last executing test programs: 17.671378166s ago: executing program 1 (id=1135): r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_NEW_SEC_LEVEL(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r0, @ANYBLOB="020000000000000000002000000004002d8008000300", @ANYRES32=r2, @ANYBLOB="5f77124584ae590891c46f77d43b1e25f177"], 0x20}}, 0x0) r3 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x85) ioctl$TCSETSW(r3, 0x5403, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, "c7241275f410a1a0e2c6c979634165ca47bef8"}) read(r3, &(0x7f0000000100)=""/27, 0x1b) r4 = socket$inet(0x2, 0x2, 0x1) bind$rds(0xffffffffffffffff, &(0x7f0000000500)={0x2, 0x4e20, @private=0xa010100}, 0x10) r5 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'bridge_slave_0\x00', 0x0}) sendmsg$inet(r4, &(0x7f0000000380)={&(0x7f0000000300)={0x2, 0x0, @broadcast}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f0000000180)="96bc1480bb58", 0x6}], 0x2, &(0x7f0000000240)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r6, @rand_addr, @remote}}}], 0x20}, 0x2c004084) open(&(0x7f00009e1000)='./file0\x00', 0x8060, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0) semget$private(0x0, 0x6, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x90) r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00', r9}, 0x10) r10 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000540)={'netdevsim0\x00', 0x0}) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x2, 0x4, 0x8000004, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', r11}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48) r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x52) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r12}, 0x10) bpf$ENABLE_STATS(0x20, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000340)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r7, @ANYBLOB=',wfdno=', @ANYRESHEX=r8]) 16.741927801s ago: executing program 1 (id=1140): r0 = socket(0x25, 0x1, 0x0) unshare(0x22020600) r1 = openat$vicodec1(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r2 = syz_open_dev$media(&(0x7f0000000040), 0x7ffffffe, 0xc040) ioctl$MEDIA_IOC_REQUEST_ALLOC(r2, 0x80047c05, &(0x7f0000000080)=0xffffffffffffffff) ioctl$VIDIOC_G_EXT_CTRLS(r1, 0xc0205648, &(0x7f0000000000)={0xf010000, 0x0, 0x0, r3, 0x0, 0x0}) r4 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) openat$cgroup_procs(r4, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0) ioctl$SOUND_PCM_READ_RATE(r4, 0x80045002, &(0x7f0000000100)) ioctl$BTRFS_IOC_QUOTA_CTL(r3, 0xc0109428, &(0x7f0000000140)={0x1}) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, 0x0, 0x472) ustat(0x4000001, 0x0) 16.540161619s ago: executing program 1 (id=1141): syz_open_dev$evdev(0x0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="14000000100001"], 0x7c}}, 0x0) syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301) ioctl$USBDEVFS_DISCONNECT_CLAIM(0xffffffffffffffff, 0x8108551b, 0x0) ioctl$USBDEVFS_CLEAR_HALT(0xffffffffffffffff, 0xc0105502, &(0x7f0000000340)={0x1, 0x1}) 16.271702989s ago: executing program 1 (id=1142): r0 = socket$kcm(0x10, 0x2, 0x4) close(r0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4) connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f0000000540), 0x3c) setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x1, &(0x7f0000000040)=@gcm_256={{0x303, 0x36}, "1a88ef816c4b42ed", "a5fdeb69a751e94df50ad7e9fb434d1665e9298b01e49419567b443803cf578f", "6d02cd81", "69c8fe0949070061"}, 0x38) sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000011c0), 0x0, 0x0, 0x0, 0x1f00c00e}, 0x0) 4.023580938s ago: executing program 1 (id=1143): socket$inet6_sctp(0xa, 0x1, 0x84) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0) openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) mount$fuse(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f000000c3c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f00000000c0)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x28a0785}}, 0x50) syz_fuse_handle_req(r0, &(0x7f0000002140)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000180000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f0ffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ed10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000889049938edebcd600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_fuse_handle_req(r0, &(0x7f0000004140)="02f00c1d0dda83190c8b2969e5d107b997d557314c4da896298ff72343456d7ad8d0a3c9d50de42ef139d0d06f47aefa86d39e623e4983730bc4acd2a3453e9ce8ab83ca57bba44ef9418053978935925402ab801b6979708a525ed019908b34e02f859ad4fe7ea4a350535a413c192c59200cfe1146cfce7eecb4623aeba4b78d98a60a06859f115f185f5849bc4bf657cc34fdbd22e7093ab80cc806d17ca48f8eece4181c9ac3c9683567bd26348a00f13b4227b52da5dbbff4d3903749eb428bb6a464379db2f0332abbfe4d5a1d8f3175def20fd81e00e99af5cd23e1fe1a02affae45d2fcca7311570b269f073fc727285b6eeaacd862f40f1e5b84abec8f63212c89e4458c61ab5c32f7347d7d537d267708129701bdc744d35218ce52988699adf1e34f61493fd397296b4ca0aefbeeea873eff80fe26c0bf3c058ab0ae570ac08e3c53079d31669f34bee6d68b92398fe21c1d76a24d858af557d7723d27c0435f70fe46b18d17f3c207ad809bf3cf81c3074be87ba9d2beb513903109a9dae4a56576ae7bd3ecd4917a2f22c756f100eb0f3b48f3c506aa5d717b9683762e8d268ecddcf5121ab06300b1cf3586c910bf23de3defeedfcc1e899c899eb483c9b30cc56181f34937c70e9a2482ce13531bb80293f85fe080e722bb628b67a1cc9a9e7607313f0ce60a8f79fb0807139f503622c7cdfbdef26fc004897ca200a9b4328e0961a79e46ea7734a51d3c8930ff903d4779a48b338f43ba5d6b50f27f69802ffeb5473b15e66835035b7bf41489804e99eab0fc7579f569b1ba37151913454be46c6cb12b4e5f8c7a0a64c992fe18e07088d4ae91fbe6ef05d74d63173823bcd63948ebd29b70f144c7a03c951de8e3873623c14c4a99b52a9ad881206005e66f8588b0d73994cbfd6aefddbf8cec9622f948fe21287b38b9daf40c6ccb3feedf50f90e8f4da6a6bbc14b87e514cd976302e223a3c9165ec4b79f341908a97e13331582f39da15f2e9a6ea5a836bff4a42cd816f7f2028763bee37e7bbd0ccdf419edd48c55a6883825cb3373eb0b222187fdbf7a0dd4c862e9c658a5590c62b95b2467b155a87013ad20d47bfc8e8049f8bee091cb893b5d507772ccaadabf407a25647019312cad64b940137ceb603e9854a41d540649d52e5b2a39e7865ac1ab41cc1304712520e8e2827403b01dbee87b8b0caffa3c1bdd3b81538743a5422be517a5c679543282fdb46b29cf256a9d7e1c3dfb69c399db615e2e785d5a3cc719cafaa7973a542679b3185f5f86e4864637ececc4557a5465b05bfbdfe433546fe822d00f41b45c1473fe88d8a6911cd673f3d71518d3d3918ed766030448f01ad5e5ab66a6eac88720f7205491f9bd15d448172de258c865534b0dad6e607819aca86211254ecaafe4597af845c1c92098320dc14d1bae44486a02b8e81733a2be227acf940df9a2e717d9373a52a82ae0863af2320ec820fa8778b1e0123d41e6a79055adbe1b63da8e84ad6eb7906ab65b92c493a8150685dab1e2f2a16da54abe9cddf141dc41ea8a600a5e28bd8a342be318fa91d2e98c36a681c98f5676b27583d49f4948666c80f3b49b2ef6b71896e980c6cf93856d2dfb59cdeab1d8940296207d1f15cf75d7beb6f744fdb38f34e00148f48b3b92d65dab43f3514761864c693e6fdf1e08be74ec507d180301d419cf151901bf2bbc1245bedfe9f8b91f64c869d0741026acb0499a4a7cb167107f609141c349a7810d16b417727ded0decd32b4d48a624d027a3d057a9763ac5139adb0042d70caf9969c7a6bad7afe5d8a48d0e5726396d379a2bfaf957468748c9944bad2dcbefb1474a7d782b2e8e278a10dc6d6dc921476d661cea4439d8ba17c95c9189ef879b52a1889574f70c022b0cb973587a70e5d4147aaf1d1f58836540eb0824e73386d2c3a94d253b99d4532c97c2a75588c536cbc24e47088dfebf31ffc0cb23076bb2f515546b3721d8063e3b88d3a8ea196b88564f65e5f808eff5ab6a30095d6e0978a286b9d693a6053231d71dbf96967b5a2c6eec44117078851bab60718ff22a3e8c522fa8d85d6df1a816b62a557b47b05c5df626a47928523541c23e9f0a0a86515437bc0eb7b9b4b7bb866206e093fb4a5dba6ad9d2424d7fb2f8f220b00be734c781a91ad4555f2714c6c59588300ad47d3ecb86fae178609fe60d9f604be31c05cf3cf1edffb45cc2ce24ec44434107834c6335ac09e2e931b0a8c6cea5ddee3686ec9bf9ef6693fc85e36a7fe1146aa93da6f4dd5f36ab0dcbc28d29ddeb481d5d4f8a2817733a8dff3cb07ac1256bd43dab768c1661e4c8bd3ede3aa548f90424fea8e39c6d5d639b49b7b4da6a95700ac6d9f66bae43320ebe5add0c0cf5fb8a1482c60a21d1ed54ca7967bc22362ccad5c9aca0a7151b53546618500ab0a32151c7e61fc1cd7207f165449d4935337ac69259142d952d83e415bf39227224f208ccd4f6476804b7a9ed45f14f7414e36c9c1000ae4ff34e5ccfa224875c81bf30a73300a22c9dbba7770d0078ff37c965b2d9f97e50e64072d7db371fe4cd364e305f64c1fc70b682cde8fa865fdd7cefbc528f3177a67a4f31f3085ab385705a5008d7572b8f6690c07a9f0d8754614bf036d4efa96b09258cc43787df3259138f995a6d9dd13728fa1745c8e4af63e48853bc63106859defe07c53ead96f2bbd300ace2df4281ee764ba0c2234d4e0da8c0bce90ee74322d50a5653001a6706c8f4f315219bbc7fa42ee186ac031ae2a7f806e539f6d498514c3b657f6b6864ba1cc94879bc70ec199ce4124907bbaf5087280f9288a51f6d2849a2ad906aac9e98874fa678c66e0d71479f71d81aea11acca91b1a80e1517f6ce93d63deb7712a15232856db2e4e33b0c50f638c5c0b11fb81c4d9d1f4ba9914b8cdb1ee091b320db91850700a5ee1f8b837deaf3eac758b1aa03ceaf559cd87f5bea97897b97661746fd0e08713fd5fe42a87de04a2c9256571a14818750dc51d3c5190d8c2055860c0470309ebdbcdf1c050e0de01e6111bafd83eed68935fa61dea3dc55c278080935ee9d36233148dcc1ea0a3867ece386248ffb58ad2c198ef8ba29ea07983740e584daad92c62ec10c3dc16be4283bae22ed5e39a9821a29a40952950abf6b41732933950312719749ad06eee0c08eae0136eb4f16cee5ed167df66482ece475632dd25cc43782df12a8573492fa46da81b527213b098e3d9b0bfc9da02bde9c8f0672778cc418f4c0a113a513b358674de8b218fd3345ccf4179a9db6c0e1858e558e749036ea70c045d572ead75e60cf08fb26551741fdb86ff3c0bfcda029aecb789c9b8e27f360ce04159b9814674a3b5ac823546d4ac467ae878d2d4482e4d5bbf8945155410b8e7ec05619c3d6e254e30879f4dcc3d93b5c3e3f73230e2bb406accf83cc5a3f4b8388b851a98fafa03ddf392b9c0c5232445a313f440f158b20cbc34c29a0e36a062a10ec77d0bbeeba5771da4dfdf3654140f53e85d98f6a065850ff5afec907eddae8b7128ba9dd0821acc8511f3e3c68e9ef9da35df09315619ab781192a648baf254fd5f35cb650b7672a9a82f989bf2039961f68763e34db401c903a40a5ee9495b7011893639ed3c3b83998503905cdc1dcfbc223bec4cbb5e1459ec4bfc6eb14dec0741e2364eb9cd9d988013ae2740b722704d99576f897aca6b3d5c34a057d8a5f51c1bce080936a21fe214c3516c6edda99c4fd104e033fb553839a386fa74549921ff4216589dfee205fec1031e121bb58ede2fad12805785abedd162396e11d36dcdb1993853eefb6e1c8c72afecf98969db8216da5276e347a327c60ec97865e2397127198151feeb9e0e6268fa6e88c50ec8d681450e642fc01455fa216f9835d6e309f9e4b5129a2a56db042f0c0486a47033b52f59513094864c0c6c313c7edebebc28db44679c3544e93375c80cb782763f37d85eba6c0bae5934875444245d467de5d6a463443933ae95400f88441d70891e6455f73356717f68e408b0cf91f0deb9aabce6c1cbb1459d8095433a1e08039132fb8ec30687f856e524ca8ba00b6a20225da41bfd260fa214c26de5844246d44ac5ee2af44f158da1f55188277161d7158fcb97b1e37ff3088cad7e79e78b19c7440ae76356f0b094f928a61e9195fe87a0330baa29dc5e1370abc024577a521ad224074f5ee52c30326e2d1e87044b2027232ac28ba099e211a7b33df9fb6d2fd662b7d38a14c40538dcad133f4f75ce114cf8e583f74d2d5251547541af0236aa59075263e2611fc807ff898163c56ef01e7454da2a6000ac229530ea7bf1eb75529d3c98e6f7fbf3d4cba327ed5cdcb83df0c11fbead1de4ec3ac5c2cb8dda8591f4c316e23a0668ca25149f8a55a47649daf9e40f784319e8b901e70a8a31bb4f8c0a86a4999bdfcb0e9f297e753bdb2a275ef98a92b8dbab2d6eedc06ce92502ae7ae76f6b13264ba41e717f8257e34bf1ba512b335d5d178d74742cc0ec6e7b16942095cde010cd90b5c8a158b65fc51d958a96a7d20446c1fd8d1b0fc9f2de8f404a80b504098dc68e2c60b0f43ab538cba0ca5409dacfbdff2267374775605dce498514ee7b32a7f55452986b12dc6178d6a926dfbac6bbdcc051d0cd54bc3aca47bd665e01bf1f050f7903f031197594c513ce5ba931e2819f5bb63c5238c19c1be9f4d9668e5c075804fd43ea60f0ab9f00e06683b8e29379a9326b40e8fe05161adf1cb519c31ecebcb042ed1fbb4b9f1b12470bef6e964855baaff5a7dd6146f07caa8097c778bd10e5ce995884d1f3b91962a7974d84de6157d3f54735d5b82e11e6fc000874ecd396114c693ce2297caf7a9c6a6814a890e4d74e17a16339ba103c0d2da87e522ed67cd23047c7d9bd1562234aec98b85ad4534522cca58ee17ccb9c8fe7cd68ad3d6d6e0edbb550ec957772ee1109d501ab76e364a988e02e6b4a5b62f72e61fa7cc6120d12414d3c8ea09bfaac8e806d19dd76f940b769863d200861e44c72bfd870005f6663a7a6d1d60ac1e376806293d5143968d37af14301c9d6506985eb7bdd607dfa4d3cb5cb058019cc5502c534d3a5a1337bbf6306184230cc21e3ef7744b839cd82fc6347316e098e05ced0f25b9cf5721f2d003bdb4e0a79eff90ec4aacd6afbb78ca6f129cd16c8b2f3aefb5a2036951db7ebb40d36723a75723b3d1011e6085493664bf5d336c5cb4079ae1ca2412c53c464831844c27f089ffe345a2029118672b2fd2a24c72f9088dc5f92cc5f3bcd6c7359f52d32ea15172e95af7e6c81c52f20995877cafed48dd49762701c88c225bbffbbc3160d838957588fc2d41efab4148bc961e8d66b5b21e7eb4228a132d61a1c9f6e2baf7430d92478a3948fca4e10594167ca5e72678189cb4e90a0b0e45caada64d15010d73157cd8b4d04099ecefb1ed187d673d1bd33f13dbe4b44d351a34738280f21a79b3146b0071a0924e643c1dffe0d8c72b3bdcc00f203153f63c249f18e0e9e7ed1c0237411893832fc5be40d308b194bb04a17e38f0717a0808058b7291d20b6f0f1e5ba11e2351d985138c61806b41ea5a77ef80feb1f6f7383000e97549487f1bc9c3b5e8ccb6ed7ab8e08b258c75d5aad2a01fe8b5777ef5c7ec1eb3feca16dabf8eb50312f8786d5018d7bb7c9776f028af7b3423af3410696587f3feba823e5e3ccacfeb23fd4359c252b2ab5136d2fa7a6633758b5c45099f70a672999329eba1c89f07af0eb7c3fea5ac468ce042d699b6f391eaccadcf6d14e97c620a5eff7d92946f09d79d31cc876da261182a73a3234d5e53709185680c8b5376e4d8445fe4fff988062f23e42e4b7908ec079a840f0be839062074c22c44b7f4c4b23be2b6656abbb103acc0bd5058e0112a7d55cdce5042a76fe24ba5e9a1105c68dab94dddd44cc6c860172847f20e6ebc49787ed8ca19824b09468933ae9a496e960b7c592e783b6a5f10a9d9c2265794c5891ae7eb9cca9b3f99981a252d522047b95fdb518fe681829948a9d329b9cc7cb2f806ee81a3c930c73c8f12a05b47f1470ff08d5a03f37dacc1e4a7f65563f8825f9ffc316c2ed7a5ea434cab348c850d1b8eaaa0ab2ef7460269aef06f9c46a1957575cee49e1aa72d470dc9763b4abd61d34693e462353c1d023249bb7085f1362ec6bab9d349633d5f9637e6a12690e502f8af9c2d37a3f573411595539c66e9f82d5b39c01606af258e769b2391c3cd0bb0d93eaa36e168136b301d516724ecb173a0766ea9e9d5be5dcbf58e0322261e584d22594cfac91d16bcf38b8cb69e022b0956fb4be2981a526bb1832749ea1f7b188dce590927620ad9d6162ea52bbdbd14b45ff967f183c1af4269dc16a1be7b0b5278ec02a259aed022039e70a9c1456997fc1d053b1ab54238d8282dd11b68b806c745a257a7c0fcfad3277245b1f7749243f457121b3d17122f27be6b1c56e9bc151f52db66c92246072ca4e5d10619a6730b1609f133b5db1f2b0bb4a86dee2c44a6e25299ee74b99eeab5f195728aa45dc7bd300bccb48819bd40b12152b40e1395ac25d8b0cd1ae12b9cd46a8e54f495cca85a680cd43f70f55505f1a72c030dcebbb2e5b26ec971cd58c76ee67d86fe075bcad475658f1cdf09c94bcb5b4db83b3147882f65f67921267f8471d8deb7b159761c83fb9547db71b6878a21287aef6a2e01134e735c073645d2488138f280754ddf66cf8c0208e51a96696e185120a6b84a73d2c9bfbfa9e501f1126b44c491ec437a0b490cbcec5e8e0e0c21f803354d2d1923fe82509706ab34eb03101dded5f6421a6b90dea3db643a22eee1549e30d44184bbe7b842a656b91184ebbea76d00942b429dc07c704750fcab290c43bfdd2aed8257c21312933a11a76d0be361753a49ccbad5fab68eef867e11fa99a1d8021218809c0ce0bd52bed2d5c97fff7283e549afee371b7f1b3973ebebcf11f9687c7086129ada7bc09bca2da4fc02c0af28aa043f3f2c1e02dadfbc3a245dfd2e30e6050e05388006852e871b6890ddc006072d1a062978240df6166ba6ccb732195f21bec579d3d2b3f13e818e9fac77be72152fd441f6ab772b7fd3f888a91f8420f336e5a69e36dfdcc23b066506167960dcd1e5c84d4f236bb83f8daf03007d86d5b34aee798755077dea9b4faf98daa725cc3ab671b3b2b95c193530e0d018309a460a518878ee82e8495622028383ee97fe6a0111521b9a60fe51011bd0c62ee11e7a3dc5a0e8e8b82e476e752f63c5ba75a32e7b5b40d8ed1f539b3262351ce42d1bbcae0371ca72790ca4deff1441404f072947970ed3f23894e6c894c9fc7644c4082188b1ac8ef1e5c045bf438b9b81c7333859fcd071100785e14568c784ca30c4aea8a728a7796a201aa1b65a9355cf368b440498c433414141aaeaf722b9ee70b7cd28a3c2beb61ed99b619a4486b4b7210fe5b1cffa4474421b41303f6de7432874327532cbaecd0e1e9e90f00cf03161e9748807f3728e947c1ce281f3417a3a162deb2d01a5aa330e95b5624769d278aabfdfe6e8089c62ee1c26be5c121cfef2fcb549c1671497a05c2a397f5090caf6913fb39f01a095d55d33ae31d36bf223cd506ef2eaa48b1729c2dbdd7cf84bd1c2d0ebed7b6487991de616517c4e53665e60e6bbf559dd5cddd5eb88087fe6d0e2632f10b9e0f653bafbf992f55dd2592bea82a9a5958ae3e767bcf2c50b691e33dab8d2b1b2fb33419b5dae945a7d4a0169ec64817cc02b02139d7f70bfb42516c913311b42323cca46e690467c894a26ea624432b3c536f48ad569d56d8bf131048f81c0bf77460bf7acdf513087bcca1366bbfd05136ab5456f7e99f545f343eebf57299bfb4ef4a3af05357037e7080ba36084505eaa7339fc981cb99e381c3456d3de6cec5c5dc76427b13db53c9bfe516577b51411602146929e08c8762e6c99325a00242bd15f511f25eed7aac3537aca0407c70f362a0583fa10bb259f758feca1edb4f8adff7626bbf67fa0d940bb773d1afd523033b25107fe02161faa7a2bfcd629e58d681be5e980f8d563daac8532bc747a4242fa539416bfedf38cd8e3aab1764102c87627308abc41f6ebf8f03126d26ef90c10f0dd0fb5be22ee794fffb3ef0537f640b92c2ec335ff99422fe5fa41467e1a95fdc98e13881e1912f73afb489f237acfa971f6f64d9dc0066552167ebad1a7797412998a748d3b236e41ee5a8c223a1fa033389dfd2beb582987344db19988096e3bc0c44c8fcc4ef4a1d60b3991a5e3eb08d476c6dbdef30ce2b7f84de6925e28eed23daafe6be895d9b9c055519f9f3dd5c67cfafb5138380f581ec2bcd15c415087c85c32db56fd589883d3f1c81d56fe2436e910bc873596d4fc5abe0046e00934912f70c028c41390091988fe9fc46df6f10edb697bd1408486860fb6e77c76b4778a151769be25d891c1bde084ddcf964a7d3e528fb39835d8a003ee95e31f7c6c8f22e2d97454b8bff0450f6d9d3f3066041f19aa7e99cd00bcdb238e493912ffa5992eaa0c10dc4e0c4277ad8b5b9be74f72a0b2b89cb5df3ff6e06d84b4db052a1846a2b8284d49c0562f561dde8fe38bde79afa4eb12095c9fcfb9805ff76db4c63f2c737bb97117f880284feac51aeb26e21071a8770cffb4670fb94894c5b7cb6b60c3cc6a0e04458371bf59669f07be5517d5aafd2485aac11e29332bc9c0d9aab851d40aa713665be691c1887ed057e63bdb4da732f70dfe503a009c6c431d6780559273215a222228082dbe613d2dc235908927b1693adf812ddd267d1f7b64abc5e174b057e550c60d5b4e5f4aed8fe16dc5ecd7d7fbc3647efe8abbd9f2ce4f21a14d2e76af8a0551d99f1d35cfee6a068f521af0340750658b415685ae99459744c3b29e24f70977ca21e8638045a3dcb88556904f4cdb31920b89dadc5b846d7a1306d1f86d179e1f611d0c061146e3df0aac42cc6710231d844e167a57b99f68ca174152d088d5af232d5d4e186f026dbd0fff228e7de1ce0e5d28f439e94b6cf106306a740071a03ee25387d1c0b2da3b24dfbbbf078458e3db1c42d1c369b3f57946cfba615151c118e5bc31d43f9621bc30ab6fca226285c50eaca6daedb148d0c4acf1d9691e875338221074630d9ac117fc704b06da6b595f9906681f5a598d0308da0d56e45a216860a3acbb2e00376d2931a21695239a8216347d39f649c0d990191a62a32563cc967a03e606ada7dc76e67a1e867ace9e05e8a27d96987b93eec3cbce6c8c4021ef2a7a862bcb49b2450c63802c41bbfd8ae9f3c9a55a570470c41a9ac7ec88c83d5c1f2c9342b30ab09e50271a7be04feedf85abac9efaf1422a045f6383886d3014c6436c7986f264d119b1f8aec8c67be8147feebbb94266c009d98db54dcfd9b6f275f13c210d10d808b55cb558faaa2a89f90023fb7aff01dcd6143c7fb985e286ae7bcd521916794ac148bf85ef14d8a54fe91739a4b0c3bfa4e77d70ebe0bd187364be48953bbcbb220dd43f2e9382d430dd0baf069b6e3fa46d696317b4b0dc030c7edf27c416f33082ae1b0b13290580b5c513adb90fd373af0403f268521fcad12940dec7f0532aff0f78813416cf965937f7ca0eaeee97dcf7a7ec603b892ba55801a6637ff1a8e4d99bbb969ae06bfadc232f131b19cece7b8c998d6c57b9b68d2252d7e543091583b67b868c8dc079c1c95294c5e039c637b1a02e58d614fdb79f3f08a29f9f90ba09370675ac1b071f07bbf97e48d3e3d102590c2fc4ccf5354c088f41f1abe507901a1b5e246c88f81e297a2876182669b16f1be10e68f3bc66c7e20f34ea5a5252ea013f71ef78931ea4e99f5ee9e4761cc3f773eb02fce9065c333eb58da334a67525d9f885747aeeb3193c3e6b60e037b7006435be7bf1eb5ac592e288984885b5f9781a900885c59ee235785501ab93d73ce758aba261f5cf1d732246096412a0a9334fc113b1fdedd0a15961a252479a91a889dd312a4fe44a49a5c8f3364740e2c84ad375226b0a8070d6e5f316320c6f33461e7c32395c60b531aef2690da2ce0a965df38756c26be257f62e89404ce58a62846e11ae30490ed476a484c5b798d0c67cbd795b7e02d460fc1be0dbf85180fbc7d650c14cc86cfe65259fde8d330ff96a175c49ccdca9dcc9886dcfdd763a8ac7bf4c02cec7ca5f808406a9a04ea18cab07febdb8f1f65e987de2cf830ed782ee590f857385f3514798bd3c98bc0bf3c9ceb63b7d2c4d084332f0f4702c185fe9b1a5780f8b11f18b10c9eae1d18a5d45d2677cda5c927906c507f21b987026965d5a9edc182cf6b104878aa8afe22731b2ec16b692cd2819b37a50036db1b6a47f6c47299a8bd35735d180eb1d75d956e8d020db4279fe1332664dfc01cedb5742545a3f2173a159841e11552564c3fbd39fdff26c4438d0b2f66b65f4ddd5778734562eb2bf1d56f5970a8463b520cbbc55dbacdf37a6a16e5c7135f3120c7bd4bf2fcefdf47d55d5a7ac628341ecf694098fd457d23bcce0b2296bf99ab9aff749af11b22fa2f24d4ee95659f3faf48978aea794a80415c845a6d7f924c68a62972db65b9185ff527719c5f8bae299fd50bb7ee1ced73528ab0648b870d8e8ff0acecabf2de8fd4ad30b1fce4084d8e1cfcee237f13a27e4d238f6d2eff350f2393f5ed9918cc35917f2035b1a5faf297bff886b6716db37215b822c8af5142ac94849e5484adb4e59ef85dd56473b1f6e1f6065c8e744377d98815f53244558c42af67e3502865bc81c37741c5ed3ed07e33c64a9d8b2f527e54e3c7e10666dd95eed759e8a3244c5a704a9349ee929752226d01c10bfa94d31ac2ced8261e5fc3a15f68500a9e7b5ad53fe3de581ae3fc9a03fc4da706c17b40ba5d9505938dd55f09989812e25ee54f7668fe8bd274e0c0b040a15c18b9d8bcee0cc88590637a8e7b6792ea8aa8dfd4fa8cfa183f3ce15308acc9d91d02e7f7b46f472c8fabead73ebe033fcc507384948a1eaf03548d79b649be7715b1aa0814a59183424e49e86bc9781ce2e9e8277a85f9b0b4faff231453829faa628ab00daedf8b8aeaeef758bbcbeaf8863ba179e1054b3da56466486fd9b8dcc42ca1bae2d4ff8e0877d9a726744080e125f7a1bbca906bcc59e8798e73bd79e5de3b4a79aa2bc2e8be40b695b5add3a8fc0952053bfc352849fe1ba9da83daca4c904c66fe91e55709ebca2a36356912a285f2206446b3216d78c9fe498431025b1af22d99537d5f86efb23e11e6e8e7d6cd97069c533e908cfb234c26a3424915459c53bf76ff18d7cceca11511b689611ff74118844aed1d4882f5d2a9d051bc3e051a53b7633138d0325082263497c9102cd33fb16c27a93055617ad14befe6321d40251d239d45a89bb079e24b04470fa75454d91bcc39c233eb0ad4a03d5667b9c7eea0d927d665dc2db377c71cfee93bbcd77f6096a2dd14452f1d74a9ebc7288670943ce9910f", 0x2000, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x18, 0xfffffffffffffffe}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r2 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x0, 