last executing test programs: 2m53.527428965s ago: executing program 3 (id=2591): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'}) open$dir(0x0, 0x20a40, 0x90) r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0xfffffffffffffe1d) ioctl$sock_netdev_private(r1, 0x8914, &(0x7f0000000000)) r2 = syz_init_net_socket$x25(0x9, 0x5, 0x0) r3 = syz_init_net_socket$ax25(0x3, 0x3, 0xcf) bind$ax25(r3, &(0x7f0000000540)={{0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x1}, [@default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x48) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@newqdisc={0x3c, 0x24, 0xf0b, 0x0, 0x0, {0x60, 0x0, 0x0, 0x0, {0x5, 0x10}, {0x2, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_NAT={0x8, 0xb, 0x1}]}}]}, 0x3c}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e"], 0x50}}, 0x4000000) r4 = socket(0x10, 0x3, 0x0) sendmmsg(r4, &(0x7f0000000000), 0x4000000000001f2, 0x0) ioctl$sock_ifreq(r2, 0x8990, &(0x7f0000000180)={'bond0\x00', @ifru_names='rose0\x00'}) 2m53.284019989s ago: executing program 3 (id=2593): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x16, 0x16, &(0x7f0000000380)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000003d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000500)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000300)={{0x1, 0x1, 0x18, r1, {0x2}}, './file0\x00'}) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000540)={'wlan0\x00'}) sendmsg$NL80211_CMD_DEL_PMKSA(r3, &(0x7f00000006c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000580)={0x0}, 0x1, 0x0, 0x0, 0x20000044}, 0x4884) sendmsg$TIPC_NL_MEDIA_SET(0xffffffffffffffff, &(0x7f00000007c0)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x2414044}, 0xc, &(0x7f0000000780)={&(0x7f0000001400)={0xfec, 0x0, 0x800, 0x70bd2d, 0x25dfdbfd, {}, [@TIPC_NLA_NODE={0xf08, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ID={0xf01, 0x3, "4613f38404feb99f49c029e270f3e0b8bc2cc58c48885a0fa7231fec4d31d05f3c5ca5452b7ce9e602dedf875ca52a368e7a18d30c1347f498888dc1c32f52e44d4fa49cf1d85c09b84f7dff3ecfea6bfb88990149c5fea6fe005f5c7aaffed7c3c4c7719c3310b92ac721e5c2d7ebccb0ddab6ab17731f342fafde2f6664df41a8fc28764c9eadd22a8270f1af4f1db642472d29c41c344f5ff57502f5dbdbab18b318597ff5367bdda7b4ae603b7661353af1592f3d3b918bdda8a458e5d1ede6ac834d2789888494035e8080b8a4097560a77457f63edf04133f69e8098d9d4e9aac2dc448c4864737eb237e40aa77e33f7a8aaaa22d03ecf9275cf41cbf81b4402f3fc7fba0801ad962e553cd99d5007d728ec3d4c356149e1d0ec53247e114bd1e0c8ba197c16f04955dfc0c22ef5cc6a8dfef0f35d64b530414b35c077cd5578f48f8e40cbed6b43b9266fca54ddb8533dd8ef54101b11c86b8307400cd6a10a0f378c85ea9eb70970fe5d789cb55bd3e9a60b0ae253af867903d2d68910aa0c7089a289f7b84851e7b41c6ec482c0f04c49defb2aa9e40bf9b22ceb208af84a7a5517e705d060c1dc3cc1a1268e2033254285f73d08072bf9344f7ad7009a71abe6330ab52eb0d05dfdf69c6ef7c48d7d6adc53143244de7ea750f8e238ed12871f34db5bed2d8820fab293b607416ff3bef652b63e891a89ceb98ebf7a2b1dc21aaef8bf60d0e1ab91f9868f1f4129d37f21aec352cd8f2757fd6f8e1554cab02d4871be58dad3589cea8945f112c69e803dfa93c585b0deb4f853a05d190e47354f1294124caf681277754a78a16465683aa20393a20884a209ce1168d13c573c918e9ed145f4395f64c0fd399b2d5297919c2d0dbda457a1cfbdb5f95aa1fe658ff10dc13337e31e2d096403287d1883d197217f450915160601bc13275de125a5e7b37a26e44ac99d98e6a823f9944053bee6062fbc3c8c3a9865ea5691d059533f210529ededd1201c2bb4ab05232317274daf2c92c7c44aebb6feb94cf14655ba75bd5953f872992b5c07aabfaec8e279d15b447db77db86c454238c607f3115d1090b9d3018c861fa1132a41afb6ed67117d3a5b2739ef1864f9e876fb4b17aaf70487b59832e13d06e420cb0f30903661ff8cd172d835c35d2f9cd5a2e20d855e074337e7c2bf9fd2d354c1b9f158205063a5c17ea9de6f918f7a9460e42243a3b029d15ec17ba61f183ff9299589c6f0e7b215e08d83e2d1480b7cf60cb10eb21e5712831764feb28263e7a0ef59ed55c3f2758219dfa5d6ba7c1d0da7c49c858cc3ff3084e15bde74666535d17ab603c44292685109a96f88b2323121c63d5d9d0f9fbb9a05d74dc0bd4038db643692d18ca3f0c0a7a92cd5c11c8fc5ac0edf95011346e4330e6d77ee0695cf417f635ac85306255ebab555512515c6b0e849311d21ba781fdefa66765e088dea4f6617bcb20850075d203c84d527e3c0a396c14e98581ed55d0f298665e0d89f2cdc3ce2065de82bc376f4f7a7ea440cec248f88accc246cecca9e9f8f939935c3c4e821cd05a1517f19fdf117dc67ea178021455053782f6d8fd2b84e148292e696704051285c300abc73e3f0267206481fcbbb0ab2cb16c9d4e30eaafd330744d437ce35c77b6b055ccb90ab1def01edffa2725a87f98e291e771ee285484ac730289547a13953f2c3afb0bea1c65f188748b97cf1cc1106e30bb505cac3bdf34b1b4167418a57bbd0a861bca6c8cc71f8c5086fc11ec90cad5553d9a0605ccd8e259f16294de5ef2294d4d02c3bb7f4fa8a3e131ca3be4562d94fe666688496ee79ed59aef51184c851f746b75ccc0c549004a984296d3212cb41a8f83e0a0e53c254165da2098c5cc87578ab359214e93690db79f71388ca21b3a570ccbddd48690d3f2a8490b22e0364a783a5f645547dbc225a8cc0f392433ea1cecacffc95ba7d6d89429094677749b39a2c2c8aea1d26d8840a9a36efdc3ef320b7a86848ab9c2de3e78f73f870b9b18d0ab9664c186fb6f8871b3dd9b18d499d760f5251a563f104656920b9980c7fc6a78ced7859f9f3081de0720b02a9da542b8d50ff395d9a0975afe34fee87ab127cd26f12a22ec57fa6880a3d349002abffb52234ea3a8b89a1c49fc72a72608164fce25a5124d09a0aa8c36389f90aa1a6f1bab93c1da664264d2dcd150b81072ca6e234fd19a8f3b4cc5f45869130211b925fdee033f56a2bd29a08d3e7d06da54de9a354d59afa90b177044bcf0b47edb5f66eb18a9601d7b1c8de1c46c86c20b4070e658bc7b84a628b18a4616d346df45c5d1030c57361e9e02f171965848f6d66bde353d58b5fa09fbdeedd2a8c395809c6cd2483c0afce102be68429372da4ccf7d058695250d35a1198004c4ac2ce7d4e6de574574906343bcac86ab1878e907497f5b76934d3f9f371e62001598e225eb8ab224f39279de5eef3cf4c5b73ac1cba4310651f3e83c65e9885df19c1a6a7e0d8f540ebace5d5cddfaef1acedb5c4a744c28518cbe217e60cf8a9cb2c2c0af099c509edfd6c7314489bd001be780272b90e73762c3039831ad644c520f2fd76655a334b6f9d07a74237f8ee8d8a25e650f514333880ef5bad8831ca73db0f426affe8df80d40bd91cfb46fee1af80adc4a63abf1d14a12d03ad31f1b7a381fcbf39bdcacf2bdc10eb19c9017a49ec62bab4eee094fcac71bf12a48e9dc02811f9b07895ecfc68336689601e4d414057a99d7ad3389931de8cf4f6f50aec36051083ede302025e763f83f2410822fb0a903f01183c9978796b97348083234bf1047ff9f9c83b713c25804d2ee4784085912f2cea70177924e21487f5c3bb58b9e827f8f59337f4800f268f987f0dbe1696d07c5c28859663177d2401fe3f5a28984928ee38847b2365d3a035b9a58604e3a2e3ea60086f1cee9cc65d52bdb2600dc28322597c1fc12f2c52163432942b3be401bc55add297a9ee37ad10c2746072d996d9d2ffaa62bb2eec2daccd2d3312050991a2e45d05e3bda138b89bec9e5429cd88edea29adae0bdad7d3eca19aa5b3ee8a2914b16e400c355b605929205824e0c17b9ccf94422db7f1784015feacf3402a0cf048373eae761515bcf3caeeaa742c9c16b678a7f815abfd1952c1cdc8ce506e1aa7c0e374f1e79e66322bcf03a0ebf96cb092dff026a1e741079ec690df999985294e66b1b9a537ab46640851defbfa9bfdfe4d1a412bc2bb8bb1223a77cb4fa5cff5cc5ae85d16cd7aa38bee1a8391644f5ecdc804b29272d650e0017dfce82bf56143672d2e57185d312633db0a8745f762ec3af7390a6e78f57073e2c2a520dab8460e4613bddc136d217ccfada12b7ab2459b9a2463d569b923f7f161bbeae5b75b65fa185ab7bdc6f91cf307fd16f8a5a1b3bf5fb0bb0ea5acc7a0fab9266e4484f3d0fbc9d06206f5d9fe5e2730bbf4a538fbc2e685407a156c5718416af77d1c73f82acc878380fe95d3c1fe18c9643385ac58c59669b871286a91403e43b925d9e9cc4e7f1511fb8a929d7b4b2a92d9ad756c308bc9ece0bee435e7a5de70a5837ec3620f53014e3f25cb9602b890d7c6d007e77702ef01832417942c7a8af244104b18f8c09b350f1d79ceae1b0f79bf9bf17f11d80be28c06571d0adebbf6024988d6dd64dad0d9fb453759671ae2919511a7979dee61531d4b21016ad9767330bbf56327601d686875f99aa0e9ded5a7c5207bf3aa3e9ed8f833378e912f6a9c9963bdfd01034be62ae6360d4b8afb9ab3bde1bba168dc07530f6c33e7426811111d631b1b6830e9f976d8e89d71d60a052e5efb9deaf795530bfac865e2dde60b855be6b254ab452a18eccdb3ac09a1a5f8f9bb9686082676a55c1dad21d4bd65f3b234bde13eb1587c6aebf2c500b1bdb9ef19bbc4e914bbb22db96a9f0f09d5c65aab2111c07f5fd1b73a219e5d75f604780e00f58f6931bcdf3af73e4edce5c3da42f09a76afc12d4aa4218207ef0e656ab98e64035f8c93756eff846ba63958b23da80f8377ffc4cd9cbdab1ca330cadd7b2a6bb07395cb60a7cecc9b36cdbcedfba540404e18e61fffb8f4b89ff27680144a9b9434b81ac98f6d44c733be939b1f7e985821695c83965c5a341c2f0c3a0edd038048ce55dc9851b3b72af1cb1b12e1d544e78f9907cf1f2239a11c7f95588c8e4af28f1a50902eabb7eac7e241cb1d1abaa4377e86ac0d007d0249e0ee1509a9460d0114fea42818a621fc5cb6c0b4b3790f238c9d02bf61e1346e200258e18481386a7feaaf70e595fb7b8d1bf60e94c3473cec6e225fa39ad2ef5b06d4c08d68d9c1cac93456959688417e87f80c95c850674986436d7ceba7a27c2d93b3190408efff7003cafb6cd43e8d7b7bb418f7a1dbd8be0848adf9d8d6c4219f1d67f4b85fa5a33e41412adf063f1ddeca69907c0a9784f17f949ca31e45bfddfd286457e24460a9f2fc0404b7ea371c4959b90d036636d9082cdfb9b3d06ca6020b9eb03e733b3e8c5fa3bdf20c7015dfb7ffc57f27bdf77ae249c9d188680a7335f38f099104e0469352f4977fa7f676f5f7bfec29ba3a6f04537d0a43d5eb09bbf2b3d76e0d18db789d176607def018558f70f438224a2e24b259dfdd17582991bacd1f90bf84442772f251d13c1dc0116e7bae4267872046f09b29d989b9e1052a165336b4d3043c89a6574b41b8286cd393f1ad987ce15f373b803b391d7e15bb3ef5c46733654139509b54b0eb74f1ca5d8459eb63c8caac2a8d2da636409d2cb353089128a857b6cf9e307042b0dee6538a16dfc4dc9eb620e47e4e1dd35ad3c238e9d27b2fce708167f987b07773d725842de9822cfaec126921a4c5804db946a178d5365d73d21911650d15b685839e750c10f9eaa903d387d0889b808f2b9490e0cf8bc316191786bf840e4ab4840b762990bcd4fe33446b1793f1920a2aafdab5b8287e36371110a662538462dc5c105a056a721094cc23a015bcf4989d5dc5d0d173fde64ea425fbf0f92d6d7949672660dfa77ec98e72e72ac8ac0a04fd96ffd39533d830b77d6ba5a6d39baa6195dae2c2d3823ed28646604b616e79d4a8ef51c0958781339737fcedd1f824dfca93c626954675a8719dad9170f62935dc6f085b495ec627b7a923b5ca03e5699fc12af1cb4229a52ba40530d019b7a71e534b36597326f89e6b775bb39baa3b0cbf2d3ff71a7512fd948c3aca7c7bc725f430b37d99cf2a9fe49d58de77ee941e5f811de3564ba9de33052b7caa3ee243184b523a14890913a5af5204110b352c15d14f1f5fba375c459c8137af0b6750d7d283b9d902eb2fa234dd4b4b172d16118ec1555eefeae17d4d645e22131bd04b9992c916cd87d994b5f473f35e1d85"}]}, @TIPC_NLA_PUBL={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x5}]}, @TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x1}]}, @TIPC_NLA_NET={0x58, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x1}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x100000001}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x3}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x4}, @TIPC_NLA_NET_ADDR={0x8}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x9}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x5}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x6}]}, @TIPC_NLA_PUBL={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x3c5e}]}, @TIPC_NLA_BEARER={0x38, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x6}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_NAME={0xf, 0x1, @l2={'ib', 0x3a, 'geneve1\x00'}}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}]}]}, @TIPC_NLA_PUBL={0x4}, @TIPC_NLA_BEARER={0x14, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'eth', 0x3a, 'ipvlan0\x00'}}]}, @TIPC_NLA_NET={0x4}]}, 0xfec}}, 0x810) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r4 = accept4(r2, 0x0, 0x0, 0x800) sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r5, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r6, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) 2m53.216065433s ago: executing program 3 (id=2594): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'vxcan1\x00', 0x0}) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'poly1305\x00'}, 0x58) r4 = accept$alg(r3, 0x0, 0x0) sendmsg$alg(r4, &(0x7f0000008dc0)={0x0, 0x0, &(0x7f0000008cc0)=[{&(0x7f0000000000)="7c72bf07f7", 0x5}], 0x51, 0x0, 0x0, 0x20084000}, 0x1) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={0x0}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001bc0)=@deltfilter={0x24, 0x2d, 0x1, 0x78bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0xfff3, 0x8}, {0xffff, 0xffff}, {0x0, 0xf}}}, 0x24}}, 0x20044000) 2m53.107593301s ago: executing program 3 (id=2595): openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0xe0000000, 0x5e490420, 0x2, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}}, 0x50) syz_fuse_handle_req(r0, &(0x7f000000e3c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d838aae8c05dd22d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20c01, 0x0) io_setup(0x2, &(0x7f0000000200)=0x0) io_submit(r3, 0x1, &(0x7f0000000700)=[&(0x7f0000000440)={0x18, 0x700fbff, 0x4, 0x1, 0x0, r2, 0x0}]) 2m49.836478155s ago: executing program 3 (id=2632): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_emit_ethernet(0x66, &(0x7f00000001c0)=ANY=[@ANYBLOB="0180c2000002aaaaaaaaaaaa080045030058ffff0000002f9078000000e29cb2c6451c00e0000001248022eb0000000010000800000086dd88a888be86ddffff10fe00000100000000000000080022eb00000000200000000200000000000009000000000800"], 0x0) r2 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r2, 0xc0405602, &(0x7f0000000040)={0x25, 0x1, 0x0, "4f80ff259b1c2ce2d2226bfb771f00ff065e07079c5e6f426ebb117c0caba25f", 0x32314752}) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000540)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000001700)={0x3c, r0, 0x801, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_KEY={0x20, 0x50, 0x0, 0x1, [@NL80211_KEY_DATA_WEP104={0x11, 0x1, "4abee339084eef046f162471f4"}, @NL80211_KEY_TYPE={0x8, 0x7, 0x2}]}]}, 0x3c}}, 0x0) r4 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_TRY_FMT(r4, 0xc0d05640, &(0x7f0000000800)={0xa, @pix_mp={0x0, 0x0, 0x0, 0x0, 0x0, [{0x4}, {}, {}, {0xe5, 0xffff8001}, {}, {}, {0x0, 0x8c7}, {0x168a}], 0xfc, 0xf2, 0x7}}) fcntl$F_SET_FILE_RW_HINT(r4, 0x40e, &(0x7f0000000100)=0x4) r5 = syz_open_dev$evdev(&(0x7f0000000080), 0x6, 0x80840) ioctl$EVIOCSFF(r5, 0x40304580, &(0x7f0000000240)={0x53, 0x6, 0xfffe, {0x8, 0x7}, {0x7, 0x4}, @cond=[{0x0, 0xe000, 0x101, 0x76e, 0x2, 0x2}, {0xa8df, 0x8000, 0x9a2, 0x5, 0x3, 0x7ff}]}) r6 = socket$nl_audit(0x10, 0x3, 0x9) r7 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = dup(r7) sendmsg$inet(r8, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, 0x0, 0x0, &(0x7f00000007c0)=[@ip_retopts={{0x10}}], 0x10}, 0x0) r9 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r9, 0x40086602, &(0x7f00000001c0)=0x20) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000001, 0x13, r9, 0xedaa7000) sendmsg$AUDIT_TRIM(r6, &(0x7f0000000200)={&(0x7f0000000140), 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x10, 0x3f6, 0x2, 0x70bd2c, 0x25dfdbfc, "", ["", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x40000}, 0x24040000) ioctl$VIDIOC_G_SELECTION(r4, 0xc040565e, &(0x7f0000000040)={0x7, 0x100, 0x0, {0xf, 0x6, 0x0, 0xadd9}}) 2m49.836366764s ago: executing program 3 (id=2633): syz_emit_ethernet(0x4a, &(0x7f00000001c0)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "f900f5", 0x14, 0x6, 0x0, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2, 0xffff}}}}}}}, 0x0) 2m34.557914033s ago: executing program 32 (id=2633): syz_emit_ethernet(0x4a, &(0x7f00000001c0)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "f900f5", 0x14, 0x6, 0x0, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2, 0xffff}}}}}}}, 0x0) 42.5237191s ago: executing program 4 (id=4434): bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x16, 0x16, &(0x7f0000000380)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000003d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000500)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000300)={{0x1, 0x1, 0x18, r1, {0x2}}, './file0\x00'}) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000540)={'wlan0\x00'}) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, 0x0, 0x0) r3 = accept4(r2, 0x0, 0x0, 0x800) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r4, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r5, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) 42.523525653s ago: executing program 4 (id=4435): sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0xffffffffffffffb4, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000006040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x20000800) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0) write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) preadv(r2, &(0x7f0000000240), 0x0, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r3 = openat$vmci(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r3, 0x7a7, &(0x7f00000000c0)=0x80000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, &(0x7f0000000140)={@local}) ioctl$IOCTL_VMCI_DATAGRAM_RECEIVE(r3, 0x7ac, &(0x7f0000000bc0)={0x0, 0x0, 0x9}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f320f300f20e06635800000000f22e0f30fa6c8", 0x4a}], 0x1, 0x0, 0x0, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) recvmsg$qrtr(r2, &(0x7f0000000440)={&(0x7f00000002c0), 0xc, &(0x7f00000003c0)=[{&(0x7f0000000340)=""/119, 0x77}], 0x1, &(0x7f0000000500)=[{0x20, 0x0, 0x0, ""/16}, {0xb8, 0x0, 0x0, ""/166}, {0x60, 0x0, 0x0, ""/74}, {0xe0, 0x0, 0x0, ""/208}], 0x218, 0x10042}, 0x38, 0x100) ioctl$IOCTL_VMCI_QUEUEPAIR_DETACH(r3, 0x7aa, &(0x7f0000000240)={{@local, 0x7}, 0x1ff, 0x6}) syz_emit_ethernet(0x36, &(0x7f0000000300)={@local, @local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x2c, 0x0, @remote, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5}}}}}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x26000015}, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0500000005000000100a000084"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0) bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x6c, r5}, 0x38) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$SIOCSIFHWADDR(r2, 0x8924, &(0x7f0000000080)={'syzkaller1\x00'}) setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000000)={0xff7ffffb}, 0x10) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x40010}, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) 42.334626456s ago: executing program 4 (id=4440): r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x16, 0x16, &(0x7f0000000380)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000003d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000500)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) ioctl$AUTOFS_DEV_IOCTL_READY(r0, 0xc0189376, &(0x7f0000000300)={{0x1, 0x1, 0x18, r2, {0x2}}, './file0\x00'}) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000540)={'wlan0\x00'}) sendmsg$NL80211_CMD_DEL_PMKSA(r4, &(0x7f00000006c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000580)={0x0}, 0x1, 0x0, 0x0, 0x20000044}, 0x4884) sendmsg$TIPC_NL_MEDIA_SET(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000001400)={0xfec, 0x0, 0x800, 0x70bd2d, 0x25dfdbfd, {}, [@TIPC_NLA_NODE={0xf08, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ID={0xf01, 