394.048408][T10824] tcp_sendmsg+0x2e/0x50 [ 394.050188][T10824] ? __pfx_tcp_sendmsg+0x10/0x10 [ 394.052267][T10824] inet_sendmsg+0xb9/0x140 [ 394.054126][T10824] __sys_sendto+0x42c/0x4e0 [ 394.056047][T10824] ? __pfx___sys_sendto+0x10/0x10 [ 394.058198][T10824] ? ksys_write+0x1ab/0x260 [ 394.060094][T10824] ? __pfx_ksys_write+0x10/0x10 [ 394.062140][T10824] __ia32_sys_sendto+0xdd/0x1b0 [ 394.064103][T10824] ? lockdep_hardirqs_on+0x7c/0x110 [ 394.066296][T10824] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 394.068970][T10824] __do_fast_syscall_32+0x73/0x120 [ 394.071116][T10824] do_fast_syscall_32+0x32/0x80 [ 394.072985][T10824] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 394.075427][T10824] RIP: 0023:0xf749e579 [ 394.076957][T10824] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 394.085293][T10824] RSP: 002b:00000000f57a656c EFLAGS: 00000296 ORIG_RAX: 0000000000000171 [ 394.088842][T10824] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000000000000 [ 394.092049][T10824] RDX: 0000000000000000 RSI: 00000000200007fd RDI: 0000000020e68000 [ 394.095467][T10824] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 394.098777][T10824] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 394.102150][T10824] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 394.105685][T10824] [ 394.281119][T10832] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1435'. [ 394.384078][ T39] audit: type=1326 audit(1724213652.167:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10826 comm="syz.0.1434" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x0 [ 394.752254][ T39] audit: type=1326 audit(1724213652.557:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10834 comm="syz.3.1436" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ae579 code=0x0 [ 394.969273][T10839] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1437'. [ 395.642694][T10855] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1450'. [ 396.300913][T10866] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1445'. [ 396.442972][ T39] audit: type=1326 audit(1724213654.247:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10862 comm="syz.2.1444" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x0 [ 397.278396][T10883] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1449'. [ 397.753042][T10898] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1454'. [ 398.106816][T10908] Mount JFS Failure: -22 [ 398.579282][T10913] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1459'. [ 399.911298][T10935] netlink: 'syz.3.1466': attribute type 48 has an invalid length. [ 400.036543][ T39] audit: type=1326 audit(1724213657.837:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10933 comm="syz.1.1467" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x0 [ 400.868378][T10950] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 401.749783][ T39] audit: type=1326 audit(1724213659.547:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10988 comm="syz.0.1477" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x0 [ 402.562488][T11005] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 402.739806][ T39] audit: type=1326 audit(1724213660.537:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11001 comm="syz.1.1478" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x0 [ 402.872790][ T39] audit: type=1326 audit(1724213660.677:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11018 comm="syz.0.1483" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x0 [ 403.303206][T11004] Bluetooth: hci4: Opcode 0x0401 failed: -4 [ 403.775903][ T39] audit: type=1326 audit(1724213661.577:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11028 comm="syz.1.1486" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x0 [ 403.778597][T11037] bridge_slave_1: left allmulticast mode [ 403.786900][T11037] bridge_slave_1: left promiscuous mode [ 403.790510][T11037] bridge0: port 2(bridge_slave_1) entered disabled state [ 403.819947][ T39] audit: type=1326 audit(1724213661.617:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11025 comm="syz.3.1485" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ae579 code=0x0 [ 404.499945][ T66] Bluetooth: hci4: command 0x0406 tx timeout [ 404.550713][T11047] FAULT_INJECTION: forcing a failure. [ 404.550713][T11047] name failslab, interval 1, probability 0, space 0, times 0 [ 404.556171][T11047] CPU: 0 UID: 0 PID: 11047 Comm: syz.1.1491 Not tainted 6.11.0-rc4-syzkaller-00011-g521b1e7f4cf0 #0 [ 404.558553][T11048] input: syz0 as /devices/virtual/input/input97 [ 404.560586][T11047] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 404.560668][T11047] Call Trace: [ 404.560676][T11047] [ 404.570396][T11047] dump_stack_lvl+0x16c/0x1f0 [ 404.572394][T11047] should_fail_ex+0x497/0x5b0 [ 404.574334][T11047] ? fs_reclaim_acquire+0xae/0x160 [ 404.576493][T11047] should_failslab+0xc2/0x120 [ 404.578595][T11047] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 404.581194][T11047] ? anon_vma_fork+0x200/0x620 [ 404.583697][T11047] anon_vma_fork+0x200/0x620 [ 404.586250][T11047] copy_mm+0x192b/0x2550 [ 404.588035][T11047] ? find_held_lock+0x2d/0x110 [ 404.590043][T11047] ? __pfx_copy_mm+0x10/0x10 [ 404.592800][T11047] ? __raw_spin_lock_init+0x3a/0x110 [ 404.595208][T11047] copy_process+0x3ea9/0x6fb0 [ 404.597736][T11047] ? __pfx_copy_process+0x10/0x10 [ 404.599880][T11047] ? _copy_from_user+0x5d/0xf0 [ 404.601863][T11047] kernel_clone+0xfd/0x960 [ 404.603768][T11047] ? ksys_write+0x12f/0x260 [ 404.605741][T11047] ? __pfx_kernel_clone+0x10/0x10 [ 404.607940][T11047] ? vfs_write+0x14d/0x1140 [ 404.609954][T11047] __do_sys_clone3+0x1f5/0x270 [ 404.612062][T11047] ? __pfx___do_sys_clone3+0x10/0x10 [ 404.614379][T11047] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 404.617499][T11047] __do_fast_syscall_32+0x73/0x120 [ 404.619520][T11047] do_fast_syscall_32+0x32/0x80 [ 404.621256][T11047] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 404.623652][T11047] RIP: 0023:0xf749e579 [ 404.625427][T11047] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 404.632882][T11047] RSP: 002b:00000000f57a643c EFLAGS: 00000286 ORIG_RAX: 00000000000001b3 [ 404.636187][T11047] RAX: ffffffffffffffda RBX: 00000000f57a6470 RCX: 0000000000000058 [ 404.639395][T11047] RDX: 0000000000000000 RSI: 0000000003000000 RDI: 0000000000000000 [ 404.642678][T11047] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 404.645855][T11047] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 404.649045][T11047] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 404.652334][T11047] [ 405.024108][T11061] Mount JFS Failure: -22 [ 406.630210][T11080] FAULT_INJECTION: forcing a failure. [ 406.630210][T11080] name failslab, interval 1, probability 0, space 0, times 0 [ 406.635849][T11080] CPU: 0 UID: 0 PID: 11080 Comm: syz.3.1499 Not tainted 6.11.0-rc4-syzkaller-00011-g521b1e7f4cf0 #0 [ 406.640681][T11080] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 406.645312][T11080] Call Trace: [ 406.646811][T11080] [ 406.648076][T11080] dump_stack_lvl+0x16c/0x1f0 [ 406.650182][T11080] should_fail_ex+0x497/0x5b0 [ 406.652228][T11080] ? fs_reclaim_acquire+0xae/0x160 [ 406.654511][T11080] should_failslab+0xc2/0x120 [ 406.656673][T11080] __kmalloc_cache_noprof+0x6b/0x310 [ 406.659071][T11080] ? vkms_plane_duplicate_state+0x45/0x130 [ 406.661661][T11080] ? modeset_lock+0x10e/0x6c0 [ 406.663705][T11080] vkms_plane_duplicate_state+0x45/0x130 [ 406.666011][T11080] drm_atomic_get_plane_state+0x20b/0x590 [ 406.668315][T11080] drm_atomic_helper_update_plane+0x96/0x400 [ 406.670639][T11080] __setplane_atomic+0x250/0x360 [ 406.672701][T11080] drm_mode_cursor_universal+0x4a7/0xcb0 [ 406.674882][T11080] ? __pfx_drm_mode_cursor_universal+0x10/0x10 [ 406.677687][T11080] ? __pfx_drm_lease_held+0x10/0x10 [ 406.680100][T11080] ? modeset_lock+0x10e/0x6c0 [ 406.682314][T11080] drm_mode_cursor_common+0x318/0x970 [ 406.684803][T11080] ? __pfx_drm_mode_cursor_common+0x10/0x10 [ 406.687462][T11080] ? lock_acquire+0x1b1/0x560 [ 406.689897][T11080] ? find_held_lock+0x2d/0x110 [ 406.692363][T11080] drm_mode_cursor_ioctl+0xa6/0xe0 [ 406.694713][T11080] ? __pfx_drm_mode_cursor_ioctl+0x10/0x10 [ 406.697315][T11080] ? do_raw_spin_unlock+0x172/0x230 [ 406.699640][T11080] drm_ioctl_kernel+0x1ec/0x3e0 [ 406.701896][T11080] ? __pfx_drm_mode_cursor_ioctl+0x10/0x10 [ 406.704462][T11080] ? __pfx_drm_ioctl_kernel+0x10/0x10 [ 406.706564][T11080] ? __pfx_drm_mode_cursor_ioctl+0x10/0x10 [ 406.709335][T11080] drm_ioctl+0x584/0xbb0 [ 406.711348][T11080] ? __pfx_drm_ioctl+0x10/0x10 [ 406.713465][T11080] drm_compat_ioctl+0x32d/0x470 [ 406.715781][T11080] ? bpf_lsm_file_ioctl_compat+0x9/0x10 [ 406.718363][T11080] ? __pfx_drm_compat_ioctl+0x10/0x10 [ 406.720731][T11080] __do_compat_sys_ioctl+0x2c3/0x330 [ 406.723306][T11080] __do_fast_syscall_32+0x73/0x120 [ 406.725779][T11080] do_fast_syscall_32+0x32/0x80 [ 406.727960][T11080] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 406.730770][T11080] RIP: 0023:0xf73ae579 [ 406.732546][T11080] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 406.740957][T11080] RSP: 002b:00000000f56b656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 406.744784][T11080] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c01c64a3 [ 406.747866][T11080] RDX: 0000000020000280 RSI: 0000000000000000 RDI: 0000000000000000 [ 406.751293][T11080] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 406.754603][T11080] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 406.757999][T11080] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 406.761543][T11080] [ 406.924131][T11082] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1500'. [ 407.273465][ T66] Bluetooth: hci3: ACL packet for unknown connection handle 200 [ 407.277788][ T66] Bluetooth: hci3: ACL packet for unknown connection handle 200 [ 407.720301][T11092] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1503'. [ 407.798428][T11092] bridge2: port 1(bridge_slave_1) entered blocking state [ 407.805128][T11092] bridge2: port 1(bridge_slave_1) entered disabled state [ 407.809518][T11092] bridge_slave_1: entered allmulticast mode [ 407.814781][T11092] bridge_slave_1: entered promiscuous mode [ 407.819081][T11092] bridge2: port 1(bridge_slave_1) entered blocking state [ 407.822152][T11092] bridge2: port 1(bridge_slave_1) entered forwarding state [ 407.898394][T11092] bridge2: port 2(veth1_to_bond) entered blocking state [ 407.903090][T11092] bridge2: port 2(veth1_to_bond) entered disabled state [ 407.906426][T11092] veth1_to_bond: entered allmulticast mode [ 407.919771][T11092] veth1_to_bond: entered promiscuous mode [ 407.924513][T11092] bridge2: port 2(veth1_to_bond) entered blocking state [ 407.927723][T11092] bridge2: port 2(veth1_to_bond) entered forwarding state [ 408.388748][T11104] input: syz0 as /devices/virtual/input/input98 [ 408.526098][ T39] audit: type=1326 audit(1724213666.327:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11100 comm="syz.3.1506" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ae579 code=0x0 [ 408.838592][T11114] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1509'. [ 409.660704][T11136] netlink: 'syz.2.1516': attribute type 1 has an invalid length. [ 409.664195][T11136] netlink: 9352 bytes leftover after parsing attributes in process `syz.2.1516'. [ 409.668116][T11136] netlink: 'syz.2.1516': attribute type 1 has an invalid length. [ 409.678988][T11136] netlink: 'syz.2.1516': attribute type 2 has an invalid length. [ 410.006093][ T39] audit: type=1326 audit(1724213667.807:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11133 comm="syz.1.1515" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x0 [ 410.481787][T11151] team_slave_0: entered allmulticast mode [ 410.531349][T11151] team0: Port device team_slave_0 removed [ 411.320112][ T39] audit: type=1326 audit(1724213669.117:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11153 comm="syz.1.1521" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x0 [ 411.521075][T11163] FAULT_INJECTION: forcing a failure. [ 411.521075][T11163] name failslab, interval 1, probability 0, space 0, times 0 [ 411.541051][T11163] CPU: 1 UID: 0 PID: 11163 Comm: syz.3.1523 Not tainted 6.11.0-rc4-syzkaller-00011-g521b1e7f4cf0 #0 [ 411.545904][T11163] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 411.550324][T11163] Call Trace: [ 411.551732][T11163] [ 411.552963][T11163] dump_stack_lvl+0x16c/0x1f0 [ 411.554915][T11163] should_fail_ex+0x497/0x5b0 [ 411.556851][T11163] ? fs_reclaim_acquire+0xae/0x160 [ 411.558869][T11163] should_failslab+0xc2/0x120 [ 411.560723][T11163] __kmalloc_cache_noprof+0x6b/0x310 [ 411.563167][T11163] ? percpu_ref_init+0xd9/0x400 [ 411.565213][T11163] ? __pfx_free_ioctx_reqs+0x10/0x10 [ 411.567460][T11163] percpu_ref_init+0xd9/0x400 [ 411.569526][T11163] ? __init_waitqueue_head+0xca/0x150 [ 411.571814][T11163] ioctx_alloc+0x3b3/0x1f80 [ 411.573759][T11163] ? __might_fault+0x13b/0x190 [ 411.575929][T11163] ? __pfx_lock_release+0x10/0x10 [ 411.578812][T11163] ? __pfx_ioctx_alloc+0x10/0x10 [ 411.581661][T11163] ? __might_fault+0xe3/0x190 [ 411.583798][T11163] __ia32_compat_sys_io_setup+0xc8/0x210 [ 411.586390][T11163] __do_fast_syscall_32+0x73/0x120 [ 411.588834][T11163] do_fast_syscall_32+0x32/0x80 [ 411.590945][T11163] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 411.593941][T11163] RIP: 0023:0xf73ae579 [ 411.595767][T11163] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 411.604151][T11163] RSP: 002b:00000000f569556c EFLAGS: 00000296 ORIG_RAX: 00000000000000f5 [ 411.607602][T11163] RAX: ffffffffffffffda RBX: 00000000000003ff RCX: 0000000020000500 [ 411.611586][T11163] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 411.614879][T11163] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 411.618797][T11163] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 411.622202][T11163] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 411.627116][T11163] [ 412.052602][T11167] bridge_slave_1: left allmulticast mode [ 412.060019][T11167] bridge_slave_1: left promiscuous mode [ 412.063296][T11167] bridge2: port 1(bridge_slave_1) entered disabled state [ 412.348912][ T39] audit: type=1326 audit(1724213670.147:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11165 