0x0) syz_fuse_handle_req(r0, &(0x7f0000006380)="10d2fa3f8e54bb77b64c63c911bfb8b2f2850f271f72bafd38fd066401c2986afa397cc1f6ade36367b2cc0208bec1a2f4e22f8d827e7298d576fa63957f7cf79f0dac76d398ad940fb234cf0c4d711b77c8849b12d7a1414126f706abedd0c30ef9c22cd7ca883a44c06325e2a46d0d394134d6c090912d9a6d9e458f97d67e1a913f82c83629492ff074eae084c180fbd37719cf7ae98c2df745931d9b8f77656431a9a3e8572d0faff24370d0a2e93375e1049facd8bc24c79e00ff6f7a746029bee15e57d3e44c35f5b2a81078673dd272d738e05400d2c0df766c74a5cb672f9a6efbc597cdfe2830c5f0ad0a1296544dde42d9334215ec52eda5045d68fab3536353efcbda75aeccd8d9b1cf3b4ed8b30e220ef21066cc43718404487862894a8824ad802f9a4ad118c26f2dfcf9d482f5b66681ee98cba0ede52de464e4c0a8f2bcecbce06ca6c7da7e9d0213a63ab24b84963b10f1c457c226c47bb30ddbed729031994b9bb29ddceeb9a2c472de2032ecf278c37aa566b0acf3cfeca8110676df276660e93705439768dadecbdacf932b27b5a316ab8f76555f6517c2f12ec2dbd2f25fd2e6847445aacf5cf48e4c6059e2b2fc0b4384f03d9522811ca6775a0a0beb51945d914defaabe6646dbe9f5bc4a9bcb70c9feb612beed09048582923bbb170a78e47590dcca65a2cc649808d949e1b7a479fd56c8e2e2927587e99f93eb88b8d092dd3aa7502beb2ba6f3a4f8226eb422f5ad89aec65491985db4765158cbca5e24ceaeaf15967da273db3271d9c848372e28b5512610c110a847783d3d4d49cd8f9b1a016efb8f4cd8b72a2f717276c48e614e94222e12e5a17a40a03f0ef15c558e6981de776d391c020ce44b2ed148a1179f9f87249dfeef9f16e0d056e07546a86e6e6e96c4ced89e88f551bf3cd7e39b9bc2145f7aec7850a22cd9bbc4554b7b9bc4c77bdde0478d40997c133486caed2f62166dde56b7bb232ae11df7bc6f696695aba25cc3517d37eb9c3886be33a321e4c528d9f7865eb12ce593cbbbe5b4de3ad33fe8dc7c9f510d25484502bd78932c6b41cb06fe0d3bf13076f16797bd6e266acb1608578b894b6ba7ac806e92dca922c48b15ea8851fbcb07bae918a7569a262d91640a35ec57a5589d8a3e9a3a2255e0fdac3ce2d6f808a6c67167f319635c39a6165d878951707f6236207d411e5fd7f543a03c0b19fa4ce82591673a00645d7ceb98af9d4f925074be9fc6136eca57daf783a427b9657ac91c19b9d90ecc831d7281e4557d61beeeac16338d9b52d37a8576ca5a74b2312ce29fbe1a38c52706b59ec3d43967e9ad89ad0da1603f7a88b9cdba1d7233c8afe623a7dbe804dae0bc76eaa716a3a5989d221f155a64984b6dc9c85c5e51fd21bec4763a89bfa4f4b3c61a8ad8e189aa764b5c093da0eb02d90b3e7a23ff841a2b8631bd3dfcc7365a525e661ea42d8234ec87fb0349ece8bc7fb1969437bd3c0a12bb828767880b67fee0459b96977884e7ceb91587303117e69d70a86eb0d08200cf770588f7ad624545bb1fdac04b406ebdbcfc46efae2e00fd1b75d92950f4135b2491494a039c3644342d88af6eddd31a150154f6f6d99f0f01f51a5cae988c4d75280447f94dd2b6150182adb2f745cf0b001f8e93c6b9f92292caab8c7e483135fc97e21f533ca1f9cce728f6ba44ee533c67d80ca72fdf63144759450218178f80d7adb3a4bcda9f68a0051050fdc246630da2d9cf5b8dca786d831bde45918d84f12966230c52bdad1e8ed5055960394ee93a906c0469466394a6def5f1e620d1b87ecc4a674cd8f737340ae518b593d4abda1dee157689483b9be9f29d521ca6a5a5af3939b79c33cdbe7b6fad33a048af418091c5b00c2b2f61535d38c6098d55700daeb638aa96f0b3b38dfa94fbe24753feac6f8036ec96cb28e2fddce426c85cf705ba8949861d86a9be87f0044755d560ed2588400034439987842ab53c2ee65a010f8c66a64eb8e7ec33c670cb0902f43630a9ae1ea8491e19eb5f336839c6a4f14d434b93122ce1adfb894f94d48c25c08f47bbf418cf4e87227feeb79ae3c3a557cc2ef664bc17e5c92b8559d7b1a43748e39304e36a212a0ad7d113e62b145ab4b00a2c365b303112d32de0576baeddee67c76fdf4a7074c37399ff76efef2f30d8a3ad4d42308c039347604b4037990484be0bbfe61a2e8cf49e98ae8b9694d8bd8d2ceed4390c12b3ad813ef11379019515ee31ee7c40e6e7bd60eca4f546ab5089eeb4d9d89eb94204aa78584919ec315baa1a0bde3abfb8d2f8a97dae510bd69eda1919ff146af9e02e12b01977b7501e80445990bb7a09776cd0603c5ece6b23d797adc781553e3f3c6d60fd419e8035d5571f3ae8bbaaccf8c2b765397becc989dff38a8dd7a75b7957e7f4a4ee68b825bc6221f408201b99dfd7295c04c47543a487ac21a2388043ad90bd63b558c148531254a4323e548aa0d1ff77ed5ee416b2966266fa16d8f0a17af1cd54d743d5d7c2da786248d0c4c377beeb7fe833ae98d505b56217b000d783971f0e94eceb07934448a492131e0dffe5f373a3ed5f11d03718f1d357ac3a885bf222a335fab009b37f9e9f379eaaa51520cbbe43347c06f4d6a01f36a69b7d10f9b0f1b41e9593cfca85da13bd2945a2b165c42893de25f0f7f0528c7dd3c76cc3c7941fda76020b9d67869f86d4c2e9522f5383eb3ebfc93def1b5127ad50f2020edb965338ea0a00475fcb94ac7b0eb379491625880bac357db78c134cc063d4b9b2d85f5407d6876abbce23d64fedae2e38efd5ab6621a8e50c68716f3fc54ee445c5aa863d0e314c5774af290792ccef1cff10013afe886ba30a5d8d94082f219c7d8c60d1af4dc52d7e11b6466c3f109f6a5501b86fd502b2dda451e9374e333add4c7de75d273450ce4ae49b29eeeb3d8a50a71f780d7429ecebd0b2362ed707a7d1ca32fb41efc2e63ed74ee20fa22ccf6c56e03ac552cb808f0a59830387922e237eed7ab849391eac968bad41d1539f0160c520d25dcc3a5ffd60dea63624d0e87af9537deb8feb3b08695c448155c10daeaf0f1d501408de77e73beae84542b5dabb00af25ad7c3ecba3979d5297c94b2d1189c3434c0a44ecf694fbe5d5f3303067456cee4fb03691fa116eab588df178541b40804ae9e0d3efc7a4fe4cb8332f3c229cb25c7938d2ab9d93b9081c5d574ebe646f8b93e2102649304d24f1562f3c23ba32379bcc15f2ce841cea255c80ea5e86f421a6d5f9abeb5aa8c9c427b823ad78f51d4cbd7b7a453c13a97d81d32a08ff60b5937bdba1fede46ad86dd63fcc4aa4cc8b48cbdcf2a248cbb1e59682c99f557c8b388b8c91c36e7e601a62f30599c0e23904406c84502ebbb41c7f884a3dccff939f6302daabcd5be3ea794a40ec46571eb485fe354524a2483e1b9b2124450423b26c3635c7ee7b7507116612eadbd88b3b2848c0806a92c79bfbbce91a0ce5c5318bcdc9c478f07b55edffcdb0e9d570933898fa7f9c00e69d256215e35bf7acc83fefdbed903cb3203f484f182c620d1bea2bc42f6f88238f7f3f87a11b704832789c4aeac6f505b5448614e06c33a203f5d1fdac279634a7a61dc71a072bf4ae88d78c78736f44a79635671c942c2447c24e6591992989f6f8edacc92855d8ebbfc41c92a81d85304bfe15b5557d565bd836e6eedfb45bd871862842f4d56264221c5ff4bc009487e2a17795f23d5d96ace24092cd6513c035f9f065b4febc8e12d3e16783cc907bfae56acd72d9d441d91591b96f95f0fe6c60cb282ee515dbbfa95112b5af1f54d14b4f3020736811374a673ffaab723a652512781793e18bd0c078f8f99d84ff8ac3586dbdaed09eaa3691d6e9b2e081524ffcf38dad8b707946835dd1e90f6e3cca99e4ac5aab6d5ed5a42402fc4d9e1b203a14297ceff48a6dea72b3b3a3712b3f4a79fbe34424fca20620144389c8865d1259252ce7e0d36f11bbf976d947be1a7485ff022f5dce29fe773e0c3e6c3ce7e96f2142ca3186cec8b58664bccceacb0767eeefe9660669ad583329d35aa527e46cbe0eab775e3cc9ebb12ec9cedc43b1cb667e9233c34ef491b36e565c868899e6e80caabd315b97fb2f69a79f5270c17fb789ba8435c737a2a21b94adae9b7560c8dc11920bf8f376244803c72e28ab7ff4ba2de1a8b24b99ee7794b5d79adaa4bcabbbe39dd90dd5ae5ac5d52d7abee36a409821f8651097b4bdb9f487c4f1256d414e339184e26f22cd9d59dba32c434aac52016eae8ba7f01a172b095deeeef8d00d07a3949d82af77f35f042e1b15fcb4a8184d4aee55157b5f9f3e1449476fc124cff2b6668f108f9977b8541dfc3ea5c01079cddebdbcd003fea9c40dd07dabda5f4d9a179ea3f12c7da47c0015d13e5ea46d5aee283db9e43c0c626c22e8272251f25154744d38ef27d0ca1850905002a1495be8f181f5c67fec935dc8e76b1d2b0b4fc778010805fc91fda53e130c547d0ba6fd3124a950a07cff39e9c590756a585259efc0275be0abc450cade1f27e9c8e2e7d32a8020854d466ba055572e400e08a707aa730f77675f30ccd21a4258d5ee6bdb3ac21b0bcf1dd063d216ceab05d9dca4644529a4d9e28273ff31932749233e520523bc09caa6cb5b28607811babfb141571f7ef866489e0f6250e144520ad4882e11b2688416a622a9de3088e8b643e7f29a6ada628671f6f6305fdf06949d40320100fbb7b547ab99ba163966fd1bb096cc4e40b933b8ba2b29093934e1be1a8af18f479dee902982b132e90247cd91ebe13b0f6b46ec68162c5c1f04087168b7c7017584e3233d7d8840d6106b07d2785b3d848a51295cdb16c8db44f9c705843f6432d48b5cd680dd4ddb3bc46c8395e1764b6b746718d9bef68bd405aa8d099372010880210ec98986862692dea8f1f44efcc90f01d21ef79ae19ef2aa6a65f0df9600014618d98cd773b47de98b44e2516d7c809d97fd8cab04624d8c7ecff8f2d8404f434b5010c3af103ca9629a08fada227626b015564220c406599fc8ebd5569340fd5aab1e448f1d6fe072e2f3f6efe332fa007331f028ee095e0895ac9ee29f63abef483463e153e8f3c01ddf6aecaed4088247fbcb74d7f2a51bcabde747ae9822a18a3830accdc2646d927e508365b9048cee3ad97023e09ce31d3b806913b49e4c294afc4ed57a8791e8513eb9c992ef51d33d98caa3ef18b4b27c59d7589831a6f8a56606756c887af6a0ad18bed4912e14df81ab2629fc9a3d7a1d72add7a74f4ffc00f8dd2879e7c5e8cb52db10d0c16edc3adfd20f84509ec8642b9026d7f93d2c129631667aab727bfd7183a54f59252df9d32ab1af1e349582ce6ca67a532862f70366cc2d4c961be9aeac911a115a780a9c92080fd3e2ba8e48208e167c1743a640297b0df412c8634ca5d41dcf74ed672a7d893b2b34fdffb5fdb3a6dc1741ed0602baadb25dcf4168c511e7ab10eb5bad14923af8e3d9d925837a3f30f2b00d763499340c3b49b65d804ca785027b8c82b7925a927f44e6d49a0bebae6b1ec3b23677d88f7d7805e2ff95ab847c7919f2d362cac992f94cf67f013e891be9770fc7cf9fbf70f0cd031b01425cc001deaae83387136c75f84b075f0e23ef47b883f2f3cbe87b788988c98a3fbd7b9c1b14f15e8121bec76e4045fe5e5e49afb24b3ad9e1fcbbcc4cfe8cb973a30ff6076790086bfeead6bec1fce08bc02662f935a7873544ffaad0fe42c3cf44022efecb09014936e0182ce22eddafe39ae10e212f70a101d831b7474732502573a2254542c3e573f4f25e634dfbece75c4c612b985714700d966b6c469b5b9468c2564f439f397dbb509781b8186d37cbe49a7be9bdf4d4f1deb3fb9baa2a448734e0d18c9e38fce81090599e8d97429356faa9f2a8153d866624ca07940c5ee06b47a1bb84806e3c0c6aa5569b74f3b8d06a6ddbc722d898fdd5ebda77937674e76e4ef26cdb6a6d68487bab3db2dc9500beac6d4c911981bcf95e040bebec5ec8c7ec749fd6d913fbd1ad3d57c668f877dae08f88e07972fd8127d32550219be26a562a538ea4790593a596be507c5875fc8cc4287352af97ff6da68e1e90afa81e1f5fa42172cf1d2d8ec5ea130f401327cbf382e90f2fab7af7f30f9f0ebfc5c0d030b3c13fda3c6d476e2f2b8d51864866abbd7f57efe263d2189d450205562f9bdd477559159064d802c0ee84075fc5bd1b70dbcf9994ff4422c239c7bfc6812c73e991e78f8026d489a22641883d850a4c8a824bb54b5d462dbc4d1c300a7178232dc35a3b862c227dbe6023a0cd614a6c6936de2d7d753fb73e4695df048d8ef016c016a27223595609a88636826d92e8266916a413c5d8b852c2c5581193664ec7ef105e68819369efba470b127afe644d1f444129eec142e8dc42e2026abe434a427362cfe3f02911ae7c1b02e22215ca030fa54618bea6e91b207e3710d4b05b3befc897e306cca4a1fde8683c01032b8caceb58a5e71905a79e9b5b38192a84a4a7d68dfbb0e6415de8be7200fbaa12a07cfc273ae9f0e1d23b7358fdd87f07bc6a2e9eb450b2945d6b750e8bd723129c6503f69eb79bd214f0a2f62adece54a7cbe7b6771e11c2a5d4a8bde7b09d24fb6a1936d76e06e9c799f3bd72c7de21fe873e03beab321a93a958a13609df47add0e0a6e272bdd942c8f6071cb4d995e6f22ec50f3d481476028a6980674cf4ebb1e5667dbf03804e3fcb2753ea2111235127347d54565f95561c52bb861e5405757683229937663e9aa242c43682e4bb5b50bbcf356cc7ec85134c7046856622eb7138bbbe77cc9823537951d49ef1246077edb1c3ec69c5a0212ce38e215164cd9cc1f5e702a89100b6a044b090e9f4a0a8bcf5e33eef6e9006763bb7a20afe279557a5dee64672f9db18d83b4f38b729829fccc1a8515e2ab17fe5c200e26a6bf22e0c5aeec124fd13832deb7b44855b8221756491bed15513cac21e51b763c77752ae7a2db0d1659a798e18646e54c5a6768e459d326719203c241e855d79de6991e5c738772ca8ff883d03514490c361557ef533ac5d5a28bbc42825b56570872e09220f71ec25d90b95f440dedc7b420c3af76129d1d66d4031a064b35ce8ac748a9b10a37bd5608dcaeeb3d1ae30fba2b5a057a799ef58139d30afc9c2e8c8d5eb8673b35dcb99a0db605d457cc55d949211c82052dea5b11c3a0b0817d8843db67a16af2f1dc1b49322561061c3362e655fc6ccef9c2331aeb90db03e45ca878e38cc1b2240a261247ef1f48e50f77957dee084b28e0ccd4afe0552386c6f9b4e63bac371dc61d244961d3cc232f3d524c90f90cf0d555f94310707e160a428189e6a394d7ca04be3ec93065f4a55730394cb8b998fe7ab65383b14eb50ece1607f276f7dea722e14932631b7a87d2df2a85b85e291b78b5f5015eda994ba000d1ac748ad0040439a828cdd814d270e4c2af4b54694e3b0bc33193c48e5b2197a41d138c3c583d0081fc2633a9afc5b1fbca5a44cc47696979a2651b29ee7de157379aa608fe664c876c686bbf1add81323aae9c5d8251a0818654907622bdb5395a206601df609ab4d5b3e693f1cf1921cd9bc054b608d3aa1865b85e84668c79cc6055791eef778219db90b8ef199ccfaf0a8a0459d12a7b9e514d00f99a337df9b88b816076ea1e9ef29b2a04a215f3add706392f9455075f7720a6f04e9cc376190a185bdaa00351afba88a2daa0b577dd8d953e2ec0395f7913de491fb41f9db3e7574a8bfe6b460f23e6df0a9b308c0758a2f5a57e01575909db9c67988d17980830624d566caa4ab493bc63f649ec9989db0cb0261fc39f0a5089fd57869dbc62ae10e71d910917e01ef6c305f17744851f401b7fe9d6d4c41a43cd2225823c25d4c4cb3a9e8dec72513e456d3491fd6f4994baa9cfe3c2c07331fb70a12a5871f9ee3cb1e58e731b4497e66d2c4cf73eccd6e27aa1000b81705b3979ca2b0458175c92b6bee83348c719b0c191f346fe4bfa58c2817eb5091d464dd1030ae5e7439e6688304ff61ea3d942bb4f00ffe576dd72398ace2070246ee00ab75ea0c8e35479c67b6866945308d6a4982f4513cc4c75c531de549316311abe2d77290297bb5175af58a85f2256de9da328e8dcc8231e3adec06a95eadf94f1d6dcc3251fbf1aefdfd5247c3919efb328862389de855c9067dc2860bed53eecdded817154e0cbefef4f2993afa7ba36a33e57556029c63aa14357cceeed0ccbf7676e232d412264b24df24e4bed22f7a7dde166404c7ac03cfd6886bef23e1619a81bcd734dce62d19dbcd693e315bd1fec7fc1bf35f9ffe378520277652f8a8b40d934970ad66376c834b430360d3444246fd1a081c60c5924035c3645fa07f82b9a4efdb146df2eeae97424fac77f0bb1a64369953ee70e85df6c41618f7c15706600c4d677260f3db5b361f48701d7521ff47feb2724dfe021c518b9955070f985be31bcc3f8df0d6f0d822fcde96e38012d5c69e6cc1401a6a858bc895c975bb3693d3e0d3dd9d15c959a8df5879eade3fd54b315224f57f6cb6d88b5b22a42903ce4b8265fe11797b1029975f463ba7b16af82a0054e696208dccf5cd9d35726ae9feb283281b0663dacf8883d58ffc01019d3bf24bc0c56cdebb385b00e40e611c98da3e76b86b1fb4321e88803b332f7da2473ed2670a70c60903b9c5adc4f2dd1a6538b09fa5871f83a6a2001cfc5f874b28ac0394a8c4ef8fe5932b7804a44956bbb65994596559b7cb22f98f69ae3e3b75b16c3f1ab5da61f6b68aa6422a031a647237682a0240428cebcc90dae33d6a65018271abf260e9a6e512cdcab365111a2e60c1229e8dec97b2644b7f7d0b8897e457695178c53d001d1f4531f45ccc2f2171c0a204a829b78d95c96402946af77980cf94181037a97ade63f76c751ce7a908bb5eb4ad3432c4ee16f555d885a7e583e36abade21d57a26b8dbd13d201f8505df7c8845ebb6cff01bc34eed2be2606f2ec46511d40e95e1a1c24dfd034c39ffae18990e6da67ad3732c9c497251e0ac494e770d0810dc576852487d8a614633c500357b41ac6dfdbb132af5798e1f4ce60c7475e0406628770f3f33996163d0d2c99d83b1bf6000f98e78a90102cf86202cc5447da93cbd7b4c30e31b11a2cb37fc83e41bbdd8b552925e2d52ba62a9cc984188934b259fca241453ead0ac7e05bceef5d1bceb2769cad4bb7181efb0b106f5f2dd8d07452de05f582ff69ad30600a3b871a500c839b9689da0aaa019cfc7762ab11188e49c29605ffbed687d6c1aca2758a7b6eff0534f5b279f25970ac7a040468949d47672e87194c525d65ad432dddb007c5db6cbb197db9ce0d52049f2141e817035bb426712ce0fbffd84f82e0de13c8880cfd197992e65612f6f0acf6189c8c91efc86fad7dbe8400215b45ea0946757180f19bd40978ab62cc9f58e02711f39a360160d19b7fcb63a4359e743fe7425e6148810cc6f8bbd24a64f9848cc0cb0541f6aab01833f7977e14fd0f762f62977f0aac9d33a49e419c5b8c28ce7c583768a457f78929b7af25f53b7d53f454b429c29ab6f7c86d44126da9c6eeb64d8632c0e043b7737db841a2650adcdf07696aecc2e9acdd152d9edbbeb05bf283fa70a63bc82f212e21833d207c8a79cde29bf7f56dac50d6fda195e7bb3ce3dca84aab3c86075460ff6b999559cd7f8fd8543f37e6119891c9f27c3a97fedf81fb19fab187dc6fd0ea17734e21bcbac174999cdd6d21a47807f819d0855a75c0aec883c56a470c76e2c8e23a7f3a45ea6e014525f708fc16c336cc09280760e9e1ff3d056ed502c808599524b79b9310f4576bf03290c186be4feb87bcb429465c7a862752408a98b5b4d3f4e05ef36e03370abb42d5373ebb2b6684ce9084f5d91ca39184444708db91a0b34142955b33e99a54af906a1d850fed3c9a815956dc241cb5d44d0e067b70ab46e5e1e4b75d1f1a4b7153e36be0ba0df7ade46fabdf1e2dfbf49ac70ac9ad6719ff6c387dd924968811f4d54ccaea0855aab03dd3c984dd3d341bb617b758708544d70b965244f8f7f49e25506b0fdaf9c2329ef3e1b75a34bae57a45c22afcb8c2b14eec0497b0838c9186706ce68fd5fa33d5480a3630a1dd2bf72b4fc9a5bc4610d6e4c0b4fc7977e43a66e78e43e63ee8cee332d52fcd3f445a597c707afae6d90f26c44dba578227a40f1b0cf9b6659fb3976ca97edc1c138bc05e0dd2cb65cf7cb2535a93ffba38979c8ea560c90d7ceb845ecba7b838005a385f1671508d1506f676cbb7789bfdefaad57ae980da52363092344a6cef2f5bcec2bbae617c81c4b7b824a6297ccd08e150df6930d2a6ade9f854c9ca64a54a7beaf4b81c6ddd47072aeacacb2e983909a6243a8fe87cc470e67e7b8e113aab8472c02685a89e05f1fc8c1f9335fd89fa2a24023773fb2591c812253bae671bdd920d75e5d6a23a075dce7a43e197fba8e49de8ad14b535495cabd378b2aec0a8f4a9070b607401b7e3022c9e4d2d02f5cde5b161f92aec7e2f6bf18280cc443ad181239cb4bd78a638720d15ded7d6244cf9ab11f8c65a0b3fbeff4133f1f78e278e5b1b73206127310887ebfdc18c93b878de5726db902b7ad61ffe47c7ae796470dfe00353675a85a4f19ec034171d6e2c1f9958eeffe8f5b3d0264e9ec5f7046a9ea01c6e632a88fd247cfcb0b5191ead426a16a6c820313e4cf86a0665bd9524d44a8fc515b021020f0ca09be305a7507887adf1d22023ce7c4f0f75a0149a47d77bd27dd7f75980d22b1e7c5830945ffdc00701f4e1161941f3e04403046ad56ae81957b283b1e35e968e92d3fb989f0422c9454d1a258bc96edea9a1c4554bb7e8194c330f6df333e46c88fa8b93fcffb1bc9d47cb3cc04060b90445b94d3d6af63804c03ec32762e520a61daf49ac7be6ce52b05a5e93a6c7fb591d984e49b26dc347b25fa2ef428bd3ba626375b763564e49686b5e62aa6417f5eddb5d5e342468fcc050e0774f97e2812d9608a8571ec9d237992fb47131e31b8e938ee92706726815c335af0b524df2aee104fd210440d006d0d306da419088701427f079a83a93581b7ac53d063001a2f362f5ede1c67a49747cc8bb470dfad3431c18a1069cb4e848ebdb46174cff1f768e84c7b2ce08ae6a2ca3ecc15a7a4a1aec42c17a42cbb9ad06bd42bdc0e92554e3d4063c8fc640aad77badc23bd90ebdef50bc72ff104d7804f057f70617b248e98fdb9f64debc198de982451f170d6c4bb982a74fc18f44575b54765d42fe6fde5074def15e968951e862114d3c84afbdbf915188085a0e28d8d7885ff601013537f7c622f8900f0a7568f5399362570d7cc3c4ca4f004c6e8a00f89219eabac00ebf2d4e557befbcd1fad06426bbff172c440cdc41786f0b3dca4f08b93fdb8d39fa20cccd73548235f13e444481d66f60189524a1f737d85bf1d7021c1c298c05489f83cb", 0x2000, &(0x7f0000000880)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)={0x13, 0x0, 0x0, {')#\x00'}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) read$FUSE(r2, &(0x7f0000008380)={0x2020}, 0x18af) 3.820877104s ago: executing program 3 (id=1197): r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000240)={{{@in=@multicast1, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0xa, 0x60}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@remote, 0x0, 0x33}, 0x0, @in6=@empty}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0xd8ff0000) 3.820514067s ago: executing program 3 (id=1198): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/bus/input/devices\x00', 0x0, 0x0) syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="120100007516b7108c0d0e008f8e0018030109021b0001000000000904080001030000000905", @ANYBLOB="8fcf"], 0x0) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000011b80), 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000080)={{0x1, 0x1, 0x18, r2}, './file0\x00'}) syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$KDSETLED(r3, 0x4b32, 0x0) preadv(r0, &(0x7f0000003780)=[{&(0x7f0000001300)=""/170, 0xaa}], 0x1, 0xffff, 0x0) 3.500686263s ago: executing program 2 (id=1201): socket$nl_route(0x10, 0x3, 0x0) r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000580)=ANY=[@ANYBLOB="1f000000000000000a00000000000000fe8800000000000000000000000005010000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000a00000000000000fc00000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002700000000000000000a00000000000000fc0000000000000000000000000000000700"/400], 0x190) epoll_create(0x2) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r2, 0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0}, 0x48) socket$inet6(0xa, 0x1, 0x0) r3 = socket$inet6(0xa, 0x2, 0x0) setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10) setsockopt$inet6_udp_int(r3, 0x11, 0x66, &(0x7f0000000100)=0xc6, 0x4) bind$inet6(r3, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x7d) syz_emit_ethernet(0xd2, &(0x7f0000000900)=ANY=[@ANYBLOB="ffffffffbfff00000000000086dd600489f1009c1100fc010000000000000025030000000000ff02000000000000000000000000000100000e22"], 0x0) socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000940)=ANY=[@ANYBLOB="c8010000100433060000000000000000ffffffff000000000000000000000000b014140000000000000000000000000000000000000000000000000000000000ec9144f127afa912b3818a55ed888b846023951257f2075901184f3045fa0e543accf3ace202a9c42736223386e1bce1014b72edc8410533810f37989191bf36b71f52614d1a2a0942a58285fa173d7b605e3b1fb395d2ca422490aba9b6714d598c0e438347a6e462ee9a34137f91f2f253d69dbc16114aaa470681bdc8f18a2e4fb4148b86d1951795c4d6fccf1e7caa9804640c7fba42b111d7276f41697dcbff3d92f2df266b1034bad3830bb6923854211e7cb2f3f6dfe69574acc00a7de6e1a2b9b2c5b700d97cccf479653f890571372336047ac4bfc63f43d2abc5e3a8c4c03d6c1dc6063c461247f914f4f836c8d0b306a9fbbb04849210e8b37f194a3f8225882df738af41b356896c886900ef9d75e80af7cd01b3a1a298327d2cb323b5b86ae83510cede85509bfc2a6874024aadf2201a583ef6d0c862a11c5282ef8854f91301ed05eb91c8e260526df7887637118a4c8e1ae016275ee0e4ea9bc7db511823d5dc9b9fe12d9b3dffbe3acefcd12a2d068dc8a3773c1992d1912898f8aae4b4893ae9c97392793bc0265d655399335fa6470b9d0c61355912b4a8b6c90a6bc0c4284b683c12d170e4e1e6bca37cd93c35db561225ee6c773d9c51806a10e90270fb402da51675ab4ca9f9000000000000000000801fb244f70c480385a402013f2c0bc96358a753e38141159bd54f9d6e8b484c5966fec436e6cab89f4b7db7a4631e8fe6495f7e34dca612224e4650de64741f87c079e6821a5e317620c9176e37b5ce01d51911799b2bb0878d6f5a9bb2f4bf367112aae79c8d72010e26db395359c6f8a1c66757845be254ac09d340628eaec3fdfe849f0591be9dea531b", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000010000000032000000fe880000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008d001400726d64313630000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000802000000000000e863654b40a7ad42118bc1dd69d07e3b05cf0dbc9a9aac6130f0d060cb0c958c133115ff9cbb79de1007f5583249a62fe4273013ec2c2cca44c3a2d388d9483ca3000000"], 0x1c8}}, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000040)={0x43}, 0x10) syz_extract_tcp_res(&(0x7f0000000540), 0x401, 0x1) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000200)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB="98030000", @ANYRES16=r6, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r8, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffff"], 0x398}}, 0x0) r9 = socket$nl_generic(0x10, 0x3, 0x10) r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="1fe8ffff0000000000003b00000008000300", @ANYRES32=r11, @ANYBLOB="21003300d0800000080211000000080211000001505050505050000000000000", @ANYRES8=r9], 0x40}}, 0x0) sendmsg$NL80211_CMD_STOP_AP(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, r10, 0x100, 0x70bd25, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x234, 0x6e}}}}, [""]}, 0x20}, 0x1, 0x0, 0x0, 0x20008800}, 0x4000000) sendmsg$NL80211_CMD_START_AP(r1, &(0x7f00000003c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYRES8=r1, @ANYRES16=r4, @ANYRES64=r11], 0x110}}, 0x8081) 3.091085293s ago: executing program 0 (id=1204): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x8, 0x8}, 0x48) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000280)='9p_protocol_dump\x00', r0}, 0x10) r1 = openat$ndctl0(0xffffffffffffff9c, &(0x7f0000000040), 0x2103, 0x0) ioctl$DRM_IOCTL_GEM_FLINK(r1, 0xc008640a, &(0x7f0000000140)) 3.057391176s ago: executing program 2 (id=1205): r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_NEW_SEC_LEVEL(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r0, @ANYBLOB="020000000000000000002000000004002d8008000300", @ANYRES32=r2, @ANYBLOB="5f77124584ae590891c46f77d43b1e25f177"], 0x20}}, 0x0) r3 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x85) ioctl$TCSETSW(r3, 0x5403, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, "c7241275f410a1a0e2c6c979634165ca47bef8"}) read(r3, &(0x7f0000000100)=""/27, 0x1b) r4 = socket$inet(0x2, 0x2, 0x1) bind$rds(0xffffffffffffffff, &(0x7f0000000500)={0x2, 0x4e20, @private=0xa010100}, 0x10) r5 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'bridge_slave_0\x00', 0x0}) sendmsg$inet(r4, &(0x7f0000000380)={&(0x7f0000000300)={0x2, 0x0, @broadcast}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f0000000180)="96bc1480bb58", 0x6}], 0x2, &(0x7f0000000240)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r6, @rand_addr, @remote}}}], 0x20}, 0x2c004084) open(&(0x7f00009e1000)='./file0\x00', 0x8060, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x1, &(0x7f00000002c0)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0) semget$private(0x0, 0x6, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x90) r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00', r9}, 0x10) socket$nl_generic(0x10, 0x3, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x2, 0x4, 0x8000004, 0x1}, 0x48) r10 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x52) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r11}, 0x10) bpf$ENABLE_STATS(0x20, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000340)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r7, @ANYBLOB=',wfdno=', @ANYRESHEX=r8]) 2.961753138s ago: executing program 0 (id=1206): openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r0, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10) setsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000300), 0x4) sendmsg$tipc(r0, &(0x7f0000000280)={&(0x7f0000000040), 0x10, 0x0}, 0x0) (fail_nth: 4) 2.660776239s ago: executing program 0 (id=1207): r0 = syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000380)={0x1, @pix_mp={0x0, 0xffff, 0x3631564e}}) preadv(r0, &(0x7f0000000000)=[{&(0x7f0000000080)=""/118, 0x76}, {&(0x7f0000000480)=""/4096, 0x1000}, {&(0x7f0000000100)=""/117, 0x75}, {&(0x7f0000000180)=""/136, 0x88}], 0x4, 0x1ff, 0x5) ioctl$EVIOCSCLOCKID(0xffffffffffffffff, 0x400445a0, &(0x7f0000000240)) syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0) (async) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000380)={0x1, @pix_mp={0x0, 0xffff, 0x3631564e}}) (async) preadv(r0, &(0x7f0000000000)=[{&(0x7f0000000080)=""/118, 0x76}, {&(0x7f0000000480)=""/4096, 0x1000}, {&(0x7f0000000100)=""/117, 0x75}, {&(0x7f0000000180)=""/136, 0x88}], 0x4, 0x1ff, 0x5) (async) ioctl$EVIOCSCLOCKID(0xffffffffffffffff, 0x400445a0, &(0x7f0000000240)) (async) 2.532077638s ago: executing program 0 (id=1208): r0 = socket$inet_sctp(0x2, 0x1, 0x84) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000280), r1) setsockopt$inet_sctp_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000080)=@assoc_value, 0x8) getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f00000000c0), &(0x7f00000007c0)=0xc) r2 = openat$audio(0xffffffffffffff9c, 0x0, 0x0, 0x0) r3 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) setsockopt$ax25_SO_BINDTODEVICE(r3, 0x101, 0x2, &(0x7f0000000100)=@rose={'rose', 0x0}, 0x10) r4 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) fchdir(r4) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/net\x00') mount(&(0x7f0000000000), &(0x7f0000000040)='./cgroup\x00', 0x0, 0x1001, 0x0) mount$bind(&(0x7f0000000080)='./cgroup\x00', &(0x7f00000000c0)='.