0x3, "4613f38404feb99f49c029e270f3e0b8bc2cc58c48885a0fa7231fec4d31d05f3c5ca5452b7ce9e602dedf875ca52a368e7a18d30c1347f498888dc1c32f52e44d4fa49cf1d85c09b84f7dff3ecfea6bfb88990149c5fea6fe005f5c7aaffed7c3c4c7719c3310b92ac721e5c2d7ebccb0ddab6ab17731f342fafde2f6664df41a8fc28764c9eadd22a8270f1af4f1db642472d29c41c344f5ff57502f5dbdbab18b318597ff5367bdda7b4ae603b7661353af1592f3d3b918bdda8a458e5d1ede6ac834d2789888494035e8080b8a4097560a77457f63edf04133f69e8098d9d4e9aac2dc448c4864737eb237e40aa77e33f7a8aaaa22d03ecf9275cf41cbf81b4402f3fc7fba0801ad962e553cd99d5007d728ec3d4c356149e1d0ec53247e114bd1e0c8ba197c16f04955dfc0c22ef5cc6a8dfef0f35d64b530414b35c077cd5578f48f8e40cbed6b43b9266fca54ddb8533dd8ef54101b11c86b8307400cd6a10a0f378c85ea9eb70970fe5d789cb55bd3e9a60b0ae253af867903d2d68910aa0c7089a289f7b84851e7b41c6ec482c0f04c49defb2aa9e40bf9b22ceb208af84a7a5517e705d060c1dc3cc1a1268e2033254285f73d08072bf9344f7ad7009a71abe6330ab52eb0d05dfdf69c6ef7c48d7d6adc53143244de7ea750f8e238ed12871f34db5bed2d8820fab293b607416ff3bef652b63e891a89ceb98ebf7a2b1dc21aaef8bf60d0e1ab91f9868f1f4129d37f21aec352cd8f2757fd6f8e1554cab02d4871be58dad3589cea8945f112c69e803dfa93c585b0deb4f853a05d190e47354f1294124caf681277754a78a16465683aa20393a20884a209ce1168d13c573c918e9ed145f4395f64c0fd399b2d5297919c2d0dbda457a1cfbdb5f95aa1fe658ff10dc13337e31e2d096403287d1883d197217f450915160601bc13275de125a5e7b37a26e44ac99d98e6a823f9944053bee6062fbc3c8c3a9865ea5691d059533f210529ededd1201c2bb4ab05232317274daf2c92c7c44aebb6feb94cf14655ba75bd5953f872992b5c07aabfaec8e279d15b447db77db86c454238c607f3115d1090b9d3018c861fa1132a41afb6ed67117d3a5b2739ef1864f9e876fb4b17aaf70487b59832e13d06e420cb0f30903661ff8cd172d835c35d2f9cd5a2e20d855e074337e7c2bf9fd2d354c1b9f158205063a5c17ea9de6f918f7a9460e42243a3b029d15ec17ba61f183ff9299589c6f0e7b215e08d83e2d1480b7cf60cb10eb21e5712831764feb28263e7a0ef59ed55c3f2758219dfa5d6ba7c1d0da7c49c858cc3ff3084e15bde74666535d17ab603c44292685109a96f88b2323121c63d5d9d0f9fbb9a05d74dc0bd4038db643692d18ca3f0c0a7a92cd5c11c8fc5ac0edf95011346e4330e6d77ee0695cf417f635ac85306255ebab555512515c6b0e849311d21ba781fdefa66765e088dea4f6617bcb20850075d203c84d527e3c0a396c14e98581ed55d0f298665e0d89f2cdc3ce2065de82bc376f4f7a7ea440cec248f88accc246cecca9e9f8f939935c3c4e821cd05a1517f19fdf117dc67ea178021455053782f6d8fd2b84e148292e696704051285c300abc73e3f0267206481fcbbb0ab2cb16c9d4e30eaafd330744d437ce35c77b6b055ccb90ab1def01edffa2725a87f98e291e771ee285484ac730289547a13953f2c3afb0bea1c65f188748b97cf1cc1106e30bb505cac3bdf34b1b4167418a57bbd0a861bca6c8cc71f8c5086fc11ec90cad5553d9a0605ccd8e259f16294de5ef2294d4d02c3bb7f4fa8a3e131ca3be4562d94fe666688496ee79ed59aef51184c851f746b75ccc0c549004a984296d3212cb41a8f83e0a0e53c254165da2098c5cc87578ab359214e93690db79f71388ca21b3a570ccbddd48690d3f2a8490b22e0364a783a5f645547dbc225a8cc0f392433ea1cecacffc95ba7d6d89429094677749b39a2c2c8aea1d26d8840a9a36efdc3ef320b7a86848ab9c2de3e78f73f870b9b18d0ab9664c186fb6f8871b3dd9b18d499d760f5251a563f104656920b9980c7fc6a78ced7859f9f3081de0720b02a9da542b8d50ff395d9a0975afe34fee87ab127cd26f12a22ec57fa6880a3d349002abffb52234ea3a8b89a1c49fc72a72608164fce25a5124d09a0aa8c36389f90aa1a6f1bab93c1da664264d2dcd150b81072ca6e234fd19a8f3b4cc5f45869130211b925fdee033f56a2bd29a08d3e7d06da54de9a354d59afa90b177044bcf0b47edb5f66eb18a9601d7b1c8de1c46c86c20b4070e658bc7b84a628b18a4616d346df45c5d1030c57361e9e02f171965848f6d66bde353d58b5fa09fbdeedd2a8c395809c6cd2483c0afce102be68429372da4ccf7d058695250d35a1198004c4ac2ce7d4e6de574574906343bcac86ab1878e907497f5b76934d3f9f371e62001598e225eb8ab224f39279de5eef3cf4c5b73ac1cba4310651f3e83c65e9885df19c1a6a7e0d8f540ebace5d5cddfaef1acedb5c4a744c28518cbe217e60cf8a9cb2c2c0af099c509edfd6c7314489bd001be780272b90e73762c3039831ad644c520f2fd76655a334b6f9d07a74237f8ee8d8a25e650f514333880ef5bad8831ca73db0f426affe8df80d40bd91cfb46fee1af80adc4a63abf1d14a12d03ad31f1b7a381fcbf39bdcacf2bdc10eb19c9017a49ec62bab4eee094fcac71bf12a48e9dc02811f9b07895ecfc68336689601e4d414057a99d7ad3389931de8cf4f6f50aec36051083ede302025e763f83f2410822fb0a903f01183c9978796b97348083234bf1047ff9f9c83b713c25804d2ee4784085912f2cea70177924e21487f5c3bb58b9e827f8f59337f4800f268f987f0dbe1696d07c5c28859663177d2401fe3f5a28984928ee38847b2365d3a035b9a58604e3a2e3ea60086f1cee9cc65d52bdb2600dc28322597c1fc12f2c52163432942b3be401bc55add297a9ee37ad10c2746072d996d9d2ffaa62bb2eec2daccd2d3312050991a2e45d05e3bda138b89bec9e5429cd88edea29adae0bdad7d3eca19aa5b3ee8a2914b16e400c355b605929205824e0c17b9ccf94422db7f1784015feacf3402a0cf048373eae761515bcf3caeeaa742c9c16b678a7f815abfd1952c1cdc8ce506e1aa7c0e374f1e79e66322bcf03a0ebf96cb092dff026a1e741079ec690df999985294e66b1b9a537ab46640851defbfa9bfdfe4d1a412bc2bb8bb1223a77cb4fa5cff5cc5ae85d16cd7aa38bee1a8391644f5ecdc804b29272d650e0017dfce82bf56143672d2e57185d312633db0a8745f762ec3af7390a6e78f57073e2c2a520dab8460e4613bddc136d217ccfada12b7ab2459b9a2463d569b923f7f161bbeae5b75b65fa185ab7bdc6f91cf307fd16f8a5a1b3bf5fb0bb0ea5acc7a0fab9266e4484f3d0fbc9d06206f5d9fe5e2730bbf4a538fbc2e685407a156c5718416af77d1c73f82acc878380fe95d3c1fe18c9643385ac58c59669b871286a91403e43b925d9e9cc4e7f1511fb8a929d7b4b2a92d9ad756c308bc9ece0bee435e7a5de70a5837ec3620f53014e3f25cb9602b890d7c6d007e77702ef01832417942c7a8af244104b18f8c09b350f1d79ceae1b0f79bf9bf17f11d80be28c06571d0adebbf6024988d6dd64dad0d9fb453759671ae2919511a7979dee61531d4b21016ad9767330bbf56327601d686875f99aa0e9ded5a7c5207bf3aa3e9ed8f833378e912f6a9c9963bdfd01034be62ae6360d4b8afb9ab3bde1bba168dc07530f6c33e7426811111d631b1b6830e9f976d8e89d71d60a052e5efb9deaf795530bfac865e2dde60b855be6b254ab452a18eccdb3ac09a1a5f8f9bb9686082676a55c1dad21d4bd65f3b234bde13eb1587c6aebf2c500b1bdb9ef19bbc4e914bbb22db96a9f0f09d5c65aab2111c07f5fd1b73a219e5d75f604780e00f58f6931bcdf3af73e4edce5c3da42f09a76afc12d4aa4218207ef0e656ab98e64035f8c93756eff846ba63958b23da80f8377ffc4cd9cbdab1ca330cadd7b2a6bb07395cb60a7cecc9b36cdbcedfba540404e18e61fffb8f4b89ff27680144a9b9434b81ac98f6d44c733be939b1f7e985821695c83965c5a341c2f0c3a0edd038048ce55dc9851b3b72af1cb1b12e1d544e78f9907cf1f2239a11c7f95588c8e4af28f1a50902eabb7eac7e241cb1d1abaa4377e86ac0d007d0249e0ee1509a9460d0114fea42818a621fc5cb6c0b4b3790f238c9d02bf61e1346e200258e18481386a7feaaf70e595fb7b8d1bf60e94c3473cec6e225fa39ad2ef5b06d4c08d68d9c1cac93456959688417e87f80c95c850674986436d7ceba7a27c2d93b3190408efff7003cafb6cd43e8d7b7bb418f7a1dbd8be0848adf9d8d6c4219f1d67f4b85fa5a33e41412adf063f1ddeca69907c0a9784f17f949ca31e45bfddfd286457e24460a9f2fc0404b7ea371c4959b90d036636d9082cdfb9b3d06ca6020b9eb03e733b3e8c5fa3bdf20c7015dfb7ffc57f27bdf77ae249c9d188680a7335f38f099104e0469352f4977fa7f676f5f7bfec29ba3a6f04537d0a43d5eb09bbf2b3d76e0d18db789d176607def018558f70f438224a2e24b259dfdd17582991bacd1f90bf84442772f251d13c1dc0116e7bae4267872046f09b29d989b9e1052a165336b4d3043c89a6574b41b8286cd393f1ad987ce15f373b803b391d7e15bb3ef5c46733654139509b54b0eb74f1ca5d8459eb63c8caac2a8d2da636409d2cb353089128a857b6cf9e307042b0dee6538a16dfc4dc9eb620e47e4e1dd35ad3c238e9d27b2fce708167f987b07773d725842de9822cfaec126921a4c5804db946a178d5365d73d21911650d15b685839e750c10f9eaa903d387d0889b808f2b9490e0cf8bc316191786bf840e4ab4840b762990bcd4fe33446b1793f1920a2aafdab5b8287e36371110a662538462dc5c105a056a721094cc23a015bcf4989d5dc5d0d173fde64ea425fbf0f92d6d7949672660dfa77ec98e72e72ac8ac0a04fd96ffd39533d830b77d6ba5a6d39baa6195dae2c2d3823ed28646604b616e79d4a8ef51c0958781339737fcedd1f824dfca93c626954675a8719dad9170f62935dc6f085b495ec627b7a923b5ca03e5699fc12af1cb4229a52ba40530d019b7a71e534b36597326f89e6b775bb39baa3b0cbf2d3ff71a7512fd948c3aca7c7bc725f430b37d99cf2a9fe49d58de77ee941e5f811de3564ba9de33052b7caa3ee243184b523a14890913a5af5204110b352c15d14f1f5fba375c459c8137af0b6750d7d283b9d902eb2fa234dd4b4b172d16118ec1555eefeae17d4d645e22131bd04b9992c916cd87d994b5f473f35e1d85"}]}, @TIPC_NLA_PUBL={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x5}]}, @TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x1}]}, @TIPC_NLA_NET={0x58, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x1}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x100000001}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x3}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x4}, @TIPC_NLA_NET_ADDR={0x8}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x9}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x5}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x6}]}, @TIPC_NLA_PUBL={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x3c5e}]}, @TIPC_NLA_BEARER={0x38, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x6}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_NAME={0xf, 0x1, @l2={'ib', 0x3a, 'geneve1\x00'}}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}]}]}, @TIPC_NLA_PUBL={0x4}, @TIPC_NLA_BEARER={0x14, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'eth', 0x3a, 'ipvlan0\x00'}}]}, @TIPC_NLA_NET={0x4}]}, 0xfec}}, 0x810) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c", 0x15) r5 = accept4(r3, 0x0, 0x0, 0x800) sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r6, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r7, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) 42.255511904s ago: executing program 4 (id=4443): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) (async) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000340), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='dyn']) (async) mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000340), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='dyn']) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00') lseek(r0, 0x10001, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x5a, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0) (async) r2 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0) openat$vmci(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) writev(r2, &(0x7f0000000000)=[{&(0x7f00000000c0)="14", 0x1f68}], 0x2) (async) writev(r2, &(0x7f0000000000)=[{&(0x7f00000000c0)="14", 0x1f68}], 0x2) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r1, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0x1], 0x0, 0x0, 0x1, 0x1}}, 0x40) r3 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r3, 0x0) (async) mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r3, 0x0) r4 = socket$inet_smc(0x2b, 0x1, 0x0) ppoll(&(0x7f00000000c0)=[{r4, 0x4110}], 0x1, 0x0, 0x0, 0x0) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r4, 0x6, 0x21, &(0x7f0000000040)="5766b1b827f6003300", 0x10) listen(r4, 0x0) r5 = socket(0xa, 0x80805, 0x0) sendmsg$inet_sctp(r5, &(0x7f0000000500)={&(0x7f0000000100)=@in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f0000000280)=[{&(0x7f0000000140)="02", 0x1}], 0x1, &(0x7f0000000340)=[@prinfo={0x18, 0x84, 0x5, {0x20, 0x8}}], 0x18, 0x840}, 0x0) shutdown(r4, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x40ead000) madvise(&(0x7f0000af0000/0x2000)=nil, 0x2000, 0x3) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (async) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) socket$inet(0x2, 0x4000000000000001, 0x0) (async) r6 = socket$inet(0x2, 0x4000000000000001, 0x0) getsockopt$inet_mreqn(r6, 0x0, 0x7, 0x0, &(0x7f0000000180)) 42.007124777s ago: executing program 4 (id=4448): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000000)={0xffffffffffffffff}, 0x2, 0xc}}, 0x20) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000b40), 0x40, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r2, 0xc0189375, &(0x7f0000000e40)={{0x1, 0x1, 0x18}, './file1\x00'}) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000280)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0x7fd, @private1={0xfc, 0x1, '\x00', 0x2}, 0x1}, {0xa, 0x4e20, 0x7, @dev={0xfe, 0x80, '\x00', 0x2f}, 0x9}, r1, 0x4000b}}, 0x48) write$RDMA_USER_CM_CMD_DESTROY_ID(r0, &(0x7f0000000380)={0x1, 0x10, 0xfa00, {0x0, r1}}, 0x18) 41.947327776s ago: executing program 4 (id=4449): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000100)) readv(r0, &(0x7f0000001480)=[{&(0x7f0000000000)=""/55, 0x37}], 0x1) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil) mprotect(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0) 41.918717409s ago: executing program 33 (id=4449): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000100)) readv(r0, &(0x7f0000001480)=[{&(0x7f0000000000)=""/55, 0x37}], 0x1) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil) mprotect(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0) 5.248442054s ago: executing program 2 (id=4964): openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0xe0000000, 0x5e490420, 0x2, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}}, 0x50) syz_fuse_handle_req(r0, &(0x7f000000e3c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d838aae8c05dd22d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_fuse_handle_req(r0, &(0x7f0000004200)="a28096c80abf3543ecde7564abff5085d2227ebcb0f164ae92706ad0b083a3f469a3efd15b4921e9c3063b98b3082068e7c31950dde842eac55df0f991453cad62a6956b0b6f7b8cf49b506a3060fe1127eca99663ade8efa89ee189acb5f3b92f6bc4c46621c803eed0d0bb5f32384870ed08f89d4f74445762fb99715e083c4c92a8878be19ffacc30d0f2da64f971cd40563163adc15670ecf25cd3ad96138967c4b53ad9d04b5193ab5fb674aa0030a9d703d1baf810ce897f969121f142161919e583c275671b999e7f363891dfdfdf3556d01b86ee29eca8fccbfeaf1771395148706cc6e6be7ce29fc9ffef061b5420950c1a525bf75ad06edec51538d1c5bbc77da72dc90fd9998936fffdda2427e5a68966c7e2208f76304680182ec73007e482f034195712af922db2726195d997708734db9e7825a864be00b2a4f800881fc0363f5e618398454f35b148b4ccb88d418269fac868a8ba4a2d5b4f06a1ac01b5ad158b842e05adca22c7372585bf4ce95560b6c1e021a3ed2ff7bd3b6b3c7734c3b66d7e4c460096312082f89b16baa6e73814aa60925780cd92cd65087e260ec046fc363264366a9df2c849c0644911303946adad544521ceb469a3e193ecc9a7876403fac461a4a70d6193b2451189a5c5120b3535e9edf619108af7f517b58abd3fa7fb1ab832213430d2e6901076fba9c9e1acc6c6f48ff0e419bbc45589745a176f52a7407ad5e3dd49acb31b47862806f47077dda04905e45a80a12cbcd4d2dd9fe66c2d1f99394fed8ec60961cd2dc7115a96ece432fac86d51bebb08b95f447a83792fe80291fca7b298c9043ef2c26f0f7e42798d3f54c84b94c24c76c555d83ecc53b99bb22d71845e5cf21a5ba7fbeffeb6306e1730db14561b950a3f24bcfd78d4ab0d97de8054bb1a6077ae7cca6e45d846d3df82298d07212922742cb0facac3b77edfbab90e9ee2d4f7b0ee9b17bb11ec5e5721340d84cb6bd93428167e69b47759172557acda313c3decdfc6fe9336bfade459f43b39d0f2289f9142db280f4ee668e650e12858c577e12e2b9a57ee66c834be97979bcbe94747fa5d8d0b7d3a9f8f218df1bf960f828429a1efe838616b18faf6629236ddbded43a093efae163228e5c38fd7714743c2fcca47e3382bcfb1ab893fd7377527b4ec43f3fa60ebd338161d8de7cad65b15579e4af258f5fe3a63c2637a15703207029b0899b5427767647baef11e291358e6e54f6f13d3d2ca7a5e7969e04d2733b3b9ab822c69a3cfac097384de5071a9b74a656136d55eb190df08747b509fd610ff62b4950ef71c934fe21a48a4931d3d9458b415f112cee65c660f5490e982341da1c58634b3967ca6f3596d20cc90f508382156e36f16539093240ef5f2aa6a2c0dff2a67df30dcf50bf6e0b82a3d49f2d532a8dde1b3ceefcf0837190b74186090d1c18b59917d7efce1adfb238ef4a7b1d22c4cef09320221de883e97e6882466508de06fcdabad3b741bdca2cff879d57ddda52f42b3dcb8a78cfc05826af7e4ff155960ff8491194f4d321ef195990abaeeefdcb852d1e1e3703f317385a9458b6c2dd9db830f757ec29c9939fc7313e639fe485bc1e41ddaaef3fbf1f7cc527c8fad0d21b8082482caad7bee440e5097665f636c3dfec82f8c98afb6243bc3944939675a594277d278ba4361461f7da52e224e4ce5dee4a467bf6ae9f67b61ac6eb0a440406abac2016eec907e241c57f5f44be47290fd0fef785ff04df3810ccd637b4d97a84bae8486a36f75d872e645fe46625969fc2d1f032c56ed44bd98ea27bd9b6ddc8eb2dc2ec9f90f2f1ca1bd20e37ac58b03c84c872f4ba47310654986641460dfdd531ac62a76ad87b89c103ac5c9c2e7e70c66447b3412d4a1e5cbc30e16939505116c04de33ae054ed366de8d1f971c2de439957a194e22a488f58d7efd46439177f3f3c45a1475927eecd846d3d2e6a2ab5c7f8addd99062c2fc6b272d1f51bb8f22f1b6f8bb3faf8aa85e5eb9abf7df5cf8f26267323808b0833a987989cbe59205e7ad06556e2d1b8a4873ca1cbcbc8d43abc145fd4eb832e7a58ab2c793d003ce7b1850ce45eb7480417a1e9eb9d39a1028a2a04a2aa649c098c4f8eee514db5f6021173bb254b8e22b150b2ca01dc7ff235db46ed78d07f43d1adab13b8445d1b32069eb45f9d389fcf5a3f7d3ebe243c5b1fe17b1f5a3d571b65f21b9e471e818172554dc956749b99cb7a5f303ec480d7194a2ba86e204f06aa1becdddc8c49082c527e7064ac2ad77dc05639d3d2a7778f6943ed6105ebf6f0b9e94fddbe05c236ec000f4d1d4e496b10068211ab68ada4c7f7ac61f5f5ba5f1810d5bbe87ff4f8356af0d3f682baedb0ad8f8488b277421f0a03fc5e3095ee34bc4472d8f17e3f7013cf2f79f5ff3ea4b6bae56d1365a33b09bfa9a496323f7da923b7e29dce4beb81035f13130004c96e56d7ef6ca6c101d20c27a218e623227c33c9e488b17e7ae9ac20da8240501f7b614a1730f164553fe479ef149866e4ea47296814284a3d3eb7cbb294289ffb996e0eb053b9c16e54cf267832e3d360eb196ed51305630223309ea97215628f01ec9d3ea48096418d5e962cac5063460f0a18772ec7ce66d14a1cce14b52c40bbbfafccbf1e76f09e57ff0718048e5b993157a6cf4718826b1e09430413a3596a15c4a620fa8c8e1d1663e5739f9f790ddbb3be0e00187d43717d659242467d8681ac10303346157f894d9037641417010e9654c6a5b22263e73a5a37128f50078a980c30930321aa5c5e7851d5d392ddce3a14a96916fa8421ae6728f37f5de7c3e98feb4babd4e1bd2315d595e209d52748f70adc2284fcdaa6ad880470d2a071f3490aaf3491fb64b4547419e8eccdc491a8921156cb4811ad1e66514a32b0b31b641438881f28c1e6461b4f451938999af671e8c6a5cd0c072a9fe4cdbefe24ca616f3d0a15ac97cca835b1a440e04fa28340c6044176c8ecc8ee0d033d47db8a0aacfa0eabdfa1c9509fc2604008f01cbafeb5bd2b503b809ed672340b9a576593f1ef388391b54b605e7a15bef7b1345627a34fca57738b0f8f4f19eea93c903495274a4425a1a1cc6c4c6e335b631df5185c95b485e4257867b5347a40e4e14dcc560f061fd4fd265137dc68afd548adde778f1330f769acb1ccf5da14ff6992c24e210ea6e6179421881b803393bc6974e37106c5b5b3b5d0b3469f8969bffb7e4ceb2c98e928e74366492d27235ae4c74a2f48511aeeaa53a2beafa7a331b50e454c507af1b63350a5cef35668a5b9325014192277e509561008b3601088f79d42eaa8b1e4ae2000b31749e2b8094312ddb7f3c1cd625ef885c11fa22a66e374b52b3425e0b8016154e1fd8471339e32e7373d63ab646d893fbe09ae07b06074c01401ea76b3c382a9d32f24f93c789964e16bc4206ecd75c10917ab84ffd8d6cdf4cd28fd90375ff28518f8c1a3befc538e1b9e427fb671988d29f2fb2fcd039f4d341c84eb4d7cf600ddaba88bb094e4d87a1419180149f491368e648b69985b05ac39a4ecdd3c5135f3a5c8ad7792dacb6470144bb9e67805a211efb3ec9ccaf8e0901345fb19e4da579e1fbe86a1207f4f13c3436009c2c640b7cf3f8b77ca7bd994bf93308027359c6dd1b7db1e153fc0821968ef36c003b6c73fe890f4de24f5c6458dbaaf3819edeaa91783c3cfc7e773689236248195c7bbd60113f2476fa3687621d668d1728ee433d2f8f4db707345d30f1e52ab87a2a0afd547c6bb06500f59f17facde48f693490e22494b75d11df1a143b85068d143ef6a9bb5937a9df380c8948f1a01e9675e18409edb0f6b9605b68e34632fcce472dc50b90b0f6dcd57931f78e1e8861a0fb62e72b0baad6f9d23c1cfb0f19b25013c8d9fcd786a2f6f79768b5fb398f7b2baa31ce8156d1fc4a46c1c463fdf30360d42aeed2ef11611d0b7f654bb51052fd4dc39328f8ec4c58bbda05e6f1b3c8f6d8adca0268f2410e9a4a7d63b6616006d0e02f6edacc10e5c54fd85f15a8bd7648a293f23d6a699bd9a675250475a73a96d7475e4fabb89fb5e7de5d7a3479aa485c0befc60d0ac4fd5ac6dbecceb06cad86e219fc0ce4720758917811a3215f8d13e413bfb64fc065fc421aede0b56691797dac428c7e463479fa591b9072c309b7533e427c5cc11a1f6cf9a5b995d328d796d874c5b55dfc12a5039b413ce319cf5ba1f355c4e0717d32650b43e18010f37f048731931c52c4f36eb969dda702afe96c2a5241350a67ba2d026946189c5e281293c9a8e2cff3784776f1de78b917101b54e5ab00c045ea15f28a0e3f509962cf8bd3385d85250737eae5c34ece86b86669c13b00308a3b13c0ac3c83ff26fb52a4aa83c1233a9490cb9ca917a056908931751bddb88a62379a713395f0764e4a393faf253a4026d0472270e6036287d56850df1751543484d65b3062155b6300e0024241c59a862ae769c1a9232a2d9fb24705177a09cceb3eefbf9f106f67e01be14cdeb4d2fc7d8661df3e75de5ccd09a7e559f028fb9837c621ea0045b4d1b679067f246339c974631aa7134d4e910efb28d3c48929cef1df7e6c73668762d55086b6c59c36ac90154135fd7ca4e4047dd0aa161fa982d8edf9c0cb9666477e096c55718f6e4742415fefd4f696d1f1ccd6322bc19496ddebd36282a7c707d5b44113e30678e6e33ab7d34be04a59ac614d6a54134490998be02636fa91633d6294781c2b9a54c611c0045cfcfe81f49aa21b29d835cd2047c854486fd8e65a2ebf629f7ced602b9dd107bfde483e5c9b5cbba4a08cdce09920bda9978b7fc2b4a89bf1573a26389e52090fdf5dccf22111dc8c42fd3c8c477092895398086cc22cca665269e193fc650742a361a44b857d258429f701f22e9b7615bc3dab78c1479a41cf8575cdb17169470b347adfc03e03daea3e269725cfc72df5664b9df36d2f2b55013b71133e0b80577a47182511ebb308b6248d457bd2af7b28e77182c305241178c4124ab102771fd5a8c3dacb8775de881301d71587c76bcf0a97a72ad244d0c42fd71aceec32dd48bb5c9a95b391166c832ac5bac8c7cae4d18b3f7d9f2e4782fdf97732e3d51f67bbb57f989ee0d7589dbd0c2a5c63840e914b9d7d720fa120acbffebf816b588b2ccc052e7fa78992e0ea39dd21a122add41195f8e2e1acd777c1a4e8ef4362fef441feb4d9252c6bfbd2742152300a32027776e3341620d3c8d9365e10e81adcca7d87a0e555c98a0353c692557d90ee9be3fbaab766abf93e2462149fd99c92a5fc58d899ee75535cd1fe1386c5ab0b157c2102039d6015258f59cef3f15b951893a30ae839f740402a30b34e7be73796286403c5beb0853d856d83f1b00b48328f56dcb32e1faab08a3435b1482bf18b21c95aefeaafa7fd761c7f28d416fcde06bf7aee5c6e9eb50e55874253ba3f1d0ce2505b4fc7c3fc996bfbb8446bafe84f5bea94bfd7ca5aeaf237fe793b66e5c521d4092e4e1f9bde1dfcfe53fa55005d21cfa833a338fd9792614129336060e10d1911862070761aa20c2902eb7c5a355eff4cf6253d7102a2ca1fead4c53b57d576d104c081310d