comm="syz.3.1526" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ae579 code=0x0 [ 412.972056][T11190] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 413.127056][T11195] ip6gretap0 speed is unknown, defaulting to 1000 [ 413.144102][ T39] audit: type=1326 audit(1724213670.947:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11182 comm="syz.2.1529" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x0 [ 413.180122][T11195] ip6gretap0 speed is unknown, defaulting to 1000 [ 413.197892][T11195] ip6gretap0 speed is unknown, defaulting to 1000 [ 413.217336][T11195] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 413.252898][T11195] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 413.529673][T11195] ip6gretap0 speed is unknown, defaulting to 1000 [ 413.540246][T11195] ip6gretap0 speed is unknown, defaulting to 1000 [ 413.546595][T11195] ip6gretap0 speed is unknown, defaulting to 1000 [ 413.554804][T11195] ip6gretap0 speed is unknown, defaulting to 1000 [ 413.571882][T11195] ip6gretap0 speed is unknown, defaulting to 1000 [ 413.586202][T11195] ip6gretap0 speed is unknown, defaulting to 1000 [ 414.494865][T11212] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 415.046812][ C2] hpet: Lost 1 RTC interrupts [ 415.282178][T11228] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1540'. [ 415.427211][T11234] input: syz0 as /devices/virtual/input/input99 [ 416.119203][T11237] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1542'. [ 416.926863][ C2] hpet: Lost 1 RTC interrupts [ 417.650688][ T39] audit: type=1326 audit(1724213675.457:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11251 comm="syz.2.1546" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x0 [ 417.759222][T11264] team_slave_0: entered allmulticast mode [ 417.788410][T11264] team0: Port device team_slave_0 removed [ 418.104867][T11268] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1550'. [ 418.216823][T11272] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1551'. [ 419.776897][ T39] audit: type=1326 audit(1724213677.577:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11291 comm="syz.3.1557" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ae579 code=0x0 [ 420.144927][T11298] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 420.173223][T11305] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1559'. [ 420.585669][ T39] audit: type=1326 audit(1724213678.387:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11307 comm="syz.3.1560" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ae579 code=0x0 [ 420.752560][T11314] input: syz0 as /devices/virtual/input/input100 [ 420.990387][T11319] input: syz0 as /devices/virtual/input/input101 [ 421.776503][T11328] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1564'. [ 421.991156][T11334] netlink: 'syz.0.1566': attribute type 1 has an invalid length. [ 421.994784][T11334] netlink: 112860 bytes leftover after parsing attributes in process `syz.0.1566'. [ 421.998831][T11334] netlink: 'syz.0.1566': attribute type 1 has an invalid length. [ 422.171828][ T39] audit: type=1326 audit(1724213679.977:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11330 comm="syz.2.1565" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x0 [ 422.506132][T11338] sp0: Synchronizing with TNC [ 423.877199][T11351] siw: device registration error -23 [ 424.198675][ T39] audit: type=1326 audit(1724213681.997:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11353 comm="syz.1.1571" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x0 [ 424.281373][ T39] audit: type=1326 audit(1724213682.087:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11355 comm="syz.3.1572" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ae579 code=0x0 [ 425.255795][T11366] input: syz0 as /devices/virtual/input/input102 [ 425.809936][ T58] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 425.989918][ T58] usb 5-1: Using ep0 maxpacket: 8 [ 425.994012][ T58] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 425.997128][ T58] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 426.001616][ T58] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 426.006255][ T58] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 426.009702][ T58] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 426.016024][ T58] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 426.019237][ T58] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 426.258455][ T58] usb 5-1: usb_control_msg returned -32 [ 426.260508][ T58] usbtmc 5-1:16.0: can't read capabilities [ 426.358869][T11385] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 426.611370][T11390] usb 5-1: usbtmc_ioctl_clear_in_halt returned -32 [ 428.680904][ T58] usb 5-1: USB disconnect, device number 6 [ 428.739713][T11421] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 428.765570][T11423] input: syz0 as /devices/virtual/input/input103 [ 428.868397][T11425] siw: device registration error -23 [ 429.308683][T11431] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 429.742174][T11439] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1593'. [ 429.889872][T11441] bridge0: port 1(bridge_slave_0) entered disabled state [ 429.916272][ T97] bridge0: port 1(bridge_slave_0) entered blocking state [ 429.918659][ T97] bridge0: port 1(bridge_slave_0) entered forwarding state [ 430.240327][T11447] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1596'. [ 430.293460][ T39] audit: type=1326 audit(1724213688.067:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11443 comm="syz.1.1595" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x0 [ 430.773539][T11458] FAULT_INJECTION: forcing a failure. [ 430.773539][T11458] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 430.778755][T11458] CPU: 1 UID: 0 PID: 11458 Comm: syz.3.1598 Not tainted 6.11.0-rc4-syzkaller-00011-g521b1e7f4cf0 #0 [ 430.782848][T11458] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 430.786902][T11458] Call Trace: [ 430.788203][T11458] [ 430.789370][T11458] dump_stack_lvl+0x16c/0x1f0 [ 430.791231][T11458] should_fail_ex+0x497/0x5b0 [ 430.793066][T11458] _copy_from_user+0x30/0xf0 [ 430.794825][T11458] get_compat_msghdr+0xa8/0x170 [ 430.796578][T11458] ? __pfx_get_compat_msghdr+0x10/0x10 [ 430.798667][T11458] ? kfree+0x245/0x3b0 [ 430.800287][T11458] ? find_held_lock+0x2d/0x110 [ 430.802177][T11458] ___sys_recvmsg+0x193/0x1a0 [ 430.804033][T11458] ? __pfx____sys_recvmsg+0x10/0x10 [ 430.806093][T11458] ? __pfx___might_resched+0x10/0x10 [ 430.808120][T11458] ? __fget_light+0x173/0x210 [ 430.809980][T11458] do_recvmmsg+0x51a/0x750 [ 430.811820][T11458] ? __pfx_do_recvmmsg+0x10/0x10 [ 430.813780][T11458] ? __pfx_lock_release+0x10/0x10 [ 430.815781][T11458] ? vfs_write+0x14d/0x1140 [ 430.817596][T11458] __sys_recvmmsg+0x21e/0x280 [ 430.819474][T11458] ? __pfx___sys_recvmmsg+0x10/0x10 [ 430.821535][T11458] ? __pfx_ksys_write+0x10/0x10 [ 430.823450][T11458] __ia32_compat_sys_recvmmsg_time32+0xc4/0x160 [ 430.825903][T11458] ? lockdep_hardirqs_on+0x7c/0x110 [ 430.828001][T11458] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 430.830624][T11458] __do_fast_syscall_32+0x73/0x120 [ 430.832633][T11458] do_fast_syscall_32+0x32/0x80 [ 430.834551][T11458] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 430.837001][T11458] RIP: 0023:0xf73ae579 [ 430.838619][T11458] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 430.846059][T11458] RSP: 002b:00000000f569556c EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 430.849309][T11458] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200066c0 [ 430.852399][T11458] RDX: 0000000000000a0d RSI: 0000000000000000 RDI: 0000000000000000 [ 430.855456][T11458] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 430.858558][T11458] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 430.861617][T11458] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 430.864728][T11458] [ 430.866123][ C1] vkms_vblank_simulate: vblank timer overrun [ 431.636459][T11469] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 431.694523][T11476] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 431.718046][T11477] input: syz0 as /devices/virtual/input/input104 [ 431.778363][T11482] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1604'. [ 432.106418][ T39] audit: type=1326 audit(1724213689.907:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11487 comm="syz.1.1607" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x0 [ 433.233980][T11516] tap0: tun_chr_ioctl cmd 1074025673 [ 433.236337][T11514] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1614'. [ 433.239797][T11516] tap0: tun_chr_ioctl cmd 1074025673 [ 433.243116][T11516] tap0: tun_chr_ioctl cmd 1074025673 [ 433.244960][T11516] tap0: tun_chr_ioctl cmd 1074025673 [ 433.247281][T11516] tap0: tun_chr_ioctl cmd 1074025673 [ 433.255483][T11516] tap0: tun_chr_ioctl cmd 1074025673 [ 433.729198][T11524] FAULT_INJECTION: forcing a failure. [ 433.729198][T11524] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 433.734833][T11524] CPU: 1 UID: 0 PID: 11524 Comm: syz.1.1615 Not tainted 6.11.0-rc4-syzkaller-00011-g521b1e7f4cf0 #0 [ 433.739299][T11524] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 433.743771][T11524] Call Trace: [ 433.745192][T11524] [ 433.746455][T11524] dump_stack_lvl+0x16c/0x1f0 [ 433.748460][T11524] should_fail_ex+0x497/0x5b0 [ 433.750513][T11524] _copy_from_iter+0x27a/0xfc0 [ 433.752701][T11524] ? __alloc_skb+0x200/0x380 [ 433.754660][T11524] ? __pfx__copy_from_iter+0x10/0x10 [ 433.756852][T11524] ? __virt_addr_valid+0x5e/0x590 [ 433.758946][T11524] ? __phys_addr_symbol+0x30/0x80 [ 433.761142][T11524] ? __check_object_size+0x497/0x720 [ 433.763368][T11524] netlink_sendmsg+0x813/0xd70 [ 433.765440][T11524] ? __pfx_netlink_sendmsg+0x10/0x10 [ 433.767612][T11524] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 433.769824][T11524] ____sys_sendmsg+0x9b4/0xb50 [ 433.771850][T11524] ? __pfx_____sys_sendmsg+0x10/0x10 [ 433.774081][T11524] ? get_compat_msghdr+0x11b/0x170 [ 433.776264][T11524] ? __pfx___lock_acquire+0x10/0x10 [ 433.778478][T11524] ___sys_sendmsg+0x135/0x1e0 [ 433.780521][T11524] ? __pfx____sys_sendmsg+0x10/0x10 [ 433.782730][T11524] ? ksys_write+0x21c/0x260 [ 433.784653][T11524] ? __fget_light+0x173/0x210 [ 433.786637][T11524] __sys_sendmsg+0x117/0x1f0 [ 433.788582][T11524] ? __pfx___sys_sendmsg+0x10/0x10 [ 433.790850][T11524] __do_fast_syscall_32+0x73/0x120 [ 433.793007][T11524] do_fast_syscall_32+0x32/0x80 [ 433.795049][T11524] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 433.797685][T11524] RIP: 0023:0xf749e579 [ 433.799409][T11524] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 433.807350][T11524] RSP: 002b:00000000f578556c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 433.810799][T11524] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200001c0 [ 433.814080][T11524] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 433.817323][T11524] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 433.818717][T11526] input: syz0 as /devices/virtual/input/input105 [ 433.820591][T11524] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 433.820603][T11524] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 433.820626][T11524] [ 434.030661][ T5361] Bluetooth: hci5: command 0x0406 tx timeout [ 434.769886][ T39] audit: type=1326 audit(1724213692.567:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11528 comm="syz.1.1618" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x0 [ 435.461666][T11536] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 436.134079][ T39] audit: type=1326 audit(1724213693.937:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11552 comm="syz.1.1631" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x0 [ 436.418816][T11563] FAULT_INJECTION: forcing a failure. [ 436.418816][T11563] name failslab, interval 1, probability 0, space 0, times 0 [ 436.418887][T11563] CPU: 1 UID: 0 PID: 11563 Comm: syz.0.1625 Not tainted 6.11.0-rc4-syzkaller-00011-g521b1e7f4cf0 #0 [ 436.418919][T11563] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 436.418930][T11563] Call Trace: [ 436.418937][T11563] [ 436.418944][T11563] dump_stack_lvl+0x16c/0x1f0 [ 436.418976][T11563] should_fail_ex+0x497/0x5b0 [ 436.418995][T11563] ? fs_reclaim_acquire+0xae/0x160 [ 436.419021][T11563] should_failslab+0xc2/0x120 [ 436.419041][T11563] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 436.419059][T11563] ? nfnetlink_rcv_batch+0xc1b/0x2500 [ 436.419079][T11563] ? skb_clone+0x190/0x3f0 [ 436.419104][T11563] skb_clone+0x190/0x3f0 [ 436.419126][T11563] nfnetlink_rcv_batch+0x1d9/0x2500 [ 436.419161][T11563] ? __pfx_nfnetlink_rcv_batch+0x10/0x10 [ 436.419181][T11563] ? __pfx_lock_release+0x10/0x10 [ 436.419222][T11563] ? __local_bh_enable_ip+0xa4/0x120 [ 436.419277][T11563] ? lockdep_hardirqs_on+0x7c/0x110 [ 436.419347][T11563] ? __pfx___dev_queue_xmit+0x10/0x10 [ 436.419425][T11563] ? bpf_lsm_capable+0x9/0x10 [ 436.419474][T11563] ? __nla_parse+0x40/0x60 [ 436.419499][T11563] nfnetlink_rcv+0x3c3/0x430 [ 436.419520][T11563] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 436.419548][T11563] netlink_unicast+0x53c/0x7f0 [ 436.419574][T11563] ? __pfx_netlink_unicast+0x10/0x10 [ 436.419596][T11563] ? __phys_addr_symbol+0x30/0x80 [ 436.419614][T11563] ? __check_object_size+0x497/0x720 [ 436.419635][T11563] netlink_sendmsg+0x8b8/0xd70 [ 436.419662][T11563] ? __pfx_netlink_sendmsg+0x10/0x10 [ 436.419687][T11563] ? security_socket_sendmsg+0x64/0xc0 [ 436.419711][T11563] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 436.419742][T11563] ____sys_sendmsg+0x9b4/0xb50 [ 436.419760][T11563] ? __pfx_____sys_sendmsg+0x10/0x10 [ 436.419776][T11563] ? get_compat_msghdr+0x11b/0x170 [ 436.419808][T11563] ___sys_sendmsg+0x135/0x1e0 [ 436.419843][T11563] ? __pfx____sys_sendmsg+0x10/0x10 [ 436.419889][T11563] ? __fget_light+0x173/0x210 [ 436.419914][T11563] __sys_sendmsg+0x117/0x1f0 [ 436.419935][T11563] ? __pfx___sys_sendmsg+0x10/0x10 [ 436.419955][T11563] ? __pfx___seccomp_filter+0x10/0x10 [ 436.419984][T11563] ? __secure_computing+0x273/0x3f0 [ 436.420006][T11563] __do_fast_syscall_32+0x73/0x120 [ 436.420029][T11563] do_fast_syscall_32+0x32/0x80 [ 436.420049][T11563] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 436.420067][T11563] RIP: 0023:0xf7f31579 [ 