\x00', 0x0, 0x2002080, 0x0) ioctl$SNDCTL_DSP_GETOPTR(r2, 0x80044d76, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='blkio.bfq.io_serviced\x00', 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) getsockopt$IP6T_SO_GET_REVISION_TARGET(0xffffffffffffffff, 0x29, 0x45, &(0x7f0000000240)={'HL\x00'}, 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"]) mknod$loop(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) r5 = inotify_init() inotify_add_watch(r5, &(0x7f0000000180)='./file0\x00', 0x80000108) inotify_add_watch(r5, &(0x7f0000000040)='./file0\x00', 0xe00000dc) chdir(&(0x7f0000000100)='./file0\x00') r6 = open(&(0x7f0000007f80)='./bus\x00', 0x143042, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r7, &(0x7f00000004c0), 0x4) r8 = socket$rxrpc(0x21, 0x2, 0x2) dup3(r6, r8, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuset.effective_mems\x00', 0x275a, 0x0) 2.421094842s ago: executing program 0 (id=1209): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) ptrace$getsig(0x4202, 0x0, 0x9, 0x0) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) fcntl$getownex(0xffffffffffffffff, 0x10, 0x0) r3 = epoll_create1(0x0) epoll_wait(r3, &(0x7f0000000240)=[{}], 0x1, 0x7ff) r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder1\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r4, &(0x7f00000000c0)={0x10000001}) 1.574823467s ago: executing program 2 (id=1210): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) ptrace$getsig(0x4202, 0x0, 0x9, 0x0) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) fcntl$getownex(0xffffffffffffffff, 0x10, 0x0) r3 = epoll_create1(0x0) epoll_wait(r3, &(0x7f0000000240)=[{}], 0x1, 0x7ff) r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder1\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r4, &(0x7f00000000c0)={0x10000001}) (fail_nth: 1) 1.324818433s ago: executing program 0 (id=1211): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000000000040ac054382408b0b00000109022400010000002009040000fd03010000092100000001"], 0x0) ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a) r1 = syz_open_dev$loop(&(0x7f00000001c0), 0x0, 0x103382) r2 = memfd_create(0x0, 0x0) pwritev(r2, 0x0, 0x0, 0x5, 0x0) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) sendfile(0xffffffffffffffff, r1, 0x0, 0x24002de8) syz_usb_control_io$hid(r0, 0x0, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@bloom_filter={0x1e, 0x3, 0x1, 0x2, 0xa43, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x3}, 0x48) ioprio_set$uid(0x3, 0x0, 0x0) syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_DESTROY(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, 0x4, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0) 743.320527ms ago: executing program 3 (id=1212): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$gtp(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$GTP_CMD_DELPDP(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRES16=r1, @ANYBLOB="0101000000000000000001"], 0x2c}, 0x1, 0x0, 0x0, 0x51}, 0x4000) 691.828681ms ago: executing program 1 (id=1213): read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) ioperm(0x0, 0x3, 0x2) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = socket(0x40000000015, 0x5, 0x0) recvmmsg(r1, &(0x7f0000000b40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x2, 0x0) r2 = socket(0x10, 0x80002, 0x0) r3 = socket$vsock_stream(0x28, 0x1, 0x0) bind$vsock_stream(r3, &(0x7f0000000140)={0x28, 0x0, 0x2710, @host}, 0x10) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000000000000000009700010004000000ce0000000000000095"], &(0x7f0000000000)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='rss_stat\x00', r4}, 0x10) syz_genetlink_get_family_id$mptcp(&(0x7f0000000200), 0xffffffffffffffff) listen(r3, 0x0) getsockopt$inet_sctp6_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f00000001c0)=@assoc_value, &(0x7f0000000200)=0x8) r5 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r5, &(0x7f0000000080)={0x28, 0x0, 0x2710}, 0x10) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000240)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$EVIOCGLED(0xffffffffffffffff, 0x80404519, 0x0) r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r6) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) r7 = inotify_init1(0x0) fcntl$setown(r7, 0x8, 0xffffffffffffffff) fcntl$getownex(r7, 0x10, &(0x7f0000000140)={0x0, 0x0}) r9 = syz_open_procfs(r8, &(0x7f0000000600)='fd/4\x00') bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000000000000b704000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$EXT4_IOC_GROUP_EXTEND(r9, 0x40305829, &(0x7f0000000240)) 630.8093ms ago: executing program 2 (id=1214): socket$nl_route(0x10, 0x3, 0x0) r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000580)=ANY=[@ANYBLOB="1f000000000000000a00000000000000fe8800000000000000000000000005010000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000a00000000000000fc00000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002700000000000000000a00000000000000fc0000000000000000000000000000000700"/400], 0x190) epoll_create(0x2) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r2, 0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0}, 0x48) socket$inet6(0xa, 0x1, 0x0) r3 = socket$inet6(0xa, 0x2, 0x0) setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10) setsockopt$inet6_udp_int(r3, 0x11, 0x66, &(0x7f0000000100)=0xc6, 0x4) bind$inet6(r3, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x7d) syz_emit_ethernet(0xd2, &(0x7f0000000900)=ANY=[@ANYBLOB="ffffffffbfff00000000000086dd600489f1009c1100fc010000000000000025030000000000ff02000000000000000000000000000100000e22"], 0x0) socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000940)=ANY=[@ANYBLOB="c8010000100433060000000000000000ffffffff000000000000000000000000b014140000000000000000000000000000000000000000000000000000000000ec9144f127afa912b3818a55ed888b846023951257f2075901184f3045fa0e543accf3ace202a9c42736223386e1bce1014b72edc8410533810f37989191bf36b71f52614d1a2a0942a58285fa173d7b605e3b1fb395d2ca422490aba9b6714d598c0e438347a6e462ee9a34137f91f2f253d69dbc16114aaa470681bdc8f18a2e4fb4148b86d1951795c4d6fccf1e7caa9804640c7fba42b111d7276f41697dcbff3d92f2df266b1034bad3830bb6923854211e7cb2f3f6dfe69574acc00a7de6e1a2b9b2c5b700d97cccf479653f890571372336047ac4bfc63f43d2abc5e3a8c4c03d6c1dc6063c461247f914f4f836c8d0b306a9fbbb04849210e8b37f194a3f8225882df738af41b356896c886900ef9d75e80af7cd01b3a1a298327d2cb323b5b86ae83510cede85509bfc2a6874024aadf2201a583ef6d0c862a11c5282ef8854f91301ed05eb91c8e260526df7887637118a4c8e1ae016275ee0e4ea9bc7db511823d5dc9b9fe12d9b3dffbe3acefcd12a2d068dc8a3773c1992d1912898f8aae4b4893ae9c97392793bc0265d655399335fa6470b9d0c61355912b4a8b6c90a6bc0c4284b683c12d170e4e1e6bca37cd93c35db561225ee6c773d9c51806a10e90270fb402da51675ab4ca9f9000000000000000000801fb244f70c480385a402013f2c0bc96358a753e38141159bd54f9d6e8b484c5966fec436e6cab89f4b7db7a4631e8fe6495f7e34dca612224e4650de64741f87c079e6821a5e317620c9176e37b5ce01d51911799b2bb0878d6f5a9bb2f4bf367112aae79c8d72010e26db395359c6f8a1c66757845be254ac09d340628eaec3fdfe849f0591be9dea531b", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000010000000032000000fe880000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008d001400726d64313630000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000802000000000000e863654b40a7ad42118bc1dd69d07e3b05cf0dbc9a9aac6130f0d060cb0c958c133115ff9cbb79de1007f5583249a62fe4273013ec2c2cca44c3a2d388d9483ca3000000"], 0x1c8}}, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000040)={0x43}, 0x10) syz_extract_tcp_res(&(0x7f0000000540), 0x401, 0x1) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000200)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB="98030000", @ANYRES16=r6, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r8, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffff"], 0x398}}, 0x0) r9 = socket$nl_generic(0x10, 0x3, 0x10) r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="1fe8ffff0000000000003b00000008000300", @ANYRES32=r11, @ANYBLOB="21003300d0800000080211000000080211000001505050505050000000000000", @ANYRES8=r9], 0x40}}, 0x0) sendmsg$NL80211_CMD_STOP_AP(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, r10, 0x100, 0x70bd25, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x234, 0x6e}}}}, [""]}, 0x20}, 0x1, 0x0, 0x0, 0x20008800}, 0x4000000) sendmsg$NL80211_CMD_START_AP(r1, &(0x7f00000003c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYRES8=r1, @ANYRES16=r4, @ANYRES64=r11], 0x110}}, 0x8081) 538.813392ms ago: executing program 3 (id=1215): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x0, 0x0}) rename(&(0x7f0000000100)='./file0/../file0/file0\x00', &(0x7f0000000140)='./file0/../file0/file0\x00') 538.516222ms ago: executing program 3 (id=1216): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x4) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000500)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r1, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f00000005c0)=""/151, 0x97}], 0x1, &(0x7f0000002f40)=""/221, 0xdd}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, r3, 0x0) close(r2) r4 = dup(r0) ioctl$SIOCSIFHWADDR(r4, 0x400442c8, &(0x7f0000000080)={'veth1_to_batadv\x00', @dev}) 363.641338ms ago: executing program 3 (id=1217): epoll_create1(0x0) r0 = syz_open_dev$loop(&(0x7f0000000140), 0x619, 0x81802) ioctl$BLKSECDISCARD(r0, 0x127d, &(0x7f0000000280)=0x10000) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$RTC_PIE_ON(r1, 0x7005) r2 = syz_io_uring_setup(0x680d, &(0x7f00000006c0)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000140)=0x0) syz_io_uring_setup(0x5e2, &(0x7f0000000000), &(0x7f0000000180)=0x0, &(0x7f0000000380)) syz_io_uring_submit(r4, r3, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x4}) io_uring_enter(r2, 0x381b, 0x0, 0x0, 0x0, 0x0) r5 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0) ioctl$SG_SET_FORCE_PACK_ID(r5, 0x227b, &(0x7f00000001c0)=0x2001) r6 = fcntl$dupfd(r5, 0x0, r5) readv(r6, &(0x7f0000000000)=[{&(0x7f0000001140)=""/136, 0x88}], 0x1) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fed0079"], 0xcfa4) r7 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r7, 0x3b81, &(0x7f0000000080)={0x19, 0x0, 0x0}) ioctl$IOMMU_IOAS_UNMAP$ALL(r7, 0x3b86, &(0x7f0000000040)={0x18, r8, 0x2}) process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(&(0x7f0000000240)=@loop={'/dev/loop', 0x0}, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000040)='reiserfs\x00', 0x8200, 0x0) fspick(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x1) 282.201735ms ago: executing program 2 (id=1218): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = socket$l2tp6(0xa, 0x2, 0x73) r2 = socket$rds(0x15, 0x5, 0x0) syz_emit_ethernet(0x72, &(0x7f0000000880)=ANY=[@ANYBLOB="ffffffffffff0180c200000086dd60120008003c3a00fec36200000000000000000000000001fe8000000000000006f35c5800000000000000aa08029078000000006000081000001100fe880000000000000000000000000001000000000000000000000000fd310000fb36eeca6ead50b375a22a58aae604f79496f705531242d0dfff37cea985c8ceb14a44b3f40174f83d31c1f907a162688981f7f98f242d2862f848b2e277455cf8d11af6a4f0b4235c549fc04496800dd9063a236acad0f2fa4b6d9a7c0355bd0e0f4f3fbe3277200fb6c8fed42fc5ea277537b1672b16"], 0x0) bind$rds(r2, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10) r3 = socket$packet(0x11, 0x3, 0x300) getpeername$packet(r3, 0x0, 0x0) sendmsg$rds(r2, &(0x7f0000000740)={&(0x7f0000000040)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000200)=[@cswp={0x58, 0x114, 0x7, {{}, &(0x7f0000000080), 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7}}], 0x58}, 0x0) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000540)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, 0x1c) r4 = socket$packet(0x11, 0x3, 0x300) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000180)={'wlan0\x00', 0x0}) r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r7, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000002c0)=ANY=[@ANYBLOB="2c010000", @ANYRES16=r9, @ANYBLOB="010065bd7000fcdbdf254f00000008000300", @ANYRES32=r8, @ANYBLOB="48007a8014000100c396d979a8f802a09c5d7bfaeb3575f21c0002002c8b2ddcc0a3a020196b852ff1e5776edd2fed6a243a33220c000300b38b3e2d8514cc07080004000500000030007a800800040007000000240001006b367eca9776d5c92ac3b99cce28c8dbdebd62217f9c5f46d4b1a11c682b40d61c007a800c000300e028aa46e44ee6830c0003009cf7debf7cdf5a207c007a80080004003465e91c0c0003004a159160a275d9fa08000400ff0f00000800040007000000140001006fde61d99aa98d55b507315489e6cd79140002"], 0x12c}}, 0x0) sendmsg$NL80211_CMD_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000280)={0x30, r6, 0x400, 0x70bd29, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0x34}, @NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0x60}, @NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}]}, 0x30}, 0x1, 0x0, 0x0, 0x80}, 0x40040) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000480)={0x0, 0x0, 0x71}, 0x20) r11 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_TEST(r11, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="380000000b060101000000000000000000000000100007800c00018008000140e0000002050001"], 0x38}}, 0x0) bpf$ITER_CREATE(0x21, &(0x7f0000000340), 0x8) sendmsg$NL80211_CMD_FRAME(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="98030000", @ANYRES16=r6, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r10, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x0) r12 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r12, 0x107, 0xd, &(0x7f0000000180)=@req3={0x3, 0xc, 0x63, 0xfffffcbc, 0x9, 0x4, 0x7}, 0x1c) r13 = socket(0x2, 0x80805, 0x0) sendmmsg$inet_sctp(r13, &(0x7f00000032c0)=[{&(0x7f0000002e40)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000100)="03", 0x1}], 0x1}], 0x1, 0x0) sendmmsg$inet_sctp(r13, &(0x7f00000032c0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000100)='a', 0xdd02}], 0xc, &(0x7f0000000000)=[@sndrcv={0x30, 0x84, 0x1, {0x0, 0x0, 0xc}}], 0x30}], 0x1, 0x0) sendmmsg$inet6(r1, &(0x7f0000000000), 0x0, 0x4008814) 0s ago: executing program 2 (id=1219): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7ffffdff}]}) r0 = syz_open_dev$swradio(&(0x7f0000000080), 0x0, 0x2) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x8, 0x4, 0x4, 0x675, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3}, 0x48) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='configfs\x00', 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000002080)={0x26, 'hash\x00', 0x0, 0x0, 'digest_null-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, 0x0, 0x0) r3 = accept$alg(r2, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000f00)=[{0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000280)='A', 0x1}], 0x1}], 0x1, 0x24008814) write$binfmt_aout(r3, 0x0, 0x23) syz_emit_vhci(&(0x7f0000000380)=ANY=[@ANYBLOB="02c80010000c0001000306"], 0x15) r4 = socket$inet6_mptcp(0xa, 0x1, 0x106) r5 = socket$alg(0x26, 0x5, 0x0) bind$alg(r5, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'pcrypt(rfc4543(gcm_base(ctr(aes-aesni),ghash-generic)))\x00'}, 0x58) close_range(r4, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) stat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)) lseek(r1, 0x3, 0x0) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0) readv(r0, &(0x7f0000002240)=[{&(0x7f00000000c0)=""/4096, 0x1000}], 0x1) stat(&(0x7f0000001100)='./bus\x00', &(0x7f0000001140)) r6 = syz_open_dev$loop(&(0x7f0000000100), 0x8000000000000, 0x0) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0) write$binfmt_aout(r7, &(0x7f00000010c0)=ANY=[], 0x1a3) write$binfmt_misc(r7, &(0x7f0000001000)=ANY=[@ANYBLOB="208588e01455bc18", @ANYBLOB="588c90aadaedde6a2e64f465b0fcbcb8b6449c2f317140214a9be29c9e467325a38e1b43cddd210783f3dc083935e3b9dbfc09a3e0b8febcada80457edb6649176ddb8"], 0xe09) ioctl$LOOP_CONFIGURE(r6, 0x4c0a, &(0x7f00000002c0)={r7, 0x0, {0x2a00, 0x80010000, 0x0, 0x18, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}}) ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x3) kernel console output (not intermixed with test programs): for pid=8743 comm="syz.1.889" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 206.158852][ T8747] IPVS: wrr: SCTP 127.0.0.1:0 - no destination available [ 206.165728][ T56] IPVS: starting estimator thread 0... [ 206.255219][ T8749] IPVS: using max 34 ests per chain, 81600 per kthread [ 206.441380][ T8750] netlink: 8 bytes leftover after parsing attributes in process `syz.0.890'. [ 206.870712][ T40] audit: type=1326 audit(1722489464.250:636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8743 comm="syz.1.889" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cb31773b9 code=0x7fc00000 [ 206.905997][ T40] audit: type=1326 audit(1722489464.250:637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8743 comm="syz.1.889" exe="/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f9cb31773b9 code=0x7fc00000 [ 206.929427][ T40] audit: type=1326 audit(1722489464.250:638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8743 comm="syz.1.889" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cb31773b9 code=0x7fc00000 [ 206.943230][ T40] audit: type=1326 audit(1722489464.250:639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8743 comm="syz.1.889" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cb31773b9 code=0x7fc00000 [ 206.952257][ T40] audit: type=1326 audit(1722489464.250:640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8743 comm="syz.1.889" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cb31773b9 code=0x7fc00000 [ 206.961680][ T40] audit: type=1326 audit(1722489464.250:641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8743 comm="syz.1.889" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cb31773b9 code=0x7fc00000 [ 206.999667][ T40] audit: type=1326 audit(1722489464.250:642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8743 comm="syz.1.889" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cb31773b9 code=0x7fc00000 [ 207.022550][ T8757] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 207.027988][ T8757] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 207.463436][ T8766] input: syz0 as /devices/virtual/input/input17 [ 207.547834][ T8773] netlink: 28 bytes leftover after parsing attributes in process `syz.1.898'. [ 207.835272][ T56] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 207.918284][ T8780] netlink: 8 bytes leftover after parsing attributes in process `syz.1.900'. [ 208.027887][ T56] usb 5-1: Using ep0 maxpacket: 8 [ 208.033414][ T56] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 208.036854][ T56] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 208.040772][ T56] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 208.045010][ T56] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 208.050644][ T56] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 208.056393][ T56] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 208.059602][ T56] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 208.274588][ T56] usb 5-1: usb_control_msg returned -32 [ 208.277261][ T56] usbtmc 5-1:16.0: can't read capabilities [ 208.565419][ T8787] netlink: 16 bytes leftover after parsing attributes in process `syz.3.902'. [ 208.587504][ T8787] FAULT_INJECTION: forcing a failure. [ 208.587504][ T8787] name failslab, interval 1, probability 0, space 0, times 0 [ 208.592764][ T8787] CPU: 2 UID: 0 PID: 8787 Comm: syz.3.902 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 208.596926][ T8787] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 208.601099][ T8787] Call Trace: [ 208.602565][ T8787] [ 208.603875][ T8787] dump_stack_lvl+0x16c/0x1f0 [ 208.605958][ T8787] should_fail_ex+0x497/0x5b0 [ 208.608205][ T8787] ? fs_reclaim_acquire+0xae/0x160 [ 208.610446][ T8787] should_failslab+0xc2/0x120 [ 208.612578][ T8787] __kmalloc_noprof+0xcb/0x400 [ 208.614696][ T8787] ? d_absolute_path+0x137/0x1b0 [ 208.616960][ T8787] tomoyo_encode2+0x100/0x3e0 [ 208.619088][ T8787] tomoyo_encode+0x29/0x50 [ 208.621136][ T8787] tomoyo_realpath_from_path+0x19d/0x720 [ 208.623678][ T8787] tomoyo_path_number_perm+0x245/0x590 [ 208.626062][ T8787] ? tomoyo_path_number_perm+0x232/0x590 [ 208.628554][ T8787] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 208.631172][ T8787] ? __fget_files+0x256/0x400 [ 208.633256][ T8787] security_file_ioctl+0x75/0xc0 [ 208.635536][ T8787] __x64_sys_ioctl+0xbb/0x220 [ 208.637706][ T8787] do_syscall_64+0xcd/0x250 [ 208.639770][ T8787] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 208.642460][ T8787] RIP: 0033:0x7ffb609773b9 [ 208.644439][ T8787] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 208.652495][ T8787] RSP: 002b:00007ffb616d0048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 208.655945][ T8787] RAX: ffffffffffffffda RBX: 00007ffb60b05f80 RCX: 00007ffb609773b9 [ 208.658490][ T8787] RDX: 0000000000000000 RSI: 0000000000005522 RDI: 0000000000000008 [ 208.661028][ T8787] RBP: 00007ffb616d00a0 R08: 0000000000000000 R09: 0000000000000000 [ 208.663903][ T8787] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 208.666834][ T8787] R13: 000000000000000b R14: 00007ffb60b05f80 R15: 00007fffc7780d08 [ 208.670232][ T8787] [ 208.679772][ T8787] ERROR: Out of memory at tomoyo_realpath_from_path. [ 209.186831][ T8799] input: syz0 as /devices/virtual/input/input18 [ 209.658302][ T8810] netlink: 8 bytes leftover after parsing attributes in process `syz.1.909'. [ 210.143364][ T13] bridge_slave_1: left allmulticast mode [ 210.150114][ T13] bridge_slave_1: left promiscuous mode [ 210.153540][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 210.165623][ T13] bridge_slave_0: left allmulticast mode [ 210.168186][ T13] bridge_slave_0: left promiscuous mode [ 210.170882][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 210.506785][ T8819] IPVS: wrr: SCTP 127.0.0.1:0 - no destination available [ 210.613350][ T10] usb 5-1: USB disconnect, device number 16 [ 210.815306][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 210.825905][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 210.836738][ T13] bond0 (unregistering): Released all slaves [ 211.024273][ T13] mac80211_hwsim hwsim11 wlan1 (unregistering): left allmulticast mode [ 211.207379][ T40] kauditd_printk_skb: 26 callbacks suppressed [ 211.207393][ T40] audit: type=1326 audit(1722489468.590:669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8816 comm="syz.1.912" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cb31773b9 code=0x7fc00000 [ 211.225690][ T40] audit: type=1326 audit(1722489468.590:670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8816 comm="syz.1.912" exe="/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f9cb31773b9 code=0x7fc00000 [ 211.237377][ T40] audit: type=1326 audit(1722489468.590:671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8816 comm="syz.1.912" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cb31773b9 code=0x7fc00000 [ 211.247637][ T40] audit: type=1326 audit(1722489468.590:672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8816 comm="syz.1.912" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cb31773b9 code=0x7fc00000 [ 211.263137][ T40] audit: type=1326 audit(1722489468.590:673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8816 comm="syz.1.912" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cb31773b9 code=0x7fc00000 [ 211.272115][ T40] audit: type=1326 audit(1722489468.590:674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8816 comm="syz.1.912" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cb31773b9 code=0x7fc00000 [ 211.297384][ T40] audit: type=1326 audit(1722489468.590:675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8816 comm="syz.1.912" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cb31773b9 code=0x7fc00000 [ 211.319803][ T40] audit: type=1326 audit(1722489468.590:676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8816 comm="syz.1.912" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cb31773b9 code=0x7fc00000 [ 211.333777][ T13] hsr_slave_0: left promiscuous mode [ 211.344662][ T13] hsr_slave_1: left promiscuous mode [ 211.355873][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 211.359057][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 211.362237][ T40] audit: type=1326 audit(1722489468.590:677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8816 comm="syz.1.912" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cb31773b9 code=0x7fc00000 [ 211.379639][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 211.382826][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 211.386978][ T40] audit: type=1326 audit(1722489468.590:678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8816 comm="syz.1.912" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cb31773b9 code=0x7fc00000 [ 211.443571][ T13] veth1_macvtap: left promiscuous mode [ 211.446430][ T13] veth1_vlan: left promiscuous mode [ 211.448908][ T13] veth0_vlan: left promiscuous mode [ 211.448928][ T8835] FAULT_INJECTION: forcing a failure. [ 211.448928][ T8835] name