92797e4e2e8c269d19910d0d4cedf30fa28ba680c00137f83de940624229b6a125ce5233c6cf4a3640b74f58f288dad8451fbe37641c5559a5f3caf1299c8bfb230723652278fe378efd8e459b9da26cffeb58468a6301dbc06d713ba2d8d43d9038f5f2dc8b831ba58a88eeb5b1786b21e398aeeeb7c1f3d6f01d82b3947862fb9e7cbd7da5d04c5fcd34da28d53e2246e3ac1e3a619ad174efa6435eaa0fc94d610799ce0158421dce046306eb5042143daa336d52206b12610ea6389cdda49bf5af1d4ee42ac090a94ae7b7612073f3a5c36a2205eda887f41478f7d20f18667f941f71eebcfa76c1ab28f2a49a3bd56bd3f4e6bd079ab3fe2d94782236e83585a03e52907abaef7456a95d5d3f3d37efdc035dbfd7c41b8ba0af2df8adf1cf24f7ff0beccd3d26bc91caf42314ef7e466f74e19ae0df2e2298fc2f694a7ec134632035585d530e7e19f65c256f001d75382d9825ef741bc213af186377d9ca10d3722354e1897ca5c23ac6a52c9ad0e6b686e1776f7ec65df033e8f4d5db80c1bc354093b319cb70df93d610667675816328c99322f14e636b95f04e6497f139d508b453f53ddb5c289d849fd5407c9bdcefd1642abd46e28cb4e94371bdc606eeb67c9fe17747c68f2d50e82711da4d3edb0eda06f41b7f93fa8fb4d83cf21c79da67000bac2275508217ade1659fa8d24e5f8efb9f4bd21073ebef3d06368eb03fa3cf0d638448bd055ed20d292033ffdba538559c8ff9a2a5c8f83b5c393643d6585d1df994c3be43e72b8f3f53114d2a5f6bcedb573842b23b6a3eb7fca8495bf03bd03fde7b19bd39a16cec49e01f38e671af33cae082d9788e3202799bc466babec2080528d0609c0b731964719093735b4c1e73bd0705637c47516922197c552baeaf3516b5e3bbc2cd1afa3ef8215196ed580d9561092f620b897e98e786a0c7cbb0eedda8063292ba6482497f5f6bb62fb5ab4c97cb7658dc6579718eb97b547fcf47ced1426561af93a15fb4dc6d3d93b868644943c2c94b23b0570bbb81df2666c24f5abccfcdd71e209f3bb43c01d17f9bc8b9af2c26762fc6a741a150b7d1186e4f35175f3c315243e1c11e92c43a1fc492eef5a13c77a81fcf514ebfd0f8e645dae15a07e86b2f01fda065db4505a5eea83cb616f744f6bee731be191c65449c02603556d5a51422cf9c2f19f8d6843e0c1091e0708aa271e91f71c8602b9fa72189e036b7cb6af1569f21269283de94a6d7fe5849fd433d5b719c80419873db0587fc29786cc598d896fb16360bddd2ce12e54d05418f4f5e5f2d7aafe9fcd6268cbe2e9e6329ffb6c67fab8f3ce673028cc06aaa6b857556bba3b44d3fab5b6e875e70a2f3ad4b2ff76f31ead3462d3801ba373b3c2f545e94f57021575e2947f81f53283fc0a5137fd44fa3d074c92de54a0a3465c858f5a7ef08313faddbc3663e4e0167f3cba39612057a7518fbfb031f5ad0f9f75831973ebd733b82e554bf3fdec84e51f65dab6028c6c51366d9d4700fdf255e4c7bd70766e7f2281b3f2a5363f85ce49f9135904d14bcb117ad754c2594dcdca2d30e40ff265b5accfb116f64ed99aad570c4c5a91efdbb984ac651d8721405a0342cf77f448c17a152eabf29e88950558a86d0074e1cefab1eb7c366682f686ee1338737e675ea58eb8b4c86b9f28a6f6e96459f29e3b4dc59ff044c61a0dcc5c31d803e6e98420e446229ccdec3d0f705e92ffe016bb3696373eadab7f35ccf65ab4d9be09a085ce21bbd7c0555376e4d7fe68b5e7a64f48b5127825fb2be598d991f9c1a54bf52713417dcc599e812d85513a537e6eafa738edc972b67e065595d11678449bce6cd3d69800a649b560d0e057c502ca3e72e97820829ecfea801192c3f4e2c8763c095a43ee6fe45fe8730130937668df1d4ee577ada28238be03286481f2d2a004cc4d48856e71fbd64f1a0043a4520ecbbf1b3abdc96b87a27be8495a20542967aa4cd3a44a11502419a083d84e97abfde0901b66dde48388649a0ed6d93b9f20c530e990c7c52370a114d800d6ab3f6687d6bbc105b63738fe05fa6cac98ad6663936bb18cb923264e44312c24c2ce8e642bb73c921012b68a26a70977446b8f15f9d62467d8b356560c183a6bd6cd76ec868c3bd94a595cd7bf996755a508a814980c5e588b275200c45afd900c8c2de329ec2484b0e3ecd7b0960e5e3425881d1ff7f8bd8b20f5cc98ffc3acb77f5e88775a4bd3ab9f9eb027e27d3af55ebdf4eebab48ea911128d668d00fc3f5b5480aa0d9a4af563ba577384448e5425157133d59e1cef3c722f33700bd372825046b1fa5824e405154a3af1440bc2b75acfbd07cf92e8c162587e74b5ab66b1c6aeab3ad5fa3ee91da4900ef30ad04baea326df912517dd96e1696b4a91faa66675978a375e81f25464a1073dc6737af08d7e25956bb31d438548a7da38662d49db812a8cf1d6cc65f5c63879fd9ee7fd2a66ca3fc1a768cb239aab88c87206470b4c60592afeb6d69ed97a8f990155862ba4e22b64804142c131a23792937aa8a8696e165c24d7692a04bb4471b0f0d2507fe7c8618421428fc7a0acc984ca5cc6bacb772e8a717bbaa646f9643275910a6037afaf5a80678d18edda138a4e13d06d04a5d06431eab48738225cf1567e960e765728dc12e91b91c6f2b33dfb6e033aa68c1c2334d24335abc4a7a1df5636dec29091da54d5f5a1fff41e4a35a0c2f04f968f7d78e2f51c73577e2192bb20f289aaba5a175c2ed533855bd9ed9a842ad482136dd5e0cf45eb5e2d31ff62a3be1cf8a94a58316e74f4ab9fc54f3a0bb83beef0f355993bdea2c83e61cdc796bf2564ae51fae616799e8711998cd88d35cd9824452fdd65226174b46792cb87f4dd282e4e6f67eb66da413ad877ed6ce775f7e19bc93f48bb9e5ec04009de3c042aeacf7f4b25ad6b30e017303f64fe07ac79e8744aab6926d117f13513d0469cef335fe1d0d787c2d0b2c031a9521786ac10e9f8b768271680337f2c3262abdccb5d3107c632bf1f74c83ee91f49988222fb080cc8faa9b1a02526d8b6087e0b2354173d29016b3309587c16f057dd812aa63c3169150de81f3af97d082a8f8da4ce4f909ff649821d7f96d97613552e8cc4902e046ecfa329b1d980ff5ece69b8f1615fdff5244f41cec0af924624ae1641ecae5fa26c5fb9006e57100ee71377ced7c255ae17a0845e2ee0287c62c1852f93877f9f86157ca9675d383fff5cd6f2b001ec0136c07cf37f5ace1853122c2baa1092d418e2a490c4a5c8f56b828ce1bafeef4e77f095d6b4ed99d56f66812cb19be540ebe5d52e7eff2d69cbb8477e11514f7e3604bf9999f78c2f1ca6f60a2216b87fa0f25269c425b7d50709b200912b3b7899c95e12d6e9c4dacc19e327721860e0477a53e6793fbb7fb9704a848f395f48c24a6e79b9e1358cc3497251de88b8d3a7b22c6d8af1a7fab81530d9f0cc98f62debb222b54780d89794238532717b447d71b46a60ed481c21db85b590b31720009695ecffd4ef029964e5d5149622233ac013e960a005c924f73ea82c318455546c53d74aa3f7e2ff26aa074c40a55aba8b08027fc19b596eec6c4f89bae39e74b9aad88344f7cc5ad3eefa5095f2ab47222e9a357ecd71c6700ac576025201490d9e446603dfd4bda7617dd500981b2d2ab8c43882a5208494cb3f8ebc720bca8a7cf6c80bd7aaaf89507bb3412ea490a78973f12cc30413e9df1458917ea3d68b438d424c1314bc8d01939c5a5a842438281e62d0c800dee704b2a6cd3e1e4b885a6b26b894a98765fa3308c9e4b87f93625faecdb17c29a27cd243bf6030a67874ec9f2443cf8154261ac2a834c01cbe1f314ee7aa3ca552e1648cf8b42a63f249e3538026e09e44d69dc259adb0d1a0cbccb5a5dd5d0dccc90d023da79d5634188ff060f7e35a5f9d7ad99546824d63975d4452de876093f4e997dc46eedcd80a9eebf5e4f077fbb10c7d9e19a3419e7b845972a3b62613c5404a209b16fa88e0ff49d7b4f21fecc1f773c5b4be61021e0cab8602c6e8257649303aaeafcbb178e7a460ff07f219c46eb6fe5bf8113723e454003bd707767c107daf4255751daaf8decf35262640058924eb6587868b2c08230b317e97396ebc928ba8d274ca0eed0bfcb637676003c64e8c1e1a0420b6c96a44226061ced41b8448382abd2f3d0c472afcde231fbc9ee90c2f1132f8e2391246f95ad93354c7460e20de996ad0f61b13b27646887a637cede90b94b7d8c3130f0fe060e8d955c711a2700b302a75bdeb32a0a6802ea795cb114f5f82a1a381a86bbff88b299e47728b746dff964c94c52b661b9429376b1320b46081426b7c340206dc0da151bf84be2a49e78b6b5938753d2b1be8d9e67c43c5d70e72519f5f90d0500e84ee38f82b191ac4d968b0a37901fd923cb289d585693ac3c3f8a94fca6df45e694e199a9cd0b1bc1fa7394bcc96aae670dca6605a998793b7e067ac410ba631057b8b76fcbe9524df820c02efef1608b743cd2aa6d60d3d8e476fa12d3acc329f8272b087d89471177ed531fec1f9c24a975ca2fcd8c246a33e291a3f00b7f234052067a0059c86762475256bb5e7dac6f121a0925506b18933c6e314915d4b3b2130aafc2483ef22ff8bb7b887565b1bd22fabca22037d8fc9437f675c5313526266f60bb7c7c47f30c7d567ed142ea5ec367c4298328d20e5344f01c0c90cf8a6302f4d84b6ba7495fba314a05ba29b63bb6d458fdb05a4411136958309f418fb178e19aa09ff9e62b29732fb2986c96e738f7a688cb2122dbb8f2ad9a5f28bc49ec0c462413552afee8e403259b55ad6dc334dde7f2d306929dd01f2aa6036cafd41874522689301b81c9e50e86828894140356db0a3317b081ed9d8148c41e77e6bda6287762532b86eb91f5480915680deb8a91fb8656b7f0109064865d2b846af0861f67d3f720d6e306540cd7b68f095ef3690b88ea93fb6a402ff5697597cda83171f159e85307d1a8c01611189bd4eb4f0453ab88d43ae181a562a76902a67c687514079d6f4304d9a7c0fa24b6e86074ea0a9fd8187c120312078f5ebfa674adc0303734bf8f6b5585943706594192ad24c9f7d9794fb83758924f862855ddd50bff58b522c43d73c03289baec628cd693cab93101b1e473b76532510e10f03e86812fea6f2d6f5467dcf29e6d7cf8524f383a0ded3f0951c3ffb171a6b8a6d97b5fa8899a19f1a3d0e934a1d4741076e4394ba225158f697bf7d5651717c6950229a0be22e8120d76a414edbcd03d505264b7ede8272ccbd6dbdcebaf11daf6a652f6f9eb74ba7a3ecc942892891388005ae5d971e4e79d696564906dffd44845b704a9abc2fa5ba1bb69a548423a08044ad6d0e365db7e6bea0f3844a452759716cb98dcf326001ec90c1c343174098cdf47ea2e13341058ca014d2a30e9ba3c526de72a6e387181bf76a278c9cbc518d8c374a3f1d9802a39464a100903dbec16f8f095f5d82d9d09507281e4f7fe0ce4fbeced193902a5f658af2a4c1d0952dabdc6ae5830b6b5a2c3f5b8d33a73665990822e5f4a7ce5366755a1615543bdf78299c71e890e0bedb6ec277b10a389d6a3ba9c037221421279e51ab50fb115de2076cc99444202e88ebd9d0fbe4e60234b7b761495ac6c9e615ddac8176164a88fb6d6cc2b52672c8949afe3efc1e87a598896bc93e421423844fcaafe65af898a015b3bcaf623ebeef9a57155af5278ceb52b995f7ca466d9e18b05e86380679e0257cff6d0c6750078462f2ee4701d6d8289ed848b877cf5918625b7937060d667c11119881c30809056892352c6c53c01e395af6866ea350e6f21fa3db772c1177c759999973b51e11ffc5908", 0x2000, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x78, 0x0, 0x80, {0xc, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfffffffe, 0x0, 0x0, 0x8000, 0x0, 0x0, r2, 0x1}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20c01, 0x0) io_setup(0x2, &(0x7f0000000200)=0x0) io_submit(r4, 0x1, &(0x7f0000000700)=[&(0x7f0000000440)={0x18, 0x700fbff, 0x4, 0x1, 0x1008, r3, 0x0}]) 2.45171391s ago: executing program 0 (id=4993): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000040)=ANY=[], 0x8) connect$inet6(r0, 0x0, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='bridge0\x00', 0x10) sendmmsg$inet6(r0, &(0x7f0000001880)=[{{0x0, 0x0, &(0x7f0000000e00)=[{&(0x7f0000000340)="84", 0x1}, {&(0x7f0000002ac0)="b4", 0x1}], 0x2}}], 0x1, 0x4400c800) sendto$inet6(r0, &(0x7f0000000300), 0x16, 0x3b00, 0x0, 0xfffffffffffffdfd) 2.451491249s ago: executing program 0 (id=4994): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000400)=ANY=[], 0x8) connect$inet6(r0, &(0x7f00000003c0)={0xa, 0xfffe, 0x3000000, @mcast2, 0x6}, 0x1c) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) shutdown(r1, 0x1) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r1, 0x84, 0x1, 0x0, 0x0) syz_clone(0x100, 0x0, 0x0, 0x0, 0x0, 0x0) mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) pipe(0x0) r2 = socket$kcm(0x29, 0x0, 0x0) sendmsg$sock(r2, 0x0, 0xc784fa6bb4641b14) close(0xffffffffffffffff) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000240)='bridge0\x00', 0x10) write(r0, &(0x7f00000000c0)="8f2a0a65bd8c002b0304000e0580a7b6070d63e286a5cefe", 0xfdef) 2.292173091s ago: executing program 0 (id=4995): socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0) r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='cdg\x00', 0x4) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c) r1 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r1, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42}, 0x3}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f00000001c0)={0x42, 0x0, 0x613d29976074ede}, 0x10) r2 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000200)={0x42, 0x1, 0x2}, 0x10) r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r3}, 0x18) sendmsg$tipc(r2, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0) bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e21, 0x401, @local, 0x2}, 0x1c) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) write$binfmt_script(r4, &(0x7f0000000100), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r4, 0x0) preadv(r4, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) 2.008356135s ago: executing program 2 (id=4996): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'}) sendmsg$inet(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000100)=[{&(0x7f00000000c0)="2e0771eb0957096753948f3d26c67ca68e623b67261144b0af94313cb781", 0x1e}], 0x1}, 0x40) open$dir(0x0, 0x20a40, 0x90) r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0xfffffffffffffe1d) ioctl$sock_netdev_private(r2, 0x8914, &(0x7f0000000000)) r3 = syz_init_net_socket$x25(0x9, 0x5, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) r7 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TCSBRK(r7, 0x5409, 0x0) ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="010000000000080034"]) r8 = syz_init_net_socket$ax25(0x3, 0x3, 0xcb) bind$ax25(r8, &(0x7f0000000540)={{0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x1}, [@default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x48) ioctl$sock_ifreq(r3, 0x8990, &(0x7f0000000180)={'bond0\x00', @ifru_names='rose0\x00'}) 1.84394234s ago: executing program 2 (id=4997): r0 = syz_init_net_socket$ax25(0x3, 0x3, 0xcb) r1 = fcntl$getown(r0, 0x9) syz_pidfd_open(r1, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000600)={0x6, 0x8, &(0x7f0000000a00)=ANY=[@ANYBLOB="18000000000000000000000000000000c6000100250000008510000001000000950000000000000018400008ffffffff000000000000000095"], &(0x7f0000000100)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) socket$inet6_tcp(0xa, 0x1, 0x0) syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', 0x0}) r4 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r4, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000001300a7cc4a372eaf541d002007000000", @ANYRES32=r3, @ANYBLOB="00000000100000001c001a80080002802d00ff0008000200", @ANYRES16=r4, @ANYRES32=r4], 0x44}}, 0x0) bind$ax25(r0, &(0x7f0000000540)={{0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x1}, [@default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x48) 1.843571745s ago: executing program 2 (id=4998): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x13, 0x4, &(0x7f0000000380)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESOCT, @ANYRES32, @ANYRES64, @ANYRESOCT], &(0x7f0000000180)='syzkaller\x00', 0x10e348, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19) r1 = gettid() r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000040)={0x4, 0xffffffffffffffff}) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_GET(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)={0x14, 0x1, 0x2, 0x101, 0x0, 0x0, {0x5, 0x0, 0x5}}, 0x14}, 0x1, 0x0, 0x0, 0x4811}, 0x0) ioctl$KVM_GET_DEVICE_ATTR(r4, 0x4018aee2, 0x0) r6 = syz_io_uring_setup(0x4fe8, &(0x7f0000000d00)={0x0, 0x7db5, 0x8, 0x0, 0x1d8}, &(0x7f0000000d80), &(0x7f0000000dc0)) io_uring_register$IORING_REGISTER_FILES2(r6, 0xd, &(0x7f0000001100)={0x1, 0x1, 0x0, &(0x7f0000001080)=[{0x0}], 0x0}, 0x20) process_vm_readv(r1, &(0x7f0000000140)=[{&(0x7f0000000000)=""/87, 0x57}, {&(0x7f0000002200)=""/4104, 0x1008}, {&(0x7f0000000100)=""/9, 0x9}], 0x3, &(0x7f00000011c0)=[{0xfffffffffffffffc}], 0x1, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x89e0, &(0x7f00000000c0)={r7, r0}) 1.434464233s ago: executing program 0 (id=5005): fcntl$setownex(0xffffffffffffffff, 0xf, 0x0) r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1) syz_kvm_setup_cpu$x86(r5, r6, &(0x7f0000003000/0x18000)=nil, &(0x7f00000014c0)=[@textreal={0x8, &(0x7f0000000000)="66b9390a00000f320f20e06635000040000f22e01a320f01c8bad00466edbaf80c66b89742d38d66efbafc0cb09aeeb800008ec80f01c80f3566b91a0100000f32", 0x41}], 0x1, 0x9, 0x0, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf20000000000000e5000000080000002d0301000000000095000000000000007126000000000000bf670000000000005601000000ff07ad6706000002000000070200000ee6000abf250000000000003d350000000000006507000002000000070700004c0000001f75000000000000bf54000000000000160400000400f9ffad3001000000000084000000000000004500000001f0ffff95000000000000006e8ad524a56600a5585b7351ca1136aef2e9407e5c2501d11900db85604036883647b1fb3f1403b816f511c8c56e56e40b01005505f8a89dae4293b10f3631b25fc9f189084c7fddccff01361d355f6cce8ec2abcdf1bc9040daef2cfa2046e2091e269f4734ffa55eb2d4e8de20b38c8808b365b46bd54c68cd30139a8c3827a7dd6d6e2b5fea3906f8456b0000000000ff07efffffff0047018ae79db613d2aec070f718ab629b4975320dd7a7da532281fd22c7b835005bf52715396669836db6000000005b4f0591ee7c8cd263dd172b28d01c4d8d4fee81e3cdd5daf2cdad3d1a74a2f078aa6402483856a6e494408d0b33047f06aec2cc590df28efc7dbec6857db922195a271af103f03e1155197e067b2ebf4e2dae060959c9639564f000fc3cdd05a1575c91cf5ba8b2db403681ee48f5287123a0d246c0c4c00fe979dbc09ed4db22d7172adc6ae8faa5f9ad188e07000000000000008d88a0b4684559d46cae41db1b914e93f1f8000000000000000000e33de432e488ad0e724c2d14a1e770e116984a5700afb8a1f3d47277ef0e33e7e00ec5f74e10937ba0e321346977b7d1b18013f509675b5b0f352e30dffda780e95c301f4fc7d5a76475ace6b128b02bfd71023daffdf748a6bd356fcbacec96373d1101000736ac0bbcb5f4836bddfe8bf46308000000ade9e59fcf271bb98bd0b8b5216b858b414c31682f9f3db2e4d8e5898e445fe55ac56c0d642986f8bbc7340bc8393f774318c9fc9b05788de2c6e601b50777e8dff581de1d5ae3d801ead7eba31126e2172fa1eadf5f3bec81004d00000000c8e4692e051c731f9ac766b7fd66278d40f0760f23e8c7d1f47cd8e02504e85e152955ad8acd989c0b2eea71414f533f5685c3904bfe1d0011ffc1ba5398f3d6812467c1a4186edd036f15bf847c50f79e1a0ad3d2b5080ecb0148e2b86177869884ae62420c9f1b534e969fce97ffff070000000000dbbfe0ed7c5853a665c0805752dca0e571d75cac5a5d8e4f6e05055b6dec5a9a5696f053a92d81fd9e5f2b9dbbe24f38e745b5a95d45003d0600e413dc623f3e6b096c8b0ad7438c6631388892c55b0671140afbfb83bba415f729fea4c8a8a86189dceedad84cdd17c46bdd847a1f4b0facd3744f5bbb06abb319204fca4bcd4297fe7b4cee75abf43e14fe861224799c0f12702964fc890a176fdafa2c9387280b5693c000c0304cece48642649375dae0b7979b229f708a97349e96e783af9a23cd3980a2c29d3d62875e5319cd51bdd224878a0b25edf0e83c930633bd9a0c3e28f359608ea326c77a1aa17318f392a0ec6c188916f452533d4327fe"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r7 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000300000000000000000008f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r7, 0x3, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="7400000002060500000000000000000000000000120003006269746d61703a69702c6d616300000005000416fa70706730a8c36e07ef688dd345000000000900020073797a3100000000280007801800028014283140fc0200000000000000000000000000000c00018008000140ffffffff05000500020000000500010006000000"], 0x74}}, 0x0) r9 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000600), 0x0) ioctl$sock_SIOCGPGRP(r4, 0x8904, &(0x7f0000000100)=0x0) wait4(r10, 0x0, 0x1, &(0x7f0000000500)) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r9, 0xc08c5332, &(0x7f00000003c0)={0x9c9, 0x0, 0x0, 'queue1\x00', 0x200000}) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r9, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x3, 0x0, 0xd51}, 0x8000}) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f00000000c0)={'netdevsim0\x00'}) r11 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181) write$sndseq(r11, &(0x7f0000000080)=[{0x1e, 0x0, 0x8, 0xfd, @time={0x7ffffffd, 0x4}, {}, {}, @result}], 0x1c) r12 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r12, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[], 0x48}, 0x1, 0x0, 0x0, 0x20000841}, 0x0) 1.432823598s ago: executing program 1 (id=5007): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r1 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$DMA_HEAP_IOCTL_ALLOC(r1, 0xc0184800, &(0x7f0000000080)={0x10001, r0}) mmap$dsp(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x300000c, 0x10, r2, 0x0) 1.374885688s ago: executing program 1 (id=5008): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000400), 0x8080, 0x0) r1 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x1, 0x82000) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000240)={'wlan1\x00', 0x0}) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_FRAME(r5, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="48040000", @ANYRES16=r4, @ANYBLOB="01e5c300000000fb04003b1c210008000300", @ANYRES32=r3, @ANYBLOB="2c0433005000de295b3acba52ee4080211000001505050505050"], 0x448}}, 0x0) r6 = signalfd(r0, &(0x7f0000000080)={[0x7]}, 0x8) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) ppoll(&(0x7f00000000c0)=[{r1, 0x90}, {0xffffffffffffffff, 0x424}, {r0, 0x8040}, {r5, 0x2240}, {r6, 0xc002}, {r0, 0x2010}, {r0, 0x4}, {r0, 0x5000}, {r0, 0x4020}, {r0}], 0xa, &(0x7f0000000180)={r7, r8+10000000}, &(0x7f00000001c0)={[0x98d]}, 0x8) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x14) 1.374711811s ago: executing program 2 (id=5009): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x8408, &(0x7f0000000680)=[{&(0x7f0000000180)="5c00000014006b03c84e21008bf32c19021800f80200000044000200ac14143705251e6182949a36c23d3b48dfd8cdbf9367b498fa51f60a64c9f4d4938037e786a6d0bdd77f6f60c1504bb9189d9193e9bd1c1b7800000000000000", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) syz_open_dev$usbfs(0x0, 0x201, 0x2) open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080020000100000080"], 0x48) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) socket$kcm(0x29, 0x5, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r3, 0x4048aecb, &(0x7f0000000080)=ANY=[@ANYRES16=r2]) ioctl$KVM_GET_VCPU_EVENTS(r3, 0xc048aeca, &(0x7f0000000080)) 1.315287926s ago: executing program 1 (id=5011): syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0xb, 0x3, 0x0, 0x3, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2f, 0x0, @broadcast=0xac14140a, @multicast1}}}}}}, 0x0) 1.314911596s ago: executing program 1 (id=5012): syz_emit_ethernet(0xf87, &(0x7f0000001180)={@local, @multicast, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "6410a6", 0xf51, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[@routing={0x84}], "223427d5c9a46b9fa14172170a013589317d2af31ba55431762f462a5abc3f46494ee91bfca594d52f8c3785143e92da5d2d81edc09f68f122fbf741257bf1319408347a17c89212dfe27a0fc65362487e5afe673f0954f60d9d08b61276ce0b3aa520b5f30a9f52c4aa53fc003f8570383ca63530d93b78a7875338b3d7645ef2c24ab05db63cfdcde7b3cac2248c9d1c73d0d4382b3f520ad6e9be698eaa9bf5b939ce09919c9485c4725690ee2483315829a196f85a5ae552ebe19a2d6768ce2a6bf60fbb53104c7919b7cf28fa555fc9460df11e72eddebb2fc4eb6f83b16e0d65307e4210dfc209f0c68df65b57f420fd215546b798af6b6ab7bfb2fe6bd6142f877852717370b1ca39d199c149c3ead97c4e16229ce4c08a111a0fc64651c21e9174dd72442a9ae2a42d9433c7b54c8dd4b59203f9a2e227e9b043eb430e606cf98f3428ac8511948dd553bc0728c0626fbda71bd2a1d734d605e27bdb0be93b7b91284689e31fccb70c15f2c39da9011c84d36fe4b4b36ff26e45a34685fc638dbdaa068a3d3d4f5d44b74afc0fc7956e5fcc3fe405ac6d292d1d90f257f18fe14a3192d28ed369956aa2f91f9fee773cf7fb5d90705347eeadc1af86de78a498fa1a20e5b3f481a0595769654d969299506d8ffbc172a7fb9453a8a3787e80b167936863f2cc16c1d03481bd40e1abcf87a292559771572136932bf30e48174012a1d4d5f138f93140af2ceb9c821c7966ea7592d762975b5b33ef141b6b91eb388c91b924945c3231d0f299adb5a36e0c95a17872e7ebf0bc0e33baf5c46f9e2087b77bad0794d519ce7bc8674a70f3545d020454ded22f164185df3b4f952b132947b75333993fd73a6bac5836dd5720e559bcb82a4926734c5c3b1287c5fec219a99f71eb398430001f007306e9232c269c2886357f75d935e8de054341ac36f1df1fc77fbc347d90660f4d5658cfeb9e289f70968a7c0b38ae34c4bfa46b47964e223ac34f472e3231e8c285add5713592c76c062c3477beb55b279846f04f8d6a5ce2743c6a2020f0c5164953b8dca7e57239dc8a7f507bcf77767ab0b4602437171a09c8e80f5a165c4c37eaae386cfcb927dd1a935fa717fa1608792b34bafbc20cf11a678455894ede62788309ab7a7075535847a2b48260a613e521b01d75648263ad78e6176528dbf3e6c4e4d72066e617be5387183a51dd97d2e846c5d173b51e17a4c8d78a49c914cbe44236c52c78de45b44f9d80bc6f77c75135922a84579bce77baa71311889f5b7b90c5124b8298d5e9c81c442d60df00795854d3213a1ac254c8963c109f68b3ff5451c381f6fb56c116f86b71f988d1e9f732280cbf3d4e9791fefc4bdec5dc293fb77b02d5aab6bd8cd179b7e425126b7f78c0d004bc6470ecc2bbc422bd06a6bd8f717009509e6a88b01347b7a62b9dea6f7a7446a371f422499a6e66eeb6a7b0beb4a86a61f875a9bfe0f5d5f0d0e4c85852afaea97d74ebc80d6491a8a1c998c4b5bc34b3edaeba2df902cd5e14e016720e6c3c8b15287b2471c34251e26dc442720cd5d984e30b110b7370f233f865b9ac129fdf49ff02b303d7d4f91039d3bb58a9d64d7a72d8b8eba6b45a000370d4f0e9c0d411768441372e7112e5d4e7d70a9d6b428b8b85ee6209d6f73e7b024740c052166deeb843e4ab78d1d354d75a5827ff0d49d8964e75785f3594c7299c0917b48f3b2efb81a4c3a7d6e0f1cf50efe0360963c2e3ee390ed2a4c39f42e856eced0f2ee7beacd2ecbece493e911ca0460584323ea6d4a0c00864693c979cae38f0c5841bfaeebf609d1075163c120fea0bd0207d2dd07e5e2e0a5afe3efee0ee6bb9a926a8dba7a27a82c5421a5b20bfb5dbdef532a12435fcd899f15603209831711e0dcfaaf2104b2016f087fce44848c70b65a34b9be83df2064391fc5a8d169dc1943d226e57ab5ba06c656273d4efba73a8a61aae19df4d2445f3ce7e649af1b4ffc86106c9092ddd0aafeb45653d181cb32b06a1dd41573495f15c3b8c0019ba72a2eb163dfcbdbb235322ae27d7116af506f295c2424ab9191aa8ce0e4617b212af21983f8d2b19d7fdeec881f6fa448acc7c3e133b6f281583fad4467c05801e69f6ffc1ae2e1f54655534d884c2f8f60303da33ccbe47a293643edb61c7d9fad4e3e54028bc64be8e5b1da53446869b136660b8e96ff96c48641ece275967b27b291c5c240b3399b5b901b699227735f821938bc88ded45bada2b257b1a4bcab7ed6647f2027e5680c87329e9cfdba6bde2f2a9b676be016001702bebbabb2eae3eba01d6f49ab70245a4c5ef0e136b531e1843487b3f69c5b811217d6d2f5e71b47f40c28117bd09a88bb21887a06e2cc164d4281d0df47cbd5781f1524098d89ccae32f24c5f9d86469106685fdc683ad5e873030b621dc00354e0621106da90aca69bb53848dd57251a45bc1898aca9bc84c9a8d2f8aabeed888560771c8cb03aab02620430fec8e9740880790060ccbffd5b8edaa219ca61587eff1b1b03ae8af53059f121efdec8b3ee8aba06f494a5b4575bc848d5a9773d2346f75811cb82a078fc960c9bd374555d78b1b4ba0b438ef00e8aa75810ca5efc5c70936e2cb0e515912cb7f625a2130a9ad58f29e58ae6eac5c3f15f22f0163ee6dead6947c4390b92c8dfb146fec7bfc0b37e8ff2c9de90c30f2d8b5e334107f9835bc47fbc193c60ebd5ac4e677c7fd5b6261ff96e97c185c726ec02941bc2336946f181fd2aff43f0e95f06105a049fcb8e4e3738407d6356856f533f17fae281a3be9f2050ae3d19d1b8350d424087ac9b7875824a9b7e098775b53d6ec960fc052ecd165d17a7897de75f15316a072bb9ccf6ce1ec085bb5356c271b985a437a32f12308fc927410fd444bcded9859e7b8a3cfaaf29ebfb92cc7cbfad2559bbe4f90e189e8708e93827b221869cc78fa41fd5bcb6577b7dfe4c3927dc25a58aa84419f76e71d1f3c10cbb5e52ab2bebe0d39bdffda0fa1b55fe3a03683f882a82dd58498d62b101acd710fd436aa7409fe3cf5352dffb399d560323e14d564bdb3121b89c1f43fc9a892b799cd32f7ce2ededb868920b4547735ef0bf3e148251a4f65dddb7f96b2f33734522a8cffdc51520ac98926b3406e96618cf15a042a67239e755afc70ec6a9c99f8e08ec2946e5901364d85223a63d49572519137d93b6b0798e72acf9da120e706ee73367dec1450a68def886c149bcd734469e10b933899501011cd548e99d638821d5709fde050ab382d4896ecfd7999d40ea9c690c26d396545224c8f9e19705593df2688eb592e2476a0193f7054ab6f703d41c545a80bf285bbc7cc735bd306c9ea5eb64f40752fd4c741d9b6e03cd41b636ef8f5e810047a21c0b24c6fde1f2e98f2f27730c90d93af9e7564e4e209a61ff626b666fcc4f75f7d560da688169ff0af5e674a0b89a99fb54bb438a65f953c2db0faec2ce09cec33b6d25620b5a0393ac473fed48a38beaca5223997419876d571ce969b83b5b3ae54de83dd89fd92ed2a93c087828bef49a24ed1a97778c47fdc691a94fd5b437dfe494b5c6fadf499d9d15583b0439d3d5ecb61a32a2508a6960be6009accfd1d5d75a16dbc4121c6ef07bda12646792449c18a56e7aa3893f3f0e55a8e09ca64193dd29ea24ed8614ee8e717f046dd99a8e3750506655331125a502aa89c0d7e8e30c36a4be22cd911322695144d3bf034f38ef32d49431d50da583d08a3e4c5862483cdd52d031b12c89fdaafc3334e877e464134baece883d301193a9c27311a987d4dae82a061f48182cc747cd64441e88b68e26e4975f0fdde3129a9e6af80009962581d5349676df9c73b81514b175709d9193749660f480bd4009b528c1db4f76f42b6a175126603c39a374e890f871c97b2eebb4500451d827cc15497dc5ae89edc6f47f25db7efa4b4b2afbbb2ee543e3db8d20fe93faf300247f59075921e8b2f2a025af8a1d46f274e0c6cb4be0293c7c16c88e98d7d189e9733e4c0e3b96be4aa3fa6ecf42732e0b1432d38aeaf2330d92713cd5580ce42bfe47fb98fea64783de23f456300dd193008211a5ba408d32dedbf12aa8237a6e1a2c9890a2c1011855241fea186906a5139d1c300be57dc7ff493de80010520d10fc3eda0ee9cd413e075d3dc02258fdab567a16e43edbeecc366a69d8d75512f43a2b79cbb9132cdcd00c531730d05f1eabf66613d6e7ebb8c4c3f4f7efd415d41049786352808b22a3bde40121968af39c8f00296001662adc72b7963c8bafab4a496b50f3237a29d19ad4a51a62b1c77a04c14004734189cf7ec49e3d041a1e5658d080f09df77f39782e7133968c1f39ab3ae2a5f24a60073288f3c5825dafd614a379b8b905aaf961caa14ffa38de0d632918d31e4a9291b0f0789248e232e4276840a1ed0257300e522d83111dffd424b1b33148981e3794b2b649ba9174e6697bcc96049f4f3dcc7cf4ca97e2006ec8a146014bb49184632e4fb159a34b6530e959e60a6b4e0427cc697f14cfe6bb7a662a6f5012744f3cf2307abc19c58449864d98fcfebc5d598cd32a1c38c207896468fe8da75eb1edb1d6e7cb1eab671e4e92f139c81d79f15df2a2dc075acc982dec769e2f49aad0fdf594cb590e054616e4f4582b6c4a149ae45d844903ef68d211df2a180178e178b7c7a5012ccf8a1e677586588620365e6111f5192ecfdbd97e2284128de02e08ebc13d4bb4d114faa1e6c16c51c12da2c52d68f73640ce866ce4e794b9fafdc392c91c1f824bc301b3069a02b9c86d2ffac3ed63ddee130cbc248d6a3345d3f9553db78077072d569a6633f8bdbdb1a209a8be9b6830225994f9021b57ddd6a44e8ea40b205c6cf437f45bffaef053a5916dcc6de62ee02bdb8ce3acec8ad97fc95dab1307d254790c71f32e4678957cf0121dccabe73a03c6cacbcbdaad8801b04d9836555a982c357a06e2db7e9bf62aed8cdebbb7a71a2410b929015b61f16e54bffd038996a717b9c7cc3696d8a1205e8266bf782c3a45b0e31461d6a3ed62396088833f69248b24fbf6f81dcc08b98826c3bd2325ade54f614f2d4a153e3e3527d93978483f2bfeada6b64bc43f2a725c30e843d13e6ab34cfc38d488b3ef50cd04318fac1f89905f017644cfa2de058ad399871d1316264813c2289d0b6cfeddfbca36ce93fd4a1bfc93bb74453cfbb9c6ca22320ffc9cb0a3fff046a5678c066e617cd3ac024dfead04b99877f448b78208938585c7563efe815ff0cc47da5fff521d9730ddc89f4aeceadd06f2ea6b9ae72c9407aa550a0155db3b4bc6aaa382a30552f699cb6a1af9972a8ccc483f98952dfbde3d712ea8673eacdbb77490d833fc90f0f02e7c073d2917db70831496a88defc10667dc4c1b7399191bdc7857eb090e79c332bf9f71bb5377178e6232800c93d22318dc5ab8d5dfa2f074a6c23acb61c89f2f078ec91e9817e11a4c8295c19634b5ca2df74"}}}}}, 0x0) (fail_nth: 5) 1.1261925s ago: executing program 1 (id=5013): r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000000)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x7, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x4, 0x2, 0x0, @void, @value, @void, @value}, 0x50) ioctl$BTRFS_IOC_INO_PATHS(r0, 0xc0389423, &(0x7f00000000c0)={0x2, 0x28, [0x80000000, 0xa, 0xa5d8], &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$SIOCX25SFACILITIES(0xffffffffffffffff, 0x89e3, &(0x7f0000000100)={0x29, 0x9, 0x9, 0xb, 0x4, 0x81}) r1 = syz_open_dev$audion(&(0x7f0000000140), 0x0, 0x80) getsockopt$ax25_int(r1, 0x101, 0x7, &(0x7f0000000180), &(0x7f00000001c0)=0x4) bpf$BPF_MAP_FREEZE(0x16, &(0x7f0000000200)=r1, 0x4) sendmsg$inet(r1, &(0x7f0000000800)={&(0x7f0000000240)={0x2, 0x4e24, @local}, 0x10, &(0x7f0000000740)=[{&(0x7f0000000280)="08a77e616b00137948fe25f2f9f0b9bf3178e49552404fc6664b2bd71d24e334faf8aeb52ac2bda4d78b17", 0x2b}, {&(0x7f00000002c0)="ae37260d8c38ad4256829604e79f773284ce1baf9be86c9755bcf71403cf9089e5cc3644b8b37daa4be8d4d013f8b915aa3bb336174e20c861171662b035f20e95a1ef72fe6cc7281d5ea88d687c8433f8f00e4d657d27a48dac8df67ba876a322c15aef8908fd7765666c35649381817c118f29e6f223492467e0294c48c10238651a6af50f1a45715890a579f1357b1f8f0ab26ab33982e7f519cf54bff0d6313bd30169b5fe", 0xa7}, {&(0x7f0000000380)="fb85254a329001f45338b131b505a381fc443f094faa956ca8aa988a3d25f66e64ae45ab2ea121bc952667615bd72b674230d0b44306ab82fde3e3a68242e05b994aca4d14f0a886ab655de4e130a4debd5f0c48d64f53c80b5786fc9f065eeb2be8c5093c6d94c4ff38", 0x6a}, {&(0x7f0000000400)="7fc17e10e17e2c50892e2cded6ee24a8838b38e5913a470b4d48c628e6e53bfd851e331291ee3c7665fa8fb6e0c5b5a9d5e7b28c59d192a827b173e3f3869510dcff1271a1de0e84ab108bf29795e90361e844ff51", 0x55}, {&(0x7f0000000480)="f63f431a8742d5e57ee2d99b69c4f7d7dc314815c10ce6316dcd33753be705397783a2f28ea5f0f95a6026312e8c4e10d8cd7e46843f1e75a37a689763dda33a342b8d733c748123ed0f28d66e08d2dda118fc5b90f83cb7031898d93bb2cc62ff3ca62b23c9750a9a428ae6ca5180b15041f8b4d7c21f9e714d093e229b7a2c17ed304d576bf9febaf1041803ea6c952638052618a3effdaa53a20d672398f12fbf74d55abbb94b88ca12ffa2050fdabfe14f042e2c3b760a1a7795495c1247ceb436d45d385a24bcfd", 0xca}, {&(0x7f0000000580)="833437c40d7a3f0c7c37", 0xa}, {&(0x7f00000005c0)="847e3d690c605999f4886496f078667abe3da3c53339575fd7806f2b33d8675f95175940564109792b3b8d800181591de058032132ebb0c27688d23ac0803166b7a9ae617d0d8218e57e2d10", 0x4c}, {&(0x7f0000000640)="85e3952670da14ce187215f1fb6d1817b809b499aa108109c8dbccab0166c2024f085e120c54465cf6867dfc4471f989537b5e3a0289535ab3a72641831c86db6af9c2268474ce9a6456112032e4bb7cf2d32f5fbc87fcd1e04bab1e8bfba1866766d992e18b515d53c031b60d69978f25ed8a3e4e1cfc971a8c3dd74959f5a02b4fe74c717342879b681e6de5f9df42f72ec1", 0x93}, {&(0x7f0000000700)="b0fb7c77756c8f8813a2715ca865fd9f18f351b119b803ba9c0517961f02589824e04bb9e09cf05d68202b0ae48b853f5cb422", 0x33}], 0x9}, 0x4085) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000840), 0x4000, 0x0) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r1, 0xc018937b, &(0x7f0000000880)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xffffffffffffffff, 0xee01}}, './file0\x00'}) r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000b80)={0x1b, 0x0, 0x0, 0x6, 0x0, r0, 0x41, '\x00', 0x0, r1, 0x0, 0x3, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000c00)={r1, 0xffffffffffffffff}, 0x4) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000cc0)={0x6, 0x3c, &(0x7f00000008c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xda66, 0x0, 0x0, 0x0, 0x80}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@map_val={0x18, 0x2, 0x2, 0x0, r2, 0x0, 0x0, 0x0, 0x1}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}, @btf_id={0x18, 0x1, 0x3, 0x0, 0x5}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @cb_func={0x18, 0x3, 0x4, 0x0, 0xfffffffffffffff9}, @printk={@x, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x1}}, @btf_id={0x18, 0x2, 0x3, 0x0, 0x1}, @cb_func={0x18, 0xa, 0x4, 0x0, 0x8}, @tail_call={{0x18, 0x2, 0x1, 0x0, r1}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000ac0)='syzkaller\x00', 0x80000001, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x25, r1, 0x8, &(0x7f0000000b00)={0x8, 0x3}, 0x8, 0x10, &(0x7f0000000b40)={0x2, 0x0, 0xe64, 0x400}, 0x10, 0x0, 0x0, 0x4, &(0x7f0000000c40)=[r0, r1, r4, r5], &(0x7f0000000c80)=[{0x5, 0x1, 0xd, 0xb}, {0x0, 0x1, 0x4, 0x9}, {0x5, 0x3, 0x10, 0x5}, {0x0, 0x2, 0xf, 0x6}], 0x10, 0x4, @void, @value}, 0x94) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r4, &(0x7f0000000d80)={0x10000000}) ioctl$CDROMREADAUDIO(r3, 0x530e, &(0x7f0000000e40)={@lba=0xe, 0x3, 0x4b, &(0x7f0000000dc0)=""/75}) getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000e80)={0x0, 0x8, 0x9, 0x1, 0x9, 0x8dd7}, &(0x7f0000000ec0)=0x14) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000f00)={r6, @in6={{0xa, 0x4e21, 0x5, @remote, 0x55}}, 0xffff7c31, 0x4, 0xf, 0x8000, 0x1, 0x9, 0x5}, &(0x7f0000000fc0)=0x9c) ioctl$KVM_RUN(r1, 0xae80, 0x0) write$binfmt_misc(r2, &(0x7f0000001000)="e922f1e8fe339da7b292fef85896f27fc6efc0cedca4881d83476d4e", 0x1c) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000001040)={r3, r1, 0x5, 0x0, @void}, 0x10) r7 = syz_usbip_server_init(0x3) readv(r7, &(0x7f0000002500)=[{&(0x7f0000001080)=""/199, 0xc7}, {&(0x7f0000001180)=""/148, 0x94}, {&(0x7f0000001240)=""/13, 0xd}, {&(0x7f0000001280)=""/6, 0x6}, {&(0x7f00000012c0)=""/56, 0x38}, {&(0x7f0000001300)=""/40, 0x28}, {&(0x7f0000001340)=""/4096, 0x1000}, {&(0x7f0000002340)=""/220, 0xdc}, {&(0x7f0000002440)=""/167, 0xa7}], 0x9) syz_kvm_setup_syzos_vm$x86(r3, &(0x7f0000c00000/0x400000)=nil) lseek(r2, 0x7fff, 0x4) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f00000025c0)={0x40000000}) mlock(&(0x7f0000dbb000/0x1000)=nil, 0x1000) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r3, 0xc0189372, &(0x7f0000002600)={{0x1, 0x1, 0x18, r2, {0xfffffffc}}, './file0\x00'}) r8 = openat$autofs(0xffffffffffffff9c, &(0x7f0000002640), 0x40000, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r8, 0xc0189372, &(0x7f0000002680)={{0x1, 0x1, 0x18, r7, {0xffff927d}}, './file0\x00'}) pipe(&(0x7f00000026c0)) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000002780)={r1, &(0x7f0000002700)="fe7945fb7dcf026c03bcf5f3fa1f984040b4ef303c7d045913a4848e4ad34eff4307818a983453dec411d676a7af2fe6a2916abcbf2d5f15efafa5bbd34f13c07f3c2b0ce27c36fd37e991f981e43564fc40aa58a8e6c65ba028364dd9a8"}, 0x20) 1.125994972s ago: executing program 2 (id=5014): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000105509147200ed0000000109022400010000000009040000030300000009210000000122050009058103"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000100)={0x2c, &(0x7f0000000280)=ANY=[@ANYBLOB="200617"], 0x0, 0x0, 0x0, 0x0}, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) socket$inet_smc(0x2b, 0x1, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x3f, 0x0) (fail_nth: 9) 471.829738ms ago: executing program 0 (id=5015): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) mount$fuse(0x0, &(0x7f0000000100)='./file2\x00', &(0x7f0000002100), 0x290449c, &(0x7f0000000240)=ANY=[@ANYBLOB="6c7dbf6af0d47e17d5268733e9603d00", @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000140000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00']) r1 = socket$inet6(0xa, 0x3, 0x5) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$RTC_RD_TIME(0xffffffffffffffff, 0x80247009, &(0x7f00000001c0)) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84042, 0x0) r6 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x122c42) ioctl$LOOP_CONFIGURE(r6, 0x4c0a, &(0x7f0000001ac0)={r5, 0x4000, {0x0, 0x0, 0x0, 0x2ead, 0x7fff, 0x0, 0x0, 0xc, 0x4, "339f020bbe82b398000000000000000000000d0ec0c1b4e9b1c4369d03740250ceaac594b1b3d741dd17c1c50d38ef2a565ef1e83323691c58d66500", "a9103939c787a16c1ca43f80026d1a74568c953abcd4eb30e04d528539f3c0289737f0374c72a964a02447fd29f35239d200", "24431a1e77a68e174ff10000000000000010e200"}}) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r6, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000080)=0x3) ioctl$TIOCSTI(r7, 0x5412, &(0x7f0000000180)=0x7d) ioctl$TIOCSTI(r7, 0x5412, &(0x7f00000003c0)=0x7d) r8 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000680), 0x2, 0x0) write$vhost_msg_v2(r8, &(0x7f0000000780)={0x2, 0x0, {0x0, 0x0, 0x0, 0x2, 0x1}}, 0x48) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x1048c, &(0x7f0000000480)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) bind$inet6(r1, &(0x7f0000000140)={0xa, 0xe22, 0x0, @loopback={0xff00000000000002}}, 0x1c) write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, 0x0, {0x7, 0x1f, 0x0, 0x2066012}}, 0x50) syz_fuse_handle_req(r0, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r9 = openat(0xffffffffffffffff, &(0x7f0000004280)='./file0\x00', 0x0, 0x0) getdents64(r9, 0x0, 0x0) 393.465591ms ago: executing program 5 (id=5017): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48) r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002e00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000180)=ANY=[@ANYRES32=r2, @ANYRES32=r3, @ANYBLOB="05"], 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r2}, &(0x7f00000006c0), &(0x7f0000000700)=r1}, 0x20) sendmsg$inet(r0, &(0x7f0000000980)={0x0, 0x6000, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0xa00120}], 0x1, 0x0, 0xffa4}, 0x3) 393.205918ms ago: executing program 5 (id=5018): madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) r0 = io_uring_setup(0x191a, &(0x7f0000000000)={0x0, 0x761, 0x10, 0x1, 0x11cb}) socket(0x10, 0x803, 0x0) (async) r1 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0) (async) sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0) getsockname$packet(r1, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="400000001000390400"/20, @ANYRES32=r2, @ANYBLOB="01980000000000002000128008000100677265001400028008000100", @ANYRES32=r2], 0x40}, 0x1, 0x0, 0x0, 0x4014}, 0x0) (async) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="400000001000390400"/20, @ANYRES32=r2, @ANYBLOB="01980000000000002000128008000100677265001400028008000100", @ANYRES32=r2], 0x40}, 0x1, 0x0, 0x0, 0x4014}, 0x0) r4 = socket(0x10, 0x3, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route_sched(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x44, 0x24, 0x5820a61ca228659, 0x0, 0xfffffffe, {0x0, 0x0, 0x0, r5, {0x0, 0x9}, {0xffff, 0xffff}, {0x5, 0x7}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x10, 0x3, {0x6, 0x2}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x800) sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000015c0)=@newtfilter={0x7c, 