436.420081][T11563] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 436.420096][T11563] RSP: 002b:00000000f56b556c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 436.420113][T11563] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200000c0 [ 436.420124][T11563] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 436.420133][T11563] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 436.420143][T11563] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 436.420154][T11563] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 436.420175][T11563] [ 436.780484][ T5666] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 436.987055][ T5666] usb 8-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 436.995848][ T5666] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 437.006279][ T5666] usb 8-1: Product: syz [ 437.008161][ T5666] usb 8-1: Manufacturer: syz [ 437.012328][ T5666] usb 8-1: SerialNumber: syz [ 437.021139][ T5666] usb 8-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 437.033557][T11570] input: syz0 as /devices/virtual/input/input106 [ 437.063524][ T58] usb 8-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 437.286948][T11565] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 437.299028][T11565] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 438.077758][ T9] usb 8-1: USB disconnect, device number 4 [ 438.100056][ T58] ath9k_htc 8-1:1.0: ath9k_htc: Target is unresponsive [ 438.113841][T11584] input: syz1 as /devices/virtual/input/input107 [ 438.117388][ T58] ath9k_htc: Failed to initialize the device [ 438.130313][ T9] usb 8-1: ath9k_htc: USB layer deinitialized [ 438.777314][T11586] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1630'. [ 438.957096][T11593] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1633'. [ 440.899966][T11607] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1635'. [ 441.021660][T11617] input: syz0 as /devices/virtual/input/input108 [ 442.201130][T11629] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1642'. [ 442.205283][T11629] nbd: socks must be embedded in a SOCK_ITEM attr [ 442.301613][T11635] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1645'. [ 443.909266][T11652] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1648'. [ 443.913407][T11652] FAULT_INJECTION: forcing a failure. [ 443.913407][T11652] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 443.918971][T11652] CPU: 1 UID: 0 PID: 11652 Comm: syz.2.1648 Not tainted 6.11.0-rc4-syzkaller-00011-g521b1e7f4cf0 #0 [ 443.923712][T11652] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 443.928302][T11652] Call Trace: [ 443.929761][T11652] [ 443.931043][T11652] dump_stack_lvl+0x16c/0x1f0 [ 443.933138][T11652] should_fail_ex+0x497/0x5b0 [ 443.935192][T11652] _copy_from_user+0x30/0xf0 [ 443.937224][T11652] kstrtouint_from_user+0xd7/0x1c0 [ 443.939464][T11652] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 443.941930][T11652] ? __pfx_lock_acquire+0x10/0x10 [ 443.944147][T11652] proc_fail_nth_write+0x84/0x260 [ 443.946343][T11652] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 443.948831][T11652] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 443.951280][T11652] vfs_write+0x29a/0x1140 [ 443.953216][T11652] ? __fdget_pos+0xeb/0x180 [ 443.955385][T11652] ? __pfx_vfs_write+0x10/0x10 [ 443.958273][T11652] ? __pfx___mutex_lock+0x10/0x10 [ 443.960721][T11652] ? __fget_files+0x256/0x400 [ 443.963145][T11652] ksys_write+0x12f/0x260 [ 443.965103][T11652] ? __pfx_ksys_write+0x10/0x10 [ 443.967209][T11652] __do_fast_syscall_32+0x73/0x120 [ 443.969529][T11652] do_fast_syscall_32+0x32/0x80 [ 443.971747][T11652] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 443.974509][T11652] RIP: 0023:0xf73be579 [ 443.976291][T11652] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 443.984569][T11652] RSP: 002b:00000000f56c65a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000004 [ 443.988171][T11652] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f56c6620 [ 443.991558][T11652] RDX: 0000000000000001 RSI: 00000000f73b0ff4 RDI: 0000000000000000 [ 443.994900][T11652] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000 [ 443.998288][T11652] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 444.001736][T11652] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 444.005143][T11652] [ 444.006604][ C1] vkms_vblank_simulate: vblank timer overrun [ 444.334589][ T39] audit: type=1326 audit(1724213702.137:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11660 comm="syz.0.1652" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x0 [ 444.418498][ T39] audit: type=1326 audit(1724213702.217:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11665 comm="syz.2.1653" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x0 [ 444.990211][T11677] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1655'. [ 445.062551][T11682] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1658'. [ 445.141310][ T1381] ieee802154 phy0 wpan0: encryption failed: -22 [ 446.400918][ T39] audit: type=1326 audit(1724213704.207:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11709 comm="syz.1.1665" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x0 [ 447.393836][T11698] syz_tun: entered promiscuous mode [ 447.396740][T11708] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1663'. [ 447.446770][T11698] syz_tun: left promiscuous mode [ 447.616224][T11722] overlayfs: unescaped trailing colons in lowerdir mount option. [ 447.694877][T11724] input: syz1 as /devices/virtual/input/input109 [ 447.810607][T11731] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1672'. [ 448.457285][T11746] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1674'. [ 449.236057][ T39] audit: type=1326 audit(1724213707.037:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11762 comm="syz.0.1679" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x0 [ 450.369107][T11770] FAULT_INJECTION: forcing a failure. [ 450.369107][T11770] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 450.384230][T11770] CPU: 1 UID: 0 PID: 11770 Comm: syz.2.1680 Not tainted 6.11.0-rc4-syzkaller-00011-g521b1e7f4cf0 #0 [ 450.388178][T11770] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 450.392281][T11770] Call Trace: [ 450.393720][T11770] [ 450.395001][T11770] dump_stack_lvl+0x16c/0x1f0 [ 450.396995][T11770] should_fail_ex+0x497/0x5b0 [ 450.399019][T11770] _copy_from_user+0x30/0xf0 [ 450.400988][T11770] user_termios_to_kernel_termios_1+0x21/0x30 [ 450.403582][T11770] set_termios+0x3a5/0x7f0 [ 450.405581][T11770] ? __pfx___lock_acquire+0x10/0x10 [ 450.407777][T11770] ? __pfx_aa_get_newest_label+0x10/0x10 [ 450.410085][T11770] ? __pfx_set_termios+0x10/0x10 [ 450.412223][T11770] ? __pfx_lock_acquire+0x10/0x10 [ 450.414401][T11770] tty_mode_ioctl+0x5ef/0xd20 [ 450.416422][T11770] ? __pfx_tty_mode_ioctl+0x10/0x10 [ 450.418686][T11770] ? __pfx___ldsem_down_read_nested+0x10/0x10 [ 450.421294][T11770] ? __pfx_n_tty_ioctl+0x10/0x10 [ 450.423426][T11770] n_tty_ioctl_helper+0x4b/0x2b0 [ 450.425509][T11770] n_tty_ioctl+0x7f/0x370 [ 450.427396][T11770] ? __pfx_vt_ioctl+0x10/0x10 [ 450.429410][T11770] ? __pfx_n_tty_ioctl+0x10/0x10 [ 450.431533][T11770] tty_ioctl+0x6fa/0x1650 [ 450.433375][T11770] ? __pfx_tty_ioctl+0x10/0x10 [ 450.435419][T11770] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 450.437904][T11770] ? __fget_files+0x256/0x400 [ 450.439935][T11770] tty_compat_ioctl+0x25c/0x4f0 [ 450.442031][T11770] ? __pfx_tty_compat_ioctl+0x10/0x10 [ 450.444392][T11770] __do_compat_sys_ioctl+0x2c3/0x330 [ 450.446640][T11770] __do_fast_syscall_32+0x73/0x120 [ 450.448795][T11770] do_fast_syscall_32+0x32/0x80 [ 450.450866][T11770] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 450.453533][T11770] RIP: 0023:0xf73be579 [ 450.455244][T11770] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 450.463203][T11770] RSP: 002b:00000000f56a556c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 450.466304][T11770] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000005403 [ 450.469287][T11770] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 450.472495][T11770] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 450.475758][T11770] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 450.479046][T11770] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 450.482514][T11770] [ 450.635660][T11769] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 450.642413][T11777] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1680'. [ 450.719774][T11785] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1685'. [ 451.726914][T11803] input: syz0 as /devices/virtual/input/input111 [ 451.782576][ T39] audit: type=1326 audit(1724213709.577:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11793 comm="syz.2.1687" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x0 [ 452.515601][ T833] IPVS: starting estimator thread 0... [ 452.538749][ T39] audit: type=1326 audit(1724213710.337:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11808 comm="syz.3.1691" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ae579 code=0x0 [ 452.615409][T11815] IPVS: using max 19 ests per chain, 45600 per kthread [ 453.208221][T11822] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 453.984339][T11824] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 454.874962][T11851] input: syz0 as /devices/virtual/input/input112 [ 455.155291][ T39] audit: type=1326 audit(1724213712.957:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11852 comm="syz.3.1704" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ae579 code=0x0 [ 455.892693][T11876] xt_TPROXY: Can be used only with -p tcp or -p udp [ 455.923680][T11870] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 455.930286][T11876] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1709'. [ 456.652304][T11903] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1716'. [ 456.657929][T11903] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1716'. [ 456.788729][ T39] audit: type=1326 audit(1724213714.587:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11898 comm="syz.0.1715" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x0 [ 457.248971][ T39] audit: type=1326 audit(1724213715.047:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11909 comm="syz.1.1718" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x0 [ 457.675370][T11919] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 458.116828][T11930] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1724'. [ 458.298411][T11935] netlink: 'syz.0.1725': attribute type 3 has an invalid length. [ 458.302114][T11935] netlink: 666 bytes leftover after parsing attributes in process `syz.0.1725'. [ 458.332258][T11935] block device autoloading is deprecated and will be removed. [ 458.646212][ T39] audit: type=1326 audit(1724213716.447:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11939 comm="syz.0.1727" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x0 [ 459.279684][ T39] audit: type=1326 audit(1724213717.077:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11952 comm="syz.0.1731" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x0 [ 459.406527][T11959] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1733'. [ 459.720336][T11967] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1735'. [ 459.724275][T11967] FAULT_INJECTION: forcing a failure. [ 459.724275][T11967] name failslab, interval 1, probability 0, space 0, times 0 [ 459.729520][T11967] CPU: 1 UID: 0 PID: 11967 Comm: syz.0.1735 Not tainted 6.11.0-rc4-syzkaller-00011-g521b1e7f4cf0 #0 [ 459.734042][T11967] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 459.738558][T11967] Call Trace: [ 459.740010][T11967] [ 459.741300][T11967] dump_stack_lvl+0x16c/0x1f0 [ 459.743376][T11967] should_fail_ex+0x497/0x5b0 [ 459.745428][T11967] ? fs_reclaim_acquire+0xae/0x160 [ 459.747595][T11967] should_failslab+0xc2/0x120 [ 459.749689][T11967] __kmalloc_node_noprof+0xd1/0x440 [ 459.751894][T11967] ? __kvmalloc_node_noprof+0x9d/0x1a0 [ 459.754246][T11967] __kvmalloc_node_noprof+0x9d/0x1a0 [ 459.756492][T11967] alloc_netdev_mqs+0xc26/0x1290 [ 459.758701][T11967] rtnl_create_link+0xbed/0xf10 [ 459.760864][T11967] __rtnl_newlink+0x10b3/0x1920 [ 459.762990][T11967] ? __pfx___rtnl_newlink+0x10/0x10 [ 459.765319][T11967] rtnl_newlink+0x67/0xa0 [ 459.767209][T11967] ? __pfx_rtnl_newlink+0x10/0x10 [ 459.769377][T11967] rtnetlink_rcv_msg+0x3c7/0xea0 [ 459.771505][T11967] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 459.773813][T11967] ? __pfx___dev_queue_xmit+0x10/0x10 [ 459.776161][T11967] netlink_rcv_skb+0x165/0x410 [ 459.778244][T11967] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 459.780586][T11967] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 459.782876][T11967] ? netlink_deliver_tap+0x1ae/0xcf0 [ 459.785154][T11967] netlink_unicast+0x53c/0x7f0 [ 459.787235][T11967] ? __pfx_netlink_unicast+0x10/0x10 [ 459.789520][T11967] ? __phys_addr_symbol+0x30/0x80 [ 459.791677][T11967] ? __check_object_size+0x497/0x720 [ 459.793945][T11967] netlink_sendmsg+0x8b8/0xd70 [ 459.796125][T11967] ? __pfx_netlink_sendmsg+0x10/0x10 [ 459.798404][T11967] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 459.800674][T11967] ____sys_sendmsg+0x9b4/0xb50 [ 459.802630][T11967] ? __pfx_____sys_sendmsg+0x10/0x10 [ 459.804891][T11967] ? get_compat_msghdr+0x11b/0x170 [ 459.807080][T11967] ? __pfx___lock_acquire+0x10/0x10 [ 459.809316][T11967] ___sys_sendmsg+0x135/0x1e0 [ 459.811436][T11967] ? __pfx____sys_sendmsg+0x10/0x10 [ 459.813681][T11967] ? ksys_write+0x21c/0x260 [ 459.815675][T11967] ? __fget_light+0x173/0x210 [ 459.817711][T11967] __sys_sendmsg+0x117/0x1f0 [ 459.819702][T11967] ? __pfx___sys_sendmsg+0x10/0x10 [ 459.821910][T11967] __do_fast_syscall_32+0x73/0x120 [ 459.824146][T11967] do_fast_syscall_32+0x32/0x80 [ 459.826244][T11967] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 459.828925][T11967] RIP: 0023:0xf7f31579 [ 459.830678][T11967] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 459.838732][T11967] RSP: 002b:00000000f56b556c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 459.842286][T11967] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000040 [ 459.845615][T11967] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 459.848986][T11967] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 