failslab, interval 1, probability 0, space 0, times 0 [ 211.456787][ T8835] CPU: 0 UID: 0 PID: 8835 Comm: syz.0.917 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 211.462290][ T8835] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 211.467216][ T8835] Call Trace: [ 211.468691][ T8835] [ 211.470020][ T8835] dump_stack_lvl+0x16c/0x1f0 [ 211.472050][ T8835] should_fail_ex+0x497/0x5b0 [ 211.474157][ T8835] ? fs_reclaim_acquire+0xae/0x160 [ 211.476712][ T8835] should_failslab+0xc2/0x120 [ 211.479042][ T8835] kmem_cache_alloc_node_noprof+0x71/0x310 [ 211.481709][ T8835] ? __alloc_skb+0x2b1/0x380 [ 211.483873][ T8835] __alloc_skb+0x2b1/0x380 [ 211.486190][ T8835] ? __pfx___alloc_skb+0x10/0x10 [ 211.488375][ T8835] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 211.491029][ T8835] netlink_alloc_large_skb+0x69/0x130 [ 211.493476][ T8835] netlink_sendmsg+0x689/0xd70 [ 211.495662][ T8835] ? __pfx_netlink_sendmsg+0x10/0x10 [ 211.498230][ T8835] ? __import_iovec+0x1fd/0x6e0 [ 211.500444][ T8835] ____sys_sendmsg+0xab5/0xc90 [ 211.502602][ T8835] ? copy_msghdr_from_user+0x10b/0x160 [ 211.505179][ T8835] ? __pfx_____sys_sendmsg+0x10/0x10 [ 211.507678][ T8835] ? find_held_lock+0x2d/0x110 [ 211.509648][ T8835] ? __pfx___lock_acquire+0x10/0x10 [ 211.511982][ T8835] ? __asan_memset+0x23/0x50 [ 211.514070][ T8835] ___sys_sendmsg+0x135/0x1e0 [ 211.516364][ T8835] ? __pfx____sys_sendmsg+0x10/0x10 [ 211.518937][ T8835] ? ksys_write+0x21c/0x260 [ 211.520917][ T8835] ? __fget_light+0x173/0x210 [ 211.523038][ T8835] __sys_sendmsg+0x117/0x1f0 [ 211.525007][ T8835] ? __pfx___sys_sendmsg+0x10/0x10 [ 211.527205][ T8835] ? bpf_trace_run2+0x2a6/0x590 [ 211.529406][ T8835] ? rcu_is_watching+0x12/0xc0 [ 211.531531][ T8835] do_syscall_64+0xcd/0x250 [ 211.533629][ T8835] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 211.536198][ T8835] RIP: 0033:0x7f16d55773b9 [ 211.538110][ T8835] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 211.547204][ T8835] RSP: 002b:00007f16d62d2048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 211.552214][ T8835] RAX: ffffffffffffffda RBX: 00007f16d5705f80 RCX: 00007f16d55773b9 [ 211.556393][ T8835] RDX: 0000000000000000 RSI: 0000000020004580 RDI: 0000000000000003 [ 211.560242][ T8835] RBP: 00007f16d62d20a0 R08: 0000000000000000 R09: 0000000000000000 [ 211.563703][ T8835] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 211.567075][ T8835] R13: 000000000000000b R14: 00007f16d5705f80 R15: 00007ffe2ed854a8 [ 211.571070][ T8835] [ 211.572590][ C0] vkms_vblank_simulate: vblank timer overrun [ 211.738653][ T831] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 211.905226][ T831] usb 6-1: device descriptor read/64, error -71 [ 212.205860][ T831] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 212.210738][ T5347] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 212.236963][ T5347] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 212.259507][ T5347] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 212.272232][ T5347] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 212.276697][ T5347] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 212.282688][ T5347] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 212.421335][ T831] usb 6-1: device descriptor read/64, error -71 [ 212.546047][ T831] usb usb6-port1: attempt power cycle [ 212.614636][ T8846] netlink: 28 bytes leftover after parsing attributes in process `syz.3.921'. [ 212.729981][ T13] team0 (unregistering): Port device team_slave_1 removed [ 212.877579][ T13] team0 (unregistering): Port device team_slave_0 removed [ 212.986708][ T831] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 213.018475][ T831] usb 6-1: device descriptor read/8, error -71 [ 213.301462][ T831] usb 6-1: new high-speed USB device number 13 using dummy_hcd [ 213.346700][ T831] usb 6-1: device descriptor read/8, error -71 [ 213.476343][ T831] usb usb6-port1: unable to enumerate USB device [ 214.188686][ T8848] sd 0:0:0:0: PR command failed: 1026 [ 214.190807][ T8848] sd 0:0:0:0: Sense Key : Illegal Request [current] [ 214.193526][ T8848] sd 0:0:0:0: Add. Sense: Invalid command operation code [ 214.288173][ T8841] chnl_net:caif_netlink_parms(): no params data found [ 214.366554][ T5346] Bluetooth: hci4: command tx timeout [ 214.732872][ T8841] bridge0: port 1(bridge_slave_0) entered blocking state [ 214.738816][ T8841] bridge0: port 1(bridge_slave_0) entered disabled state [ 214.746302][ T8841] bridge_slave_0: entered allmulticast mode [ 214.755370][ T8841] bridge_slave_0: entered promiscuous mode [ 214.761107][ T8869] IPVS: wrr: SCTP 127.0.0.1:0 - no destination available [ 214.798854][ T8841] bridge0: port 2(bridge_slave_1) entered blocking state [ 214.817830][ T8841] bridge0: port 2(bridge_slave_1) entered disabled state [ 214.821268][ T8841] bridge_slave_1: entered allmulticast mode [ 214.827149][ T8841] bridge_slave_1: entered promiscuous mode [ 215.103067][ T8841] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 215.150655][ T8841] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 215.421837][ T8841] team0: Port device team_slave_0 added [ 215.443778][ T8841] team0: Port device team_slave_1 added [ 215.704846][ T8841] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 215.718076][ T8841] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 215.731757][ T8841] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 215.740513][ T8841] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 215.743283][ T8841] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 215.753176][ T8841] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 216.046473][ T8841] hsr_slave_0: entered promiscuous mode [ 216.058403][ T8841] hsr_slave_1: entered promiscuous mode [ 216.351183][ T8889] netlink: 12 bytes leftover after parsing attributes in process `syz.1.932'. [ 216.455317][ T5346] Bluetooth: hci4: command tx timeout [ 216.642538][ T8841] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 216.660024][ T8892] FAULT_INJECTION: forcing a failure. [ 216.660024][ T8892] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 216.665650][ T8892] CPU: 1 UID: 0 PID: 8892 Comm: syz.3.933 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 216.670061][ T8892] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 216.675103][ T8892] Call Trace: [ 216.676745][ T8892] [ 216.678203][ T8892] dump_stack_lvl+0x16c/0x1f0 [ 216.680496][ T8892] should_fail_ex+0x497/0x5b0 [ 216.682728][ T8892] _copy_from_user+0x30/0xf0 [ 216.684929][ T8892] core_sys_select+0x361/0xb80 [ 216.687196][ T8892] ? __pfx_core_sys_select+0x10/0x10 [ 216.689780][ T8892] ? ktime_get_ts64+0x106/0x2a0 [ 216.692180][ T8892] ? set_user_sigmask+0x217/0x2a0 [ 216.694636][ T8892] ? __pfx_set_user_sigmask+0x10/0x10 [ 216.697128][ T8892] do_pselect.constprop.0+0x1a0/0x1f0 [ 216.699303][ T8892] ? __pfx_do_pselect.constprop.0+0x10/0x10 [ 216.701840][ T8892] ? bpf_trace_run2+0x2a6/0x590 [ 216.704072][ T8892] __x64_sys_pselect6+0x183/0x240 [ 216.706433][ T8892] ? __pfx___x64_sys_pselect6+0x10/0x10 [ 216.708951][ T8892] ? rcu_is_watching+0x12/0xc0 [ 216.711339][ T8892] do_syscall_64+0xcd/0x250 [ 216.713517][ T8892] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 216.716366][ T8892] RIP: 0033:0x7ffb609773b9 [ 216.718554][ T8892] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 216.727814][ T8892] RSP: 002b:00007ffb616d0048 EFLAGS: 00000246 ORIG_RAX: 000000000000010e [ 216.731714][ T8892] RAX: ffffffffffffffda RBX: 00007ffb60b05f80 RCX: 00007ffb609773b9 [ 216.735528][ T8892] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 216.739345][ T8892] RBP: 00007ffb616d00a0 R08: 0000000020000300 R09: 0000000000000000 [ 216.743107][ T8892] R10: 0000000020000380 R11: 0000000000000246 R12: 0000000000000001 [ 216.746823][ T8892] R13: 000000000000000b R14: 00007ffb60b05f80 R15: 00007fffc7780d08 [ 216.750672][ T8892] [ 216.830854][ T8841] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 216.980776][ T8841] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 217.056601][ T8901] usb usb8: usbfs: process 8901 (syz.0.936) did not claim interface 0 before use [ 217.095026][ T8841] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 217.305644][ T8905] sd 0:0:0:0: PR command failed: 1026 [ 217.308117][ T8905] sd 0:0:0:0: Sense Key : Illegal Request [current] [ 217.311353][ T8905] sd 0:0:0:0: Add. Sense: Invalid command operation code [ 217.356005][ T8841] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 217.377520][ T8841] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 217.394852][ T8841] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 217.439904][ T8841] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 217.691638][ T8841] 8021q: adding VLAN 0 to HW filter on device bond0 [ 217.723546][ T8841] 8021q: adding VLAN 0 to HW filter on device team0 [ 217.765211][ T10] bridge0: port 1(bridge_slave_0) entered blocking state [ 217.768757][ T10] bridge0: port 1(bridge_slave_0) entered forwarding state [ 217.821594][ T10] bridge0: port 2(bridge_slave_1) entered blocking state [ 217.824738][ T10] bridge0: port 2(bridge_slave_1) entered forwarding state [ 218.402537][ T8841] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 218.483331][ T8841] veth0_vlan: entered promiscuous mode [ 218.499661][ T8841] veth1_vlan: entered promiscuous mode [ 218.535488][ T5346] Bluetooth: hci4: command tx timeout [ 218.582089][ T8841] veth0_macvtap: entered promiscuous mode [ 218.596716][ T8841] veth1_macvtap: entered promiscuous mode [ 218.623141][ T8841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 218.627534][ T8841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 218.631550][ T8841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 218.636524][ T8841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 218.641440][ T8841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 218.646508][ T8841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 218.650819][ T8841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 218.655548][ T8841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 218.661323][ T8841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 218.666152][ T8841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 218.676979][ T8841] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 218.702496][ T8841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 218.708098][ T8841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 218.712636][ T8841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 218.717729][ T8841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 218.722234][ T8841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 218.729239][ T8841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 218.733584][ T8841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 218.738371][ T8841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 218.742726][ T8841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 218.747453][ T8841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 218.755093][ T8841] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 218.776497][ T8841] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 218.780344][ T8841] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 218.784257][ T8841] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 218.789122][ T8841] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 219.033687][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 219.061417][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 219.256833][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 219.260661][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 219.564868][ T8934] xt_bpf: check failed: parse error [ 219.963408][ T8944] netlink: 12 bytes leftover after parsing attributes in process `syz.2.945'. [ 219.982676][ T8943] netlink: 40 bytes leftover after parsing attributes in process `syz.1.946'. [ 220.208725][ T8933] Process accounting resumed [ 220.214042][ T8946] sd 0:0:0:0: PR command failed: 1026 [ 220.217909][ T8946] sd 0:0:0:0: Sense Key : Illegal Request [current] [ 220.220838][ T8946] sd 0:0:0:0: Add. Sense: Invalid command operation code [ 220.462022][ T8954] xt_CT: You must specify a L4 protocol and not use inversions on it [ 220.486242][ T8954] trusted_key: encrypted_key: insufficient parameters specified [ 220.605374][ T5346] Bluetooth: hci4: command tx timeout [ 220.759306][ T8956] FAULT_INJECTION: forcing a failure. [ 220.759306][ T8956] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 220.764190][ T8956] CPU: 1 UID: 0 PID: 8956 Comm: syz.2.951 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 220.768094][ T8956] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 220.771867][ T8956] Call Trace: [ 220.773111][ T8956] [ 220.774139][ T8956] dump_stack_lvl+0x16c/0x1f0 [ 220.775802][ T8956] should_fail_ex+0x497/0x5b0 [ 220.777441][ T8956] _copy_from_user+0x30/0xf0 [ 220.779023][ T8956] kstrtouint_from_user+0xd7/0x1c0 [ 220.780775][ T8956] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 220.782808][ T8956] ? __pfx_lock_acquire+0x10/0x10 [ 220.784551][ T8956] proc_fail_nth_write+0x84/0x270 [ 220.786321][ T8956] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 220.788246][ T8956] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 220.790174][ T8956] vfs_write+0x29a/0x1140 [ 220.791577][ T8956] ? __fdget_pos+0xeb/0x180 [ 220.792932][ T8956] ? __pfx_vfs_write+0x10/0x10 [ 220.794559][ T8956] ? __pfx___mutex_lock+0x10/0x10 [ 220.796088][ T8956] ? __fget_files+0x256/0x400 [ 220.797568][ T8956] ksys_write+0x12f/0x260 [ 220.799063][ T8956] ? __pfx_ksys_write+0x10/0x10 [ 220.800744][ T8956] ? rcu_is_watching+0x12/0xc0 [ 220.802387][ T8956] do_syscall_64+0xcd/0x250 [ 220.803959][ T8956] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 220.805989][ T8956] RIP: 0033:0x7f502e575e9f [ 220.807528][ T8956] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8d 02 00 48 [ 220.814126][ T8956] RSP: 002b:00007f502f2bc040 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 220.816963][ T8956] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f502e575e9f [ 220.819668][ T8956] RDX: 0000000000000001 RSI: 00007f502f2bc0b0 RDI: 0000000000000004 [ 220.822375][ T8956] RBP: 00007f502f2bc0a0 R08: 0000000000000000 R09: 0000000000000000 [ 220.825049][ T8956] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 220.827751][ T8956] R13: 000000000000000b R14: 00007f502e705f80 R15: 00007fff6eb1ef18 [ 220.830474][ T8956] [ 220.839522][ T5378] usb 6-1: new high-speed USB device number 14 using dummy_hcd [ 220.938671][ T40] kauditd_printk_skb: 81 callbacks suppressed [ 220.938686][ T40] audit: type=1400 audit(1722489478.320:760): avc: denied { read } for pid=8961 comm="syz.2.953" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1 [ 221.095319][ T5378] usb 6-1: Using ep0 maxpacket: 8 [ 221.101534][ T5378] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 221.106451][ T5378] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 221.110078][ T5378] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 221.114136][ T5378] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 221.118042][ T5378] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 221.123392][ T5378] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 221.127303][ T5378] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 221.408872][ T5378] usb 6-1: usb_control_msg returned -32 [ 221.412030][ T5378] usbtmc 6-1:16.0: can't read capabilities [ 221.610884][ T8973] xt_bpf: check failed: parse error [ 222.297717][ T8970] Process accounting resumed [ 223.397541][ T40] audit: type=1400 audit(1722489480.780:761): avc: denied { write } for pid=8996 comm="syz.3.964" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 223.644952][ T5026] usb 6-1: USB disconnect, device number 14 [ 225.880884][ T9034] xt_CT: You must specify a L4 protocol and not use inversions on it [ 225.921895][ T9034] trusted_key: encrypted_key: insufficient parameters specified [ 226.215255][ T5395] usb 7-1: new high-speed USB device number 9 using dummy_hcd [ 226.425205][ T5395] usb 7-1: Using ep0 maxpacket: 8 [ 226.447411][ T5395] usb 7-1: config index 0 descriptor too short (expected 301, got 45) [ 226.451076][ T5395] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 226.484725][ T5395] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 226.506581][ T5395] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 226.511648][ T5395] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 226.518156][ T5395] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 226.522015][ T5395] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 226.888914][ T9047] netlink: 28 bytes leftover after parsing attributes in process `syz.1.980'. [ 226.954273][ T5395] usb 7-1: usb_control_msg returned -32 [ 226.958588][ T5395] usbtmc 7-1:16.0: can't read capabilities [ 227.490979][ T9055] sd 0:0:0:0: PR command failed: 1026 [ 227.494071][ T9055] sd 0:0:0:0: Sense Key : Illegal Request [current] [ 227.498262][ T9055] sd 0:0:0:0: Add. Sense: Invalid command operation code [ 227.887401][ T9062] netlink: 24 bytes leftover after parsing attributes in process `syz.3.985'. [ 228.368390][ T9067] binder: 9066:9067 ioctl 40046210 0 returned -14 [ 228.380510][ T9067] binder: 9066:9067 ioctl c0306201 20000280 returned -11 [ 228.455637][ T9069] FAULT_INJECTION: forcing a failure. [ 228.455637][ T9069] name failslab, interval 1, probability 0, space 0, times 0 [ 228.462256][ T9069] CPU: 2 UID: 0 PID: 9069 Comm: syz.1.988 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 228.467025][ T9069] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 228.471934][ T9069] Call Trace: [ 228.473486][ T9069] [ 228.474822][ T9069] dump_stack_lvl+0x16c/0x1f0 [ 228.476936][ T9069] should_fail_ex+0x497/0x5b0 [ 228.479148][ T9069] should_failslab+0xc2/0x120 [ 228.481232][ T9069] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 228.483600][ T9069] ? skb_clone+0x190/0x3f0 [ 228.485623][ T9069] skb_clone+0x190/0x3f0 [ 228.488152][ T9069] netlink_deliver_tap+0xab3/0xd90 [ 228.490545][ T9069] netlink_unicast+0x606/0x830 [ 228.493126][ T9069] ? __pfx_netlink_unicast+0x10/0x10 [ 228.495975][ T9069] netlink_sendmsg+0x8b8/0xd70 [ 228.498863][ T9069] ? __pfx_netlink_sendmsg+0x10/0x10 [ 228.503032][ T9069] ? __import_iovec+0x1fd/0x6e0 [ 228.505636][ T9069] ____sys_sendmsg+0xab5/0xc90 [ 228.508566][ T9069] ? copy_msghdr_from_user+0x10b/0x160 [ 228.511510][ T9069] ? __pfx_____sys_sendmsg+0x10/0x10 [ 228.514068][ T9069] ? __pfx___lock_acquire+0x10/0x10 [ 228.516799][ T9069] ? __asan_memset+0x23/0x50 [ 228.518916][ T9069] ___sys_sendmsg+0x135/0x1e0 [ 228.521044][ T9069] ? __pfx____sys_sendmsg+0x10/0x10 [ 228.523359][ T9069] ? __fget_light+0x173/0x210 [ 228.525490][ T9069] __sys_sendmsg+0x117/0x1f0 [ 228.527401][ T9069] ? __pfx___sys_sendmsg+0x10/0x10 [ 228.529517][ T9069] ? bpf_trace_run2+0x2a6/0x590 [ 228.531477][ T9069] ? rcu_is_watching+0x12/0xc0 [ 228.533582][ T9069] do_syscall_64+0xcd/0x250 [ 228.535320][ T9069] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 228.537893][ T9069] RIP: 0033:0x7f9cb31773b9 [ 228.539793][ T9069] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 228.548282][ T9069] RSP: 002b:00007f9cb3e94048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 228.551980][ T9069] RAX: ffffffffffffffda RBX: 00007f9cb3305f80 RCX: 00007f9cb31773b9 [ 228.555680][ T9069] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 228.558866][ T9069] RBP: 00007f9cb3e940a0 R08: 0000000000000000 R09: 0000000000000000 [ 228.562180][ T9069] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 228.565416][ T9069] R13: 000000000000000b R14: 00007f9cb3305f80 R15: 00007fff8714ad28 [ 228.568746][ T9069] [ 228.761631][ T9071] netlink: 28 bytes leftover after parsing attributes in process `syz.1.989'. [ 228.895496][ T5395] usb 7-1: USB disconnect, device number 9 [ 229.152214][ T9079] sd 0:0:0:0: PR command failed: 1026 [ 229.154952][ T9079] sd 0:0:0:0: Sense Key : Illegal Request [current] [ 229.167238][ T9079] sd 0:0:0:0: Add. Sense: Invalid command operation code [ 229.234430][ T40] audit: type=1400 audit(1722489486.610:762): avc: denied { ioctl } for pid=9080 comm="syz.2.995" path="socket:[29605]" dev="sockfs" ino=29605 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 229.462735][ T40] audit: type=1400 audit(1722489486.840:763): avc: denied { write } for pid=9081 comm="syz.1.993" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 229.978147][ T9111] netlink: 24 bytes leftover after parsing attributes in process `syz.2.998'. [ 231.125601][ T35] usb 7-1: new high-speed USB device number 10 using dummy_hcd [ 231.339096][ T35] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 231.362498][ T35] usb 7-1: New USB device found, idVendor=056a, idProduct=0315, bcdDevice= 0.00 [ 231.378889][ T35] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 231.390446][ T35] usb 7-1: config 0 descriptor?? [ 231.400124][ T35] usbhid 7-1:0.0: couldn't find an input interrupt endpoint [ 231.641909][ T9118] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 231.649120][ T9117] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1001'. [ 231.663104][ T9118] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 231.702170][ T35] usb 7-1: USB disconnect, device number 10 [ 233.637008][ T40] audit: type=1400 audit(1722489491.020:764): avc: denied { shutdown } for pid=9159 comm="syz.3.1011" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 233.995500][ T9167] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1012'. [ 235.490338][ T9188] usb usb8: usbfs: process 9188 (syz.1.1019) did not claim interface 0 before use [ 235.732076][ T9193] FAULT_INJECTION: forcing a failure. [ 235.732076][ T9193] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 235.740146][ T9193] CPU: 0 UID: 0 PID: 9193 Comm: syz.1.1021 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 235.744707][ T9193] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 235.749327][ T9193] Call Trace: [ 235.750804][ T9193] [ 235.752053][ T9193] dump_stack_lvl+0x16c/0x1f0 [ 235.753860][ T9193] should_fail_ex+0x497/0x5b0 [ 235.755594][ T9193] strncpy_from_user+0x38/0x320 [ 235.757430][ T9193] getname_flags.part.0+0x8f/0x550 [ 235.759258][ T9193] getname_flags+0x93/0xf0 [ 235.760919][ T9193] user_path_at+0x24/0x60 [ 235.762522][ T9193] __x64_sys_mount+0x1fc/0x320 [ 235.764456][ T9193] ? __pfx___x64_sys_mount+0x10/0x10 [ 235.766685][ T9193] ? rcu_is_watching+0x12/0xc0 [ 235.768770][ T9193] do_syscall_64+0xcd/0x250 [ 235.770580][ T9193] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 235.772757][ T9193] RIP: 0033:0x7f9cb31773b9 [ 235.774767][ T9193] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 235.781790][ T9193] RSP: 002b:00007f9cb3e94048 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 235.785453][ T9193] RAX: ffffffffffffffda RBX: 00007f9cb3305f80 RCX: 00007f9cb31773b9 [ 235.788856][ T9193] RDX: 0000000020001400 RSI: 0000000020000300 RDI: 0000000020000240 [ 235.792228][ T9193] RBP: 00007f9cb3e940a0 R08: 0000000020000140 R09: 0000000000000000 [ 235.795608][ T9193] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 235.799030][ T9193] R13: 000000000000000b R14: 00007f9cb3305f80 R15: 00007fff8714ad28 [ 235.802566][ T9193] [ 235.875460][ T9194] netlink: 'syz.2.1020': attribute type 12 has an invalid length. [ 236.854118][ T9205] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1024'. [ 237.046838][ T9211] FAULT_INJECTION: forcing a failure. [ 237.046838][ T9211] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 237.052859][ T9211] CPU: 1 UID: 0 PID: 9211 Comm: syz.2.1025 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 237.057405][ T9211] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 237.061760][ T9211] Call Trace: [ 237.063142][ T9211] [ 237.064314][ T9211] dump_stack_lvl+0x16c/0x1f0 [ 237.066280][ T9211] should_fail_ex+0x497/0x5b0 [ 237.068343][ T9211] _copy_to_user+0x30/0xc0 [ 237.070358][ T9211] simple_read_from_buffer+0xd0/0x160 [ 237.073342][ T9211] proc_fail_nth_read+0x1b0/0x290 [ 237.075636][ T9211] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 237.078539][ T9211] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 237.081159][ T9211] vfs_read+0x1d4/0xbd0 [ 237.083721][ T9211] ? __fdget_pos+0xeb/0x180 [ 237.086400][ T9211] ? __pfx_vfs_read+0x10/0x10 [ 237.088962][ T9211] ? __pfx___mutex_lock+0x10/0x10 [ 237.091239][ T9211] ? __fget_files+0x256/0x400 [ 237.093332][ T9211] ksys_read+0x12f/0x260 [ 237.095240][ T9211] ? __pfx_ksys_read+0x10/0x10 [ 237.097377][ T9211] ? rcu_is_watching+0x12/0xc0 [ 237.099598][ T9211] do_syscall_64+0xcd/0x250 [ 237.101496][ T9211] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 237.104072][ T9211] RIP: 0033:0x7f502e575dfc [ 237.107006][ T9211] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8d 02 00 48 [ 237.117559][ T9211] RSP: 002b:00007f502f2bc040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 237.121863][ T9211] RAX: ffffffffffffffda RBX: 00007f502e705f80 RCX: 00007f502e575dfc [ 237.125211][ T9211] RDX: 000000000000000f RSI: 00007f502f2bc0b0 RDI: 0000000000000004 [ 237.128773][ T9211] RBP: 00007f502f2bc0a0 R08: 0000000000000000 R09: 0000000000000000 [ 237.132234][ T9211] R10: 0000000020000400 R11: 0000000000000246 R12: 0000000000000002 [ 237.135980][ T9211] R13: 000000000000000b R14: 00007f502e705f80 R15: 00007fff6eb1ef18 [ 237.139786][ T9211] [ 238.439487][ T9223] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.1028'. [ 238.630011][ T9219] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.1028'. [ 239.882001][ T9235] trusted_key: encrypted_key: insufficient parameters specified [ 241.435061][ T9244] smc: net device ip6_vti0 applied user defined pnetid SYZ0 [ 241.820794][ T9250] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1037'. [ 244.896078][ T9262] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1040'. [ 245.101839][ T9263] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.1041'. [ 245.114739][ T9261] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.1041'. [ 246.325393][ T9275] trusted_key: encrypted_key: insufficient parameters specified [ 247.405775][ T35] page_pool_release_retry() stalled pool shutdown: id 55, 51 inflight 60 sec [ 247.723942][ T9283] trusted_key: encrypted_key: insufficient parameters specified [ 248.582492][ T5347] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 248.588863][ T5347] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 248.594035][ T5347] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 248.604942][ T5347] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 248.612292][ T5347] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 248.616995][ T5347] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 249.117838][ T9292] [U] vÔ3¸Âfù¾"SçÁ/Éê4:ÃXTz“W¡t‘’lWµ«= [ 249.136249][ T9292] [U] J"—e:ÀÆ" [ 249.614292][ T9296] FAULT_INJECTION: forcing a failure. [ 249.614292][ T9296] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 249.647160][ T9296] CPU: 2 UID: 0 PID: 9296 Comm: syz.3.1049 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 249.651467][ T9296] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 249.655450][ T9296] Call Trace: [ 249.656471][ T9296] [ 249.657436][ T9296] dump_stack_lvl+0x16c/0x1f0 [ 249.659063][ T9296] should_fail_ex+0x497/0x5b0 [ 249.660496][ T9296] _copy_to_user+0x30/0xc0 [ 249.661862][ T9296] simple_read_from_buffer+0xd0/0x160 [ 249.663878][ T9296] proc_fail_nth_read+0x1b0/0x290 [ 249.665780][ T9296] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 249.667848][ T9296] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 249.669944][ T9296] vfs_read+0x1d4/0xbd0 [ 249.671444][ T9296] ? __fdget_pos+0xeb/0x180 [ 249.673154][ T9296] ? __pfx_vfs_read+0x10/0x10 [ 249.674928][ T9296] ? __pfx___mutex_lock+0x10/0x10 [ 249.676817][ T9296] ? __fget_files+0x256/0x400 [ 249.678614][ T9296] ksys_read+0x12f/0x260 [ 249.680073][ T9296] ? __pfx_ksys_read+0x10/0x10 [ 249.681733][ T9296] ? rcu_is_watching+0x12/0xc0 [ 249.683372][ T9296] do_syscall_64+0xcd/0x250 [ 249.684948][ T9296] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 249.687054][ T9296] RIP: 0033:0x7ffb60975dfc [ 249.688817][ T9296] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8d 02 00 48 [ 249.696232][ T9296] RSP: 002b:00007ffb616d0040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 249.699402][ T9296] RAX: ffffffffffffffda RBX: 00007ffb60b05f80 RCX: 00007ffb60975dfc [ 249.702472][ T9296] RDX: 000000000000000f RSI: 00007ffb616d00b0 RDI: 0000000000000005 [ 249.705551][ T9296] RBP: 00007ffb616d00a0 R08: 0000000000000000 R09: 0000000000000000 [ 249.708604][ T9296] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 249.711248][ T9296] R13: 000000000000000b R14: 00007ffb60b05f80 R15: 00007fffc7780d08 [ 249.714420][ T9296] [ 249.935520][ T9287] chnl_net:caif_netlink_parms(): no params data found [ 250.318952][ T40] audit: type=1400 audit(1722489507.690:765): avc: denied { ioctl } for pid=9298 comm="syz.3.1050" path="socket:[32041]" dev="sockfs" ino=32041 ioctlcmd=0x89e3 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 250.686170][ T5346] Bluetooth: hci5: command tx timeout [ 251.179467][ T9287] bridge0: port 1(bridge_slave_0) entered blocking state [ 251.213847][ T9287] bridge0: port 1(bridge_slave_0) entered disabled state [ 251.242584][ T9287] bridge_slave_0: entered allmulticast mode [ 251.303024][ T9287] bridge_slave_0: entered promiscuous mode [ 251.534217][ T9287] bridge0: port 2(bridge_slave_1) entered blocking state [ 251.573882][ T9287] bridge0: port 2(bridge_slave_1) entered disabled state [ 251.608942][ T9287] bridge_slave_1: entered allmulticast mode [ 251.653222][ T9287] bridge_slave_1: entered promiscuous mode [ 252.697827][ T9287] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 252.775512][ T5346] Bluetooth: hci5: command tx timeout [ 252.811683][ T9287] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 253.690629][ T9287] team0: Port device team_slave_0 added [ 253.738583][ T5347] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 253.751228][ T5347] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 253.760161][ T5347] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 253.772513][ T5347] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 253.780573][ T5347] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 253.787605][ T5347] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 253.853750][ T9287] team0: Port device team_slave_1 added [ 254.653527][ T9287] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 254.673954][ T9287] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 254.746078][ T9287] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 254.796867][ T9318] trusted_key: encrypted_key: insufficient parameters specified [ 254.817985][ T9287] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 254.839071][ T9287] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 254.858619][ T5346] Bluetooth: hci5: command tx timeout [ 254.923222][ T9287] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 255.649784][ T9287] hsr_slave_0: entered promiscuous mode [ 255.662079][ T9287] hsr_slave_1: entered promiscuous mode [ 255.688353][ T9287] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 255.695947][ T9287] Cannot create hsr debugfs directory [ 255.897151][ T5346] Bluetooth: hci6: command tx timeout [ 256.174697][ T9323] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 256.684153][ T9325] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1054'. [ 256.925308][ T5346] Bluetooth: hci5: command tx timeout [ 257.518408][ T9287] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 257.637535][ T9330] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1055'. [ 257.965286][ T5346] Bluetooth: hci6: command tx timeout [ 258.058722][ T9287] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 258.276706][ C2] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 258.293137][ T9310] chnl_net:caif_netlink_parms(): no params data found [ 258.520852][ T9287] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 258.882722][ T9287] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 259.953081][ T9343] FAULT_INJECTION: forcing a failure. [ 259.953081][ T9343] name failslab, interval 1, probability 0, space 0, times 0 [ 260.013405][ T9343] CPU: 2 UID: 0 PID: 9343 Comm: syz.3.1057 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 260.018366][ T9343] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 260.022794][ T9343] Call Trace: [ 260.024220][ T9343] [ 260.025481][ T9343] dump_stack_lvl+0x16c/0x1f0 [ 260.027426][ T9343] should_fail_ex+0x497/0x5b0 [ 260.029414][ T9343] ? fs_reclaim_acquire+0xae/0x160 [ 260.031600][ T9343] should_failslab+0xc2/0x120 [ 260.033614][ T9343] __kmalloc_node_noprof+0xd1/0x430 [ 260.035810][ T9343] ? __kvmalloc_node_noprof+0x9d/0x1a0 [ 260.038060][ T9343] __kvmalloc_node_noprof+0x9d/0x1a0 [ 260.040225][ T9343] bucket_table_alloc.isra.0+0x86/0x470 [ 260.042529][ T9343] rhashtable_init_noprof+0x41a/0x7e0 [ 260.044668][ T9343] rhltable_init_noprof+0x20/0x60 [ 260.046677][ T9343] nf_tables_newtable+0xfaa/0x1b20 [ 260.048804][ T9343] ? net_generic+0xea/0x2a0 [ 260.050748][ T9343] ? __pfx_nf_tables_newtable+0x10/0x10 [ 260.053111][ T9343] ? __nla_parse+0x40/0x60 [ 260.055014][ T9343] nfnetlink_rcv_batch+0x1a19/0x24e0 [ 260.055699][ T5346] Bluetooth: hci6: command tx timeout [ 260.057328][ T9343] ? __pfx_nfnetlink_rcv_batch+0x10/0x10 [ 260.057403][ T9343] ? find_held_lock+0x2d/0x110 [ 260.057428][ T9343] ? avc_has_perm_noaudit+0x119/0x3a0 [ 260.057448][ T9343] ? avc_has_perm_noaudit+0x143/0x3a0 [ 260.057469][ T9343] ? __nla_parse+0x40/0x60 [ 260.057488][ T9343] nfnetlink_rcv+0x3c3/0x430 [ 260.057511][ T9343] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 260.074954][ T9343] netlink_unicast+0x544/0x830 [ 260.076997][ T9343] ? __pfx_netlink_unicast+0x10/0x10 [ 260.079266][ T9343] netlink_sendmsg+0x8b8/0xd70 [ 260.081318][ T9343] ? __pfx_netlink_sendmsg+0x10/0x10 [ 260.083581][ T9343] sock_sendmsg+0x3cb/0x470 [ 260.085514][ T9343] ? pipe_lock+0x64/0x80 [ 260.087331][ T9343] ? __pfx_sock_sendmsg+0x10/0x10 [ 260.089509][ T9343] ? __pfx_lock_release+0x10/0x10 [ 260.091624][ T9343] splice_to_socket+0xab2/0x1040 [ 260.093731][ T9343] ? __pfx_splice_to_socket+0x10/0x10 [ 260.096035][ T9343] ? inode_has_perm+0x16f/0x1d0 [ 260.098120][ T9343] ? security_file_permission+0x98/0xc0 [ 260.100420][ T9343] ? __pfx_splice_to_socket+0x10/0x10 [ 260.102602][ T9343] do_splice+0x148c/0x1f90 [ 260.104301][ T9343] ? find_held_lock+0x2d/0x110 [ 260.106406][ T9343] ? __pfx_do_splice+0x10/0x10 [ 260.108387][ T9343] ? __pfx_pipe_clear_nowait+0x10/0x10 [ 260.110673][ T9343] __do_splice+0x327/0x360 [ 260.112605][ T9343] ? __pfx___do_splice+0x10/0x10 [ 260.114709][ T9343] __x64_sys_splice+0x1d2/0x260 [ 260.116696][ T9343] do_syscall_64+0xcd/0x250 [ 260.118484][ T9343] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 260.120881][ T9343] RIP: 0033:0x7ffb609773b9 [ 260.122752][ T9343] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 260.130669][ T9343] RSP: 002b:00007ffb616af048 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 260.133852][ T9343] RAX: ffffffffffffffda RBX: 00007ffb60b06058 RCX: 00007ffb609773b9 [ 260.137201][ T9343] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 260.140462][ T9343] RBP: 00007ffb616af0a0 R08: 0000000000007fff R09: 0000000000000000 [ 260.143741][ T9343] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 260.147074][ T9343] R13: 000000000000006e R14: 00007ffb60b06058 R15: 00007fffc7780d08 [ 260.150178][ T9343] [ 260.332085][ T9310] bridge0: port 1(bridge_slave_0) entered blocking state [ 260.431457][ T9310] bridge0: port 1(bridge_slave_0) entered disabled state [ 260.457599][ T9310] bridge_slave_0: entered allmulticast mode [ 260.498559][ T9310] bridge_slave_0: entered promiscuous mode [ 260.573533][ T9310] bridge0: port 2(bridge_slave_1) entered blocking state [ 260.606554][ T9310] bridge0: port 2(bridge_slave_1) entered disabled state [ 260.637741][ T9310] bridge_slave_1: entered allmulticast mode [ 260.706797][ T9310] bridge_slave_1: entered promiscuous mode [ 261.331049][ T1381] ieee802154 phy0 wpan0: encryption failed: -22 [ 261.333798][ T1381] ieee802154 phy1 wpan1: encryption failed: -22 [ 261.970426][ T9310] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 262.125389][ T5346] Bluetooth: hci6: command tx timeout [ 262.240327][ T9310] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 263.329583][ T9287] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 263.518843][ T9310] team0: Port device team_slave_0 added [ 263.541520][ T9287] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 263.707974][ T5347] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 263.716845][ T5347] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 263.723899][ T5347] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 263.747107][ T5347] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 263.754422][ T5347] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 263.760593][ T5347] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 263.925010][ T1108] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 264.013121][ T9310] team0: Port device team_slave_1 added [ 264.024013][ T9287] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 264.342579][ T9287] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 264.476540][ T1108] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 264.832717][ T1108] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 264.873879][ T9310] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 264.897085][ T9310] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 264.974691][ T9310] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 265.088504][ T1108] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 265.118099][ T9310] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 265.125677][ T9310] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 265.153567][ T9310] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 265.806820][ T9310] hsr_slave_0: entered promiscuous mode [ 265.825217][ T9310] hsr_slave_1: entered promiscuous mode [ 265.839465][ T9310] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 265.842878][ T9310] Cannot create hsr debugfs directory [ 265.885624][ T5346] Bluetooth: hci4: command tx timeout [ 266.852655][ T1108] bridge_slave_1: left allmulticast mode [ 266.869658][ T1108] bridge_slave_1: left promiscuous mode [ 266.889062][ T1108] bridge0: port 2(bridge_slave_1) entered disabled state [ 266.920581][ T1108] bridge_slave_0: left allmulticast mode [ 266.934283][ T1108] bridge_slave_0: left promiscuous mode [ 266.949449][ T1108] bridge0: port 1(bridge_slave_0) entered disabled state [ 267.327405][ T10] page_pool_release_retry() stalled pool shutdown: id 57, 51 inflight 77 sec [ 267.965477][ T5346] Bluetooth: hci4: command tx timeout [ 268.999068][ T1108] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 269.013284][ T1108] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 269.022610][ T1108] bond0 (unregistering): Released all slaves [ 270.045622][ T5346] Bluetooth: hci4: command tx timeout [ 270.794191][ T1108] hsr_slave_0: left promiscuous mode [ 270.800884][ T1108] hsr_slave_1: left promiscuous mode [ 270.810477][ T1108] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 270.814912][ T1108] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 270.824602][ T1108] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 270.828937][ T1108] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 270.867087][ T40] audit: type=1400 audit(1722489528.250:766): avc: denied { write } for pid=9355 comm="syz.3.1060" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1 [ 270.962628][ T1108] veth1_macvtap: left promiscuous mode [ 270.974174][ T1108] veth0_macvtap: left promiscuous mode [ 270.982095][ T1108] veth1_vlan: left promiscuous mode [ 270.988867][ T1108] veth0_vlan: left promiscuous mode [ 272.116713][ T9360] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1061'. [ 272.125379][ T5346] Bluetooth: hci4: command tx timeout [ 274.080160][ T1108] team0 (unregistering): Port device team_slave_1 removed [ 274.563083][ T1108] team0 (unregistering): Port device team_slave_0 removed [ 277.289179][ T9287] 8021q: adding VLAN 0 to HW filter on device bond0 [ 277.378329][ T9287] 8021q: adding VLAN 0 to HW filter on device team0 [ 277.712292][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 277.715644][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 277.754946][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 277.758110][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 279.200943][ T9310] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 279.258680][ T9310] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 279.288143][ T9310] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 279.322707][ T9310] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 279.838984][ T9310] 8021q: adding VLAN 0 to HW filter on device bond0 [ 279.939350][ T9310] 8021q: adding VLAN 0 to HW filter on device team0 [ 280.200308][ T9310] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 280.215382][ T9310] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 281.185043][ T9310] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 281.388170][ T9310] veth0_vlan: entered promiscuous mode [ 281.446041][ T9310] veth1_vlan: entered promiscuous mode [ 281.627723][ T9310] veth0_macvtap: entered promiscuous mode [ 281.662083][ T9310] veth1_macvtap: entered promiscuous mode [ 281.763976][ T9310] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 281.778322][ T9310] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 281.794474][ T9310] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 281.810341][ T9310] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 281.826850][ T9310] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 281.844822][ T9310] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 281.859806][ T9310] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 281.872716][ T9310] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 281.877355][ T9310] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 281.881668][ T9310] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 281.890771][ T9310] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 281.901317][ T9310] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 281.906146][ T9310] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 281.910418][ T9310] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 281.914583][ T9310] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 281.921939][ T9310] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 281.926476][ T9310] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 281.930097][ T9310] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 281.934511][ T9310] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 281.939424][ T9310] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 281.943542][ T9310] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 281.957825][ T9310] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 281.998973][ T9310] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 282.010476][ T9310] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 282.022268][ T9310] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 282.034984][ T9310] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 282.381460][ T1147] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 282.384983][ T1147] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 282.653466][ T1112] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 282.657476][ T1112] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 284.310459][ T9364] netlink: 'syz.3.1062': attribute type 10 has an invalid length. [ 284.488000][ T5347] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 284.500976][ T5347] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 284.508310][ T5347] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 284.515093][ T5347] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 284.521214][ T5347] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 284.527885][ T5347] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 284.552827][ T9365] netlink: 'syz.3.1062': attribute type 10 has an invalid length. [ 284.569123][ T9365] netlink: 2 bytes leftover after parsing attributes in process `syz.3.1062'. [ 284.592936][ T9365] team0: entered promiscuous mode [ 284.597964][ T9365] team_slave_0: entered promiscuous mode [ 284.600752][ T9365] team_slave_1: entered promiscuous mode [ 284.606780][ T9365] 8021q: adding VLAN 0 to HW filter on device team0 [ 284.610070][ T9365] batman_adv: batadv0: Interface activated: team0 [ 284.612985][ T9365] batman_adv: batadv0: Interface deactivated: team0 [ 284.616581][ T9365] batman_adv: batadv0: Removing interface: team0 [ 284.651810][ T9365] bridge0: port 3(team0) entered blocking state [ 284.661504][ T9365] bridge0: port 3(team0) entered disabled state [ 284.664879][ T9365] team0: entered allmulticast mode [ 284.667898][ T9365] team_slave_0: entered allmulticast mode [ 284.670156][ T9365] team_slave_1: entered allmulticast mode [ 284.674890][ T9365] bridge0: port 3(team0) entered blocking state [ 284.677803][ T9365] bridge0: port 3(team0) entered forwarding state [ 284.747426][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 284.750697][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 284.785486][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 284.788776][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 285.093714][ T9351] chnl_net:caif_netlink_parms(): no params data found [ 285.094653][ C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 285.451648][ T9351] bridge0: port 1(bridge_slave_0) entered blocking state [ 285.455073][ T9351] bridge0: port 1(bridge_slave_0) entered disabled state [ 285.459263][ T9351] bridge_slave_0: entered allmulticast mode [ 285.462715][ T9351] bridge_slave_0: entered promiscuous mode [ 285.467480][ T9351] bridge0: port 2(bridge_slave_1) entered blocking state [ 285.470181][ T9351] bridge0: port 2(bridge_slave_1) entered disabled state [ 285.472888][ T9351] bridge_slave_1: entered allmulticast mode [ 285.476408][ T9351] bridge_slave_1: entered promiscuous mode [ 285.591182][ T9351] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 285.631178][ T9351] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 285.710409][ T9351] team0: Port device team_slave_0 added [ 285.717391][ T9351] team0: Port device team_slave_1 added [ 285.807461][ T9351] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 285.810260][ T9351] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 285.820476][ T9351] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 285.846354][ T9287] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 285.869997][ T9351] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 285.883528][ T9351] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 285.896862][ T9351] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 286.060322][ T9351] hsr_slave_0: entered promiscuous mode [ 286.069988][ T9351] hsr_slave_1: entered promiscuous mode [ 286.540059][ T1105] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 286.544641][ T1105] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 286.615962][ T5346] Bluetooth: hci3: command tx timeout [ 286.645337][ T9378] chnl_net:caif_netlink_parms(): no params data found [ 286.678808][ T1105] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 286.686305][ T1105] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 286.946837][ T1105] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 286.951316][ T1105] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 287.029844][ T1105] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 287.034578][ T1105] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 287.457132][ T9378] bridge0: port 1(bridge_slave_0) entered blocking state [ 287.460486][ T9378] bridge0: port 1(bridge_slave_0) entered disabled state [ 287.464795][ T9378] bridge_slave_0: entered allmulticast mode [ 287.476821][ T9378] bridge_slave_0: entered promiscuous mode [ 287.509079][ T9378] bridge0: port 2(bridge_slave_1) entered blocking state [ 287.512890][ T9378] bridge0: port 2(bridge_slave_1) entered disabled state [ 287.517202][ T9378] bridge_slave_1: entered allmulticast mode [ 287.539199][ T9378] bridge_slave_1: entered promiscuous mode [ 287.792017][ T9351] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 287.867206][ T9378] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 287.876333][ T9287] veth0_vlan: entered promiscuous mode [ 287.902397][ T5346] Bluetooth: hci6: Received unexpected HCI Event 0x00 [ 287.944119][ T9351] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 287.944615][ T9404] cgroup: Bad value for 'name' [ 287.958500][ T9378] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 288.002916][ T9287] veth1_vlan: entered promiscuous mode [ 288.057128][ T9378] team0: Port device team_slave_0 added [ 288.066449][ T9378] team0: Port device team_slave_1 added [ 288.074661][ T9404] Process accounting resumed [ 288.107478][ T9351] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 288.180132][ T5346] Bluetooth: hci6: unexpected event 0x06 length: 23 > 3 [ 288.231407][ T9351] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 288.418713][ T9378] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 288.428467][ T9378] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 288.466126][ T9378] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 288.497494][ T9378] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 288.507132][ T9378] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 288.537628][ T9378] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 288.578572][ T1105] team0: left allmulticast mode [ 288.580628][ T1105] team_slave_0: left allmulticast mode [ 288.583429][ T1105] team_slave_1: left allmulticast mode [ 288.589820][ T1105] bridge0: port 3(team0) entered disabled state [ 288.607010][ T1105] bridge_slave_1: left allmulticast mode [ 288.609539][ T1105] bridge_slave_1: left promiscuous mode [ 288.612173][ T1105] bridge0: port 2(bridge_slave_1) entered disabled state [ 288.627963][ T1105] bridge_slave_0: left allmulticast mode [ 288.630449][ T1105] bridge_slave_0: left promiscuous mode [ 288.633008][ T1105] bridge0: port 1(bridge_slave_0) entered disabled state [ 288.649673][ T1105] bridge_slave_1: left allmulticast mode [ 288.652211][ T1105] bridge_slave_1: left promiscuous mode [ 288.655667][ T1105] bridge0: port 2(bridge_slave_1) entered disabled state [ 288.661591][ T1105] bridge_slave_0: left allmulticast mode [ 288.664107][ T1105] bridge_slave_0: left promiscuous mode [ 288.669401][ T1105] bridge0: port 1(bridge_slave_0) entered disabled state [ 288.681091][ T1105] bridge_slave_1: left allmulticast mode [ 288.683670][ T1105] bridge_slave_1: left promiscuous mode [ 288.695372][ T5346] Bluetooth: hci3: command tx timeout [ 288.712972][ T1105] bridge0: port 2(bridge_slave_1) entered disabled state [ 288.743719][ T1105] bridge_slave_0: left allmulticast mode [ 288.753971][ T1105] bridge_slave_0: left promiscuous mode [ 288.764973][ T1105] bridge0: port 1(bridge_slave_0) entered disabled state [ 290.172991][ T1105] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 290.193412][ T1105] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 290.203023][ T1105] bond0 (unregistering): Released all slaves [ 290.222057][ T1105] bond1 (unregistering): Released all slaves [ 290.373992][ T1105] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 290.380628][ T1105] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 290.392442][ T1105] bond0 (unregistering): Released all slaves [ 290.429367][ T9425] FAULT_INJECTION: forcing a failure. [ 290.429367][ T9425] name failslab, interval 1, probability 0, space 0, times 0 [ 290.435119][ T9425] CPU: 1 UID: 0 PID: 9425 Comm: syz.2.1070 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 290.440120][ T9425] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 290.444882][ T9425] Call Trace: [ 290.446359][ T9425] [ 290.447682][ T9425] dump_stack_lvl+0x16c/0x1f0 [ 290.449849][ T9425] should_fail_ex+0x497/0x5b0 [ 290.451954][ T9425] should_failslab+0xc2/0x120 [ 290.454041][ T9425] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 290.456421][ T9425] ? skb_clone+0x190/0x3f0 [ 290.458413][ T9425] skb_clone+0x190/0x3f0 [ 290.460279][ T9425] netlink_deliver_tap+0xab3/0xd90 [ 290.462484][ T9425] netlink_unicast+0x606/0x830 [ 290.464500][ T9425] ? __pfx_netlink_unicast+0x10/0x10 [ 290.466831][ T9425] netlink_sendmsg+0x8b8/0xd70 [ 290.468985][ T9425] ? __pfx_netlink_sendmsg+0x10/0x10 [ 290.471346][ T9425] ? __import_iovec+0x1fd/0x6e0 [ 290.473582][ T9425] ____sys_sendmsg+0xab5/0xc90 [ 290.475725][ T9425] ? copy_msghdr_from_user+0x10b/0x160 [ 290.478136][ T9425] ? __pfx_____sys_sendmsg+0x10/0x10 [ 290.480462][ T9425] ? __pfx___lock_acquire+0x10/0x10 [ 290.482744][ T9425] ___sys_sendmsg+0x135/0x1e0 [ 290.484856][ T9425] ? __pfx____sys_sendmsg+0x10/0x10 [ 290.487155][ T9425] ? __pfx_lock_release+0x10/0x10 [ 290.489403][ T9425] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 290.491912][ T9425] ? __fget_light+0x173/0x210 [ 290.494023][ T9425] __sys_sendmmsg+0x1a1/0x450 [ 290.496083][ T9425] ? __pfx___sys_sendmmsg+0x10/0x10 [ 290.498439][ T9425] ? vfs_write+0x14d/0x1140 [ 290.500478][ T9425] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 290.503104][ T9425] ? fput+0x32/0x390 [ 290.504811][ T9425] ? ksys_write+0x1ab/0x260 [ 290.506757][ T9425] ? __pfx_ksys_write+0x10/0x10 [ 290.508701][ T9425] __x64_sys_sendmmsg+0x9c/0x100 [ 290.510914][ T9425] ? lockdep_hardirqs_on+0x7c/0x110 [ 290.513282][ T9425] do_syscall_64+0xcd/0x250 [ 290.515359][ T9425] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 290.517996][ T9425] RIP: 0033:0x7f46bf9773b9 [ 290.520237][ T9425] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 290.528745][ T9425] RSP: 002b:00007f46c06ec048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 290.532448][ T9425] RAX: ffffffffffffffda RBX: 00007f46bfb06130 RCX: 00007f46bf9773b9 [ 290.536103][ T9425] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000005 [ 290.539612][ T9425] RBP: 00007f46c06ec0a0 R08: 0000000000000000 R09: 0000000000000000 [ 290.543094][ T9425] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 290.546536][ T9425] R13: 000000000000006e R14: 00007f46bfb06130 R15: 00007ffeb9c16e48 [ 290.549902][ T9425] [ 290.618300][ T1105] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 290.634304][ T1105] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 290.641042][ T1105] bond0 (unregistering): Released all slaves [ 290.689334][ T9424] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1070'. [ 290.766678][ T5346] Bluetooth: hci3: command tx timeout [ 290.868669][ T9287] veth0_macvtap: entered promiscuous mode [ 290.922178][ T9378] hsr_slave_0: entered promiscuous mode [ 290.926646][ T9378] hsr_slave_1: entered promiscuous mode [ 290.929804][ T9378] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 290.933142][ T9378] Cannot create hsr debugfs directory [ 290.938760][ T9287] veth1_macvtap: entered promiscuous mode [ 291.062876][ T9351] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 291.133448][ T9351] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 291.180503][ T9351] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 291.194277][ T9351] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 291.204915][ T9287] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 291.210154][ T9287] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 291.214847][ T9287] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 291.219851][ T9287] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 291.224281][ T9287] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 291.228975][ T9287] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 291.233261][ T9287] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 291.238267][ T9287] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 291.242791][ T9287] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 291.247613][ T9287] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 291.251936][ T9287] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 291.257098][ T9287] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 291.291866][ T9287] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 291.332909][ T9432] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1072'. [ 291.339585][ T9430] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1072'. [ 291.423996][ T9287] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 291.428934][ T9287] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 291.433038][ T9287] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 291.437857][ T9287] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 291.441891][ T9287] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 291.446832][ T9287] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 291.450962][ T9287] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 291.454793][ T9287] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 291.458950][ T9287] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 291.463462][ T9287] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 291.468948][ T9287] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 291.473006][ T9287] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 291.479784][ T9287] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 291.542946][ T9287] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 291.548483][ T9287] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 291.556551][ T9287] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 291.560372][ T9287] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 292.190345][ T9351] 8021q: adding VLAN 0 to HW filter on device bond0 [ 292.334617][ T1112] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 292.338527][ T1112] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 292.391692][ T9351] 8021q: adding VLAN 0 to HW filter on device team0 [ 292.419281][ T1105] hsr_slave_0: left promiscuous mode [ 292.422314][ T1105] hsr_slave_1: left promiscuous mode [ 292.429920][ T1105] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 292.433472][ T1105] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 292.440829][ T1105] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 292.444307][ T1105] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 292.461190][ T1105] hsr_slave_0: left promiscuous mode [ 292.467658][ T1105] hsr_slave_1: left promiscuous mode [ 292.470825][ T1105] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 292.478542][ T1105] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 292.485000][ T1105] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 292.488793][ T1105] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 292.505608][ T1105] hsr_slave_0: left promiscuous mode [ 292.510798][ T1105] hsr_slave_1: left promiscuous mode [ 292.515407][ T1105] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 292.518960][ T1105] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 292.523476][ T1105] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 292.527083][ T1105] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 292.699450][ T1105] veth1_macvtap: left promiscuous mode [ 292.702051][ T1105] veth0_macvtap: left promiscuous mode [ 292.704740][ T1105] veth1_vlan: left promiscuous mode [ 292.707605][ T1105] veth0_vlan: left promiscuous mode [ 292.719075][ T1105] veth1_macvtap: left promiscuous mode [ 292.721604][ T1105] veth0_macvtap: left promiscuous mode [ 292.724143][ T1105] veth1_vlan: left promiscuous mode [ 292.726702][ T1105] veth0_vlan: left promiscuous mode [ 292.733634][ T1105] veth1_macvtap: left promiscuous mode [ 292.737406][ T1105] veth0_macvtap: left promiscuous mode [ 292.740468][ T1105] veth1_vlan: left promiscuous mode [ 292.743903][ T1105] veth0_vlan: left promiscuous mode [ 292.855336][ T5346] Bluetooth: hci3: command tx timeout [ 294.384134][ T1105] team_slave_1 (unregistering): left promiscuous mode [ 294.393873][ T1105] team0 (unregistering): Port device team_slave_1 removed [ 294.512245][ T1105] team_slave_0 (unregistering): left promiscuous mode [ 294.519620][ T1105] team0 (unregistering): Port device team_slave_0 removed [ 296.555992][ T1105] team0 (unregistering): Port device team_slave_1 removed [ 296.686802][ T1105] team0 (unregistering): Port device team_slave_0 removed [ 298.644504][ T1105] team0 (unregistering): Port device team_slave_1 removed [ 298.765302][ T1105] team0 (unregistering): Port device team_slave_0 removed [ 299.848554][ T1108] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 299.852138][ T1108] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 299.856521][ T56] bridge0: port 1(bridge_slave_0) entered blocking state [ 299.860132][ T56] bridge0: port 1(bridge_slave_0) entered forwarding state [ 299.865205][ T56] bridge0: port 2(bridge_slave_1) entered blocking state [ 299.868493][ T56] bridge0: port 2(bridge_slave_1) entered forwarding state [ 299.873935][ T9378] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 299.919283][ T9378] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 299.927567][ T9378] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 299.960291][ T9378] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 300.036488][ T5346] Bluetooth: hci5: unexpected event 0x18 length: 1 < 23 [ 300.101575][ T9452] fuse: Unknown parameter '01777777777777777777777ÿÿÿÿÿÿÿÿ00000000000000000000' [ 300.340583][ T9378] 8021q: adding VLAN 0 to HW filter on device bond0 [ 300.370654][ T9378] 8021q: adding VLAN 0 to HW filter on device team0 [ 300.387841][ T5026] bridge0: port 1(bridge_slave_0) entered blocking state [ 300.390988][ T5026] bridge0: port 1(bridge_slave_0) entered forwarding state [ 300.411406][ T5395] bridge0: port 2(bridge_slave_1) entered blocking state [ 300.415240][ T5395] bridge0: port 2(bridge_slave_1) entered forwarding state [ 300.545941][ T9351] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 300.663622][ T9351] veth0_vlan: entered promiscuous mode [ 300.683743][ T9351] veth1_vlan: entered promiscuous mode [ 300.747798][ T9351] veth0_macvtap: entered promiscuous mode [ 300.757953][ T9378] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 300.774797][ T9351] veth1_macvtap: entered promiscuous mode [ 300.807855][ T9351] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 300.813229][ T9351] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 300.819155][ T9351] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 300.823783][ T9351] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 300.828317][ T9351] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 300.833005][ T9351] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 300.838851][ T9351] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 300.843365][ T9351] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 300.851048][ T9351] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 300.885029][ T9378] veth0_vlan: entered promiscuous mode [ 300.892099][ T9351] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 300.900864][ T9351] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 300.909064][ T9351] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 300.913695][ T9351] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 300.922207][ T9351] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 300.930181][ T9351] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 300.934896][ T9351] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 300.942250][ T9351] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 300.949017][ T9351] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 300.957243][ T9351] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 300.960951][ T9351] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 300.964674][ T9351] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 300.968789][ T9351] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 301.005977][ T9378] veth1_vlan: entered promiscuous mode [ 301.346763][ T9480] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1078'. [ 301.366673][ T9378] veth0_macvtap: entered promiscuous mode [ 301.379773][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 301.383010][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 301.394033][ T9477] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1078'. [ 301.396370][ T9483] sd 0:0:0:0: PR command failed: 1026 [ 301.405361][ T9483] sd 0:0:0:0: Sense Key : Illegal Request [current] [ 301.408261][ T9378] veth1_macvtap: entered promiscuous mode [ 301.409110][ T9483] sd 0:0:0:0: Add. Sense: Invalid command operation code [ 301.526394][ T1108] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 301.530699][ T1108] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 301.586727][ T1105] IPVS: stop unused estimator thread 0... [ 301.597776][ T9492] trusted_key: encrypted_key: insufficient parameters specified [ 301.598635][ T9378] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 301.604263][ T1105] IPVS: stop unused estimator thread 0... [ 301.614054][ T40] audit: type=1400 audit(1722489558.990:767): avc: denied { shutdown } for pid=9493 comm="syz.0.1080" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 301.625287][ T9378] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 301.629209][ T9378] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 301.631051][ T40] audit: type=1400 audit(1722489559.010:768): avc: denied { read } for pid=9493 comm="syz.0.1080" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 301.633388][ T9378] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 301.647268][ T9378] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 301.652324][ T9378] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 301.656680][ T9378] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 301.661536][ T9378] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 301.667964][ T9378] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 301.672480][ T9378] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 301.679640][ T9378] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 301.693986][ T9378] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 301.700884][ T9378] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 301.706543][ T9378] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 301.711117][ T9378] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 301.716401][ T9378] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 301.721089][ T9378] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 301.725072][ T9378] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 301.731591][ T9378] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 301.736362][ T9378] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 301.740848][ T9378] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 301.747685][ T9378] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 301.767902][ T9378] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 301.771796][ T9378] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 301.778651][ T9378] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 301.782420][ T9378] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 301.807881][ T5346] Bluetooth: hci5: unknown advertising packet type: 0x73 [ 301.946249][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 301.950900][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 302.003533][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 302.008569][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 302.072282][ T5346] Bluetooth: hci6: unexpected event 0x18 length: 1 < 23 [ 302.081158][ T9506] fuse: Unknown parameter '01777777777777777777777ÿÿÿÿÿÿÿÿ00000000000000000000' [ 302.111731][ T9509] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1063'. [ 302.256638][ T9514] sd 0:0:0:0: PR command failed: 1026 [ 302.258944][ T9514] sd 0:0:0:0: Sense Key : Illegal Request [current] [ 302.261805][ T9514] sd 0:0:0:0: Add. Sense: Invalid command operation code [ 303.128061][ T9527] netlink: 'syz.3.1088': attribute type 12 has an invalid length. [ 303.182836][ T9526] bridge: RTM_NEWNEIGH with invalid ether address [ 303.438858][ T9534] trusted_key: encrypted_key: insufficient parameters specified [ 304.002525][ T9544] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1092'. [ 304.239246][ T5346] Bluetooth: hci3: unexpected event 0x18 length: 1 < 23 [ 304.267527][ T9552] fuse: Unknown parameter '01777777777777777777777ÿÿÿÿÿÿÿÿ00000000000000000000' [ 305.017380][ T40] audit: type=1400 audit(1722489562.400:769): avc: denied { ioctl } for pid=9554 comm="syz.2.1098" path="socket:[34560]" dev="sockfs" ino=34560 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 305.041730][ T40] audit: type=1400 audit(1722489562.420:770): avc: denied { write } for pid=9556 comm="syz.3.1096" name="ndctl0" dev="devtmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 305.055878][ T40] audit: type=1400 audit(1722489562.420:771): avc: denied { ioctl } for pid=9556 comm="syz.3.1096" path="/dev/ndctl0" dev="devtmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 305.260025][ T40] audit: type=1400 audit(1722489562.640:772): avc: denied { map } for pid=9562 comm="syz.3.1099" path="/dev/binderfs/binder0" dev="binder" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 305.271438][ T9564] binder: BINDER_SET_CONTEXT_MGR already set [ 305.274580][ T9564] binder: 9562:9564 ioctl 4018620d 20000040 returned -16 [ 305.326119][ T5382] usb 6-1: new high-speed USB device number 15 using dummy_hcd [ 305.564756][ T5382] usb 6-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 305.569738][ T5382] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 305.573176][ T5382] usb 6-1: Product: syz [ 305.574976][ T5382] usb 6-1: Manufacturer: syz [ 305.579806][ T5382] usb 6-1: SerialNumber: syz [ 305.584463][ T5382] usb 6-1: config 0 descriptor?? [ 305.801279][ T5382] usb 6-1: USB disconnect, device number 15 [ 306.470057][ T9571] netlink: 'syz.2.1101': attribute type 12 has an invalid length. [ 307.043795][ T40] audit: type=1400 audit(1722489564.420:773): avc: denied { ioctl } for pid=9565 comm="syz.0.1100" path="socket:[34579]" dev="sockfs" ino=34579 ioctlcmd=0x89e8 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 307.596763][ T9575] ALSA: seq fatal error: cannot create timer (-22) [ 307.603993][ T9564] syz.3.1099 (9564): drop_caches: 2 [ 307.903415][ T5346] Bluetooth: hci5: unexpected event 0x18 length: 1 < 23 [ 308.326621][ T9587] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1106'. [ 308.587673][ T9595] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1107'. [ 308.592644][ T9594] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1107'. [ 308.762413][ T9599] tc_dump_action: action bad kind [ 309.075264][ T5382] usb 7-1: new high-speed USB device number 11 using dummy_hcd [ 309.234816][ T9603] sd 0:0:0:0: PR command failed: 1026 [ 309.254577][ T9603] sd 0:0:0:0: Sense Key : Illegal Request [current] [ 309.263983][ T9603] sd 0:0:0:0: Add. Sense: Invalid command operation code [ 309.274992][ T5382] usb 7-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config [ 309.280522][ T5382] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21 [ 309.286239][ T5382] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 309.290302][ T5382] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 309.313400][ T5382] usb 7-1: config 0 descriptor?? [ 309.327463][ T5382] usbhid 7-1:0.0: couldn't find an input interrupt endpoint [ 309.626250][ T5346] Bluetooth: hci4: Received unexpected HCI Event 0x00 [ 309.710855][ T9610] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1111'. [ 309.793690][ T5346] Bluetooth: Wrong link type (-71) [ 311.206085][ T9618] netlink: 'syz.3.1114': attribute type 12 has an invalid length. [ 311.776472][ T5383] usb 7-1: USB disconnect, device number 11 [ 311.948547][ T5346] Bluetooth: hci6: unexpected event 0x18 length: 1 < 23 [ 312.179790][ T40] audit: type=1400 audit(1722489569.560:774): avc: denied { mount } for pid=9625 comm="syz.3.1117" name="/" dev="configfs" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1 [ 312.186298][ T9630] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1116'. [ 312.203008][ T9624] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1116'. [ 312.215736][ T40] audit: type=1400 audit(1722489569.590:775): avc: denied { search } for pid=9625 comm="syz.3.1117" name="/" dev="configfs" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 313.051925][ T9644] fuse: Bad value for 'user_id' [ 313.054332][ T9644] fuse: Bad value for 'user_id' [ 313.062541][ T5346] Bluetooth: hci3: SCO packet for unknown connection handle 0 [ 313.653198][ T9653] ALSA: seq fatal error: cannot create timer (-22) [ 313.679810][ T9653] netlink: 'syz.3.1123': attribute type 19 has an invalid length. [ 313.771909][ T9653] xt_connbytes: Forcing CT accounting to be enabled [ 313.775093][ T9653] Cannot find add_set index 0 as target [ 314.591481][ T9663] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1127'. [ 314.596525][ T9662] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1127'. [ 314.814831][ T9667] fuse: Bad value for 'fd' [ 315.300064][ T40] audit: type=1400 audit(1722489572.670:776): avc: denied { setattr } for pid=9673 comm="syz.0.1132" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 316.872051][ T40] audit: type=1400 audit(1722489574.250:777): avc: denied { setopt } for pid=9699 comm="syz.1.1140" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 316.906543][ T7807] usb 7-1: new high-speed USB device number 12 using dummy_hcd [ 317.024492][ T9702] netlink: 'syz.3.1139': attribute type 12 has an invalid length. [ 317.095245][ T7807] usb 7-1: Using ep0 maxpacket: 32 [ 317.128747][ T7807] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 317.142027][ T7807] usb 7-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 317.151609][ T7807] usb 7-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 317.176071][ T7807] usb 7-1: Product: syz [ 317.181821][ T7807] usb 7-1: Manufacturer: syz [ 317.184142][ T7807] usb 7-1: SerialNumber: syz [ 317.197526][ T7807] usb 7-1: config 0 descriptor?? [ 317.213074][ T9696] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 317.499681][ T10] usb 7-1: USB disconnect, device number 12 [ 317.799261][ T5347] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 317.815523][ T5347] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 317.820175][ T5347] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 317.830640][ T5347] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 317.836441][ T5347] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 317.839935][ T5347] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 318.384875][ T1162] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 318.431528][ T9711] chnl_net:caif_netlink_parms(): no params data found [ 318.535864][ T1162] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 318.729520][ T1162] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 318.917203][ T1162] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 318.969470][ T9740] trusted_key: encrypted_key: insufficient parameters specified [ 319.107907][ T9735] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1148'. [ 319.115329][ T9735] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1148'. [ 319.158104][ T9711] bridge0: port 1(bridge_slave_0) entered blocking state [ 319.174089][ T9711] bridge0: port 1(bridge_slave_0) entered disabled state [ 319.192077][ T9711] bridge_slave_0: entered allmulticast mode [ 319.223490][ T9711] bridge_slave_0: entered promiscuous mode [ 319.312467][ T9711] bridge0: port 2(bridge_slave_1) entered blocking state [ 319.328050][ T9711] bridge0: port 2(bridge_slave_1) entered disabled state [ 319.339728][ T9711] bridge_slave_1: entered allmulticast mode [ 319.362593][ T9711] bridge_slave_1: entered promiscuous mode [ 319.568719][ T9711] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 319.633587][ T9711] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 319.636515][ T9745] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 319.755181][ T5347] Bluetooth: hci5: unexpected event 0x18 length: 1 < 23 [ 319.885480][ T5347] Bluetooth: hci1: command tx timeout [ 319.887353][ T9711] team0: Port device team_slave_0 added [ 319.964015][ T9711] team0: Port device team_slave_1 added [ 320.046234][ T9750] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.1152'. [ 320.051923][ T9749] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.1152'. [ 320.072356][ T1162] bridge_slave_1: left allmulticast mode [ 320.078465][ T1162] bridge_slave_1: left promiscuous mode [ 320.085402][ T1162] bridge0: port 2(bridge_slave_1) entered disabled state [ 320.098055][ T1162] bridge_slave_0: left allmulticast mode [ 320.100430][ T1162] bridge_slave_0: left promiscuous mode [ 320.103404][ T1162] bridge0: port 1(bridge_slave_0) entered disabled state [ 320.612974][ T1162] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 320.625065][ T1162] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 320.634484][ T1162] bond0 (unregistering): Released all slaves [ 320.671928][ T40] audit: type=1400 audit(1722489578.050:778): avc: denied { bind } for pid=9763 comm="syz.2.1156" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 320.732595][ T9711] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 320.755276][ T9711] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 320.785216][ T9711] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 320.796101][ T9711] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 320.799202][ T9711] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 320.818090][ T9711] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 320.972548][ T9773] netlink: 'syz.0.1158': attribute type 3 has an invalid length. [ 321.218810][ T9711] hsr_slave_0: entered promiscuous mode [ 321.223306][ T9711] hsr_slave_1: entered promiscuous mode [ 321.230310][ T9711] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 321.233388][ T9711] Cannot create hsr debugfs directory [ 321.339655][ T1162] hsr_slave_0: left promiscuous mode [ 321.340017][ T9782] trusted_key: encrypted_key: insufficient parameters specified [ 321.350225][ T1162] hsr_slave_1: left promiscuous mode [ 321.374270][ T1162] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 321.391556][ T1162] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 321.415809][ T1162] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 321.432284][ T1162] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 321.523133][ T1162] veth1_macvtap: left promiscuous mode [ 321.526467][ T1162] veth0_macvtap: left promiscuous mode [ 321.530335][ T1162] veth1_vlan: left promiscuous mode [ 321.533130][ T1162] veth0_vlan: left promiscuous mode [ 321.950358][ T9793] ufs: You didn't specify the type of your ufs filesystem [ 321.950358][ T9793] [ 321.950358][ T9793] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 321.950358][ T9793] [ 321.950358][ T9793] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 321.965464][ T5347] Bluetooth: hci1: command tx timeout [ 321.967487][ T9793] syz.2.1161: attempt to access beyond end of device [ 321.967487][ T9793] loop2: rw=0, sector=16, nr_sectors = 2 limit=0 [ 321.985531][ T40] audit: type=1400 audit(1722489579.360:779): avc: denied { getopt } for pid=9792 comm="syz.2.1161" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 322.069612][ T40] audit: type=1400 audit(1722489579.440:780): avc: denied { create } for pid=9794 comm="syz.2.1162" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 322.091493][ T40] audit: type=1400 audit(1722489579.450:781): avc: denied { connect } for pid=9794 comm="syz.2.1162" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 322.108601][ T40] audit: type=1400 audit(1722489579.450:782): avc: denied { write } for pid=9794 comm="syz.2.1162" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 322.771444][ T1381] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.774479][ T1381] ieee802154 phy1 wpan1: encryption failed: -22 [ 323.116531][ T1162] team0 (unregistering): Port device team_slave_1 removed [ 323.268737][ T1162] team0 (unregistering): Port device team_slave_0 removed [ 323.634901][ T9806] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1166'. [ 323.642921][ T9806] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1166'. [ 323.716538][ T9808] FAULT_INJECTION: forcing a failure. [ 323.716538][ T9808] name failslab, interval 1, probability 0, space 0, times 0 [ 323.722549][ T9808] CPU: 1 UID: 0 PID: 9808 Comm: syz.2.1167 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 323.727121][ T9808] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 323.732482][ T9808] Call Trace: [ 323.734013][ T9808] [ 323.735348][ T9808] dump_stack_lvl+0x16c/0x1f0 [ 323.738338][ T9808] should_fail_ex+0x497/0x5b0 [ 323.740434][ T9808] ? fs_reclaim_acquire+0xae/0x160 [ 323.743059][ T9808] should_failslab+0xc2/0x120 [ 323.745315][ T9808] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 323.747574][ T9808] ? posix_lock_inode+0x367/0x2350 [ 323.749744][ T9808] posix_lock_inode+0x367/0x2350 [ 323.751800][ T9808] ? file_has_perm+0x286/0x360 [ 323.753963][ T9808] ? __pfx_file_has_perm+0x10/0x10 [ 323.756314][ T9808] ? __pfx_posix_lock_inode+0x10/0x10 [ 323.758443][ T9808] ? lockdep_init_map_type+0x16d/0x7d0 [ 323.760955][ T9808] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 323.763735][ T9808] vfs_lock_file+0x107/0x150 [ 323.765990][ T9808] fcntl_setlk+0x420/0xe20 [ 323.767974][ T9808] ? __pfx_fcntl_setlk+0x10/0x10 [ 323.770286][ T9808] ? __pfx_lock_release+0x10/0x10 [ 323.772481][ T9808] ? __pfx___might_resched+0x10/0x10 [ 323.774769][ T9808] ? __might_fault+0xe3/0x190 [ 323.777017][ T9808] do_fcntl+0x43b/0x1380 [ 323.778844][ T9808] ? __pfx_do_fcntl+0x10/0x10 [ 323.780963][ T9808] ? selinux_file_fcntl+0x97/0x180 [ 323.783215][ T9808] __x64_sys_fcntl+0x174/0x200 [ 323.785009][ T9808] do_syscall_64+0xcd/0x250 [ 323.786881][ T9808] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 323.789398][ T9808] RIP: 0033:0x7f46bf9773b9 [ 323.791067][ T9808] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 323.799573][ T9808] RSP: 002b:00007f46c072e048 EFLAGS: 00000246 ORIG_RAX: 0000000000000048 [ 323.803673][ T9808] RAX: ffffffffffffffda RBX: 00007f46bfb05f80 RCX: 00007f46bf9773b9 [ 323.807566][ T9808] RDX: 00000000200006c0 RSI: 0000000000000007 RDI: 0000000000000003 [ 323.811278][ T9808] RBP: 00007f46c072e0a0 R08: 0000000000000000 R09: 0000000000000000 [ 323.814872][ T9808] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 323.818425][ T9808] R13: 000000000000000b R14: 00007f46bfb05f80 R15: 00007ffeb9c16e48 [ 323.821681][ T9808] [ 323.844011][ T40] audit: type=1400 audit(1722489581.220:783): avc: denied { lock } for pid=9807 comm="syz.2.1167" path="socket:[37175]" dev="sockfs" ino=37175 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1 [ 324.049889][ T5347] Bluetooth: hci1: command tx timeout [ 324.477660][ T9818] trusted_key: encrypted_key: insufficient parameters specified [ 325.201325][ T9827] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1171'. [ 325.221393][ T9822] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1171'. [ 325.636608][ T9841] netlink: 'syz.3.1175': attribute type 10 has an invalid length. [ 325.682827][ T40] audit: type=1400 audit(1722489583.040:784): avc: denied { read } for pid=9843 comm="syz.0.1176" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1 [ 325.728647][ T9844] 9pnet_fd: Insufficient options for proto=fd [ 325.735624][ T9841] batman_adv: batadv0: Adding interface: team0 [ 325.738200][ T9841] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 325.768320][ T9841] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 325.773998][ T9840] netlink: 'syz.3.1175': attribute type 10 has an invalid length. [ 325.795294][ T40] audit: type=1400 audit(1722489583.040:785): avc: denied { open } for pid=9843 comm="syz.0.1176" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1 [ 325.808638][ T9840] netlink: 2 bytes leftover after parsing attributes in process `syz.3.1175'. [ 325.820509][ T9840] team0: entered promiscuous mode [ 325.820902][ T40] audit: type=1400 audit(1722489583.110:786): avc: denied { mounton } for pid=9843 comm="syz.0.1176" path="/28/file0" dev="9p" ino=36575638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 325.830291][ T9840] team_slave_0: entered promiscuous mode [ 325.830490][ T9840] team_slave_1: entered promiscuous mode [ 325.857624][ T9840] 8021q: adding VLAN 0 to HW filter on device team0 [ 325.863785][ T9840] batman_adv: batadv0: Interface activated: team0 [ 325.867654][ T9840] batman_adv: batadv0: Interface deactivated: team0 [ 325.871279][ T9840] batman_adv: batadv0: Removing interface: team0 [ 325.885853][ T9840] bridge0: port 3(team0) entered blocking state [ 325.905313][ T9840] bridge0: port 3(team0) entered disabled state [ 325.933755][ T9840] team0: entered allmulticast mode [ 325.936003][ T9840] team_slave_0: entered allmulticast mode [ 325.938186][ T9840] team_slave_1: entered allmulticast mode [ 325.994634][ T9840] bridge0: port 3(team0) entered blocking state [ 325.998007][ T9840] bridge0: port 3(team0) entered forwarding state [ 326.135498][ T5347] Bluetooth: hci1: command tx timeout [ 326.274882][ T9850] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1178'. [ 326.346501][ T9852] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1179'. [ 326.521275][ T9711] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 326.530131][ T9711] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 326.545215][ T9711] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 326.582481][ T9711] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 326.757801][ T9861] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1182'. [ 326.871504][ T9858] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1182'. [ 327.110386][ T5347] Bluetooth: hci5: ISO packet for unknown connection handle 0 [ 327.352788][ T9711] 8021q: adding VLAN 0 to HW filter on device bond0 [ 327.598375][ T9711] 8021q: adding VLAN 0 to HW filter on device team0 [ 327.632080][ T5383] bridge0: port 1(bridge_slave_0) entered blocking state [ 327.635390][ T5383] bridge0: port 1(bridge_slave_0) entered forwarding state [ 327.651301][ T5383] bridge0: port 2(bridge_slave_1) entered blocking state [ 327.655378][ T5383] bridge0: port 2(bridge_slave_1) entered forwarding state [ 328.170682][ T9711] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 328.178895][ T9887] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=1040 sclass=netlink_xfrm_socket pid=9887 comm=syz.0.1187 [ 328.234243][ T9887] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1187'. [ 328.295724][ T9711] veth0_vlan: entered promiscuous mode [ 328.328514][ T9711] veth1_vlan: entered promiscuous mode [ 328.382770][ T9711] veth0_macvtap: entered promiscuous mode [ 328.412017][ T9711] veth1_macvtap: entered promiscuous mode [ 328.439125][ T9711] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 328.455198][ T9711] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 328.459851][ T9711] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 328.464249][ T9711] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 328.484702][ T9711] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 328.490626][ T9711] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 328.513735][ T9711] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 328.526124][ T9711] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 328.531396][ T9711] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 328.543644][ T9711] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 328.597825][ T9711] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 328.626251][ T9711] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 328.692084][ T9711] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 328.706433][ T9910] trusted_key: encrypted_key: insufficient parameters specified [ 328.738470][ T9711] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 328.743530][ T9711] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 328.755951][ T40] audit: type=1400 audit(1722489586.130:787): avc: denied { mount } for pid=9902 comm="syz.0.1189" name="/" dev="securityfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=filesystem permissive=1 [ 328.758491][ T9904] nftables ruleset with unbound chain [ 328.798146][ T9711] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 328.809969][ T9911] xt_CT: No such helper "pptp" [ 328.812371][ T9711] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 328.824343][ T9711] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 328.835178][ T9711] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 328.839672][ T9711] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 328.849204][ T9711] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 328.873286][ T9711] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 328.914946][ T9711] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 328.919476][ T9711] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 328.922831][ T9711] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 328.928111][ T9711] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 329.182808][ T1105] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 329.186498][ T1105] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 329.291068][ T1105] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 329.305724][ T1105] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 329.387298][ T9929] netlink: 'syz.0.1191': attribute type 41 has an invalid length. [ 329.757213][ T9946] FAULT_INJECTION: forcing a failure. [ 329.757213][ T9946] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 329.767404][ T9946] CPU: 1 UID: 0 PID: 9946 Comm: syz.2.1199 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 329.771931][ T9946] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 329.782186][ T9946] Call Trace: [ 329.783700][ T9946] [ 329.785049][ T9946] dump_stack_lvl+0x16c/0x1f0 [ 329.787130][ T9946] should_fail_ex+0x497/0x5b0 [ 329.789664][ T9946] _copy_to_user+0x30/0xc0 [ 329.792602][ T9946] simple_read_from_buffer+0xd0/0x160 [ 329.794748][ T9946] proc_fail_nth_read+0x1b0/0x290 [ 329.796858][ T9946] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 329.799188][ T9946] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 329.801795][ T9946] vfs_read+0x1d4/0xbd0 [ 329.803674][ T9946] ? __fdget_pos+0xeb/0x180 [ 329.805824][ T9946] ? __pfx_vfs_read+0x10/0x10 [ 329.808273][ T9946] ? __pfx___mutex_lock+0x10/0x10 [ 329.810903][ T9946] ? __fget_files+0x256/0x400 [ 329.813642][ T9946] ksys_read+0x12f/0x260 [ 329.815736][ T9946] ? __pfx_ksys_read+0x10/0x10 [ 329.817958][ T9946] do_syscall_64+0xcd/0x250 [ 329.820375][ T9946] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 329.823267][ T9946] RIP: 0033:0x7f46bf975dfc [ 329.825523][ T9946] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8d 02 00 48 [ 329.836037][ T9946] RSP: 002b:00007f46c072e040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 329.840546][ T9946] RAX: ffffffffffffffda RBX: 00007f46bfb05f80 RCX: 00007f46bf975dfc [ 329.844116][ T9946] RDX: 000000000000000f RSI: 00007f46c072e0b0 RDI: 0000000000000006 [ 329.848082][ T9946] RBP: 00007f46c072e0a0 R08: 0000000000000000 R09: 0000000000000000 [ 329.852033][ T9946] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 329.855769][ T9946] R13: 000000000000000b R14: 00007f46bfb05f80 R15: 00007ffeb9c16e48 [ 329.859483][ T9946] [ 329.930421][ T7807] IPVS: starting estimator thread 0... [ 330.016086][ T9953] IPVS: using max 20 ests per chain, 48000 per kthread [ 330.213821][ T9955] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=1040 sclass=netlink_xfrm_socket pid=9955 comm=syz.2.1201 [ 330.264249][ T9955] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1201'. [ 330.609046][ T9965] FAULT_INJECTION: forcing a failure. [ 330.609046][ T9965] name failslab, interval 1, probability 0, space 0, times 0 [ 330.615013][ T9965] CPU: 2 UID: 0 PID: 9965 Comm: syz.0.1206 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 330.619534][ T9965] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 330.624076][ T9965] Call Trace: [ 330.625733][ T9965] [ 330.627081][ T9965] dump_stack_lvl+0x16c/0x1f0 [ 330.629291][ T9965] should_fail_ex+0x497/0x5b0 [ 330.631295][ T9965] ? fs_reclaim_acquire+0xae/0x160 [ 330.633743][ T9965] should_failslab+0xc2/0x120 [ 330.635792][ T9965] kmem_cache_alloc_node_noprof+0x71/0x310 [ 330.637977][ T9965] ? __alloc_skb+0x2b1/0x380 [ 330.639728][ T9965] __alloc_skb+0x2b1/0x380 [ 330.641629][ T9965] ? __pfx___alloc_skb+0x10/0x10 [ 330.643839][ T9965] ? __pfx___lock_acquire+0x10/0x10 [ 330.646169][ T9965] ? _raw_spin_unlock_irqrestore+0x10/0x80 [ 330.648775][ T9965] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 330.651320][ T9965] tipc_buf_acquire+0x26/0xe0 [ 330.653388][ T9965] tipc_msg_build+0x10c/0x1120 [ 330.655445][ T9965] ? net_generic+0xea/0x2a0 [ 330.657456][ T9965] ? __pfx_lock_release+0x10/0x10 [ 330.659627][ T9965] ? __pfx_tipc_msg_build+0x10/0x10 [ 330.661678][ T9965] tipc_send_group_bcast+0x7ce/0xa60 [ 330.663668][ T9965] ? __pfx_tipc_send_group_bcast+0x10/0x10 [ 330.666165][ T9965] ? __pfx_woken_wake_function+0x10/0x10 [ 330.668560][ T9965] ? kasan_quarantine_put+0x10a/0x240 [ 330.670949][ T9965] ? lockdep_hardirqs_on+0x7c/0x110 [ 330.673218][ T9965] __tipc_sendmsg+0x11f1/0x1970 [ 330.675326][ T9965] ? __pfx_mark_lock+0x10/0x10 [ 330.677419][ T9965] ? mark_lock+0xb5/0xc60 [ 330.679272][ T9965] ? __pfx___tipc_sendmsg+0x10/0x10 [ 330.681529][ T9965] ? avc_has_perm_noaudit+0x119/0x3a0 [ 330.683536][ T9965] ? __pfx_lock_release+0x10/0x10 [ 330.685546][ T9965] ? hlock_class+0x4e/0x130 [ 330.687532][ T9965] ? __lock_acquire+0x1620/0x3cb0 [ 330.689861][ T9965] ? hlock_class+0x4e/0x130 [ 330.691946][ T9965] __tipc_sendstream+0xe1c/0x1170 [ 330.694157][ T9965] ? lock_acquire+0x1b1/0x560 [ 330.696234][ T9965] ? __pfx___tipc_sendstream+0x10/0x10 [ 330.699455][ T9965] ? tipc_send_packet+0x5e/0xa0 [ 330.701627][ T9965] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 330.705647][ T9965] ? mark_held_locks+0x9f/0xe0 [ 330.707664][ T9965] ? tipc_send_packet+0x5e/0xa0 [ 330.710180][ T9965] ? __local_bh_enable_ip+0xa4/0x120 [ 330.712592][ T9965] tipc_send_packet+0x6c/0xa0 [ 330.714604][ T9965] ____sys_sendmsg+0xab5/0xc90 [ 330.716555][ T9965] ? copy_msghdr_from_user+0x10b/0x160 [ 330.718507][ T9965] ? __pfx_____sys_sendmsg+0x10/0x10 [ 330.720738][ T9965] ? find_held_lock+0x2d/0x110 [ 330.722821][ T9965] ? __pfx___lock_acquire+0x10/0x10 [ 330.725182][ T9965] ___sys_sendmsg+0x135/0x1e0 [ 330.727267][ T9965] ? __pfx____sys_sendmsg+0x10/0x10 [ 330.729591][ T9965] ? ksys_write+0x21c/0x260 [ 330.731644][ T9965] ? __fget_light+0x173/0x210 [ 330.734388][ T9965] __sys_sendmsg+0x117/0x1f0 [ 330.736447][ T9965] ? __pfx___sys_sendmsg+0x10/0x10 [ 330.738734][ T9965] do_syscall_64+0xcd/0x250 [ 330.740696][ T9965] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 330.743178][ T9965] RIP: 0033:0x7f13045773b9 [ 330.745080][ T9965] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 330.752756][ T9965] RSP: 002b:00007f130534f048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 330.756168][ T9965] RAX: ffffffffffffffda RBX: 00007f1304705f80 RCX: 00007f13045773b9 [ 330.759559][ T9965] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 330.762876][ T9965] RBP: 00007f130534f0a0 R08: 0000000000000000 R09: 0000000000000000 [ 330.765951][ T9965] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 330.768684][ T9965] R13: 000000000000000b R14: 00007f1304705f80 R15: 00007ffc96dcecc8 [ 330.771642][ T9965] [ 331.021830][ T9976] sctp: [Deprecated]: syz.0.1208 (pid 9976) Use of struct sctp_assoc_value in delayed_ack socket option. [ 331.021830][ T9976] Use struct sctp_sack_info instead [ 331.044585][ T40] audit: type=1400 audit(1722489588.420:788): avc: denied { setopt } for pid=9975 comm="syz.0.1208" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 332.082823][ T9984] FAULT_INJECTION: forcing a failure. [ 332.082823][ T9984] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 332.088789][ T9984] CPU: 1 UID: 0 PID: 9984 Comm: syz.2.1210 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 332.093482][ T9984] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 332.099450][ T9984] Call Trace: [ 332.101265][ T9984] [ 332.102932][ T9984] dump_stack_lvl+0x16c/0x1f0 [ 332.105577][ T9984] should_fail_ex+0x497/0x5b0 [ 332.108187][ T9984] _copy_from_user+0x30/0xf0 [ 332.110219][ T9984] __x64_sys_epoll_ctl+0x132/0x1e0 [ 332.112769][ T9984] ? __pfx___x64_sys_epoll_ctl+0x10/0x10 [ 332.115900][ T9984] do_syscall_64+0xcd/0x250 [ 332.118003][ T9984] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 332.121298][ T9984] RIP: 0033:0x7f46bf9773b9 [ 332.123198][ T9984] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 332.132337][ T9984] RSP: 002b:00007f46c06ec048 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9 [ 332.136571][ T9984] RAX: ffffffffffffffda RBX: 00007f46bfb06130 RCX: 00007f46bf9773b9 [ 332.139998][ T9984] RDX: 0000000000000007 RSI: 0000000000000001 RDI: 0000000000000006 [ 332.143113][ T9984] RBP: 00007f46c06ec0a0 R08: 0000000000000000 R09: 0000000000000000 [ 332.145507][ T9984] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000001 [ 332.148483][ T9984] R13: 000000000000006e R14: 00007f46bfb06130 R15: 00007ffeb9c16e48 [ 332.152339][ T9984] [ 332.505272][ T5382] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 332.686976][ T5382] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 332.692044][ T5382] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 332.697058][ T5382] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 253 [ 332.704126][ T5382] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 332.708342][ T5382] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 332.712068][ T5382] usb 5-1: Manufacturer: syz [ 332.718101][ T5382] usb 5-1: config 0 descriptor?? [ 332.725986][ T5382] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 332.989687][ T40] audit: type=1400 audit(1722489590.370:789): avc: denied { read } for pid=9992 comm="syz.1.1213" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 333.047212][ T9990] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=1040 sclass=netlink_xfrm_socket pid=9990 comm=syz.2.1214 [ 333.098369][ T9990] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1214'. [ 333.272029][T10002] syz.3.1217: attempt to access beyond end of device [ 333.272029][T10002] loop3: rw=0, sector=16, nr_sectors = 8 limit=0 [ 333.278155][T10002] REISERFS warning (device loop3): sh-2006 read_super_block: bread failed (dev loop3, block 2, size 4096) [ 333.283183][T10002] syz.3.1217: attempt to access beyond end of device [ 333.283183][T10002] loop3: rw=0, sector=128, nr_sectors = 8 limit=0 [ 333.290199][T10002] REISERFS warning (device loop3): sh-2006 read_super_block: bread failed (dev loop3, block 16, size 4096) [ 333.353656][T10005] atomic_op ffff888020172198 conn xmit_atomic 0000000000000000 [ 333.383945][T10005] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1218'. [ 333.398852][T10005] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1218'. [ 333.406362][T10005] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1218'. [ 333.596004][ T40] audit: type=1400 audit(1722489590.970:790): avc: denied { read } for pid=10008 comm="syz.2.1219" name="/" dev="configfs" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 333.608309][ T40] audit: type=1400 audit(1722489590.970:791): avc: denied { open } for pid=10008 comm="syz.2.1219" path="/59/file0" dev="configfs" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 333.614049][ T5347] Bluetooth: hci6: link tx timeout [ 333.617905][ T5347] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa [ 333.704179][T10014] loop8: detected capacity change from 0 to 7 [ 333.732203][T10014] loop8: [POWERTEC] p1 [ 333.738761][T10014] loop8: p1 size 1969368878 extends beyond EOD, truncated [ 333.865863][T10008] [ 333.866811][T10008] ====================================================== [ 333.869471][T10008] WARNING: possible circular locking dependency detected [ 333.873987][T10008] 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 Not tainted [ 333.878773][T10008] ------------------------------------------------------ [ 333.881867][T10008] syz.2.1219/10008 is trying to acquire lock: [ 333.884551][T10008] ffff88804ab9f008 (kn->active#5){++++}-{0:0}, at: __kernfs_remove+0x281/0x670 [ 333.888784][T10008] [ 333.888784][T10008] but task is already holding lock: [ 333.892618][T10008] ffff888020ef64c8 (&disk->open_mutex){+.+.}-{3:3}, at: bdev_release+0x166/0x6f0 [ 333.896641][T10008] [ 333.896641][T10008] which lock already depends on the new lock. [ 333.896641][T10008] [ 333.901128][T10008] [ 333.901128][T10008] the existing dependency chain (in reverse order) is: [ 333.905355][T10008] [ 333.905355][T10008] -> #2 (&disk->open_mutex){+.+.}-{3:3}: [ 333.908783][T10008] __mutex_lock+0x175/0x9c0 [ 333.911015][T10008] bdev_open+0x41a/0xe40 [ 333.913128][T10008] bdev_file_open_by_dev+0x17d/0x210 [ 333.915732][T10008] disk_scan_partitions+0x1ed/0x320 [ 333.918237][T10008] device_add_disk+0xfbb/0x12d0 [ 333.920644][T10008] pmem_attach_disk+0x9ab/0x13c0 [ 333.923126][T10008] nd_pmem_probe+0x1a9/0x1f0 [ 333.925408][T10008] nvdimm_bus_probe+0x169/0x5d0 [ 333.928191][T10008] really_probe+0x23e/0xa90 [ 333.931269][T10008] __driver_probe_device+0x1de/0x440 [ 333.933701][T10008] driver_probe_device+0x4c/0x1b0 [ 333.935883][T10008] __driver_attach+0x283/0x580 [ 333.937984][T10008] bus_for_each_dev+0x13c/0x1d0 [ 333.940138][T10008] bus_add_driver+0x2e9/0x690 [ 333.942219][T10008] driver_register+0x15c/0x4b0 [ 333.944267][T10008] __nd_driver_register+0x103/0x1a0 [ 333.946530][T10008] do_one_initcall+0x128/0x700 [ 333.948586][T10008] kernel_init_freeable+0x69d/0xca0 [ 333.950795][T10008] kernel_init+0x1c/0x2b0 [ 333.953024][T10008] ret_from_fork+0x45/0x80 [ 333.955530][T10008] ret_from_fork_asm+0x1a/0x30 [ 333.957822][T10008] [ 333.957822][T10008] -> #1 (&nvdimm_namespace_key){+.+.}-{3:3}: [ 333.961690][T10008] __mutex_lock+0x175/0x9c0 [ 333.963999][T10008] uevent_show+0x188/0x3b0 [ 333.966090][T10008] dev_attr_show+0x53/0xe0 [ 333.967899][T10008] sysfs_kf_seq_show+0x23e/0x410 [ 333.970112][T10008] seq_read_iter+0x4fa/0x12c0 [ 333.972132][T10008] kernfs_fop_read_iter+0x41a/0x590 [ 333.974374][T10008] vfs_read+0x869/0xbd0 [ 333.976032][T10008] ksys_read+0x12f/0x260 [ 333.977517][T10008] do_syscall_64+0xcd/0x250 [ 333.979371][T10008] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 333.982492][T10008] [ 333.982492][T10008] -> #0 (kn->active#5){++++}-{0:0}: [ 333.986117][T10008] __lock_acquire+0x24ed/0x3cb0 [ 333.988358][T10008] lock_acquire+0x1b1/0x560 [ 333.990482][T10008] kernfs_drain+0x48f/0x590 [ 333.992683][T10008] __kernfs_remove+0x281/0x670 [ 333.994911][T10008] kernfs_remove_by_name_ns+0xb2/0x130 [ 333.997457][T10008] device_del+0x381/0x9f0 [ 333.999760][T10008] drop_partition+0x109/0x1c0 [ 334.002794][T10008] bdev_disk_changed+0x24d/0x14e0 [ 334.005661][T10008] __loop_clr_fd+0x5f5/0x770 [ 334.008453][T10008] lo_release+0x139/0x1e0 [ 334.010737][T10008] blkdev_put_whole+0xad/0xf0 [ 334.012472][T10008] bdev_release+0x496/0x6f0 [ 334.014762][T10008] blkdev_release+0x15/0x20 [ 334.017370][T10008] __fput+0x408/0xbb0 [ 334.019406][T10008] task_work_run+0x14e/0x250 [ 334.021891][T10008] syscall_exit_to_user_mode+0x27b/0x2a0 [ 334.024750][T10008] do_syscall_64+0xda/0x250 [ 334.026910][T10008] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 334.029619][T10008] [ 334.029619][T10008] other info that might help us debug this: [ 334.029619][T10008] [ 334.033945][T10008] Chain exists of: [ 334.033945][T10008] kn->active#5 --> &nvdimm_namespace_key --> &disk->open_mutex [ 334.033945][T10008] [ 334.039966][T10008] Possible unsafe locking scenario: [ 334.039966][T10008] [ 334.043302][T10008] CPU0 CPU1 [ 334.045647][T10008] ---- ---- [ 334.047899][T10008] lock(&disk->open_mutex); [ 334.049819][T10008] lock(&nvdimm_namespace_key); [ 334.053472][T10008] lock(&disk->open_mutex); [ 334.057891][T10008] lock(kn->active#5); [ 334.060019][T10008] [ 334.060019][T10008] *** DEADLOCK *** [ 334.060019][T10008] [ 334.064726][T10008] 1 lock held by syz.2.1219/10008: [ 334.067667][T10008] #0: ffff888020ef64c8 (&disk->open_mutex){+.+.}-{3:3}, at: bdev_release+0x166/0x6f0 [ 334.072175][T10008] [ 334.072175][T10008] stack backtrace: [ 334.075122][T10008] CPU: 1 UID: 0 PID: 10008 Comm: syz.2.1219 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 334.080589][T10008] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 334.085391][T10008] Call Trace: [ 334.086878][T10008] [ 334.088179][T10008] dump_stack_lvl+0x116/0x1f0 [ 334.090261][T10008] check_noncircular+0x31a/0x400 [ 334.092340][T10008] ? __pfx_check_noncircular+0x10/0x10 [ 334.094545][T10008] ? hlock_conflict+0x58/0x200 [ 334.097158][T10008] ? lockdep_lock+0xc6/0x200 [ 334.099870][T10008] ? __pfx_lockdep_lock+0x10/0x10 [ 334.102381][T10008] ? __pfx_mark_lock+0x10/0x10 [ 334.104561][T10008] __lock_acquire+0x24ed/0x3cb0 [ 334.106786][T10008] ? __pfx___lock_acquire+0x10/0x10 [ 334.109320][T10008] ? hlock_class+0x4e/0x130 [ 334.112053][T10008] ? __lock_acquire+0x1620/0x3cb0 [ 334.114032][T10008] lock_acquire+0x1b1/0x560 [ 334.115782][T10008] ? __kernfs_remove+0x281/0x670 [ 334.117707][T10008] ? __pfx_lock_acquire+0x10/0x10 [ 334.119800][T10008] ? __pfx___lock_acquire+0x10/0x10 [ 334.121815][T10008] ? up_write+0x1b2/0x520 [ 334.123545][T10008] kernfs_drain+0x48f/0x590 [ 334.126059][T10008] ? __kernfs_remove+0x281/0x670 [ 334.129631][T10008] ? __pfx_lock_acquire+0x10/0x10 [ 334.132418][T10008] ? __pfx_kernfs_drain+0x10/0x10 [ 334.134326][T10008] __kernfs_remove+0x281/0x670 [ 334.136693][T10008] kernfs_remove_by_name_ns+0xb2/0x130 [ 334.141824][T10008] device_del+0x381/0x9f0 [ 334.144626][T10008] ? __pfx_device_del+0x10/0x10 [ 334.147037][T10008] drop_partition+0x109/0x1c0 [ 334.149600][T10008] bdev_disk_changed+0x24d/0x14e0 [ 334.152462][T10008] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 334.155126][T10008] ? __pfx_bdev_disk_changed+0x10/0x10 [ 334.157713][T10008] ? filemap_write_and_wait_range+0x7d/0x130 [ 334.160551][T10008] __loop_clr_fd+0x5f5/0x770 [ 334.162812][T10008] ? __pfx___loop_clr_fd+0x10/0x10 [ 334.165146][T10008] ? __pfx_lock_release+0x10/0x10 [ 334.167532][T10008] lo_release+0x139/0x1e0 [ 334.169557][T10008] ? __pfx_lo_release+0x10/0x10 [ 334.171947][T10008] blkdev_put_whole+0xad/0xf0 [ 334.174636][T10008] bdev_release+0x496/0x6f0 [ 334.176461][T10008] ? task_work_run+0x40/0x250 [ 334.178379][T10008] ? evm_file_release+0xd6/0x1d0 [ 334.180379][T10008] ? __pfx_blkdev_release+0x10/0x10 [ 334.182825][T10008] blkdev_release+0x15/0x20 [ 334.185218][T10008] __fput+0x408/0xbb0 [ 334.188196][T10008] task_work_run+0x14e/0x250 [ 334.192454][T10008] ? __pfx_task_work_run+0x10/0x10 [ 334.195647][T10008] syscall_exit_to_user_mode+0x27b/0x2a0 [ 334.198881][T10008] do_syscall_64+0xda/0x250 [ 334.200868][T10008] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 334.203321][T10008] RIP: 0033:0x7f46bf9773b9 [ 334.205298][T10008] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 334.213400][T10008] RSP: 002b:00007ffeb9c16fa8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 334.217052][T10008] RAX: 0000000000000000 RBX: 00007f46bfb07a80 RCX: 00007f46bf9773b9 [ 334.220618][T10008] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 334.224156][T10008] RBP: 00007f46bfb07a80 R08: 00007f46bfaf2000 R09: 00007ffeb9c1728f [ 334.228027][T10008] R10: 00000000003ffbb8 R11: 0000000000000246 R12: 00000000000519a9 [ 334.231547][T10008] R13: 00007ffeb9c170a0 R14: 00007ffeb9c170c0 R15: ffffffffffffffff [ 334.234919][T10008] [ 334.279751][ T40] audit: type=1400 audit(1722489591.660:792): avc: denied { unmount } for pid=9310 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 335.062625][ T1105] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 335.148057][ T5382] usb 5-1: USB disconnect, device number 17 [ 335.211424][ T1105] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 335.305012][ T1105] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 335.406920][ T1105] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 335.563631][ T1105] bridge_slave_1: left allmulticast mode [ 335.567602][ T1105] bridge_slave_1: left promiscuous mode [ 335.570972][ T1105] bridge0: port 2(bridge_slave_1) entered disabled state [ 335.577976][ T1105] bridge_slave_0: left allmulticast mode [ 335.580246][ T1105] bridge_slave_0: left promiscuous mode [ 335.582663][ T1105] bridge0: port 1(bridge_slave_0) entered disabled state [ 335.655282][ T5346] Bluetooth: hci6: command 0x0406 tx timeout [ 335.823575][ T1105] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 335.829341][ T1105] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 335.839140][ T1105] bond0 (unregistering): Released all slaves [ 336.313667][ T1105] hsr_slave_0: left promiscuous mode [ 336.317130][ T1105] hsr_slave_1: left promiscuous mode [ 336.320867][ T1105] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 336.323843][ T1105] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 336.343775][ T1105] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 336.349463][ T1105] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 336.354728][ T1105] veth1_macvtap: left promiscuous mode [ 336.356883][ T1105] veth0_macvtap: left promiscuous mode [ 336.358917][ T1105] veth1_vlan: left promiscuous mode [ 336.360982][ T1105] veth0_vlan: left promiscuous mode [ 336.831939][ T1105] team0 (unregistering): Port device team_slave_1 removed [ 336.897142][ T1105] team0 (unregistering): Port device team_slave_0 removed [ 337.738335][ T1105] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 337.839784][ T1105] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 337.923007][ T1105] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 338.031951][ T1105] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 338.202579][ T1105] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 338.274846][ T1105] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 338.339226][ T1105] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 338.430863][ T1105] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 338.622538][ T1105] bridge_slave_1: left allmulticast mode [ 338.625626][ T1105] bridge_slave_1: left promiscuous mode [ 338.628148][ T1105] bridge0: port 2(bridge_slave_1) entered disabled state [ 338.633776][ T1105] bridge_slave_0: left allmulticast mode [ 338.637577][ T1105] bridge_slave_0: left promiscuous mode [ 338.641251][ T1105] bridge0: port 1(bridge_slave_0) entered disabled state [ 338.647835][ T1105] team0: left allmulticast mode [ 338.650442][ T1105] team_slave_0: left allmulticast mode [ 338.652784][ T1105] team_slave_1: left allmulticast mode [ 338.655686][ T1105] bridge0: port 3(team0) entered disabled state [ 338.661470][ T1105] bridge_slave_1: left allmulticast mode [ 338.664748][ T1105] bridge_slave_1: left promiscuous mode [ 338.667389][ T1105] bridge0: port 2(bridge_slave_1) entered disabled state [ 338.674484][ T1105] bridge_slave_0: left allmulticast mode [ 338.677234][ T1105] bridge_slave_0: left promiscuous mode [ 338.680069][ T1105] bridge0: port 1(bridge_slave_0) entered disabled state [ 339.087339][ T1105] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 339.094753][ T1105] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 339.101071][ T1105] bond0 (unregistering): Released all slaves [ 339.114332][ T1105] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 339.123963][ T1105] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 339.137470][ T1105] bond0 (unregistering): Released all slaves [ 339.753866][ T1105] hsr_slave_0: left promiscuous mode [ 339.763126][ T1105] hsr_slave_1: left promiscuous mode [ 339.768187][ T1105] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 339.772574][ T1105] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 339.778365][ T1105] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 339.782657][ T1105] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 339.793090][ T1105] hsr_slave_0: left promiscuous mode [ 339.831916][ T1105] hsr_slave_1: left promiscuous mode [ 339.836984][ T1105] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 339.840071][ T1105] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 339.844068][ T1105] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 339.848222][ T1105] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 339.862064][ T1105] veth1_macvtap: left promiscuous mode [ 339.866366][ T1105] veth0_macvtap: left promiscuous mode [ 339.868805][ T1105] veth1_vlan: left promiscuous mode [ 339.871138][ T1105] veth0_vlan: left promiscuous mode [ 339.879990][ T1105] veth1_macvtap: left promiscuous mode [ 339.882233][ T1105] veth0_macvtap: left promiscuous mode [ 339.884648][ T1105] veth1_vlan: left promiscuous mode [ 339.889855][ T1105] veth0_vlan: left promiscuous mode [ 340.437974][ T1105] team0 (unregistering): Port device team_slave_1 removed [ 340.449837][ T1105] team0 (unregistering): Port device team_slave_0 removed [ 340.998210][ T1105] team_slave_1 (unregistering): left promiscuous mode [ 341.002507][ T1105] team0 (unregistering): Port device team_slave_1 removed [ 341.026671][ T1105] team_slave_0 (unregistering): left promiscuous mode [ 341.039677][ T1105] team0 (unregistering): Port device team_slave_0 removed [ 342.130267][ T1105] IPVS: stop unused estimator thread 0... VM DIAGNOSIS: 05:19:51 Registers: info registers vcpu 0 CPU#0 RAX=dffffc0000000000 RBX=ffffea00008b3b80 RCX=ffffffff81d697fc RDX=0000000000000000 RSI=0000000000000000 RDI=0000000000000000 RBP=0000000000000000 RSP=ffffc90003757630 R8 =0000000000000005 R9 =0000000000000001 R10=0000000000000000 R11=1ffffffff1bb8091 R12=ffffea00008b3b80 R13=dffffc0000000000 R14=ffff88802562d7c0 R15=ffffc90003757ab8 RIP=ffffffff818a766e RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806b000000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000110c38608f CR3=000000001b462000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000040001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4ad0de56c5 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4ad0de56d2 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4ad0de56cc ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4ad0de56e0 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4ad0de5766 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4ad0de5844 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4ad0ed5488 00007f4ad0ed5480 00007f4ad0ed5478 00007f4ad0ed5450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4ad1a3d100 00007f4ad0ed5440 00007f4ad0ed0004 0008000f0010000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4ad0ed5498 00007f4ad0ed5490 00007f4ad0ed5488 00007f4ad0ed5480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff84fe2745 RDI=ffffffff9519a720 RBP=ffffffff9519a6e0 RSP=ffffc90003496f80 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=722d302e31312e36 R12=0000000000000000 R13=0000000000000030 R14=ffffffff84fe26e0 R15=0000000000000000 RIP=ffffffff84fe276f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 000055557dec3500 ffffffff 00c00000 GS =0000 ffff88806b100000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000055b1792ef188 CR3=000000004bc56000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008000100 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffeb9c171d0 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f46bf9e56c5 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f46bf9e56d2 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f46bf9e56cc ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f46bf9e56e0 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f46bf9e5766 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f46bf9e5844 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000d1c384 RBX=0000000000000002 RCX=ffffffff8b11a529 RDX=ffffed100d646fda RSI=ffffffff8bb08400 RDI=ffffffff816260ac RBP=ffffed10030db000 RSP=ffffc90000197e08 R8 =0000000000000000 R9 =ffffed100d646fd9 R10=ffff88806b237ecb R11=0000000000000001 R12=0000000000000002 R13=ffff8880186d8000 R14=ffffffff9012b0d8 R15=0000000000000000 RIP=ffffffff8b11b91f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806b200000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f2e987d2440 CR3=000000004a61a000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000040001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f13045e56c5 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f13045e56d2 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f13045e56cc ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f13045e56e0 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f13045e5766 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f13045e5844 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f13046d5488 00007f13046d5480 00007f13046d5478 00007f13046d5450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f130523d100 00007f13046d5440 00007f13046d0004 0000000b000c000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f13046d5498 00007f13046d5490 00007f13046d5488 00007f13046d5480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 0000000000000000 0000000000000000 00000000000000a0 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000cc942c RBX=0000000000000003 RCX=ffffffff8b11a529 RDX=ffffed100d666fda RSI=ffffffff8bb08400 RDI=ffffffff816260ac RBP=ffffed10030db488 RSP=ffffc900001a7e08 R8 =0000000000000000 R9 =ffffed100d666fd9 R10=ffff88806b337ecb R11=0000000000000001 R12=0000000000000003 R13=ffff8880186da440 R14=ffffffff9012b0d8 R15=0000000000000000 RIP=ffffffff8b11b91f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806b300000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000207e3000 CR3=0000000040d04000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000001000000 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc96dcf050 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f13045e56c5 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f13045e56d2 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f13045e56cc ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f13045e56e0 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f13045e5766 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f13045e5844 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000a0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 0000000000000000 0000000000000000 00000000000000a0 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000