0x28, 0xd27, 0x1004001, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0xffff, 0x9}, {}, {0x2, 0xb}}, [@filter_kind_options=@f_basic={{0xa}, {0x4c, 0x2, [@TCA_BASIC_EMATCHES={0x14, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x8}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xd}}]}, @TCA_BASIC_ACT={0x34, 0x3, [@m_csum={0x30, 0xf, 0x0, 0x0, {{0x9}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x7}}}}]}]}}]}, 0x7c}, 0x1, 0x0, 0x0, 0x8810}, 0x404c0c0) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a) (async) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a) r6 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r6, 0x29, 0x20, &(0x7f00000000c0)={@local, 0x0, 0x0, 0x1, 0x1}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r6, 0x29, 0x20, &(0x7f0000000380)={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x800, 0x2, 0x1, 0x0, 0x8, 0x13}, 0x20) mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bpf(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180), 0x400, 0x0) (async) mount$bpf(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180), 0x400, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000840)='./bus\x00', 0xa4) (async) mkdirat(0xffffffffffffff9c, &(0x7f0000000840)='./bus\x00', 0xa4) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f0000000140)='./bus\x00') (async) chdir(&(0x7f0000000140)='./bus\x00') openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.stat\x00', 0x275a, 0x0) (async) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.stat\x00', 0x275a, 0x0) r7 = syz_open_dev$dri(&(0x7f0000000140), 0x3ffffffffffffffd, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r7, 0xc02064b2, &(0x7f0000000300)={0x6, 0x8000, 0x9}) r8 = syz_open_dev$dri(&(0x7f0000000040), 0xd21, 0x8800) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r8, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r7, 0xc06864a1, &(0x7f00000004c0)={0x0, 0x16, r9, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(r8, 0xc06864ce, &(0x7f0000000440)={r10, 0x0, 0x3, 0x0, 0x0, [], [0x0, 0x1, 0x0, 0x1], [0x0, 0x20, 0x0, 0x80000000], [0x0, 0x0, 0x4]}) (async) ioctl$DRM_IOCTL_MODE_GETFB2(r8, 0xc06864ce, &(0x7f0000000440)={r10, 0x0, 0x3, 0x0, 0x0, [0x0], [0x0, 0x1, 0x0, 0x1], [0x0, 0x20, 0x0, 0x80000000], [0x0, 0x0, 0x4]}) ioctl$DRM_IOCTL_GEM_FLINK(r7, 0xc008640a, &(0x7f0000000100)={r11}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) (async) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) 318.409925ms ago: executing program 1 (id=5019): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) syz_open_procfs(0x0, 0x0) r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0) r2 = socket$inet6(0xa, 0x800, 0x8000) setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000180)={{{@in=@broadcast, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {0x0, 0x5}, 0x0, 0x0, 0x1}, {{@in=@empty, 0x0, 0x32}, 0x2, @in=@dev={0xac, 0x14, 0x14, 0x13}, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4}}, 0xe8) r3 = socket(0x1d, 0x2, 0x6) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000000)={'vxcan0\x00', 0x0}) bind$can_j1939(r3, &(0x7f0000000040)={0x1d, r4, 0x5, {0x2, 0xf0, 0x7}}, 0x18) sendmsg$nl_route_sched(r3, 0x0, 0x4091) timer_settime(0x0, 0x0, 0x0, 0x0) connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x7}}}, 0x19) r5 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000180)=ANY=[], 0x20}, 0x1, 0x0, 0x0, 0x10}, 0x20040814) sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000540)=ANY=[@ANYBLOB], 0x18}, 0x1, 0x0, 0x0, 0xc1}, 0xc000) r6 = dup(r1) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r6, 0x700) sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4851}, 0x4040885) 239.093636ms ago: executing program 0 (id=5020): r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) sendmsg$802154_dgram(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x24, @short={0x2, 0x3, 0xaaa0}}, 0x14, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x4}, 0x4000000) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000042c0)='fdinfo/3\x00') r2 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r2, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) setsockopt$inet6_udp_int(r2, 0x11, 0x68, &(0x7f0000000080)=0xa40, 0x4) r3 = userfaultfd(0x801) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0xf0ffffff) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000600)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4}) ioctl$UFFDIO_COPY(r3, 0xc028aa03, &(0x7f0000000000)={&(0x7f0000800000/0x800000)=nil, &(0x7f00002b3000/0x2000)=nil, 0x800000}) r4 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r5 = socket$kcm(0x2, 0xa, 0x2) setsockopt$inet6_udp_encap(r2, 0x11, 0x64, &(0x7f0000000000)=0x2, 0x4) ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r4, &(0x7f0000000540)=ANY=[], 0xd6) read$FUSE(r1, &(0x7f0000000080)={0x2020}, 0x2020) getsockopt$WPAN_SECURITY_LEVEL(r1, 0x0, 0x2, &(0x7f0000000040), &(0x7f0000000080)=0x4) 238.800541ms ago: executing program 5 (id=5021): syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0xb, 0x3, 0x0, 0x3, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2f, 0x0, @broadcast=0xac14140a, @multicast1}}}}}}, 0x0) 88.835163ms ago: executing program 5 (id=5022): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x2, 0x1, 0xd4}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) (async) r0 = socket$kcm(0x10, 0x2, 0x0) (async) r1 = openat$cdrom(0xffffffffffffff9c, &(0x7f00000011c0), 0x2000, 0x0) ioctl$CDROM_DEBUG(r1, 0x5326, 0x1) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000380)="d8000000180081064e81f782db4cb904021d0800fd007c05e8fe55a10a000b000140020203600e41b0000900ac0006031100000004001500090002000000035c3b61c1d67f6f94007134cfce1e090000001fb791643a5ee4ce1b14d6d930ede1d9d322fe7c9f8775730d165ae24e25ccca9e00360db79826835d3a71d95667e006dcdf63951f215ce3f09ad809d5e1cace81ed0bffece0b42a9ecbee5dd6e4edef3d93452a92954b4337000000008af26c8b7b55f4d2cb1df0966736a1dfe444c65ac5b348eac7c2ea475327557ba566236ceb0000000000", 0xd8}], 0x1}, 0x4000) (async) r2 = syz_open_dev$radio(&(0x7f0000000040), 0x2, 0x2) ioctl$VIDIOC_G_FREQUENCY(r2, 0xc02c5638, &(0x7f0000000080)={0x8b, 0x4, 0x5}) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000000100)={r0}) 166.384µs ago: executing program 5 (id=5023): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x1c, 0x2, 0x1, 0x3, 0x0, 0x0, {0x0, 0x0, 0x400}, [@CTA_ID={0x8, 0xc, 0x1, 0x0, 0x3}]}, 0x1c}}, 0x0) 0s ago: executing program 5 (id=5024): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$mptcp(&(0x7f0000000100), 0xffffffffffffffff) socket$nl_route(0x10, 0x3, 0x0) close(r0) r1 = syz_open_dev$media(&(0x7f00000012c0), 0x66, 0x180502) ioctl$MEDIA_IOC_G_TOPOLOGY(r1, 0xc0487c04, &(0x7f0000002f00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000640)=[{}, {}, {}, {}], 0x0, 0x0, 0x0}) r2 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r2, 0x0) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10) syz_emit_ethernet(0x3a, &(0x7f0000000000)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xc}, @void, {@ipv4={0x860, @tcp={{0x6, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local, {[@end]}}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2}}}}}}, 0x0) kernel console output (not intermixed with test programs): nd5 [ 408.548913][T17742] xt_SECMARK: invalid mode: 0 [ 408.578116][T17736] cgroup: subsys name conflicts with all [ 408.607208][T17746] netlink: 'syz.4.4357': attribute type 2 has an invalid length. [ 408.687229][T17751] lo: entered allmulticast mode [ 408.691046][T17750] lo: left allmulticast mode [ 408.727730][T17753] ptrace attach of "/syz-executor exec"[13403] was attempted by " b\x0aøÿ\x0c !¿¡ \x07 øÿÿÿ·  ½ … Ð · • ?ºj}6Ù±ŽØ¢âÄž€ ¦ôàä©Dl¢µñÌ\x0ašö˜9: óˆœ$ªVñQ™úÐ\x09dÂ'ÉZ ·„bWðzr‘„QëÜôÎ÷ù``Vþ\x5c4fL\x0aù6\x0az^k`q0ÈŸ [ 408.812820][T17756] FAULT_INJECTION: forcing a failure. [ 408.812820][T17756] name failslab, interval 1, probability 0, space 0, times 0 [ 408.844597][T17756] CPU: 3 UID: 0 PID: 17756 Comm: syz.4.4360 Not tainted 6.15.0-rc7-syzkaller-00014-gd608703fcdd9 #0 PREEMPT(full) [ 408.844613][T17756] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 408.844624][T17756] Call Trace: [ 408.844629][T17756] [ 408.844633][T17756] dump_stack_lvl+0x16c/0x1f0 [ 408.844654][T17756] should_fail_ex+0x512/0x640 [ 408.844671][T17756] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 408.844690][T17756] should_failslab+0xc2/0x120 [ 408.844702][T17756] __kmalloc_cache_noprof+0x6a/0x3e0 [ 408.844718][T17756] ? rcu_is_watching+0x12/0xc0 [ 408.844732][T17756] ? call_usermodehelper_setup+0xaf/0x360 [ 408.844747][T17756] ? __pfx_free_modprobe_argv+0x10/0x10 [ 408.844759][T17756] call_usermodehelper_setup+0xaf/0x360 [ 408.844775][T17756] __request_module+0x3bd/0x690 [ 408.844787][T17756] ? __pfx___request_module+0x10/0x10 [ 408.844804][T17756] ? cap_capable+0xb3/0x250 [ 408.844817][T17756] ? find_held_lock+0x2b/0x80 [ 408.844832][T17756] ? tcp_ca_find_autoload+0xec/0x2f0 [ 408.844846][T17756] tcp_ca_find_autoload+0x10d/0x2f0 [ 408.844858][T17756] tcp_set_congestion_control+0xdb/0xa20 [ 408.844873][T17756] mptcp_setsockopt+0x187b/0x30e0 [ 408.844888][T17756] ? __pfx_mptcp_setsockopt+0x10/0x10 [ 408.844899][T17756] ? __lock_acquire+0x5ca/0x1ba0 [ 408.844920][T17756] ? selinux_socket_setsockopt+0x6a/0x80 [ 408.844934][T17756] ? sock_common_setsockopt+0x2e/0xf0 [ 408.844950][T17756] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 408.844965][T17756] do_sock_setsockopt+0x221/0x470 [ 408.844981][T17756] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 408.845004][T17756] __sys_setsockopt+0x1a0/0x230 [ 408.845018][T17756] __x64_sys_setsockopt+0xbd/0x160 [ 408.845029][T17756] ? do_syscall_64+0x91/0x260 [ 408.845045][T17756] ? lockdep_hardirqs_on+0x7c/0x110 [ 408.845060][T17756] do_syscall_64+0xcd/0x260 [ 408.845077][T17756] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 408.845089][T17756] RIP: 0033:0x7f478558e969 [ 408.845099][T17756] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 408.845110][T17756] RSP: 002b:00007f478631d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 408.845121][T17756] RAX: ffffffffffffffda RBX: 00007f47857b6080 RCX: 00007f478558e969 [ 408.845128][T17756] RDX: 000000000000000d RSI: 0000000000000006 RDI: 0000000000000003 [ 408.845135][T17756] RBP: 00007f478631d090 R08: 0000000000000004 R09: 0000000000000000 [ 408.845141][T17756] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001 [ 408.845147][T17756] R13: 0000000000000001 R14: 00007f47857b6080 R15: 00007ffe24403908 [ 408.845161][T17756] [ 409.202264][T17759] netlink: 'syz.2.4361': attribute type 1 has an invalid length. [ 409.209301][T17759] vlan2: entered allmulticast mode [ 409.211077][T17759] netdevsim netdevsim2 netdevsim0: entered allmulticast mode [ 409.505931][T17777] netlink: 'syz.1.4369': attribute type 5 has an invalid length. [ 409.516780][T17779] netlink: 'syz.2.4370': attribute type 1 has an invalid length. [ 409.524428][T17779] vlan2: entered allmulticast mode [ 409.609107][T17781] netlink: 'syz.2.4371': attribute type 2 has an invalid length. [ 409.632706][T17783] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 409.714999][T17783] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 409.804913][T17783] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 409.845315][T17797] ipt_rpfilter: only valid in 'raw' or 'mangle' table, not '' [ 409.885090][T17783] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 409.894030][T17801] netlink: 'syz.0.4379': attribute type 1 has an invalid length. [ 409.929719][T17801] 8021q: adding VLAN 0 to HW filter on device bond6 [ 409.976123][T17803] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 409.981761][T17783] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 409.995737][T17783] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 410.023514][T17783] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 410.039544][T17783] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 410.051556][T17816] netlink: 'syz.0.4382': attribute type 5 has an invalid length. [ 410.311551][T17838] loop6: detected capacity change from 0 to 63 [ 410.320839][T12930] Buffer I/O error on dev loop6, logical block 0, async page read [ 410.323929][T12930] Buffer I/O error on dev loop6, logical block 0, async page read [ 410.328309][T12930] Buffer I/O error on dev loop6, logical block 0, async page read [ 410.331084][T12930] Buffer I/O error on dev loop6, logical block 0, async page read [ 410.333800][T12930] Buffer I/O error on dev loop6, logical block 0, async page read [ 410.336882][T12930] Buffer I/O error on dev loop6, logical block 0, async page read [ 410.339896][T12930] Buffer I/O error on dev loop6, logical block 3, async page read [ 410.474130][ T34] usb 6-1: new high-speed USB device number 35 using dummy_hcd [ 410.477478][ T5973] usb 9-1: new high-speed USB device number 19 using dummy_hcd [ 410.507876][T17848] FAULT_INJECTION: forcing a failure. [ 410.507876][T17848] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 410.514674][T17848] CPU: 2 UID: 0 PID: 17848 Comm: syz.2.4395 Not tainted 6.15.0-rc7-syzkaller-00014-gd608703fcdd9 #0 PREEMPT(full) [ 410.514702][T17848] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 410.514714][T17848] Call Trace: [ 410.514720][T17848] [ 410.514728][T17848] dump_stack_lvl+0x16c/0x1f0 [ 410.514758][T17848] should_fail_ex+0x512/0x640 [ 410.514788][T17848] _copy_from_iter+0x2a4/0x15b0 [ 410.514816][T17848] ? __build_skb_around+0x278/0x3b0 [ 410.514846][T17848] ? __pfx__copy_from_iter+0x10/0x10 [ 410.514871][T17848] ? alloc_pages_noprof+0x23c/0x390 [ 410.514893][T17848] ? skb_page_frag_refill+0x11d/0x5a0 [ 410.514921][T17848] ? sk_page_frag_refill+0x6c/0x300 [ 410.514951][T17848] kcm_sendmsg+0x14ad/0x2c60 [ 410.514993][T17848] ? __pfx_kcm_sendmsg+0x10/0x10 [ 410.515015][T17848] ? __import_iovec+0x1c8/0x660 [ 410.515040][T17848] ? __might_fault+0xe3/0x190 [ 410.515057][T17848] ? __might_fault+0x13b/0x190 [ 410.515082][T17848] ____sys_sendmsg+0xa95/0xc70 [ 410.515108][T17848] ? copy_msghdr_from_user+0x10a/0x160 [ 410.515129][T17848] ? __pfx_____sys_sendmsg+0x10/0x10 [ 410.515158][T17848] ? __pfx__kstrtoull+0x10/0x10 [ 410.515185][T17848] ___sys_sendmsg+0x134/0x1d0 [ 410.515206][T17848] ? __pfx____sys_sendmsg+0x10/0x10 [ 410.515240][T17848] ? find_held_lock+0x2b/0x80 [ 410.515278][T17848] __sys_sendmmsg+0x200/0x420 [ 410.515299][T17848] ? __pfx___sys_sendmmsg+0x10/0x10 [ 410.515323][T17848] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 410.515347][T17848] ? fput+0x70/0xf0 [ 410.515360][T17848] ? ksys_write+0x1b9/0x240 [ 410.515376][T17848] ? __pfx_ksys_write+0x10/0x10 [ 410.515392][T17848] ? rcu_is_watching+0x12/0xc0 [ 410.515407][T17848] __x64_sys_sendmmsg+0x9c/0x100 [ 410.515419][T17848] ? lockdep_hardirqs_on+0x7c/0x110 [ 410.515435][T17848] do_syscall_64+0xcd/0x260 [ 410.515452][T17848] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 410.515464][T17848] RIP: 0033:0x7f64f538e969 [ 410.515474][T17848] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 410.515485][T17848] RSP: 002b:00007f64f61e8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 410.515496][T17848] RAX: ffffffffffffffda RBX: 00007f64f55b5fa0 RCX: 00007f64f538e969 [ 410.515503][T17848] RDX: 0000000000000001 RSI: 0000200000008fc0 RDI: 0000000000000009 [ 410.515510][T17848] RBP: 00007f64f61e8090 R08: 0000000000000000 R09: 0000000000000000 [ 410.515517][T17848] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001 [ 410.515523][T17848] R13: 0000000000000000 R14: 00007f64f55b5fa0 R15: 00007ffc0908b688 [ 410.515537][T17848] [ 410.550366][T17852] binder: 17851:17852 ioctl 80045515 200000000140 returned -22 [ 410.623871][T17489] Bluetooth: hci4: unexpected event 0x3d length: 104 > 14 [ 410.626932][ T34] usb 6-1: Using ep0 maxpacket: 32 [ 410.631431][T17858] netlink: 'syz.2.4399': attribute type 5 has an invalid length. [ 410.634434][ T34] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 410.643164][ T5973] usb 9-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 410.647325][ T5973] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 410.650874][ T5973] usb 9-1: Product: syz [ 410.652898][ T34] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 410.656952][ T34] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 410.660395][ T34] usb 6-1: Product: syz [ 410.662180][ T34] usb 6-1: Manufacturer: syz [ 410.664637][ T5973] usb 9-1: Manufacturer: syz [ 410.666599][ T5973] usb 9-1: SerialNumber: syz [ 410.671125][ T5973] usb 9-1: config 0 descriptor?? [ 410.673559][ T34] usb 6-1: SerialNumber: syz [ 410.689968][ T34] usb 6-1: config 0 descriptor?? [ 410.694107][T17830] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 410.696629][T17860] 8021q: adding VLAN 0 to HW filter on device bond7 [ 410.700123][ T34] hub 6-1:0.0: bad descriptor, ignoring hub [ 410.702957][ T34] hub 6-1:0.0: probe with driver hub failed with error -5 [ 410.881843][ T6930] usb 9-1: USB disconnect, device number 19 [ 410.903023][T17874] input: syz1 as /devices/virtual/input/input31 [ 410.972503][T17882] binder: 17881:17882 unknown command 0 [ 410.974252][T17882] binder: 17881:17882 ioctl c0306201 200000000140 returned -22 [ 410.977282][T17882] binder: 17881:17882 ioctl 5406 200000000080 returned -22 [ 411.001458][ T10] usb 6-1: USB disconnect, device number 35 [ 411.038281][T17885] 8021q: adding VLAN 0 to HW filter on device bond8 [ 411.418673][T17909] FAULT_INJECTION: forcing a failure. [ 411.418673][T17909] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 411.424325][T17909] CPU: 2 UID: 0 PID: 17909 Comm: syz.4.4419 Not tainted 6.15.0-rc7-syzkaller-00014-gd608703fcdd9 #0 PREEMPT(full) [ 411.424351][T17909] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 411.424363][T17909] Call Trace: [ 411.424370][T17909] [ 411.424377][T17909] dump_stack_lvl+0x16c/0x1f0 [ 411.424408][T17909] should_fail_ex+0x512/0x640 [ 411.424444][T17909] _copy_from_user+0x2e/0xd0 [ 411.424471][T17909] move_addr_to_kernel+0x65/0x170 [ 411.424500][T17909] __copy_msghdr+0x386/0x470 [ 411.424521][T17909] copy_msghdr_from_user+0xc1/0x160 [ 411.424541][T17909] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 411.424575][T17909] ___sys_sendmsg+0xfe/0x1d0 [ 411.424598][T17909] ? __pfx____sys_sendmsg+0x10/0x10 [ 411.424650][T17909] __sys_sendmsg+0x16d/0x220 [ 411.424670][T17909] ? __pfx___sys_sendmsg+0x10/0x10 [ 411.424699][T17909] ? rcu_is_watching+0x12/0xc0 [ 411.424728][T17909] do_syscall_64+0xcd/0x260 [ 411.424757][T17909] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 411.424776][T17909] RIP: 0033:0x7f478558e969 [ 411.424792][T17909] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 411.424809][T17909] RSP: 002b:00007f478633e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 411.424827][T17909] RAX: ffffffffffffffda RBX: 00007f47857b5fa0 RCX: 00007f478558e969 [ 411.424838][T17909] RDX: 0000000004000000 RSI: 0000200000000100 RDI: 0000000000000004 [ 411.424849][T17909] RBP: 00007f478633e090 R08: 0000000000000000 R09: 0000000000000000 [ 411.424860][T17909] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 411.424871][T17909] R13: 0000000000000000 R14: 00007f47857b5fa0 R15: 00007ffe24403908 [ 411.424895][T17909] [ 411.520171][ T40] audit: type=1400 audit(411.532:1385): avc: denied { append } for pid=17914 comm="syz.1.4423" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 411.538602][T17921] veth1_to_batadv: entered promiscuous mode [ 