459.852300][T11967] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 459.855617][T11967] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 459.859066][T11967] [ 459.929911][ T5354] usb 7-1: new high-speed USB device number 9 using dummy_hcd [ 460.132050][ T5354] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 460.136651][ T5354] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 460.141026][ T5354] usb 7-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 460.144873][ T5354] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 460.161345][ T5354] usb 7-1: config 0 descriptor?? [ 460.581964][ T5354] cm6533_jd 0003:0D8C:0022.0003: unknown main item tag 0x0 [ 460.585181][ T5354] cm6533_jd 0003:0D8C:0022.0003: unknown main item tag 0x0 [ 460.600516][ T5354] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/0003:0D8C:0022.0003/input/input113 [ 460.620677][ T5354] cm6533_jd 0003:0D8C:0022.0003: input,hiddev0,hidraw1: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.2-1/input0 [ 460.783681][T10554] usb 7-1: USB disconnect, device number 9 [ 460.795590][T11984] 9pnet_fd: Insufficient options for proto=fd [ 460.852562][ T39] audit: type=1326 audit(1724213718.657:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11978 comm="syz.0.1739" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x0 [ 461.443023][T11997] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1744'. [ 461.629944][ T39] audit: type=1326 audit(1724213719.427:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11994 comm="syz.2.1743" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x0 [ 461.632242][T12004] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1745'. [ 462.353857][ T39] audit: type=1326 audit(1724213720.117:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12010 comm="syz.2.1748" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x0 [ 462.659916][ T5354] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 462.697710][ T39] audit: type=1326 audit(1724213720.497:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12023 comm="syz.0.1753" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x0 [ 462.809937][ T5354] usb 8-1: device descriptor read/64, error -71 [ 463.048559][ T39] audit: type=1326 audit(1724213720.847:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12027 comm="syz.2.1754" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x0 [ 463.099956][ T5354] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 463.259918][ T5354] usb 8-1: device descriptor read/64, error -71 [ 463.382332][ T5354] usb usb8-port1: attempt power cycle [ 463.537352][T12037] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 463.809883][ T5354] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 463.840358][ T5354] usb 8-1: device descriptor read/8, error -71 [ 463.943300][T12045] input: syz0 as /devices/virtual/input/input114 [ 464.036685][T12047] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1759'. [ 464.139923][ T5354] usb 8-1: new high-speed USB device number 8 using dummy_hcd [ 464.180788][ T5354] usb 8-1: device descriptor read/8, error -71 [ 464.300362][ T5354] usb usb8-port1: unable to enumerate USB device [ 464.732700][ T39] audit: type=1326 audit(1724213722.537:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12060 comm="syz.0.1762" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x0 [ 465.299879][ T39] audit: type=1326 audit(1724213723.097:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12069 comm="syz.1.1765" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x0 [ 465.335842][ T39] audit: type=1326 audit(1724213723.137:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12071 comm="syz.0.1766" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x0 [ 465.698229][T12082] netlink: 288 bytes leftover after parsing attributes in process `syz.2.1768'. [ 465.824878][T12086] FAULT_INJECTION: forcing a failure. [ 465.824878][T12086] name failslab, interval 1, probability 0, space 0, times 0 [ 465.831358][T12086] CPU: 1 UID: 0 PID: 12086 Comm: syz.1.1769 Not tainted 6.11.0-rc4-syzkaller-00011-g521b1e7f4cf0 #0 [ 465.835864][T12086] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 465.840339][T12086] Call Trace: [ 465.841848][T12086] [ 465.843215][T12086] dump_stack_lvl+0x16c/0x1f0 [ 465.845223][T12086] should_fail_ex+0x497/0x5b0 [ 465.847204][T12086] ? fs_reclaim_acquire+0xae/0x160 [ 465.849376][T12086] should_failslab+0xc2/0x120 [ 465.851381][T12086] __kmalloc_cache_noprof+0x6b/0x310 [ 465.853619][T12086] ? io_rsrc_data_alloc+0x5f/0x460 [ 465.855801][T12086] io_rsrc_data_alloc+0x5f/0x460 [ 465.857954][T12086] ? trace_contention_end+0xea/0x140 [ 465.860215][T12086] io_sqe_buffers_register+0x127/0x9f0 [ 465.862509][T12086] ? __do_sys_io_uring_register+0x1a0/0x2240 [ 465.865052][T12086] ? __pfx_io_sqe_buffers_register+0x10/0x10 [ 465.867603][T12086] __do_sys_io_uring_register+0xf7f/0x2240 [ 465.870080][T12086] ? __pfx___do_sys_io_uring_register+0x10/0x10 [ 465.872729][T12086] ? ksys_write+0x1ab/0x260 [ 465.874729][T12086] ? __pfx_ksys_write+0x10/0x10 [ 465.876807][T12086] __do_fast_syscall_32+0x73/0x120 [ 465.878977][T12086] do_fast_syscall_32+0x32/0x80 [ 465.881044][T12086] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 465.883713][T12086] RIP: 0023:0xf749e579 [ 465.885448][T12086] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 465.893594][T12086] RSP: 002b:00000000f57a656c EFLAGS: 00000296 ORIG_RAX: 00000000000001ab [ 465.897093][T12086] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000 [ 465.900420][T12086] RDX: 00000000200002c0 RSI: 000000000000011a RDI: 0000000000000000 [ 465.903743][T12086] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 465.907095][T12086] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 465.910398][T12086] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 465.913568][T12086] [ 465.914841][ C1] vkms_vblank_simulate: vblank timer overrun [ 466.015870][T12087] syz.2.1768 (12087) used greatest stack depth: 21040 bytes left [ 466.264468][T12100] input: syz0 as /devices/virtual/input/input115 [ 466.268604][T12097] No source specified [ 466.931726][T12106] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1775'. [ 466.937015][T12106] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1775'. [ 466.948810][ T39] audit: type=1326 audit(1724213724.747:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12102 comm="syz.3.1774" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ae579 code=0x0 [ 467.004605][ T5361] block nbd2: Receive control failed (result -107) [ 467.268213][T12119] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 467.433284][T12128] FAULT_INJECTION: forcing a failure. [ 467.433284][T12128] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 467.437783][T12128] CPU: 0 UID: 0 PID: 12128 Comm: syz.0.1780 Not tainted 6.11.0-rc4-syzkaller-00011-g521b1e7f4cf0 #0 [ 467.441337][T12128] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 467.444906][T12128] Call Trace: [ 467.446034][T12128] [ 467.447050][T12128] dump_stack_lvl+0x16c/0x1f0 [ 467.448651][T12128] should_fail_ex+0x497/0x5b0 [ 467.450245][T12128] _copy_from_user+0x30/0xf0 [ 467.451851][T12128] alg_setsockopt+0x46d/0xf50 [ 467.453431][T12128] ? __pfx_alg_setsockopt+0x10/0x10 [ 467.455195][T12128] ? bpf_lsm_socket_setsockopt+0x9/0x10 [ 467.457039][T12128] ? __pfx_alg_setsockopt+0x10/0x10 [ 467.458789][T12128] do_sock_setsockopt+0x222/0x480 [ 467.460492][T12128] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 467.462352][T12128] ? __fget_light+0x173/0x210 [ 467.463937][T12128] __sys_setsockopt+0x1a4/0x270 [ 467.465556][T12128] ? __pfx___sys_setsockopt+0x10/0x10 [ 467.467516][T12128] ? fput+0x32/0x390 [ 467.469146][T12128] ? ksys_write+0x1ab/0x260 [ 467.471145][T12128] ? __pfx_ksys_write+0x10/0x10 [ 467.473174][T12128] __ia32_sys_setsockopt+0xbc/0x160 [ 467.475320][T12128] ? lockdep_hardirqs_on+0x7c/0x110 [ 467.477471][T12128] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 467.480219][T12128] __do_fast_syscall_32+0x73/0x120 [ 467.482352][T12128] do_fast_syscall_32+0x32/0x80 [ 467.484431][T12128] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 467.487040][T12128] RIP: 0023:0xf7f31579 [ 467.488738][T12128] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 467.496612][T12128] RSP: 002b:00000000f56d656c EFLAGS: 00000296 ORIG_RAX: 000000000000016e [ 467.500118][T12128] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000117 [ 467.503362][T12128] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000 [ 467.506635][T12128] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 467.509382][T12128] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 467.512719][T12128] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 467.516039][T12128] [ 467.808711][ T39] audit: type=1326 audit(1724213725.607:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12129 comm="syz.0.1781" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x0 [ 468.125402][T12143] input: syz0 as /devices/virtual/input/input116 [ 468.339773][T12145] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1785'. [ 468.692880][T12151] batadv_slave_0: entered promiscuous mode [ 469.064340][T12164] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 469.489276][ T39] audit: type=1326 audit(1724213727.287:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12172 comm="syz.1.1794" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x0 [ 469.645607][T12176] tun0: tun_chr_ioctl cmd 1074025675 [ 469.647636][T12176] tun0: persist enabled [ 469.649512][T12176] tun0: tun_chr_ioctl cmd 1074025675 [ 469.651869][T12176] tun0: persist disabled [ 469.708209][T12178] ip6gretap0 speed is unknown, defaulting to 1000 [ 469.902942][T12198] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1801'. [ 470.230948][ T39] audit: type=1326 audit(1724213728.037:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12200 comm="syz.0.1803" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x0 [ 470.607871][T12210] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 471.262694][T12233] kvm: MWAIT instruction emulated as NOP! [ 471.413714][ T39] audit: type=1326 audit(1724214497.248:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12241 comm="syz.1.1814" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x0 [ 472.134006][T12265] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 472.464802][ T39] audit: type=1326 audit(1724214498.340:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12276 comm="syz.1.1823" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x0 [ 472.925115][ T7625] usb 8-1: new high-speed USB device number 9 using dummy_hcd [ 473.096583][ T7625] usb 8-1: Using ep0 maxpacket: 8 [ 473.100471][ T7625] usb 8-1: config 0 has no interfaces? [ 473.102725][ T7625] usb 8-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 473.106144][ T7625] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 473.111199][ T7625] usb 8-1: config 0 descriptor?? [ 473.313957][T12281] binder: 12280:12281 ioctl c0306201 20000000 returned -14 [ 473.498796][T12291] FAULT_INJECTION: forcing a failure. [ 473.498796][T12291] name failslab, interval 1, probability 0, space 0, times 0 [ 473.504948][T12291] CPU: 1 UID: 0 PID: 12291 Comm: syz.2.1827 Not tainted 6.11.0-rc4-syzkaller-00011-g521b1e7f4cf0 #0 [ 473.509379][T12291] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 473.513749][T12291] Call Trace: [ 473.515171][T12291] [ 473.516428][T12291] dump_stack_lvl+0x16c/0x1f0 [ 473.517865][ T7625] usb 8-1: USB disconnect, device number 9 [ 473.518399][T12291] should_fail_ex+0x497/0x5b0 [ 473.522245][T12291] ? fs_reclaim_acquire+0xae/0x160 [ 473.524377][T12291] should_failslab+0xc2/0x120 [ 473.526286][T12291] __kmalloc_noprof+0xcb/0x410 [ 473.528195][T12291] ? mark_held_locks+0x9f/0xe0 [ 473.530223][T12291] sock_kmalloc+0x111/0x170 [ 473.532124][T12291] alg_setsockopt+0x401/0xf50 [ 473.534081][T12291] ? __pfx_alg_setsockopt+0x10/0x10 [ 473.536234][T12291] ? bpf_lsm_socket_setsockopt+0x9/0x10 [ 473.538532][T12291] ? __pfx_alg_setsockopt+0x10/0x10 [ 473.540653][T12291] do_sock_setsockopt+0x222/0x480 [ 473.542753][T12291] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 473.545055][T12291] ? __fget_light+0x173/0x210 [ 473.547048][T12291] __sys_setsockopt+0x1a4/0x270 [ 473.549036][T12291] ? __pfx___sys_setsockopt+0x10/0x10 [ 473.551266][T12291] ? fput+0x32/0x390 [ 473.552897][T12291] ? ksys_write+0x1ab/0x260 [ 473.554791][T12291] ? __pfx_ksys_write+0x10/0x10 [ 473.556808][T12291] __ia32_sys_setsockopt+0xbc/0x160 [ 473.558958][T12291] ? lockdep_hardirqs_on+0x7c/0x110 [ 473.561160][T12291] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 473.563848][T12291] __do_fast_syscall_32+0x73/0x120 [ 473.565940][T12291] do_fast_syscall_32+0x32/0x80 [ 473.567944][T12291] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 473.570522][T12291] RIP: 0023:0xf73be579 [ 473.572015][T12291] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 473.579684][T12291] RSP: 002b:00000000f56c656c EFLAGS: 00000296 ORIG_RAX: 000000000000016e [ 473.583098][T12291] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000117 [ 473.586283][T12291] RDX: 0000000000000001 RSI: 0000000020000140 RDI: 0000000000000010 [ 473.589145][T12291] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 473.592012][T12291] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 473.594864][T12291] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 473.597704][T12291] [ 473.599086][ C1] vkms_vblank_simulate: vblank timer overrun [ 473.731266][T12300] netlink: 5896 bytes leftover after parsing attributes in process `syz.0.1828'. [ 474.324261][T12308] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 474.404245][ T5361] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 474.870087][T12324] FAULT_INJECTION: forcing a failure. [ 474.870087][T12324] name failslab, interval 1, probability 0, space 0, times 0 [ 474.875240][T12324] CPU: 3 UID: 0 PID: 12324 Comm: syz.2.1836 Not tainted 6.11.0-rc4-syzkaller-00011-g521b1e7f4cf0 #0 [ 474.879080][T12324] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 474.882819][T12324] Call Trace: [ 474.884156][T12324] [ 474.885278][T12324] dump_stack_lvl+0x16c/0x1f0 [ 474.886906][T12324] should_fail_ex+0x497/0x5b0 [ 474.888670][T12324] ? fs_reclaim_acquire+0xae/0x160 [ 474.890799][T12324] should_failslab+0xc2/0x120 [ 474.892865][T12324] __kmalloc_cache_noprof+0x6b/0x310 [ 474.894902][T12324] ? ext4_fill_super+0x1bc/0xacf0 [ 474.896858][T12324] ext4_fill_super+0x1bc/0xacf0 [ 474.898663][T12324] ? lock_acquire+0x1b1/0x560 [ 474.900999][T12324] ? snprintf+0xc8/0x100 [ 474.903191][T12324] ? __pfx_ext4_fill_super+0x10/0x10 [ 474.905465][T12324] ? do_raw_spin_lock+0x12d/0x2c0 [ 474.907808][T12324] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 474.910219][T12324] ? set_blocksize+0x2b7/0x370 [ 474.912336][T12324] ? sb_set_blocksize+0xf6/0x120 [ 474.914503][T12324] ? setup_bdev_super+0x369/0x730 [ 474.916725][T12324] get_tree_bdev+0x36f/0x610 [ 474.918783][T12324] ? __pfx_ext4_fill_super+0x10/0x10 [ 474.921095][T12324] ? __pfx_get_tree_bdev+0x10/0x10 [ 474.923340][T12324] ? bpf_lsm_capable+0x9/0x10 [ 474.925427][T12324] ? security_capable+0x98/0xd0 [ 474.927599][T12324] vfs_get_tree+0x8f/0x380 [ 474.929555][T12324] path_mount+0x6e1/0x1f10 [ 474.931534][T12324] ? __pfx_path_mount+0x10/0x10 [ 474.933596][T12324] ? putname+0x12e/0x170 [ 474.935429][T12324] ? putname+0x12e/0x170 [ 474.937321][T12324] __ia32_sys_mount+0x292/0x310 [ 474.939400][T12324] ? __pfx___ia32_sys_mount+0x10/0x10 [ 474.941743][T12324] __do_fast_syscall_32+0x73/0x120 [ 474.943949][T12324] do_fast_syscall_32+0x32/0x80 [ 474.946131][T12324] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 474.948914][T12324] RIP: 0023:0xf73be579 [ 474.950728][T12324] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 474.959034][T12324] RSP: 002b:00000000f56c656c EFLAGS: 00000296 ORIG_RAX: 0000000000000015 [ 474.962670][T12324] RAX: ffffffffffffffda RBX: 0000000020000340 RCX: 0000000020000400 [ 474.966137][T12324] RDX: 0000000020000500 RSI: 0000000000004000 RDI: 0000000000000000 [ 474.969559][T12324] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 474.972978][T12324] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 474.976326][T12324] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 474.979727][T12324] [ 474.981657][ T5361] Bluetooth: hci3: unexpected event for opcode 0x204e [ 475.066145][T12330] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1839'. [ 475.072115][T12330] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1839'. [ 475.611408][T12349] netlink: 220 bytes leftover after parsing attributes in process `syz.2.1843'. [ 475.705708][T12350] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 475.933885][T12363] ip6gretap0 speed is unknown, defaulting to 1000 [ 476.335676][T12379] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1852'. [ 476.432587][T12379] bridge_slave_1: left allmulticast mode [ 476.472426][T12379] bridge_slave_1: left promiscuous mode [ 476.476125][T12379] bridge2: port 1(bridge_slave_1) entered disabled state [ 476.508647][T12379] bridge3: port 1(bridge_slave_1) entered blocking state [ 476.511089][T12379] bridge3: port 1(bridge_slave_1) entered disabled state [ 476.514588][T12379] bridge_slave_1: entered allmulticast mode [ 476.518465][T12379] bridge_slave_1: entered promiscuous mode [ 476.521018][T12379] bridge3: port 1(bridge_slave_1) entered blocking state [ 476.523405][T12379] bridge3: port 1(bridge_slave_1) entered forwarding state [ 476.539181][T12379] veth1_to_bond: left allmulticast mode [ 476.541135][T12379] veth1_to_bond: left promiscuous mode [ 476.543300][T12379] bridge2: port 2(veth1_to_bond) entered disabled state [ 476.566449][T12379] bridge3: port 2(veth1_to_bond) entered blocking state [ 476.573474][T12379] bridge3: port 2(veth1_to_bond) entered disabled state [ 476.581008][T12379] veth1_to_bond: entered allmulticast mode [ 476.602323][T12379] veth1_to_bond: entered promiscuous mode [ 476.611929][T12379] bridge3: port 2(veth1_to_bond) entered blocking state [ 476.614348][T12379] bridge3: port 2(veth1_to_bond) entered forwarding state [ 476.646431][T12387] netlink: 272 bytes leftover after parsing attributes in process `syz.3.1853'. [ 476.694833][T12387] netem: incorrect gi model size [ 476.698700][T12387] netem: change failed [ 477.043210][T12395] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1856'. [ 477.081638][T12400] FAULT_INJECTION: forcing a failure. [ 477.081638][T12400] name failslab, interval 1, probability 0, space 0, times 0 [ 477.087042][T12400] CPU: 2 UID: 0 PID: 12400 Comm: syz.0.1858 Not tainted 6.11.0-rc4-syzkaller-00011-g521b1e7f4cf0 #0 [ 477.091337][T12400] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 477.095996][T12400] Call Trace: [ 477.097436][T12400] [ 477.098737][T12400] dump_stack_lvl+0x16c/0x1f0 [ 477.100750][T12400] should_fail_ex+0x497/0x5b0 [ 477.102762][T12400] ? fs_reclaim_acquire+0xae/0x160 [ 477.104917][T12400] should_failslab+0xc2/0x120 [ 477.107014][T12400] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 477.109335][T12400] ? __kernfs_new_node+0xd3/0x890 [ 477.111486][T12400] __kernfs_new_node+0xd3/0x890 [ 477.113586][T12400] ? hlock_class+0x4e/0x130 [ 477.115149][T12400] ? __pfx___kernfs_new_node+0x10/0x10 [ 477.117239][T12400] ? kernfs_add_one+0x182/0x520 [ 477.119351][T12400] ? __pfx___lock_acquire+0x10/0x10 [ 477.121583][T12400] kernfs_new_node+0x186/0x240 [ 477.123666][T12400] __kernfs_create_file+0x53/0x350 [ 477.125950][T12400] sysfs_add_file_mode_ns+0x1ff/0x3b0 [ 477.128345][T12400] sysfs_create_file_ns+0x13e/0x1d0 [ 477.130411][T12400] ? __pfx_sysfs_create_file_ns+0x10/0x10 [ 477.132831][T12400] ? down_read+0xc9/0x330 [ 477.134725][T12400] ? __pfx___up_read+0x10/0x10 [ 477.136591][T12400] ? kobject_put+0xab/0x5a0 [ 477.138217][T12400] device_create_file+0xf2/0x1e0 [ 477.140177][T12400] device_add+0x2c0/0x1a70 [ 477.141705][T12400] ? __pfx_device_add+0x10/0x10 [ 477.143358][T12400] ? kfree+0x245/0x3b0 [ 477.145015][T12400] ? kstrdup+0x5c/0x80 [ 477.146818][T12400] device_create_groups_vargs+0x1f8/0x270 [ 477.149275][T12400] device_create+0xe9/0x130 [ 477.151299][T12400] ? __pfx_device_create+0x10/0x10 [ 477.153537][T12400] ? __pfx_vsnprintf+0x10/0x10 [ 477.155602][T12400] ? __pfx___debug_object_init+0x10/0x10 [ 477.157978][T12400] bdi_register_va+0x116/0x820 [ 477.160077][T12400] ? __pfx_bdi_register_va+0x10/0x10 [ 477.162363][T12400] ? do_init_timer+0xc9/0x110 [ 477.164302][T12400] super_setup_bdi_name+0x100/0x250 [ 477.166382][T12400] ? __pfx_super_setup_bdi_name+0x10/0x10 [ 477.168808][T12400] ? __init_swait_queue_head+0xca/0x150 [ 477.171054][T12400] ? shrinker_register+0x1a8/0x260 [ 477.173272][T12400] ? sget+0x4e2/0x6c0 [ 477.175031][T12400] v9fs_mount+0x308/0xa50 [ 477.176747][T12400] ? __pfx_v9fs_mount+0x10/0x10 [ 477.178695][T12400] ? apparmor_capable+0x114/0x1d0 [ 477.180691][T12400] ? __pfx_v9fs_mount+0x10/0x10 [ 477.182729][T12400] legacy_get_tree+0x109/0x220 [ 477.184864][T12400] vfs_get_tree+0x8f/0x380 [ 477.186596][T12400] path_mount+0x6e1/0x1f10 [ 477.188361][T12400] ? __pfx_path_mount+0x10/0x10 [ 477.190041][T12400] ? putname+0x12e/0x170 [ 477.191578][T12400] ? putname+0x12e/0x170 [ 477.193021][T12400] __ia32_sys_mount+0x292/0x310 [ 477.194767][T12400] ? __pfx___ia32_sys_mount+0x10/0x10 [ 477.196611][T12400] __do_fast_syscall_32+0x73/0x120 [ 477.198684][T12400] do_fast_syscall_32+0x32/0x80 [ 477.200712][T12400] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 477.203387][T12400] RIP: 0023:0xf7f31579 [ 477.204833][T12400] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 477.211452][T12400] RSP: 002b:00000000f56d656c EFLAGS: 00000296 ORIG_RAX: 0000000000000015 [ 477.214349][T12400] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000200003c0 [ 477.217005][T12400] RDX: 0000000020000b80 RSI: 0000000000000000 RDI: 0000000020000500 [ 477.219820][T12400] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 477.222568][T12400] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 477.225769][T12400] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 477.228465][T12400] [ 477.230372][ C2] hpet: Lost 8 RTC interrupts [ 477.257105][T12401] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 477.306917][ T5354] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 477.338867][ T39] audit: type=1326 audit(1724214503.463:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12408 comm="syz.2.1861" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x0 [ 477.497064][ T5354] usb 6-1: Using ep0 maxpacket: 8 [ 477.509886][ T5354] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 477.521304][ T5354] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 477.531826][ T5354] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 477.536982][ T5354] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 477.542715][ T5354] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 477.548332][ T5354] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 477.840578][ T5354] usb 6-1: usb_control_msg returned -71 [ 477.843955][ T5354] usbtmc 6-1:16.0: can't read capabilities [ 477.863672][ T5354] usb 6-1: USB disconnect, device number 3 [ 478.286382][ T39] audit: type=1326 audit(1724214504.450:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12437 comm="syz.2.1870" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x0 [ 478.294650][T12445] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 478.331811][T12449] binder: 12447:12449 ioctl c0306201 20000380 returned -14 [ 478.416264][T12462] netlink: 203452 bytes leftover after parsing attributes in process `syz.2.1877'. [ 478.419915][T12462] netlink: 'syz.2.1877': attribute type 2 has an invalid length. [ 478.518009][T12464] bridge0: port 1(bridge_slave_0) entered blocking state [ 478.520862][T12464] bridge0: port 1(bridge_slave_0) entered forwarding state [ 478.526611][T12464] bridge0: entered promiscuous mode [ 478.534632][T12464] bridge0: entered allmulticast mode [ 478.637106][ T39] audit: type=1326 audit(1724214504.828:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12457 comm="syz.1.1875" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x0 [ 479.363962][T12496] pim6reg1: entered promiscuous mode [ 479.370046][T12496] pim6reg1: entered allmulticast mode [ 479.447961][ T39] audit: type=1326 audit(1724214505.678:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12489 comm="syz.0.1886" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x0 [ 479.493280][T12496] cannot load conntrack support for proto=3 [ 479.632514][T12502] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 479.918874][T12515] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1893'. [ 480.118054][T12523] FAULT_INJECTION: forcing a failure. [ 480.118054][T12523] name failslab, interval 1, probability 0, space 0, times 0 [ 480.124274][T12523] CPU: 0 UID: 0 PID: 12523 Comm: syz.0.1895 Not tainted 6.11.0-rc4-syzkaller-00011-g521b1e7f4cf0 #0 [ 480.128591][T12523] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 480.132920][T12523] Call Trace: [ 480.134346][T12523] [ 480.135594][T12523] dump_stack_lvl+0x16c/0x1f0 [ 480.137500][T12523] should_fail_ex+0x497/0x5b0 [ 480.139151][T12523] ? fs_reclaim_acquire+0xae/0x160 [ 480.141116][T12523] should_failslab+0xc2/0x120 [ 480.142735][T12523] kmem_cache_alloc_node_noprof+0x71/0x310 [ 480.144699][T12523] ? __alloc_skb+0x2b3/0x380 [ 480.146345][T12523] __alloc_skb+0x2b3/0x380 [ 480.147870][T12523] ? __pfx___alloc_skb+0x10/0x10 [ 480.149868][T12523] ? hlock_class+0x4e/0x130 [ 480.151609][T12523] ? __lock_acquire+0xb50/0x3cb0 [ 480.153340][T12523] ? aa_label_sk_perm+0x165/0x560 [ 480.155354][T12523] alloc_skb_with_frags+0xe4/0x710 [ 480.157470][T12523] ? __pfx___lock_acquire+0x10/0x10 [ 480.159680][T12523] sock_alloc_send_pskb+0x7f1/0x980 [ 480.161483][T12523] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 480.163888][T12523] ? __pfx_lock_release+0x10/0x10 [ 480.165842][T12523] ? __pfx___might_resched+0x10/0x10 [ 480.167761][T12523] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 480.169812][T12523] hci_sock_sendmsg+0x1c8/0x25e0 [ 480.171538][T12523] ? __pfx_aa_sk_perm+0x10/0x10 [ 480.173542][T12523] ? __pfx_hci_sock_sendmsg+0x10/0x10 [ 480.175768][T12523] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 480.177944][T12523] sock_write_iter+0x50a/0x5c0 [ 480.179950][T12523] ? __pfx_sock_write_iter+0x10/0x10 [ 480.182133][T12523] ? bpf_lsm_file_permission+0x9/0x10 [ 480.184341][T12523] ? security_file_permission+0x98/0xc0 [ 480.186528][T12523] vfs_write+0x6b6/0x1140 [ 480.188381][T12523] ? __pfx_sock_write_iter+0x10/0x10 [ 480.190207][T12523] ? __pfx_vfs_write+0x10/0x10 [ 480.191772][T12523] ? __fget_files+0x256/0x400 [ 480.193381][T12523] ? __fget_light+0x173/0x210 [ 480.195162][T12523] ksys_write+0x1f8/0x260 [ 480.196758][T12523] ? __pfx_ksys_write+0x10/0x10 [ 480.198735][T12523] __do_fast_syscall_32+0x73/0x120 [ 480.200852][T12523] do_fast_syscall_32+0x32/0x80 [ 480.202786][T12523] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 480.205176][T12523] RIP: 0023:0xf7f31579 [ 480.206819][T12523] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 480.214564][T12523] RSP: 002b:00000000f56d656c EFLAGS: 00000296 ORIG_RAX: 0000000000000004 [ 480.217745][T12523] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000000 [ 480.220680][T12523] RDX: 0000000000000138 RSI: 0000000000000000 RDI: 0000000000000000 [ 480.223766][T12523] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 480.226861][T12523] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 480.230071][T12523] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 480.233359][T12523] [ 480.383197][ T39] audit: type=1326 audit(1724214506.655:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12524 comm="syz.1.1896" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x0 [ 480.402219][T12534] input: syz0 as /devices/virtual/input/input117 [ 480.995881][ T39] audit: type=1326 audit(1724214507.305:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12536 comm="syz.0.1899" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x0 [ 481.180974][T12543] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1900'. [ 481.393183][ T39] audit: type=1326 audit(1724214507.715:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12549 comm="syz.1.1902" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x0 [ 481.777000][T12554] overlayfs: missing 'workdir' [ 481.910845][T12564] FAULT_INJECTION: forcing a failure. [ 481.910845][T12564] name failslab, interval 1, probability 