411.541054][T17921] macsec1: entered promiscuous mode [ 411.695921][ T40] audit: type=1400 audit(411.703:1386): avc: denied { mount } for pid=17926 comm="syz.4.4427" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 [ 411.717221][ T40] audit: type=1400 audit(411.733:1387): avc: denied { unmount } for pid=13403 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 [ 411.749820][T17936] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4430'. [ 411.752865][T17936] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4430'. [ 411.761239][T17936] input: syz1 as /devices/virtual/input/input32 [ 411.818861][T17941] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 411.933967][ T40] audit: type=1400 audit(411.944:1388): avc: denied { write } for pid=17947 comm="syz.1.4436" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 412.141881][ T40] audit: type=1400 audit(412.155:1389): avc: denied { mounton } for pid=17968 comm="syz.4.4443" path="/370/file0" dev="afs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=dir permissive=1 [ 412.153537][ T40] audit: type=1400 audit(412.166:1390): avc: denied { map } for pid=17968 comm="syz.4.4443" path="/370/file0" dev="afs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=dir permissive=1 [ 412.354337][ T40] audit: type=1400 audit(412.377:1391): avc: denied { unmount } for pid=13403 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 412.580567][ T6930] usb 6-1: new high-speed USB device number 36 using dummy_hcd [ 412.619499][ T5941] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 412.623526][ T5941] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 412.627780][ T5941] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 412.635908][ T5941] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 412.639383][ T5941] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 412.683460][T17994] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4454'. [ 412.710141][ T6930] usb 6-1: device descriptor read/64, error -71 [ 412.793464][T17989] chnl_net:caif_netlink_parms(): no params data found [ 412.926331][T17989] bridge0: port 1(bridge_slave_0) entered blocking state [ 412.929270][T17989] bridge0: port 1(bridge_slave_0) entered disabled state [ 412.932061][T17989] bridge_slave_0: entered allmulticast mode [ 412.934869][T17989] bridge_slave_0: entered promiscuous mode [ 412.939057][T17989] bridge0: port 2(bridge_slave_1) entered blocking state [ 412.942252][T17989] bridge0: port 2(bridge_slave_1) entered disabled state [ 412.945477][T17989] bridge_slave_1: entered allmulticast mode [ 412.948309][ T6930] usb 6-1: new high-speed USB device number 37 using dummy_hcd [ 412.949526][T17989] bridge_slave_1: entered promiscuous mode [ 413.000899][T17989] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 413.007161][T17989] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 413.076460][T17989] team0: Port device team_slave_0 added [ 413.082338][T17989] team0: Port device team_slave_1 added [ 413.088159][ T6930] usb 6-1: device descriptor read/64, error -71 [ 413.120565][T17989] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 413.122746][T17989] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 413.130654][T17989] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 413.134801][T17989] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 413.136959][T17989] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 413.146656][T17989] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 413.189304][T17989] hsr_slave_0: entered promiscuous mode [ 413.191536][T17989] hsr_slave_1: entered promiscuous mode [ 413.193703][T17989] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 413.195994][T17989] Cannot create hsr debugfs directory [ 413.207656][ T6930] usb usb6-port1: attempt power cycle [ 413.321613][T17989] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 413.325750][T17989] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 413.330598][T17989] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 413.334449][T17989] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 413.346568][T17989] bridge0: port 2(bridge_slave_1) entered blocking state [ 413.348785][T17989] bridge0: port 2(bridge_slave_1) entered forwarding state [ 413.351067][T17989] bridge0: port 1(bridge_slave_0) entered blocking state [ 413.353200][T17989] bridge0: port 1(bridge_slave_0) entered forwarding state [ 413.394773][T17989] 8021q: adding VLAN 0 to HW filter on device bond0 [ 413.403534][ T105] bridge0: port 1(bridge_slave_0) entered disabled state [ 413.407696][ T105] bridge0: port 2(bridge_slave_1) entered disabled state [ 413.423429][T17989] 8021q: adding VLAN 0 to HW filter on device team0 [ 413.433336][ T1139] bridge0: port 1(bridge_slave_0) entered blocking state [ 413.436425][ T1139] bridge0: port 1(bridge_slave_0) entered forwarding state [ 413.447049][ T105] bridge0: port 2(bridge_slave_1) entered blocking state [ 413.450049][ T105] bridge0: port 2(bridge_slave_1) entered forwarding state [ 413.479239][ T40] audit: type=1400 audit(413.504:1392): avc: denied { read } for pid=18027 comm="syz.0.4464" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 413.555073][ T6930] usb 6-1: new high-speed USB device number 38 using dummy_hcd [ 413.574869][ T6930] usb 6-1: device descriptor read/8, error -71 [ 413.586276][T17989] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 413.729234][T17989] veth0_vlan: entered promiscuous mode [ 413.737349][T17989] veth1_vlan: entered promiscuous mode [ 413.766074][T17989] veth0_macvtap: entered promiscuous mode [ 413.771313][T17989] veth1_macvtap: entered promiscuous mode [ 413.786852][T17989] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 413.797274][T17989] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 413.804504][T17989] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 413.808210][T17989] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 413.811857][T17989] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 413.816219][T17989] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 413.822918][ T6930] usb 6-1: new high-speed USB device number 39 using dummy_hcd [ 413.853250][ T40] audit: type=1400 audit(413.876:1393): avc: denied { load_policy } for pid=18053 comm="syz.0.4471" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1 [ 413.860372][T18054] SELinux: policydb string length -536870884 does not match expected length 8 [ 413.862541][ T6930] usb 6-1: device descriptor read/8, error -71 [ 413.864840][T18054] SELinux: failed to load policy [ 413.868046][ T1139] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 413.871303][ T1139] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 413.887259][ T1139] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 413.890658][ T1139] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 413.940529][T18058] netlink: 40 bytes leftover after parsing attributes in process `syz.5.4450'. [ 413.973475][ T6930] usb usb6-port1: unable to enumerate USB device [ 414.394824][T18071] overlay: ./file1 is not a directory [ 414.416717][T18071] overlayfs: overlapping lowerdir path [ 414.426206][T18071] fuse: Bad value for 'fd' [ 414.588505][T18080] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4481'. [ 414.675169][T18086] nbd: must specify at least one socket [ 414.697907][ T5941] Bluetooth: hci1: command tx timeout [ 414.845571][T18097] xt_cgroup: invalid path, errno=-2 [ 414.903647][T18101] netlink: 72 bytes leftover after parsing attributes in process `syz.0.4488'. [ 415.040141][ T40] audit: type=1400 audit(415.073:1394): avc: denied { read } for pid=18106 comm="syz.0.4491" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 415.179801][T18114] validate_nla: 6 callbacks suppressed [ 415.179818][T18114] netlink: 'syz.0.4493': attribute type 5 has an invalid length. [ 415.317391][T18121] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4494'. [ 415.619284][T18142] netlink: 'syz.1.4504': attribute type 5 has an invalid length. [ 415.691666][ T5973] usb 5-1: new high-speed USB device number 39 using dummy_hcd [ 415.724859][T18150] FAULT_INJECTION: forcing a failure. [ 415.724859][T18150] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 415.729646][T18150] CPU: 0 UID: 0 PID: 18150 Comm: syz.5.4509 Not tainted 6.15.0-rc7-syzkaller-00014-gd608703fcdd9 #0 PREEMPT(full) [ 415.729662][T18150] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 415.729669][T18150] Call Trace: [ 415.729674][T18150] [ 415.729678][T18150] dump_stack_lvl+0x16c/0x1f0 [ 415.729700][T18150] should_fail_ex+0x512/0x640 [ 415.729719][T18150] _copy_from_user+0x2e/0xd0 [ 415.729736][T18150] ax25_ctl_ioctl.constprop.0+0xb9/0xab0 [ 415.729755][T18150] ? __pfx_ax25_ctl_ioctl.constprop.0+0x10/0x10 [ 415.729782][T18150] ? bpf_lsm_capable+0x9/0x10 [ 415.729794][T18150] ? security_capable+0x7e/0x260 [ 415.729809][T18150] ax25_ioctl+0x6d3/0xb20 [ 415.729823][T18150] ? lockdep_hardirqs_on+0x7c/0x110 [ 415.729839][T18150] ? __pfx_ax25_ioctl+0x10/0x10 [ 415.729855][T18150] ? find_held_lock+0x2b/0x80 [ 415.729872][T18150] ? tomoyo_path_number_perm+0x18d/0x580 [ 415.729892][T18150] sock_do_ioctl+0x115/0x280 [ 415.729909][T18150] ? __pfx_sock_do_ioctl+0x10/0x10 [ 415.729927][T18150] ? ioctl_has_perm.constprop.0.isra.0+0x2f4/0x450 [ 415.729946][T18150] ? ioctl_has_perm.constprop.0.isra.0+0x2fe/0x450 [ 415.729965][T18150] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 415.729986][T18150] sock_ioctl+0x227/0x6b0 [ 415.730003][T18150] ? __pfx_sock_ioctl+0x10/0x10 [ 415.730018][T18150] ? hook_file_ioctl_common+0x145/0x410 [ 415.730033][T18150] ? selinux_file_ioctl+0x180/0x270 [ 415.730050][T18150] ? selinux_file_ioctl+0xb4/0x270 [ 415.730068][T18150] ? __pfx_sock_ioctl+0x10/0x10 [ 415.730084][T18150] __x64_sys_ioctl+0x190/0x200 [ 415.730101][T18150] do_syscall_64+0xcd/0x260 [ 415.730118][T18150] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 415.730130][T18150] RIP: 0033:0x7f997418e969 [ 415.730139][T18150] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 415.730151][T18150] RSP: 002b:00007f9975021038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 415.730162][T18150] RAX: ffffffffffffffda RBX: 00007f99743b5fa0 RCX: 00007f997418e969 [ 415.730169][T18150] RDX: 0000200000000100 RSI: 00000000000089e8 RDI: 0000000000000004 [ 415.730176][T18150] RBP: 00007f9975021090 R08: 0000000000000000 R09: 0000000000000000 [ 415.730182][T18150] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 415.730189][T18150] R13: 0000000000000000 R14: 00007f99743b5fa0 R15: 00007fff50ad70a8 [ 415.730202][T18150] [ 415.735203][T18152] netlink: 36 bytes leftover after parsing attributes in process `syz.2.4508'. [ 415.770014][ T40] audit: type=1400 audit(415.808:1395): avc: denied { getopt } for pid=18153 comm="syz.5.4510" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 415.844826][ T40] audit: type=1400 audit(415.818:1396): avc: denied { append } for pid=18153 comm="syz.5.4510" name="nvram" dev="devtmpfs" ino=631 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 415.931960][ T5973] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 415.936231][ T5973] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 415.940167][ T5973] usb 5-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00 [ 415.944115][ T5973] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 415.950687][ T5973] usb 5-1: config 0 descriptor?? [ 416.264205][T18171] netlink: 'syz.1.4515': attribute type 2 has an invalid length. [ 416.462261][T18173] netlink: 'syz.1.4516': attribute type 5 has an invalid length. [ 416.697005][T18178] netlink: set zone limit has 8 unknown bytes [ 416.765583][ T5941] Bluetooth: hci1: command tx timeout [ 417.013361][ T40] audit: type=1400 audit(417.055:1397): avc: denied { map } for pid=18204 comm="syz.5.4526" path="socket:[69714]" dev="sockfs" ino=69714 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 417.022897][ T5941] Bluetooth: hci4: unexpected event for opcode 0x2019 [ 417.023148][T18203] tmpfs: Bad value for 'mpol' [ 417.157807][T18207] nbd: must specify at least one socket [ 417.258480][ T5941] Bluetooth: hci1: unexpected event 0x3d length: 104 > 14 [ 417.259420][T18217] netlink: 'syz.5.4532': attribute type 5 has an invalid length. [ 417.340955][T18224] fuse: Bad value for 'fd' [ 417.426733][T18232] tipc: Withdrawal distribution failure [ 417.476939][T18238] No source specified [ 417.526493][T18242] FAT-fs (nullb0): bogus number of reserved sectors [ 417.528985][T18242] FAT-fs (nullb0): Can't find a valid FAT filesystem [ 417.534437][T18243] FAT-fs (nullb0): bogus number of reserved sectors [ 417.537384][T18243] FAT-fs (nullb0): Can't find a valid FAT filesystem [ 417.595901][ T40] audit: type=1400 audit(417.648:1398): avc: denied { connect } for pid=18249 comm="syz.1.4547" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 417.618962][T18252] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 417.632708][ T40] audit: type=1400 audit(417.689:1399): avc: denied { append } for pid=18253 comm="syz.2.4549" name="binder1" dev="binder" ino=5 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 417.656487][ T5973] wlan1: authenticate with 08:02:11:00:00:00 (local address=08:02:11:00:00:01) [ 417.661442][ T5973] wlan1: send auth to 08:02:11:00:00:00 (try 1/3) [ 417.676111][ T1144] wlan1: 08:02:11:a3:00:00 unexpected authentication state: alg 5 (expected 0) transact 2 (expected 2) [ 417.676236][T18252] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 417.730729][T18266] netlink: 'syz.1.4553': attribute type 1 has an invalid length. [ 417.740519][T18252] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 417.748570][T18266] 8021q: adding VLAN 0 to HW filter on device bond11 [ 417.770287][ T105] wlan1: send auth to 08:02:11:00:00:00 (try 2/3) [ 417.783442][T18266] veth3: entered promiscuous mode [ 417.790200][T18266] bond11: (slave veth3): Enslaving as an active interface with a down link [ 417.802761][T18266] vlan3: entered allmulticast mode [ 417.803442][T18270] netlink: 68 bytes leftover after parsing attributes in process `syz.2.4554'. [ 417.804730][T18266] bond11: entered allmulticast mode [ 417.805837][T18266] bond11: (slave vlan3): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened) [ 417.880595][ T1144] wlan1: send auth to 08:02:11:00:00:00 (try 3/3) [ 417.988632][ T1139] wlan1: authentication with 08:02:11:00:00:00 timed out [ 418.271212][ T5941] Bluetooth: hci1: unexpected event 0x3d length: 104 > 14 [ 418.272226][T18295] netlink: 'syz.5.4564': attribute type 5 has an invalid length. [ 418.447264][ T29] usb 5-1: USB disconnect, device number 39 [ 418.487756][T18300] tmpfs: Bad value for 'mpol' [ 418.641017][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 418.649055][T18308] qnx6: wrong signature (magic) in superblock #1. [ 418.651759][T18308] qnx6: unable to read the first superblock [ 418.655943][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 418.659421][T18308] qnx6: wrong signature (magic) in superblock #1. [ 418.664475][T18308] qnx6: unable to read the first superblock [ 418.669176][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 418.673390][T18308] qnx6: wrong signature (magic) in superblock #1. [ 418.676780][T18308] qnx6: unable to read the first superblock [ 418.681666][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 418.686420][T18308] qnx6: wrong signature (magic) in superblock #1. [ 418.689169][T18308] qnx6: unable to read the first superblock [ 418.694769][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 418.699436][T18308] qnx6: wrong signature (magic) in superblock #1. [ 418.701923][T18308] qnx6: unable to read the first superblock [ 418.705510][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 418.710182][T18308] qnx6: wrong signature (magic) in superblock #1. [ 418.713218][T18308] qnx6: unable to read the first superblock [ 418.717973][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 418.722719][T18308] qnx6: wrong signature (magic) in superblock #1. [ 418.725284][T18308] qnx6: unable to read the first superblock [ 418.727976][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 418.731403][T18308] qnx6: wrong signature (magic) in superblock #1. [ 418.733461][T18308] qnx6: unable to read the first superblock [ 418.736503][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 418.740357][T18308] qnx6: wrong signature (magic) in superblock #1. [ 418.742407][T18308] qnx6: unable to read the first superblock [ 418.745034][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 418.748369][T18308] qnx6: wrong signature (magic) in superblock #1. [ 418.750607][T18308] qnx6: unable to read the first superblock [ 418.753183][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 418.757109][T18308] qnx6: wrong signature (magic) in superblock #1. [ 418.759124][T18308] qnx6: unable to read the first superblock [ 418.761742][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 418.765611][T18308] qnx6: wrong signature (magic) in superblock #1. [ 418.767624][T18308] qnx6: unable to read the first superblock [ 418.770235][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 418.773730][T18308] qnx6: wrong signature (magic) in superblock #1. [ 418.775836][T18308] qnx6: unable to read the first superblock [ 418.778393][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 418.781764][T18308] qnx6: wrong signature (magic) in superblock #1. [ 418.783845][T18308] qnx6: unable to read the first superblock [ 418.786680][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 418.791516][T18308] qnx6: wrong signature (magic) in superblock #1. [ 418.793885][T18308] qnx6: unable to read the first superblock [ 418.796532][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 418.799838][T18308] qnx6: wrong signature (magic) in superblock #1. [ 418.801947][T18308] qnx6: unable to read the first superblock [ 418.804860][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 418.808184][T18308] qnx6: wrong signature (magic) in superblock #1. [ 418.810173][T18308] qnx6: unable to read the first superblock [ 418.812844][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 418.816299][T18308] qnx6: wrong signature (magic) in superblock #1. [ 418.818298][T18308] qnx6: unable to read the first superblock [ 418.820851][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 418.824620][T18308] qnx6: wrong signature (magic) in superblock #1. [ 418.826683][T18308] qnx6: unable to read the first superblock [ 418.829201][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 418.833104][T18308] qnx6: wrong signature (magic) in superblock #1. [ 418.835407][T18308] qnx6: unable to read the first superblock [ 418.835994][ T5941] Bluetooth: hci1: command tx timeout [ 418.838366][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 418.838587][T18308] qnx6: wrong signature (magic) in superblock #1. [ 418.838597][T18308] qnx6: unable to read the first superblock [ 418.839205][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 418.843069][ T29] usb 5-1: new high-speed USB device number 40 using dummy_hcd [ 418.845144][T18308] qnx6: wrong signature (magic) in superblock #1. [ 418.857739][T18308] qnx6: unable to read the first superblock [ 418.860496][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 418.864261][T18308] qnx6: wrong signature (magic) in superblock #1. [ 418.866216][T18308] qnx6: unable to read the first superblock [ 418.868799][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 418.872363][T18308] qnx6: wrong signature (magic) in