0, space 0, times 0 [ 481.916378][T12564] CPU: 1 UID: 0 PID: 12564 Comm: syz.0.1905 Not tainted 6.11.0-rc4-syzkaller-00011-g521b1e7f4cf0 #0 [ 481.920986][T12564] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 481.925583][T12564] Call Trace: [ 481.927030][T12564] [ 481.928306][T12564] dump_stack_lvl+0x16c/0x1f0 [ 481.930366][T12564] should_fail_ex+0x497/0x5b0 [ 481.932436][T12564] ? fs_reclaim_acquire+0xae/0x160 [ 481.934638][T12564] should_failslab+0xc2/0x120 [ 481.936729][T12564] kmem_cache_alloc_lru_noprof+0x72/0x2f0 [ 481.939174][T12564] ? alloc_inode+0xba/0x230 [ 481.941137][T12564] alloc_inode+0xba/0x230 [ 481.942988][T12564] alloc_anon_inode+0x28/0x3e0 [ 481.945071][T12564] ioctx_alloc+0x4a2/0x1f80 [ 481.947040][T12564] ? __might_fault+0x13b/0x190 [ 481.949053][T12564] ? __pfx_lock_release+0x10/0x10 [ 481.951292][T12564] ? __pfx_ioctx_alloc+0x10/0x10 [ 481.953485][T12564] ? __might_fault+0xe3/0x190 [ 481.955567][T12564] __ia32_compat_sys_io_setup+0xc8/0x210 [ 481.957974][T12564] __do_fast_syscall_32+0x73/0x120 [ 481.960181][T12564] do_fast_syscall_32+0x32/0x80 [ 481.962292][T12564] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 481.965068][T12564] RIP: 0023:0xf7f31579 [ 481.966884][T12564] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 481.975201][T12564] RSP: 002b:00000000f56b556c EFLAGS: 00000296 ORIG_RAX: 00000000000000f5 [ 481.978786][T12564] RAX: ffffffffffffffda RBX: 00000000000003ff RCX: 0000000020000500 [ 481.982186][T12564] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 481.985642][T12564] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 481.989025][T12564] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 481.992434][T12564] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 481.995807][T12564] [ 481.997282][ C1] vkms_vblank_simulate: vblank timer overrun [ 482.467158][ T39] audit: type=1326 audit(1724214508.849:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12570 comm="syz.0.1908" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x0 [ 482.481360][T12574] netlink: 220 bytes leftover after parsing attributes in process `syz.2.1906'. [ 482.491455][T12574] netlink: 'syz.2.1906': attribute type 5 has an invalid length. [ 482.961425][T12578] input: syz0 as /devices/virtual/input/input118 [ 483.509272][ T39] audit: type=1326 audit(1724214509.940:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12584 comm="syz.0.1912" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x0 [ 483.761055][T12604] libceph: resolve '. [ 483.761055][T12604] #)|.زf͹Dza×ïÅ2sˆoÖw¿úÕ?£'Ê%ÐKAq‰f»CÖê¨Âz¿e­Sb3L)Hyúo¤¶ÿÿÿÿÿÿÿ÷ǤÜYšM¤¨ìó¤h‡E$ [ 483.761055][T12604] ' (ret=-3): failed [ 483.923175][ T39] audit: type=1326 audit(1724214510.371:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12592 comm="syz.1.1915" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x0 [ 485.380114][T12621] input: syz0 as /devices/virtual/input/input119 [ 485.445488][T12623] FAULT_INJECTION: forcing a failure. [ 485.445488][T12623] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 485.450839][T12623] CPU: 0 UID: 0 PID: 12623 Comm: syz.1.1922 Not tainted 6.11.0-rc4-syzkaller-00011-g521b1e7f4cf0 #0 [ 485.454924][T12623] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 485.459044][T12623] Call Trace: [ 485.460480][T12623] [ 485.461732][T12623] dump_stack_lvl+0x16c/0x1f0 [ 485.463537][T12623] should_fail_ex+0x497/0x5b0 [ 485.465661][T12623] _copy_from_iter+0x27a/0xfc0 [ 485.467864][T12623] ? __pfx__copy_from_iter+0x10/0x10 [ 485.469812][T12623] ? __virt_addr_valid+0x5e/0x590 [ 485.471932][T12623] ? __phys_addr_symbol+0x30/0x80 [ 485.473683][T12623] ? __check_object_size+0x497/0x720 [ 485.475647][T12623] netlink_sendmsg+0x813/0xd70 [ 485.477469][T12623] ? __pfx_netlink_sendmsg+0x10/0x10 [ 485.479968][T12623] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 485.482217][T12623] ____sys_sendmsg+0x9b4/0xb50 [ 485.484274][T12623] ? __pfx_____sys_sendmsg+0x10/0x10 [ 485.486473][T12623] ? get_compat_msghdr+0x11b/0x170 [ 485.488770][T12623] ? __pfx___lock_acquire+0x10/0x10 [ 485.490962][T12623] ___sys_sendmsg+0x135/0x1e0 [ 485.492863][T12623] ? __pfx____sys_sendmsg+0x10/0x10 [ 485.494975][T12623] ? ksys_write+0x21c/0x260 [ 485.496796][T12623] ? __fget_light+0x173/0x210 [ 485.498785][T12623] __sys_sendmsg+0x117/0x1f0 [ 485.500508][T12623] ? __pfx___sys_sendmsg+0x10/0x10 [ 485.502227][T12623] __do_fast_syscall_32+0x73/0x120 [ 485.503958][T12623] do_fast_syscall_32+0x32/0x80 [ 485.505685][T12623] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 485.508186][T12623] RIP: 0023:0xf749e579 [ 485.509867][T12623] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 485.517489][T12623] RSP: 002b:00000000f57a656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 485.520695][T12623] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000140 [ 485.523726][T12623] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 485.526992][T12623] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 485.530381][T12623] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 485.533714][T12623] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 485.536982][T12623] [ 486.290102][ T39] audit: type=1326 audit(1724214512.859:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12641 comm="syz.0.1928" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x0 [ 486.780246][ T39] audit: type=1326 audit(1724214513.373:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12645 comm="syz.0.1929" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x0 [ 486.912760][ T39] audit: type=1326 audit(1724214513.499:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12647 comm="syz.2.1930" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x0 [ 487.225666][T12664] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1934'. [ 487.346271][T12669] input: syz0 as /devices/virtual/input/input120 [ 487.606365][T12674] Bluetooth: hci0: Opcode 0x0c20 failed: -22 [ 488.097641][T12683] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1940'. [ 488.174533][T12686] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1940'. [ 488.878602][ T66] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 488.904546][ T66] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 488.915241][ T66] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 488.934007][ T66] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 488.944870][ T66] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 488.950956][ T66] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 489.567964][ T5361] Bluetooth: hci0: command tx timeout [ 489.613371][T12693] ip6gretap0 speed is unknown, defaulting to 1000 [ 489.755710][T12703] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1945'. [ 489.830021][T12693] chnl_net:caif_netlink_parms(): no params data found [ 490.043619][T12693] bridge0: port 1(bridge_slave_0) entered blocking state [ 490.047400][T12693] bridge0: port 1(bridge_slave_0) entered disabled state [ 490.050774][T12693] bridge_slave_0: entered allmulticast mode [ 490.055293][T12693] bridge_slave_0: entered promiscuous mode [ 490.060244][T12693] bridge0: port 2(bridge_slave_1) entered blocking state [ 490.064462][T12693] bridge0: port 2(bridge_slave_1) entered disabled state [ 490.067547][T12693] bridge_slave_1: entered allmulticast mode [ 490.072291][T12693] bridge_slave_1: entered promiscuous mode [ 490.489924][T12724] input: syz0 as /devices/virtual/input/input121 [ 490.891378][T12693] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 490.913422][T12693] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 490.965718][T12727] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1949'. [ 491.024401][ T5361] Bluetooth: hci6: command tx timeout [ 491.052956][T12729] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1949'. [ 491.082706][T12729] 8021q: adding VLAN 0 to HW filter on device batadv2 [ 491.087449][T12729] bond1: (slave batadv2): Enslaving as an active interface with an up link [ 491.101205][T12693] team0: Port device team_slave_0 added [ 491.113510][T12693] team0: Port device team_slave_1 added [ 491.152883][T12727] bond1 (unregistering): (slave batadv2): Releasing backup interface [ 491.171201][T12727] bond1 (unregistering): Released all slaves [ 491.236294][T12693] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 491.245579][T12693] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 491.264431][T12693] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 491.282104][T12693] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 491.284758][T12693] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 491.296708][T12693] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 491.336661][T12731] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1950'. [ 491.411498][T12693] hsr_slave_0: entered promiscuous mode [ 491.416136][T12693] hsr_slave_1: entered promiscuous mode [ 491.418904][T12693] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 491.421650][T12693] Cannot create hsr debugfs directory [ 491.543234][ T39] audit: type=1326 audit(1724214518.370:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12740 comm="syz.1.1951" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x0 [ 491.804133][T12693] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 491.954312][T12693] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 492.074146][T12693] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 492.247458][T12693] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 492.284514][T12755] FAULT_INJECTION: forcing a failure. [ 492.284514][T12755] name failslab, interval 1, probability 0, space 0, times 0 [ 492.289555][T12755] CPU: 1 UID: 0 PID: 12755 Comm: syz.2.1954 Not tainted 6.11.0-rc4-syzkaller-00011-g521b1e7f4cf0 #0 [ 492.293740][T12755] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 492.297525][T12755] Call Trace: [ 492.298794][T12755] [ 492.299989][T12755] dump_stack_lvl+0x16c/0x1f0 [ 492.301614][T12755] should_fail_ex+0x497/0x5b0 [ 492.303351][T12755] ? fs_reclaim_acquire+0xae/0x160 [ 492.305334][T12755] should_failslab+0xc2/0x120 [ 492.307254][T12755] __kmalloc_cache_noprof+0x6b/0x310 [ 492.309285][T12755] ? krealloc_noprof+0xbc/0x100 [ 492.311459][T12755] ? copy_verifier_state+0xabe/0xeb0 [ 492.313508][T12755] copy_verifier_state+0xabe/0xeb0 [ 492.315774][T12755] ? kasan_save_track+0x14/0x30 [ 492.317568][T12755] do_check_common+0x4dea/0xd610 [ 492.319602][T12755] ? kasan_quarantine_put+0x10a/0x240 [ 492.321334][T12755] ? lockdep_hardirqs_on+0x31/0x110 [ 492.323218][T12755] ? __pfx_do_check_common+0x10/0x10 [ 492.325216][T12755] ? kvfree+0x47/0x50 [ 492.327025][T12755] ? check_cfg+0x400/0x840 [ 492.328990][T12755] bpf_check+0x57bb/0xb3b0 [ 492.330786][T12755] ? __pfx_bpf_check+0x10/0x10 [ 492.332641][T12755] ? ktime_get_with_offset+0x13a/0x240 [ 492.334733][T12755] ? __pfx_lock_release+0x10/0x10 [ 492.336409][T12755] ? find_held_lock+0x2d/0x110 [ 492.337863][T12755] ? timekeeping_debug_get_ns+0x3e0/0x5b0 [ 492.340240][T12755] ? lockdep_hardirqs_on+0x7c/0x110 [ 492.342467][T12755] ? bpf_obj_name_cpy+0x156/0x1b0 [ 492.344567][T12755] bpf_prog_load+0xe3f/0x2670 [ 492.346165][T12755] ? __pfx_bpf_prog_load+0x10/0x10 [ 492.348264][T12755] ? find_held_lock+0x2d/0x110 [ 492.349757][T12755] ? security_bpf+0x8c/0xc0 [ 492.351133][T12755] __sys_bpf+0x9e0/0x55e0 [ 492.352432][T12755] ? __pfx___sys_bpf+0x10/0x10 [ 492.354055][T12755] ? ksys_write+0x12f/0x260 [ 492.355994][T12755] ? find_held_lock+0x2d/0x110 [ 492.358149][T12755] ? ksys_write+0x21c/0x260 [ 492.360138][T12755] ? __pfx_lock_release+0x10/0x10 [ 492.362394][T12755] ? vfs_write+0x14d/0x1140 [ 492.364398][T12755] ? __mutex_unlock_slowpath+0x164/0x650 [ 492.366539][T12755] ? fput+0x32/0x390 [ 492.368082][T12755] ? ksys_write+0x1ab/0x260 [ 492.370346][T12755] ? __pfx_ksys_write+0x10/0x10 [ 492.372212][T12755] __ia32_sys_bpf+0x76/0xe0 [ 492.374131][T12755] __do_fast_syscall_32+0x73/0x120 [ 492.376084][T12755] do_fast_syscall_32+0x32/0x80 [ 492.378109][T12755] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 492.380392][T12755] RIP: 0023:0xf73be579 [ 492.382233][T12755] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 492.390771][T12755] RSP: 002b:00000000f56c656c EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 492.394420][T12755] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000840 [ 492.397851][T12755] RDX: 0000000000000090 RSI: 0000000000000000 RDI: 0000000000000000 [ 492.401110][T12755] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 492.404389][T12755] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 492.408022][T12755] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 492.411441][T12755] [ 492.598693][T12693] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 492.607544][T12693] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 492.623151][T12693] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 492.640212][T12693] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 492.790106][ T39] audit: type=1326 audit(1724214519.683:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12762 comm="syz.0.1957" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x0 [ 492.883662][T12693] 8021q: adding VLAN 0 to HW filter on device bond0 [ 492.916054][T12693] 8021q: adding VLAN 0 to HW filter on device team0 [ 492.934075][T10987] bridge0: port 1(bridge_slave_0) entered blocking state [ 492.937212][T10987] bridge0: port 1(bridge_slave_0) entered forwarding state [ 492.942599][ T39] audit: type=1326 audit(1724214519.851:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12758 comm="syz.2.1956" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x0 [ 492.961541][T10985] bridge0: port 2(bridge_slave_1) entered blocking state [ 492.964681][T10985] bridge0: port 2(bridge_slave_1) entered forwarding state [ 492.995262][ T5361] Bluetooth: hci6: command tx timeout [ 493.291064][T12693] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 493.454004][T12693] veth0_vlan: entered promiscuous mode [ 493.481141][T12693] veth1_vlan: entered promiscuous mode [ 493.516811][ T39] audit: type=1326 audit(1724214520.449:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12771 comm="syz.2.1958" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7ffc0000 [ 493.536506][ T39] audit: type=1326 audit(1724214520.449:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12771 comm="syz.2.1958" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7ffc0000 [ 493.552898][T12693] veth0_macvtap: entered promiscuous mode [ 493.558097][ T39] audit: type=1326 audit(1724214520.459:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12771 comm="syz.2.1958" exe="/syz-executor" sig=0 arch=40000003 syscall=296 compat=1 ip=0xf73be579 code=0x7ffc0000 [ 493.570443][ T39] audit: type=1326 audit(1724214520.459:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12771 comm="syz.2.1958" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7ffc0000 [ 493.573658][T12693] veth1_macvtap: entered promiscuous mode [ 493.583644][ T39] audit: type=1326 audit(1724214520.459:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12771 comm="syz.2.1958" exe="/syz-executor" sig=0 arch=40000003 syscall=331 compat=1 ip=0xf73be579 code=0x7ffc0000 [ 493.600807][T12693] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 493.604512][ T39] audit: type=1326 audit(1724214520.459:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12771 comm="syz.2.1958" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7ffc0000 [ 493.606018][T12693] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 493.623030][ T39] audit: type=1326 audit(1724214520.459:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12771 comm="syz.2.1958" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7ffc0000 [ 493.623592][T12693] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 493.643773][T12693] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 493.650458][T12693] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 493.656449][T12693] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 493.664335][T12693] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 493.669758][T12693] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 493.669789][T12693] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 493.669813][T12693] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 493.695107][T12775] input: syz0 as /devices/virtual/input/input122 [ 493.768187][T10985] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 493.780056][T10985] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 493.809647][T10983] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 493.827917][T10983] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 494.077480][T12791] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1942'. [ 494.183750][T12793] fuse: Bad value for 'fd' [ 494.845293][T12812] FAULT_INJECTION: forcing a failure. [ 494.845293][T12812] name failslab, interval 1, probability 0, space 0, times 0 [ 494.851474][T12812] CPU: 1 UID: 0 PID: 12812 Comm: syz.3.1969 Not tainted 6.11.0-rc4-syzkaller-00011-g521b1e7f4cf0 #0 [ 494.855993][T12812] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 494.860502][T12812] Call Trace: [ 494.861944][T12812] [ 494.863231][T12812] dump_stack_lvl+0x16c/0x1f0 [ 494.865250][T12812] should_fail_ex+0x497/0x5b0 [ 494.867273][T12812] ? fs_reclaim_acquire+0xae/0x160 [ 494.869458][T12812] should_failslab+0xc2/0x120 [ 494.871471][T12812] kmem_cache_alloc_node_noprof+0x71/0x310 [ 494.874060][T12812] ? __alloc_skb+0x2b3/0x380 [ 494.876050][T12812] __alloc_skb+0x2b3/0x380 [ 494.877966][T12812] ? __pfx___alloc_skb+0x10/0x10 [ 494.880067][T12812] ? hlock_class+0x4e/0x130 [ 494.882013][T12812] ? __lock_acquire+0xb50/0x3cb0 [ 494.884164][T12812] ? aa_label_sk_perm+0x165/0x560 [ 494.886329][T12812] alloc_skb_with_frags+0xe4/0x710 [ 494.888516][T12812] ? __pfx___lock_acquire+0x10/0x10 [ 494.890760][T12812] sock_alloc_send_pskb+0x7f1/0x980 [ 494.893008][T12812] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 494.895437][T12812] ? __pfx_lock_release+0x10/0x10 [ 494.897588][T12812] ? __pfx___might_resched+0x10/0x10 [ 494.899850][T12812] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 494.902386][T12812] hci_sock_sendmsg+0x1c8/0x25e0 [ 494.904569][T12812] ? __pfx_aa_sk_perm+0x10/0x10 [ 494.906644][T12812] ? __pfx_hci_sock_sendmsg+0x10/0x10 [ 494.908901][T12812] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 494.911105][T12812] sock_write_iter+0x50a/0x5c0 [ 494.913151][T12812] ? __pfx_sock_write_iter+0x10/0x10 [ 494.915398][T12812] ? bpf_lsm_file_permission+0x9/0x10 [ 494.917603][T12812] ? security_file_permission+0x98/0xc0 [ 494.919762][T12812] vfs_write+0x6b6/0x1140 [ 494.921653][T12812] ? __pfx_sock_write_iter+0x10/0x10 [ 494.923924][T12812] ? __pfx_vfs_write+0x10/0x10 [ 494.925956][T12812] ? __fget_files+0x256/0x400 [ 494.927843][T12812] ? __fget_light+0x173/0x210 [ 494.929931][T12812] ksys_write+0x1f8/0x260 [ 494.931820][T12812] ? __pfx_ksys_write+0x10/0x10 [ 494.933947][T12812] __do_fast_syscall_32+0x73/0x120 [ 494.936186][T12812] do_fast_syscall_32+0x32/0x80 [ 494.938294][T12812] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 494.940966][T12812] RIP: 0023:0xf7fe0579 [ 494.942726][T12812] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 494.950856][T12812] RSP: 002b:00000000f578656c EFLAGS: 00000296 ORIG_RAX: 0000000000000004 [ 494.954633][T12812] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000000 [ 494.958028][T12812] RDX: 0000000000000138 RSI: 0000000000000000 RDI: 0000000000000000 [ 494.961493][T12812] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 494.964968][T12812] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 494.968521][T12812] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 494.972178][T12812] [ 494.986503][ T5361] Bluetooth: hci6: command tx timeout [ 495.749203][T12829] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1974'. [ 495.895751][T12834] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1976'. [ 495.925458][T12835] input: syz0 as /devices/virtual/input/input123 [ 496.494235][T12849] FAULT_INJECTION: forcing a failure. [ 496.494235][T12849] name failslab, interval 1, probability 0, space 0, times 0 [ 496.498583][T12849] CPU: 0 UID: 0 PID: 12849 Comm: syz.1.1981 Not tainted 6.11.0-rc4-syzkaller-00011-g521b1e7f4cf0 #0 [ 496.502992][T12849] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 496.507386][T12849] Call Trace: [ 496.508812][T12849] [ 496.510068][T12849] dump_stack_lvl+0x16c/0x1f0 [ 496.512027][T12849] should_fail_ex+0x497/0x5b0 [ 496.514058][T12849] ? fs_reclaim_acquire+0xae/0x160 [ 496.516214][T12849] should_failslab+0xc2/0x120 [ 496.518202][T12849] __kmalloc_cache_noprof+0x6b/0x310 [ 496.520024][T12849] ? nf_tables_newtable+0xd6d/0x1b20 [ 496.522083][T12849] nf_tables_newtable+0xd6d/0x1b20 [ 496.524254][T12849] ? net_generic+0xea/0x2a0 [ 496.526170][T12849] ? __pfx_nf_tables_newtable+0x10/0x10 [ 496.528045][T12849] ? __nla_parse+0x40/0x60 [ 496.529899][T12849] nfnetlink_rcv_batch+0x1a3d/0x2500 [ 496.532128][T12849] ? __pfx_nfnetlink_rcv_batch+0x10/0x10 [ 496.534425][T12849] ? __pfx_lock_release+0x10/0x10 [ 496.536183][T12849] ? __local_bh_enable_ip+0xa4/0x120 [ 496.538431][T12849] ? lockdep_hardirqs_on+0x7c/0x110 [ 496.540597][T12849] ? __pfx___dev_queue_xmit+0x10/0x10 [ 496.542762][T12849] ? bpf_lsm_capable+0x9/0x10 [ 496.544762][T12849] ? __nla_parse+0x40/0x60 [ 496.546402][T12849] nfnetlink_rcv+0x3c3/0x430 [ 496.548111][T12849] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 496.550208][T12849] netlink_unicast+0x53c/0x7f0 [ 496.551817][T12849] ? __pfx_netlink_unicast+0x10/0x10 [ 496.553613][T12849] ? __phys_addr_symbol+0x30/0x80 [ 496.555352][T12849] ? __check_object_size+0x497/0x720 [ 496.557163][T12849] netlink_sendmsg+0x8b8/0xd70 [ 496.558802][T12849] ? __pfx_netlink_sendmsg+0x10/0x10 [ 496.561047][T12849] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 496.563410][T12849] ____sys_sendmsg+0x9b4/0xb50 [ 496.565024][T12849] ? __pfx_____sys_sendmsg+0x10/0x10 [ 496.566793][T12849] ? get_compat_msghdr+0x11b/0x170 [ 496.568680][T12849] ___sys_sendmsg+0x135/0x1e0 [ 496.570572][T12849] ? __pfx____sys_sendmsg+0x10/0x10 [ 496.572803][T12849] ? __fget_light+0x173/0x210 [ 496.574800][T12849] __sys_sendmsg+0x117/0x1f0 [ 496.576821][T12849] ? __pfx___sys_sendmsg+0x10/0x10 [ 496.578705][T12849] ? __pfx___seccomp_filter+0x10/0x10 [ 496.580907][T12849] ? do_user_addr_fault+0xe50/0x13f0 [ 496.583181][T12849] ? __secure_computing+0x273/0x3f0 [ 496.584915][T12849] __do_fast_syscall_32+0x73/0x120 [ 496.587021][T12849] do_fast_syscall_32+0x32/0x80 [ 496.589094][T12849] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 496.591388][T12849] RIP: 0023:0xf749e579 [ 496.593036][T12849] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 496.600570][T12849] RSP: 002b:00000000f578556c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 496.604012][T12849] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200000c0 [ 496.606878][T12849] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 496.610275][T12849] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 496.613010][T12849] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 496.616350][T12849] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 496.619131][T12849] [ 496.869850][ C2] hpet_rtc_timer_reinit: 137 callbacks suppressed [ 496.869866][ C2] hpet: Lost 1 RTC interrupts [ 496.907588][ T39] audit: type=1326 audit(1724214524.008:427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12847 comm="syz.2.1982" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x0 [ 496.958395][ T5361] Bluetooth: hci6: command tx timeout [ 497.032562][T12853] FAULT_INJECTION: forcing a failure. [ 497.032562][T12853] name failslab, interval 1, probability 0, space 0, times 0 [ 497.040668][T12853] CPU: 2 UID: 0 PID: 12853 Comm: syz.2.1983 Not tainted 6.11.0-rc4-syzkaller-00011-g521b1e7f4cf0 #0 [ 497.044709][T12853] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 497.048909][T12853] Call Trace: [ 497.050270][T12853] [ 497.051475][T12853] dump_stack_lvl+0x16c/0x1f0 [ 497.053343][T12853] should_fail_ex+0x497/0x5b0 [ 497.055191][T12853] ? fs_reclaim_acquire+0xae/0x160 [ 497.057010][T12853] should_failslab+0xc2/0x120 [ 497.058998][T12853] __kmalloc_noprof+0xcb/0x410 [ 497.061046][T12853] nla_strdup+0xc6/0x150 [ 497.062710][T12853] nf_tables_newflowtable+0x726/0x2260 [ 497.064738][T12853] ? __pfx_nf_tables_newflowtable+0x10/0x10 [ 497.066909][T12853] ? __pfx___nla_validate_parse+0x10/0x10 [ 497.069086][T12853] ? net_generic+0xea/0x2a0 [ 497.070677][T12853] ? __pfx_lock_release+0x10/0x10 [ 497.072631][T12853] ? __nla_parse+0x40/0x60 [ 497.074627][T12853] nfnetlink_rcv_batch+0x1a3d/0x2500 [ 497.076961][T12853] ? __pfx_nfnetlink_rcv_batch+0x10/0x10 [ 497.079439][T12853] ? __pfx_lock_release+0x10/0x10 [ 497.081674][T12853] ? __local_bh_enable_ip+0xa4/0x120 [ 497.084032][T12853] ? lockdep_hardirqs_on+0x7c/0x110 [ 497.086365][T12853] ? __pfx___dev_queue_xmit+0x10/0x10 [ 497.088753][T12853] ? bpf_lsm_capable+0x9/0x10 [ 497.090854][T12853] ? __nla_parse+0x40/0x60 [ 497.092863][T12853] nfnetlink_rcv+0x3c3/0x430 [ 497.094947][T12853] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 497.097190][T12853] netlink_unicast+0x53c/0x7f0 [ 497.099282][T12853] ? __pfx_netlink_unicast+0x10/0x10 [ 497.101619][T12853] ? __phys_addr_symbol+0x30/0x80 [ 497.103891][T12853] ? __check_object_size+0x497/0x720 [ 497.106272][T12853] netlink_sendmsg+0x8b8/0xd70 [ 497.108411][T12853] ? __pfx_netlink_sendmsg+0x10/0x10 [ 497.110511][T12853] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 497.112439][T12853] ____sys_sendmsg+0x9b4/0xb50 [ 497.114088][T12853] ? __pfx_____sys_sendmsg+0x10/0x10 [ 497.115898][T12853] ? get_compat_msghdr+0x11b/0x170 [ 497.117635][T12853] ? __pfx___lock_acquire+0x10/0x10 [ 497.119423][T12853] ___sys_sendmsg+0x135/0x1e0 [ 497.121030][T12853] ? __pfx____sys_sendmsg+0x10/0x10 [ 497.123021][T12853] ? ksys_write+0x21c/0x260 [ 497.124989][T12853] ? __fget_light+0x173/0x210 [ 497.126844][T12853] __sys_sendmsg+0x117/0x1f0 [ 497.128418][T12853] ? __pfx___sys_sendmsg+0x10/0x10 [ 497.130218][T12853] __do_fast_syscall_32+0x73/0x120 [ 497.131970][T12853] do_fast_syscall_32+0x32/0x80 [ 497.133742][T12853] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 497.136406][T12853] RIP: 0023:0xf73be579 [ 497.138165][T12853] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 497.146247][T12853] RSP: 002b:00000000f56c656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 497.149769][T12853] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000200 [ 497.153146][T12853] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 497.156544][T12853] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 497.159858][T12853] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 497.163048][T12853] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 497.166005][T12853] [ 497.168001][ C2] hpet: Lost 7 RTC interrupts [ 497.415055][T12860] fuse: Unknown parameter 'ratmode' [ 497.712826][T12860] [ 497.713684][T12860] ====================================================== [ 497.716076][T12860] WARNING: possible circular locking dependency detected [ 497.718596][T12860] 6.11.0-rc4-syzkaller-00011-g521b1e7f4cf0 #0 Not tainted [ 497.722764][T12860] ------------------------------------------------------ [ 497.728513][T12860] syz.0.1984/12860 is trying to acquire lock: [ 497.731041][T12860] ffff888028a511e0 (&ctx->wb_lock){+.+.}-{3:3}, at: netfs_writepages+0x5e1/0xdd0 [ 497.734752][T12860] [ 497.734752][T12860] but task is already holding lock: [ 497.737517][T12860] ffff88801d5b9e18 (&mm->mmap_lock){++++}-{3:3}, at: exit_mmap+0x1fa/0xb20 [ 497.741078][T12860] [ 497.741078][T12860] which lock already depends on the new lock. [ 497.741078][T12860] [ 497.745572][T12860] [ 497.745572][T12860] the existing dependency chain (in reverse order) is: [ 497.748819][T12860] [ 497.748819][T12860] -> #1 (&mm->mmap_lock){++++}-{3:3}: [ 497.752014][T12860] down_read_killable+0x9d/0x380 [ 497.754062][T12860] lock_mm_and_find_vma+0x3a9/0x6a0 [ 497.755941][T12860] do_user_addr_fault+0x2b5/0x13f0 [ 497.757819][T12860] exc_page_fault+0x5c/0xc0 [ 497.759960][T12860] asm_exc_page_fault+0x26/0x30 [ 497.762088][T12860] fault_in_readable+0x126/0x230 [ 497.763951][T12860] fault_in_iov_iter_readable+0x101/0x2c0 [ 497.766032][T12860] netfs_perform_write+0x3ef/0x2250 [ 497.768358][T12860] netfs_buffered_write_iter_locked+0x213/0x2c0 [ 497.771213][T12860] netfs_file_write_iter+0x1e0/0x470 [ 497.773700][T12860] v9fs_file_write_iter+0xa1/0x100 [ 497.776056][T12860] aio_write+0x3c1/0x8e0 [ 497.778105][T12860] io_submit_one+0x124e/0x1db0 [ 497.780272][T12860] __ia32_compat_sys_io_submit+0x1af/0x390 [ 497.782381][T12860] __do_fast_syscall_32+0x73/0x120 [ 497.784452][T12860] do_fast_syscall_32+0x32/0x80 [ 497.786249][T12860] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 497.788898][T12860] [ 497.788898][T12860] -> #0 (&ctx->wb_lock){+.+.}-{3:3}: [ 497.792056][T12860] __lock_acquire+0x24ed/0x3cb0 [ 497.794302][T12860] lock_acquire+0x1b1/0x560 [ 497.796408][T12860] __mutex_lock+0x175/0x9c0 [ 497.798439][T12860] netfs_writepages+0x5e1/0xdd0 [ 497.800224][T12860] do_writepages+0x1a3/0x7f0 [ 497.801898][T12860] filemap_fdatawrite_wbc+0x148/0x1c0 [ 497.804049][T12860] v9fs_mmap_vm_close+0x213/0x260 [ 497.805960][T12860] remove_vma+0x8b/0x180 [ 497.807542][T12860] exit_mmap+0x4d4/0xb20 [ 497.809497][T12860] __mmput+0x12a/0x480 [ 497.811503][T12860] mmput+0x62/0x70 [ 497.813332][T12860] do_exit+0x9bf/0x2bb0 [ 497.815383][T12860] do_group_exit+0xd3/0x2a0 [ 497.817565][T12860] get_signal+0x265a/0x26e0 [ 497.819716][T12860] arch_do_signal_or_restart+0x90/0x7e0 [ 497.822226][T12860] syscall_exit_to_user_mode+0x150/0x2a0 [ 497.824605][T12860] __do_fast_syscall_32+0x80/0x120 [ 497.826540][T12860] do_fast_syscall_32+0x32/0x80 [ 497.828502][T12860] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 497.831494][T12860] [ 497.831494][T12860] other info that might help us debug this: [ 497.831494][T12860] [ 497.835594][T12860] Possible unsafe locking scenario: [ 497.835594][T12860] [ 497.838380][T12860] CPU0 CPU1 [ 497.840656][T12860] ---- ---- [ 497.842992][T12860] lock(&mm->mmap_lock); [ 497.844913][T12860] lock(&ctx->wb_lock); [ 497.847861][T12860] lock(&mm->mmap_lock); [ 497.850267][T12860] lock(&ctx->wb_lock); [ 497.851675][T12860] [ 497.851675][T12860] *** DEADLOCK *** [ 497.851675][T12860] [ 497.854725][T12860] 1 lock held by syz.0.1984/12860: [ 497.856971][T12860] #0: ffff88801d5b9e18 (&mm->mmap_lock){++++}-{3:3}, at: exit_mmap+0x1fa/0xb20 [ 497.860850][T12860] [ 497.860850][T12860] stack backtrace: [ 497.863161][T12860] CPU: 2 UID: 0 PID: 12860 Comm: syz.0.1984 Not tainted 6.11.0-rc4-syzkaller-00011-g521b1e7f4cf0 #0 [ 497.867582][T12860] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 497.872018][T12860] Call Trace: [ 497.873415][T12860] [ 497.874665][T12860] dump_stack_lvl+0x116/0x1f0 [ 497.876643][T12860] check_noncircular+0x31a/0x400 [ 497.878755][T12860] ? __pfx_check_noncircular+0x10/0x10 [ 497.881135][T12860] ? register_lock_class+0xb1/0x1230 [ 497.883398][T12860] ? hlock_class+0x4e/0x130 [ 497.885334][T12860] ? lockdep_lock+0xc6/0x200 [ 497.887239][T12860] ? __pfx_lockdep_lock+0x10/0x10 [ 497.889186][T12860] __lock_acquire+0x24ed/0x3cb0 [ 497.891066][T12860] ? __pfx___lock_acquire+0x10/0x10 [ 497.893240][T12860] lock_acquire+0x1b1/0x560 [ 497.895088][T12860] ? netfs_writepages+0x5e1/0xdd0 [ 497.897015][T12860] ? __pfx_lock_acquire+0x10/0x10 [ 497.899016][T12860] ? __pfx_hlock_conflict+0x10/0x10 [ 497.901141][T12860] ? __pfx___might_resched+0x10/0x10 [ 497.903289][T12860] __mutex_lock+0x175/0x9c0 [ 497.905132][T12860] ? netfs_writepages+0x5e1/0xdd0 [ 497.907275][T12860] ? netfs_writepages+0x5e1/0xdd0 [ 497.909407][T12860] ? __pfx___mutex_lock+0x10/0x10 [ 497.911348][T12860] ? __pfx_lockdep_lock+0x10/0x10 [ 497.913154][T12860] ? netfs_writepages+0x5e1/0xdd0 [ 497.915079][T12860] netfs_writepages+0x5e1/0xdd0 [ 497.916694][T12860] ? __pfx_netfs_writepages+0x10/0x10 [ 497.918528][T12860] ? __pfx___lock_acquire+0x10/0x10 [ 497.920274][T12860] ? __pfx_netfs_writepages+0x10/0x10 [ 497.922454][T12860] do_writepages+0x1a3/0x7f0 [ 497.924503][T12860] ? __pfx_do_writepages+0x10/0x10 [ 497.926625][T12860] ? __pfx_lock_acquire+0x10/0x10 [ 497.928782][T12860] ? __pfx_mark_lock+0x10/0x10 [ 497.930892][T12860] ? do_raw_spin_lock+0x12d/0x2c0 [ 497.933052][T12860] ? do_raw_spin_unlock+0x172/0x230 [ 497.935202][T12860] ? _raw_spin_unlock+0x28/0x50 [ 497.937190][T12860] ? wbc_attach_and_unlock_inode+0x597/0x940 [ 497.939595][T12860] filemap_fdatawrite_wbc+0x148/0x1c0 [ 497.941532][T12860] v9fs_mmap_vm_close+0x213/0x260 [ 497.943521][T12860] ? __pfx_v9fs_mmap_vm_close+0x10/0x10 [ 497.945350][T12860] ? __pfx___might_resched+0x10/0x10 [ 497.947216][T12860] ? __pfx___might_resched+0x10/0x10 [ 497.949133][T12860] ? __pfx_v9fs_mmap_vm_close+0x10/0x10 [ 497.951138][T12860] remove_vma+0x8b/0x180 [ 497.952616][T12860] exit_mmap+0x4d4/0xb20 [ 497.954163][T12860] ? __pfx_exit_mmap+0x10/0x10 [ 497.955938][T12860] __mmput+0x12a/0x480 [ 497.957325][T12860] mmput+0x62/0x70 [ 497.958550][T12860] do_exit+0x9bf/0x2bb0 [ 497.960122][T12860] ? get_signal+0x8fb/0x26e0 [ 497.961908][T12860] ? __pfx_do_exit+0x10/0x10 [ 497.963741][T12860] do_group_exit+0xd3/0x2a0 [ 497.965525][T12860] get_signal+0x265a/0x26e0 [ 497.967512][T12860] ? find_held_lock+0x2d/0x110 [ 497.969556][T12860] ? __pfx_get_signal+0x10/0x10 [ 497.971463][T12860] ? __pfx_do_futex+0x10/0x10 [ 497.973081][T12860] arch_do_signal_or_restart+0x90/0x7e0 [ 497.974961][T12860] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 497.976983][T12860] syscall_exit_to_user_mode+0x150/0x2a0 [ 497.978820][T12860] __do_fast_syscall_32+0x80/0x120 [ 497.980970][T12860] do_fast_syscall_32+0x32/0x80 [ 497.983033][T12860] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 497.985812][T12860] RIP: 0023:0xf7f31579 [ 497.987628][T12860] Code: Unable to access opcode bytes at 0xf7f3154f. [ 497.990594][T12860] RSP: 002b:00000000f56d660c EFLAGS: 00000296 ORIG_RAX: 00000000000000f0 [ 497.994225][T12860] RAX: fffffffffffffe00 RBX: 00000000f73f4f88 RCX: 0000000000000080 [ 497.997646][T12860] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000f73f4f8c [ 498.000983][T12860] RBP: 0000000000000081 R08: 0000000000000000 R09: 0000000000000000 [ 498.004492][T12860] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 498.007511][T12860] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 498.010910][T12860] [ 498.013915][ C2] hpet: Lost 19 RTC interrupts SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 498.600307][T10985] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 498.682103][T10985] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 498.767112][T10985] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 498.822705][T10985] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 498.910478][T10985] bridge_slave_0: left allmulticast mode [ 498.914904][T10985] bridge_slave_0: left promiscuous mode [ 498.917379][T10985] bridge0: port 1(bridge_slave_0) entered disabled state [ 498.931663][T10985] veth1_to_bond: left allmulticast mode [ 498.934743][T10985] veth1_to_bond: left promiscuous mode [ 498.937161][T10985] bridge3: port 2(veth1_to_bond) entered disabled state [ 498.950275][T10985] bridge_slave_1: left allmulticast mode [ 498.953173][T10985] bridge_slave_1: left promiscuous mode [ 498.956324][T10985] bridge3: port 1(bridge_slave_1) entered disabled state [ 499.394308][T10985] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 499.400712][T10985] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 499.405967][T10985] bond0 (unregistering): Released all slaves [ 499.767186][T10985] hsr_slave_0: left promiscuous mode [ 499.774235][T10985] hsr_slave_1: left promiscuous mode [ 499.776594][T10985] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 499.779659][T10985] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 499.785692][T10985] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 499.789581][T10985] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 499.794113][T10985] veth1_macvtap: left promiscuous mode [ 499.796594][T10985] veth0_macvtap: left promiscuous mode [ 499.799129][T10985] veth1_vlan: left promiscuous mode [ 499.801415][T10985] veth0_vlan: left promiscuous mode [ 500.100231][T10985] team0 (unregistering): Port device team_slave_1 removed [ 501.077634][T10985] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 501.158605][T10985] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 501.238124][T10985] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 501.318006][T10985] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 501.415202][T10985] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 501.419401][T10985] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 501.478796][T10985] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 501.483765][T10985] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 501.545372][T10985] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 501.549185][T10985] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 501.623348][T10985] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 501.627638][T10985] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 501.728542][T10985] bridge_slave_1: left allmulticast mode [ 501.731603][T10985] bridge_slave_1: left promiscuous mode [ 501.734722][T10985] bridge0: port 2(bridge_slave_1) entered disabled state [ 501.739243][T10985] bridge_slave_0: left allmulticast mode [ 501.741623][T10985] bridge_slave_0: left promiscuous mode [ 501.744094][T10985] bridge0: port 1(bridge_slave_0) entered disabled state [ 501.750463][T10985] bridge_slave_0: left allmulticast mode [ 501.752639][T10985] bridge_slave_0: left promiscuous mode [ 501.755112][T10985] bridge0: port 1(bridge_slave_0) entered disabled state [ 502.072569][T10985] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 502.078891][T10985] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 502.083097][T10985] bond0 (unregistering): Released all slaves [ 502.092566][T10985] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 502.097998][T10985] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 502.102718][T10985] bond0 (unregistering): Released all slaves [ 502.520355][T10985] mac80211_hwsim hwsim9 ÿÿÿÿÿÿ (unregistering): left allmulticast mode [ 502.613653][T10985] hsr_slave_0: left promiscuous mode [ 502.617317][T10985] hsr_slave_1: left promiscuous mode [ 502.620271][T10985] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 502.623469][T10985] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 502.629777][T10985] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 502.633016][T10985] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 502.641176][T10985] hsr_slave_0: left promiscuous mode [ 502.644197][T10985] hsr_slave_1: left promiscuous mode [ 502.650796][T10985] veth1_macvtap: left promiscuous mode [ 502.653796][T10985] veth0_macvtap: left promiscuous mode [ 502.657346][T10985] veth1_vlan: left promiscuous mode [ 502.660012][T10985] veth0_vlan: left promiscuous mode [ 502.663386][T10985] veth1_macvtap: left promiscuous mode [ 502.665636][T10985] veth0_macvtap: left promiscuous mode [ 502.668431][T10985] veth1_vlan: left promiscuous mode [ 502.671478][T10985] veth0_vlan: left promiscuous mode [ 503.013783][T10985] team0 (unregistering): Port device team_slave_1 removed [ 503.053947][T10985] team0 (unregistering): Port device team_slave_0 removed [ 503.442772][T10985] team0 (unregistering): Port device team_slave_1 removed [ 504.886702][ T1381] ieee802154 phy0 wpan0: encryption failed: -22 VM DIAGNOSIS: 04:15:55 Registers: info registers vcpu 0 CPU#0 RAX=0000000080000000 RBX=ffff888063654678 RCX=ffffffff8aca546b RDX=ffff888063682440 RSI=ffffffff8aca5b49 RDI=0000000000000005 RBP=00000000000000cf RSP=ffffc90022d67b90 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=ffffffff8b4f48c0 R12=0000000000000000 R13=ffff8880158b0000 R14=0000000000000000 R15=dffffc0000000000 RIP=ffffffff818b1c1b RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c000000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000000c270286 CR3=000000006488c000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000bc00000000 0000000200000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000a8e5e4 RBX=0000000000000001 RCX=ffffffff8b055fd9 RDX=ffffed1005826fda RSI=ffffffff8bb055a0 RDI=ffffffff81634e6c RBP=ffffed1002cf8910 RSP=ffffc90000477e08 R8 =0000000000000000 R9 =ffffed1005826fd9 R10=ffff88802c137ecb R11=0000000000000001 R12=0000000000000001 R13=ffff8880167c4880 R14=ffffffff901141d8 R15=0000000000000000 RIP=ffffffff8b0573cf RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c100000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f48d9f7e440 CR3=000000000db7c000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000084000 Opmask01=0000000000000001 Opmask02=00000000ffff3f01 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffdce824170 0000003000000008 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffdce824170 0000003000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6565656565656565 6565656565656565 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff00ff0000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffff0000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff00ff0000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3466376531623132 35672d3131303030 2d72656c6c616b7a 79732d3463722d30 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 20726f20656c6966 2068637573206f4e ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0079726f74636572 696420726f20656c ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff84fa7275 RDI=ffffffff9511b200 RBP=ffffffff9511b1c0 RSP=ffffc900048bebf8 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d R12=0000000000000000 R13=0000000000000020 R14=ffffffff84fa7210 R15=0000000000000000 RIP=ffffffff84fa729f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c200000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f5785da4 CR3=00000000579a8000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=fffffbfff202283b RBX=fffffbfff202283c RCX=ffffffff816946e9 RDX=fffffbfff202283c RSI=0000000000000008 RDI=ffffffff901141d8 RBP=fffffbfff202283b RSP=ffffc90000e6f9d8 R8 =0000000000000000 R9 =fffffbfff202283b R10=ffffffff901141df R11=ffff88802c328a40 R12=ffffffff8ddb9360 R13=0000000000000000 R14=000000000003db0c R15=ffff8880290d4000 RIP=ffffffff81e9a5de RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c300000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f72abc00 CR3=0000000068e56000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000bc00000000 0000000200000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000