superblock #1. [ 418.874897][T18308] qnx6: unable to read the first superblock [ 418.877486][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 418.880800][T18308] qnx6: wrong signature (magic) in superblock #1. [ 418.882899][T18308] qnx6: unable to read the first superblock [ 418.885553][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 418.888924][T18308] qnx6: wrong signature (magic) in superblock #1. [ 418.890963][T18308] qnx6: unable to read the first superblock [ 418.894128][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 418.897442][T18308] qnx6: wrong signature (magic) in superblock #1. [ 418.899401][T18308] qnx6: unable to read the first superblock [ 418.902110][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 418.905475][T18308] qnx6: wrong signature (magic) in superblock #1. [ 418.907523][T18308] qnx6: unable to read the first superblock [ 418.910059][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 418.915485][T18308] qnx6: wrong signature (magic) in superblock #1. [ 418.917487][T18308] qnx6: unable to read the first superblock [ 418.919984][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 418.923684][T18308] qnx6: wrong signature (magic) in superblock #1. [ 418.925930][T18308] qnx6: unable to read the first superblock [ 418.928724][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 418.932140][T18308] qnx6: wrong signature (magic) in superblock #1. [ 418.934314][T18308] qnx6: unable to read the first superblock [ 418.937050][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 418.940830][T18308] qnx6: wrong signature (magic) in superblock #1. [ 418.943438][T18308] qnx6: unable to read the first superblock [ 418.946027][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 418.949361][T18308] qnx6: wrong signature (magic) in superblock #1. [ 418.951414][T18308] qnx6: unable to read the first superblock [ 418.955327][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 418.959062][T18308] qnx6: wrong signature (magic) in superblock #1. [ 418.961264][T18308] qnx6: unable to read the first superblock [ 418.965649][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 418.969774][T18308] qnx6: wrong signature (magic) in superblock #1. [ 418.972706][T18308] qnx6: unable to read the first superblock [ 418.975834][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 418.979769][T18308] qnx6: wrong signature (magic) in superblock #1. [ 418.982227][T18308] qnx6: unable to read the first superblock [ 418.985655][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 418.989116][T18308] qnx6: wrong signature (magic) in superblock #1. [ 418.991231][T18308] qnx6: unable to read the first superblock [ 418.996200][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 419.000767][T18308] qnx6: wrong signature (magic) in superblock #1. [ 419.003853][ T29] usb 5-1: Using ep0 maxpacket: 16 [ 419.004304][ T40] audit: type=1400 audit(419.066:1400): avc: denied { bind } for pid=18318 comm="syz.2.4575" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 419.006090][T18308] qnx6: unable to read the first superblock [ 419.006122][T18321] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4575'. [ 419.020899][ T29] usb 5-1: config 13 has an invalid interface number: 120 but max is 0 [ 419.025164][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 419.025699][T18308] qnx6: wrong signature (magic) in superblock #1. [ 419.031460][ T29] usb 5-1: config 13 has no interface number 0 [ 419.031851][T18308] qnx6: unable to read the first superblock [ 419.036739][ T29] usb 5-1: config 13 interface 120 has no altsetting 0 [ 419.037814][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 419.043202][ T29] usb 5-1: New USB device found, idVendor=07c4, idProduct=a000, bcdDevice= 0.07 [ 419.043296][T18308] qnx6: wrong signature (magic) in superblock #1. [ 419.048275][ T29] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 419.049126][T18308] qnx6: unable to read the first superblock [ 419.049828][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 419.053107][ T29] usb 5-1: Product: syz [ 419.055053][T18308] qnx6: wrong signature (magic) in superblock #1. [ 419.058545][ T29] usb 5-1: Manufacturer: syz [ 419.058563][ T29] usb 5-1: SerialNumber: syz [ 419.065920][T18308] qnx6: unable to read the first superblock [ 419.068591][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 419.073911][T18308] qnx6: wrong signature (magic) in superblock #1. [ 419.076088][T18308] qnx6: unable to read the first superblock [ 419.079002][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 419.084033][T18308] qnx6: wrong signature (magic) in superblock #1. [ 419.086841][T18308] qnx6: unable to read the first superblock [ 419.091416][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 419.097509][T18308] qnx6: wrong signature (magic) in superblock #1. [ 419.100285][T18308] qnx6: unable to read the first superblock [ 419.106765][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 419.110642][T18308] qnx6: wrong signature (magic) in superblock #1. [ 419.113703][T18308] qnx6: unable to read the first superblock [ 419.117626][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 419.121390][T18308] qnx6: wrong signature (magic) in superblock #1. [ 419.123588][T18308] qnx6: unable to read the first superblock [ 419.126292][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 419.129729][T18308] qnx6: wrong signature (magic) in superblock #1. [ 419.132943][T18308] qnx6: unable to read the first superblock [ 419.135598][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 419.139099][T18308] qnx6: wrong signature (magic) in superblock #1. [ 419.141211][T18308] qnx6: unable to read the first superblock [ 419.143889][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 419.147455][T18308] qnx6: wrong signature (magic) in superblock #1. [ 419.149612][T18308] qnx6: unable to read the first superblock [ 419.152259][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 419.155654][T18308] qnx6: wrong signature (magic) in superblock #1. [ 419.157891][T18308] qnx6: unable to read the first superblock [ 419.160570][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 419.164763][T18308] qnx6: wrong signature (magic) in superblock #1. [ 419.166994][T18308] qnx6: unable to read the first superblock [ 419.170852][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 419.175256][T18308] qnx6: wrong signature (magic) in superblock #1. [ 419.177930][T18308] qnx6: unable to read the first superblock [ 419.183285][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 419.187228][T18308] qnx6: wrong signature (magic) in superblock #1. [ 419.189574][T18308] qnx6: unable to read the first superblock [ 419.192633][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 419.195890][T18308] qnx6: wrong signature (magic) in superblock #1. [ 419.197977][T18308] qnx6: unable to read the first superblock [ 419.200808][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 419.204524][T18308] qnx6: wrong signature (magic) in superblock #1. [ 419.206497][T18308] qnx6: unable to read the first superblock [ 419.209418][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 419.213338][T18308] qnx6: wrong signature (magic) in superblock #1. [ 419.215293][T18308] qnx6: unable to read the first superblock [ 419.217764][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 419.221383][T18308] qnx6: wrong signature (magic) in superblock #1. [ 419.223352][T18308] qnx6: unable to read the first superblock [ 419.225923][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 419.229201][T18308] qnx6: wrong signature (magic) in superblock #1. [ 419.234456][T18308] qnx6: unable to read the first superblock [ 419.237139][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 419.240511][T18308] qnx6: wrong signature (magic) in superblock #1. [ 419.242570][T18308] qnx6: unable to read the first superblock [ 419.245412][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 419.248673][T18308] qnx6: wrong signature (magic) in superblock #1. [ 419.250678][T18308] qnx6: unable to read the first superblock [ 419.254075][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 419.254760][T18333] cdrom: dropping to single frame dma [ 419.257337][T18308] qnx6: wrong signature (magic) in superblock #1. [ 419.262202][T18308] qnx6: unable to read the first superblock [ 419.264863][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 419.268095][T18308] qnx6: wrong signature (magic) in superblock #1. [ 419.270065][T18308] qnx6: unable to read the first superblock [ 419.272841][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 419.276084][T18308] qnx6: wrong signature (magic) in superblock #1. [ 419.278040][T18308] qnx6: unable to read the first superblock [ 419.280571][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 419.283891][T18308] qnx6: wrong signature (magic) in superblock #1. [ 419.286058][T18308] qnx6: unable to read the first superblock [ 419.288768][T18308] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 419.292176][T18308] qnx6: wrong signature (magic) in superblock #1. [ 419.294099][T18308] qnx6: unable to read the first superblock [ 419.358269][T18338] xt_l2tp: missing protocol rule (udp|l2tpip) [ 419.421153][T18344] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4584'. [ 419.541671][T18354] CUSE: unknown device info "ÿ" [ 419.543730][T18354] CUSE: zero length info key specified [ 419.554121][ T40] audit: type=1326 audit(419.610:1401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18353 comm="syz.5.4586" exe="/syz-executor" sig=9 arch=c000003e syscall=157 compat=0 ip=0x7f997418e969 code=0x0 [ 419.842450][ T29] ums-datafab 5-1:13.120: USB Mass Storage device detected [ 419.915176][ T29] usb 5-1: USB disconnect, device number 40 [ 420.200565][T18360] FAULT_INJECTION: forcing a failure. [ 420.200565][T18360] name failslab, interval 1, probability 0, space 0, times 0 [ 420.204600][T18360] CPU: 3 UID: 0 PID: 18360 Comm: syz.2.4587 Not tainted 6.15.0-rc7-syzkaller-00014-gd608703fcdd9 #0 PREEMPT(full) [ 420.204616][T18360] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 420.204623][T18360] Call Trace: [ 420.204628][T18360] [ 420.204634][T18360] dump_stack_lvl+0x16c/0x1f0 [ 420.204654][T18360] should_fail_ex+0x512/0x640 [ 420.204671][T18360] ? fs_reclaim_acquire+0xae/0x150 [ 420.204687][T18360] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 420.204704][T18360] should_failslab+0xc2/0x120 [ 420.204716][T18360] __kmalloc_noprof+0xd2/0x510 [ 420.204730][T18360] tomoyo_realpath_from_path+0xc2/0x6e0 [ 420.204749][T18360] ? tomoyo_profile+0x47/0x60 [ 420.204761][T18360] tomoyo_path_number_perm+0x245/0x580 [ 420.204775][T18360] ? tomoyo_path_number_perm+0x237/0x580 [ 420.204791][T18360] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 420.204807][T18360] ? find_held_lock+0x2b/0x80 [ 420.204833][T18360] ? find_held_lock+0x2b/0x80 [ 420.204846][T18360] ? hook_file_ioctl_common+0x145/0x410 [ 420.204861][T18360] ? __fget_files+0x20e/0x3c0 [ 420.204874][T18360] security_file_ioctl+0x9b/0x240 [ 420.204891][T18360] __x64_sys_ioctl+0xb7/0x200 [ 420.204908][T18360] do_syscall_64+0xcd/0x260 [ 420.204939][T18360] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 420.204951][T18360] RIP: 0033:0x7f64f538e969 [ 420.204961][T18360] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 420.204972][T18360] RSP: 002b:00007f64f61e8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 420.204982][T18360] RAX: ffffffffffffffda RBX: 00007f64f55b5fa0 RCX: 00007f64f538e969 [ 420.204989][T18360] RDX: 0000200000001600 RSI: 00000000c080aebe RDI: 0000000000000005 [ 420.204996][T18360] RBP: 00007f64f61e8090 R08: 0000000000000000 R09: 0000000000000000 [ 420.205003][T18360] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 420.205009][T18360] R13: 0000000000000000 R14: 00007f64f55b5fa0 R15: 00007ffc0908b688 [ 420.205023][T18360] [ 420.205056][T18360] ERROR: Out of memory at tomoyo_realpath_from_path. [ 420.342831][T18366] netlink: 'syz.1.4590': attribute type 1 has an invalid length. [ 420.361410][T18366] 8021q: adding VLAN 0 to HW filter on device bond12 [ 420.379870][T18369] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4592'. [ 420.423599][T18376] input: syz1 as /devices/virtual/input/input33 [ 420.902162][ T5941] Bluetooth: hci1: command tx timeout [ 421.072163][ T5941] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 421.076087][ T5941] Bluetooth: hci4: Injecting HCI hardware error event [ 421.079588][ T5941] Bluetooth: hci4: hardware error 0x00 [ 421.320184][T18399] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 421.646796][T18413] __vm_enough_memory: pid: 18413, comm: syz.5.4605, bytes: 21200251011072 not enough memory for the allocation [ 421.651254][T18413] cgroup: Need name or subsystem set [ 421.671772][ T40] audit: type=1400 audit(421.741:1402): avc: denied { listen } for pid=18408 comm="syz.2.4603" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 421.678739][T18409] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4603'. [ 421.727394][ T10] usb 5-1: new high-speed USB device number 41 using dummy_hcd [ 421.912719][ T10] usb 5-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 421.921893][ T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 421.924419][ T10] usb 5-1: Product: syz [ 421.925859][ T10] usb 5-1: Manufacturer: syz [ 421.927793][ T10] usb 5-1: SerialNumber: syz [ 421.937932][ T10] usb 5-1: config 0 descriptor?? [ 422.045001][T17489] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201' [ 422.049895][T17489] CPU: 0 UID: 0 PID: 17489 Comm: kworker/u33:0 Not tainted 6.15.0-rc7-syzkaller-00014-gd608703fcdd9 #0 PREEMPT(full) [ 422.049914][T17489] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 422.049923][T17489] Workqueue: hci1 hci_rx_work [ 422.049940][T17489] Call Trace: [ 422.049944][T17489] [ 422.049949][T17489] dump_stack_lvl+0x16c/0x1f0 [ 422.049968][T17489] sysfs_warn_dup+0x7f/0xa0 [ 422.049981][T17489] sysfs_create_dir_ns+0x24b/0x2b0 [ 422.049992][T17489] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 422.050003][T17489] ? find_held_lock+0x2b/0x80 [ 422.050021][T17489] ? do_raw_spin_unlock+0x172/0x230 [ 422.050036][T17489] kobject_add_internal+0x2c4/0x9b0 [ 422.050050][T17489] kobject_add+0x16e/0x240 [ 422.050060][T17489] ? __pfx_kobject_add+0x10/0x10 [ 422.050072][T17489] ? do_raw_spin_unlock+0x172/0x230 [ 422.050085][T17489] ? kobject_put+0xab/0x5a0 [ 422.050106][T17489] device_add+0x288/0x1a70 [ 422.050122][T17489] ? __pfx_dev_set_name+0x10/0x10 [ 422.050138][T17489] ? __pfx_device_add+0x10/0x10 [ 422.050153][T17489] ? mgmt_send_event_skb+0x2fb/0x460 [ 422.050174][T17489] hci_conn_add_sysfs+0x17e/0x230 [ 422.050188][T17489] le_conn_complete_evt+0x1075/0x1d70 [ 422.050209][T17489] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 422.050226][T17489] ? hci_event_packet+0x43c/0x1190 [ 422.050248][T17489] hci_le_conn_complete_evt+0x23c/0x370 [ 422.050268][T17489] hci_le_meta_evt+0x2f6/0x5e0 [ 422.050280][T17489] ? __pfx_hci_le_conn_complete_evt+0x10/0x10 [ 422.050301][T17489] hci_event_packet+0x66c/0x1190 [ 422.050318][T17489] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 422.050330][T17489] ? __pfx_hci_event_packet+0x10/0x10 [ 422.050349][T17489] ? kcov_remote_start+0x3c9/0x6d0 [ 422.050361][T17489] ? lockdep_hardirqs_on+0x7c/0x110 [ 422.050379][T17489] hci_rx_work+0x2c5/0x16b0 [ 422.050392][T17489] ? rcu_is_watching+0x12/0xc0 [ 422.050407][T17489] process_one_work+0x9cf/0x1b70 [ 422.050426][T17489] ? __pfx_process_one_work+0x10/0x10 [ 422.050442][T17489] ? assign_work+0x1a0/0x250 [ 422.050455][T17489] worker_thread+0x6c8/0xf10 [ 422.050471][T17489] ? __kthread_parkme+0x19e/0x250 [ 422.050488][T17489] ? __pfx_worker_thread+0x10/0x10 [ 422.050500][T17489] kthread+0x3c2/0x780 [ 422.050511][T17489] ? __pfx_kthread+0x10/0x10 [ 422.050521][T17489] ? __pfx_kthread+0x10/0x10 [ 422.050540][T17489] ? __pfx_kthread+0x10/0x10 [ 422.050557][T17489] ? __pfx_kthread+0x10/0x10 [ 422.050571][T17489] ? rcu_is_watching+0x12/0xc0 [ 422.050591][T17489] ? __pfx_kthread+0x10/0x10 [ 422.050611][T17489] ret_from_fork+0x45/0x80 [ 422.050627][T17489] ? __pfx_kthread+0x10/0x10 [ 422.050647][T17489] ret_from_fork_asm+0x1a/0x30 [ 422.050684][T17489] [ 422.050701][T17489] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 422.053642][T18446] netlink: 'syz.2.4618': attribute type 10 has an invalid length. [ 422.054746][T17489] Bluetooth: hci1: failed to register connection device [ 422.059785][T18446] bridge0: port 2(bridge_slave_1) entered disabled state [ 422.081025][T18450] netlink: 'syz.1.4620': attribute type 1 has an invalid length. [ 422.083176][T18446] bridge0: port 1(bridge_slave_0) entered disabled state [ 422.136600][T18454] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4620'. [ 422.149161][ T5973] usb 5-1: USB disconnect, device number 41 [ 422.160096][T18446] bridge0: port 2(bridge_slave_1) entered blocking state [ 422.182829][T18446] bridge0: port 2(bridge_slave_1) entered forwarding state [ 422.187333][T18446] bridge0: port 1(bridge_slave_0) entered blocking state [ 422.190315][T18446] bridge0: port 1(bridge_slave_0) entered forwarding state [ 422.197675][T18446] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 422.229717][T18450] 8021q: adding VLAN 0 to HW filter on device bond13 [ 422.233008][T18453] bridge_slave_1: left allmulticast mode [ 422.237463][T18453] bridge_slave_1: left promiscuous mode [ 422.239432][T18453] bridge0: port 2(bridge_slave_1) entered disabled state [ 422.243162][T18453] bridge_slave_0: left allmulticast mode [ 422.245346][T18453] bridge_slave_0: left promiscuous mode [ 422.247282][T18453] bridge0: port 1(bridge_slave_0) entered disabled state [ 422.263192][T18453] bond0: (slave bridge0): Releasing backup interface [ 422.435533][T18466] netlink: 52 bytes leftover after parsing attributes in process `syz.2.4625'. [ 422.436054][T18465] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4624'. [ 422.496703][ T40] audit: type=1400 audit(422.576:1403): avc: denied { read } for pid=18469 comm="syz.5.4627" name="usbmon0" dev="devtmpfs" ino=737 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 422.508211][ T40] audit: type=1400 audit(422.586:1404): avc: denied { open } for pid=18469 comm="syz.5.4627" path="/dev/usbmon0" dev="devtmpfs" ino=737 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 422.538598][T18470] netlink: 'syz.5.4627': attribute type 30 has an invalid length. [ 422.676780][T18481] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 422.701100][T18485] netlink: 'syz.5.4632': attribute type 1 has an invalid length. [ 422.723906][T18485] 8021q: adding VLAN 0 to HW filter on device bond2 [ 422.730150][T18485] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4632'. [ 422.734977][T18490] sp0: Synchronizing with TNC [ 422.735185][T18481] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 422.743921][T18485] vlan2: entered allmulticast mode [ 422.746220][T18485] netdevsim netdevsim5 netdevsim0: entered allmulticast mode [ 422.764893][T18489] netlink: 'syz.1.4634': attribute type 2 has an invalid length. [ 422.795142][T18481] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 423.076644][T18517] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4645'. [ 423.114361][ T40] audit: type=1400 audit(423.199:1405): avc: denied { read write } for pid=18514 comm="syz.0.4644" name="mice" dev="devtmpfs" ino=939 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1 [ 423.123962][ T40] audit: type=1400 audit(423.199:1406): avc: denied { ioctl open } for pid=18514 comm="syz.0.4644" path="/dev/input/mice" dev="devtmpfs" ino=939 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1 [ 423.139766][ T5941] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 423.165422][ T40] audit: type=1400 audit(423.249:1407): avc: denied { execute } for pid=18514 comm="syz.0.4644" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=73153 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 423.338073][T18521] xt_CT: You must specify a L4 protocol and not use inversions on it [ 423.416656][ T40] audit: type=1400 audit(423.491:1408): avc: denied { map } for pid=18520 comm="syz.2.4646" path="/proc/213/net/xfrm_stat" dev="proc" ino=4026532984 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 423.426553][ T40] audit: type=1400 audit(423.491:1409): avc: denied { execute } for pid=18520 comm="syz.2.4646" path="/proc/213/net/xfrm_stat" dev="proc" ino=4026532984 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 423.506887][T18527] team0: Device gtp0 is of different type [ 423.880873][T18540] x_tables: ip6_tables: sctp match: only valid for protocol 132 [ 423.889508][T18540] netlink: 27 bytes leftover after parsing attributes in process `syz.2.4651'. [ 423.896730][T18540] syz_tun: entered allmulticast mode [ 423.901065][T18540] SELinux: failure in sel_netif_sid_slow(), invalid network interface (0) [ 423.904616][T18540] mroute: pending queue full, dropping entries [ 423.909620][T18539] syz_tun: left allmulticast mode [ 424.001079][T18550] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4652'. [ 424.004602][T18550] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4652'. [ 424.122946][T18555] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4658'. [ 424.136914][T18555] 8021q: adding VLAN 0 to HW filter on device bond14 [ 424.145641][T18555] vlan3: entered allmulticast mode [ 424.147388][T18555] bond14: entered allmulticast mode [ 424.584787][T18448] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 424.606863][T18448] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 424.610504][T18448] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 424.615856][T18448] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 424.626488][T18448] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 424.786586][T18569] chnl_net:caif_netlink_parms(): no params data found [ 424.953469][ T64] bond2: (slave vlan2): Releasing active interface [ 424.985392][T18569] bridge0: port 1(bridge_slave_0) entered blocking state [ 424.987689][T18569] bridge0: port 1(bridge_slave_0) entered disabled state [ 424.991552][T18569] bridge_slave_0: entered allmulticast mode [ 424.994428][T18569] bridge_slave_0: entered promiscuous mode [ 424.997447][T18569] bridge0: port 2(bridge_slave_1) entered blocking state [ 424.999700][T18569] bridge0: port 2(bridge_slave_1) entered disabled state [ 425.002483][T18586] netlink: 'syz.0.4668': attribute type 10 has an invalid length. [ 425.005411][T18569] bridge_slave_1: entered allmulticast mode [ 425.008159][T18569] bridge_slave_1: entered promiscuous mode [ 425.055265][T18588] SELinux: Context system_u:object_r:semanage_exec_t:s0 is not valid (left unmapped). [ 425.061471][ T40] audit: type=1400 audit(425.149:1410): avc: denied { relabelto } for pid=18587 comm="syz.2.4669" name="cgroup.procs" dev="cgroup" ino=236 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:semanage_exec_t:s0" [ 425.076139][T18569] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 425.079201][ T40] audit: type=1400 audit(425.159:1411): avc: denied { associate } for pid=18587 comm="syz.2.4669" name="cgroup.procs" dev="cgroup" ino=236 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 srawcon="system_u:object_r:semanage_exec_t:s0" [ 425.086321][T18569] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 425.172371][T18569] team0: Port device team_slave_0 added [ 425.180807][T18569] team0: Port device team_slave_1 added [ 425.248284][T18569] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 425.253123][T18569] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 425.265321][T18569] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 425.284490][T18569] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 425.287486][T18569] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 425.299031][T18569] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 425.397119][T18569] hsr_slave_0: entered promiscuous mode [ 425.400608][T18569] hsr_slave_1: entered promiscuous mode [ 425.403513][T18569] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 425.406682][T18569] Cannot create hsr debugfs directory [ 425.419525][T18607] netlink: 'syz.5.4676': attribute type 1 has an invalid length. [ 425.471350][T18608] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4676'. [ 425.608845][ T64] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 425.612917][ T64] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 425.616863][ T64] bond0 (unregistering): (slave team0): Releasing backup interface [ 425.619947][ T64] bond0 (unregistering): Released all slaves [ 425.711175][ T64] bond1 (unregistering): Released all slaves [ 425.802519][ T64] bond2 (unregistering): Released all slaves [ 425.897399][ T64] bond3 (unregistering): Released all slaves [ 426.022805][ T64] bond4 (unregistering): Released all slaves [ 426.126450][ T64] bond5 (unregistering): Released all slaves [ 426.231790][ T64] bond6 (unregistering): Released all slaves [ 426.322997][ T64] bond7 (unregistering): Released all slaves [ 426.329475][ T64] bond8 (unregistering): Released all slaves [ 426.336074][ T64] bond9 (unregistering): Released all slaves [ 426.443340][ T64] bond10 (unregistering): Released all slaves [ 426.560090][ T64] bond11 (unregistering): (slave veth3): Releasing active interface [ 426.565271][ T64] bond11 (unregistering): Released all slaves [ 426.634294][T18448] Bluetooth: hci2: command tx timeout [ 426.639856][T18616] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4680'. [ 426.665313][ T64] bond12 (unregistering): Released all slaves [ 426.781955][ T64] bond13 (unregistering): Released all slaves [ 426.884209][ T64] bond14 (unregistering): Released all slaves [ 426.896101][T18607] workqueue: Failed to create a rescuer kthread for wq "bond3": -EINTR [ 426.997473][ T5973] usb 5-1: new high-speed USB device number 42 using dummy_hcd [ 427.106859][ T40] audit: type=1400 audit(427.199:1412): avc: denied { ioctl } for pid=18621 comm="syz.5.4682" path="/dev/btrfs-control" dev="devtmpfs" ino=1335 ioctlcmd=0x9439 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1 [ 427.149240][ T5973] usb 5-1: Using ep0 maxpacket: 16 [ 427.152265][ T5973] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 427.164988][ T5973] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 427.168215][ T5973] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 427.172730][ T5973] usb 5-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 427.175485][ T5973] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 427.184052][ T5973] usb 5-1: config 0 descriptor?? [ 427.234359][T18635] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 427.280091][T18641] FAULT_INJECTION: forcing a failure. [ 427.280091][T18641] name failslab, interval 1, probability 0, space 0, times 0 [ 427.286471][T18641] CPU: 0 UID: 0 PID: 18641 Comm: syz.5.4686 Not tainted 6.15.0-rc7-syzkaller-00014-gd608703fcdd9 #0 PREEMPT(full) [ 427.286488][T18641] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 427.286495][T18641] Call Trace: [ 427.286499][T18641] [ 427.286503][T18641] dump_stack_lvl+0x16c/0x1f0 [ 427.286524][T18641] should_fail_ex+0x512/0x640 [ 427.286540][T18641] ? fs_reclaim_acquire+0xae/0x150 [ 427.286557][T18641] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 427.286574][T18641] should_failslab+0xc2/0x120 [ 427.286587][T18641] __kmalloc_noprof+0xd2/0x510 [ 427.286600][T18641] tomoyo_realpath_from_path+0xc2/0x6e0 [ 427.286619][T18641] ? tomoyo_profile+0x47/0x60 [ 427.286631][T18641] tomoyo_path_number_perm+0x245/0x580 [ 427.286645][T18641] ? tomoyo_path_number_perm+0x237/0x580 [ 427.286660][T18641] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 427.286676][T18641] ? find_held_lock+0x2b/0x80 [ 427.286702][T18641] ? find_held_lock+0x2b/0x80 [ 427.286715][T18641] ? hook_file_ioctl_common+0x145/0x410 [ 427.286730][T18641] ? __fget_files+0x20e/0x3c0 [ 427.286743][T18641] security_file_ioctl+0x9b/0x240 [ 427.286760][T18641] __x64_sys_ioctl+0xb7/0x200 [ 427.286776][T18641] do_syscall_64+0xcd/0x260 [ 427.286794][T18641] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 427.286806][T18641] RIP: 0033:0x7f997418e969 [ 427.286816][T18641] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 427.286827][T18641] RSP: 002b:00007f9975021038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 427.286838][T18641] RAX: ffffffffffffffda RBX: 00007f99743b5fa0 RCX: 00007f997418e969 [ 427.286845][T18641] RDX: 0000200000001440 RSI: 00000000000089f0 RDI: 0000000000000003 [ 427.286851][T18641] RBP: 00007f9975021090 R08: 0000000000000000 R09: 0000000000000000 [ 427.286858][T18641] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 427.286864][T18641] R13: 0000000000000000 R14: 00007f99743b5fa0 R15: 00007fff50ad70a8 [ 427.286878][T18641] [ 427.286882][T18641] ERROR: Out of memory at tomoyo_realpath_from_path. [ 427.595121][ T5973] shield 0003:0955:7214.001E: unknown main item tag 0x0 [ 427.598016][ T5973] shield 0003:0955:7214.001E: unknown main item tag 0x0 [ 427.600731][ T5973] shield 0003:0955:7214.001E: unknown main item tag 0x0 [ 427.603622][ T5973] shield 0003:0955:7214.001E: unknown main item tag 0x0 [ 427.606318][ T5973] shield 0003:0955:7214.001E: unknown main item tag 0x0 [ 427.610526][ T5973] input: HID 0955:7214 Haptics as /devices/virtual/input/input34 [ 427.648290][ T5973] shield 0003:0955:7214.001E: Registered Thunderstrike controller [ 427.651898][ T5973] shield 0003:0955:7214.001E: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.0-1/input0 [ 427.792636][T18619] random: crng reseeded on system resumption [ 427.951877][ T34] shield 0003:0955:7214.001E: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 427.955805][ T57] usb 5-1: USB disconnect, device number 42 [ 427.958513][ T34] shield 0003:0955:7214.001E: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 427.963721][ T34] shield 0003:0955:7214.001E: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 427.968492][ T34] shield 0003:0955:7214.001E: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 428.155376][ T5941] Bluetooth: hci1: command 0x0406 tx timeout [ 428.327634][ T64] team0 (unregistering): Port device team_slave_1 removed [ 428.431370][ T64] team0 (unregistering): Port device team_slave_0 removed [ 428.513938][ T40] audit: type=1400 audit(428.626:1413): avc: denied { getopt } for pid=18657 comm="syz.0.4688" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 428.522475][ T40] audit: type=1400 audit(428.626:1414): avc: denied { write } for pid=18657 comm="syz.0.4688" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 428.566077][T18661] netlink: 'syz.0.4689': attribute type 1 has an invalid length. [ 428.706718][ T5941] Bluetooth: hci2: command tx timeout [ 429.194574][T18661] 8021q: adding VLAN 0 to HW filter on device bond9 [ 429.301368][T18682] binder: 18681:18682 ioctl c0306201 200000001d40 returned -14 [ 429.306240][T18682] netlink: 'syz.2.4695': attribute type 4 has an invalid length. [ 429.311966][T18682] netlink: 3657 bytes leftover after parsing attributes in process `syz.2.4695'. [ 429.397543][T18683] netlink: 1272 bytes leftover after parsing attributes in process `syz.0.4692'. [ 429.417707][T18683] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 429.422342][T18676] syz.5.4694 (18676): drop_caches: 2 [ 429.427218][T18676] syz.5.4694 (18676): drop_caches: 2 [ 429.515575][T18569] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 429.541487][T18569] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 429.560394][T18569] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 429.577341][ T3338] usb 7-1: new high-speed USB device number 47 using dummy_hcd [ 429.579049][T18569] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 429.626954][T18569] 8021q: adding VLAN 0 to HW filter on device bond0 [ 429.643706][T18569] 8021q: adding VLAN 0 to HW filter on device team0 [ 429.650918][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 429.653070][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 429.669636][ T76] bridge0: port 2(bridge_slave_1) entered blocking state [ 429.672619][ T76] bridge0: port 2(bridge_slave_1) entered forwarding state [ 429.748831][ T3338] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 429.753197][ T3338] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 429.757528][ T3338] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 429.761323][ T3338] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 429.766977][T18682] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 429.779522][ T3338] usb 7-1: Quirk or no altset; falling back to MIDI 1.0 [ 429.804737][T18569] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 429.829373][T18569] veth0_vlan: entered promiscuous mode [ 429.834411][T18569] veth1_vlan: entered promiscuous mode [ 429.853631][T18569] veth0_macvtap: entered promiscuous mode [ 429.860421][T18569] veth1_macvtap: entered promiscuous mode [ 429.874745][T18569] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 429.885036][T18569] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 429.891644][T18569] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 429.895102][T18569] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 429.899721][T18569] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 429.903176][T18569] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 429.962960][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 429.966265][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 429.977919][ T6930] usb 7-1: USB disconnect, device number 47 [ 429.985140][ T1175] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 429.988648][ T1175] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 430.095784][T18709] batman_adv: batadv0: Adding interface: dummy0 [ 430.098301][T18709] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 430.111046][T18709] batman_adv: batadv0: Interface activated: dummy0 [ 430.146144][T18709] batadv0: mtu less than device minimum [ 430.148465][T18709] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 430.152245][T18709] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 430.156071][T18709] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 430.159781][T18709] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 430.163649][T18709] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 430.167350][T18709] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 430.170927][T18709] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 430.174775][T18709] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 430.178452][T18709] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 430.196915][T18709] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4698'. [ 430.402736][T18715] netlink: 'syz.1.4700': attribute type 1 has an invalid length. [ 430.412565][T18715] vlan2: entered allmulticast mode [ 430.415475][T18715] netdevsim netdevsim1 netdevsim0: entered allmulticast mode [ 430.753816][T18735] netlink: 'syz.2.4709': attribute type 1 has an invalid length. [ 430.764347][T18736] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4707'. [ 430.767123][T18736] netlink: 31 bytes leftover after parsing attributes in process `syz.1.4707'. [ 430.769869][T18736] netlink: 'syz.1.4707': attribute type 3 has an invalid length. [ 430.775042][T18736] netlink: 'syz.1.4707': attribute type 2 has an invalid length. [ 430.777553][T18736] netlink: 31 bytes leftover after parsing attributes in process `syz.1.4707'. [ 430.778927][T18735] 8021q: adding VLAN 0 to HW filter on device bond1 [ 430.782361][ T5941] Bluetooth: hci2: command tx timeout [ 430.802291][T18735] vlan2: entered allmulticast mode [ 431.085129][T18763] netlink: 'syz.1.4719': attribute type 1 has an invalid length. [ 431.329286][ T5973] usb 7-1: new high-speed USB device number 48 using dummy_hcd [ 431.491058][ T5973] usb 7-1: too many configurations: 17, using maximum allowed: 8 [ 431.494317][ T5973] usb 7-1: config 1 has an invalid descriptor of length 236, skipping remainder of the config [ 431.498051][ T5973] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 431.502164][ T5973] usb 7-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 431.505972][ T5973] usb 7-1: config 1 interface 0 altsetting 0 has an invalid endpoint descriptor of length 4, skipping [ 431.511689][ T5973] usb 7-1: config 1 has an invalid descriptor of length 236, skipping remainder of the config [ 431.515893][ T5973] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 431.519868][ T5973] usb 7-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 431.522857][ T5973] usb 7-1: config 1 interface 0 altsetting 0 has an invalid endpoint descriptor of length 4, skipping [ 431.527319][ T5973] usb 7-1: config 1 has an invalid descriptor of length 236, skipping remainder of the config [ 431.530724][ T5973] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 431.534218][ T5973] usb 7-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 431.538411][ T5973] usb 7-1: config 1 interface 0 altsetting 0 has an invalid endpoint descriptor of length 4, skipping [ 431.542789][ T5973] usb 7-1: config 1 has an invalid descriptor of length 236, skipping remainder of the config [ 431.547267][ T5973] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 431.551380][ T5973] usb 7-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 431.555305][ T5973] usb 7-1: config 1 interface 0 altsetting 0 has an invalid endpoint descriptor of length 4, skipping [ 431.561073][ T5973] usb 7-1: config 1 has an invalid descriptor of length 236, skipping remainder of the config [ 431.565163][ T5973] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 431.568494][ T5973] usb 7-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 431.571725][ T5973] usb 7-1: config 1 interface 0 altsetting 0 has an invalid endpoint descriptor of length 4, skipping [ 431.577267][ T5973] usb 7-1: config 1 has an invalid descriptor of length 236, skipping remainder of the config [ 431.582111][ T5973] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 431.586047][ T5973] usb 7-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 431.590191][ T5973] usb 7-1: config 1 interface 0 altsetting 0 has an invalid endpoint descriptor of length 4, skipping [ 431.595865][ T5973] usb 7-1: config 1 has an invalid descriptor of length 236, skipping remainder of the config [ 431.600210][ T5973] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 431.603990][ T5973] usb 7-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 431.608096][ T5973] usb 7-1: config 1 interface 0 altsetting 0 has an invalid endpoint descriptor of length 4, skipping [ 431.613595][ T5973] usb 7-1: config 1 has an invalid descriptor of length 236, skipping remainder of the config [ 431.618065][ T5973] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 431.622065][ T5973] usb 7-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 431.625906][ T5973] usb 7-1: config 1 interface 0 altsetting 0 has an invalid endpoint descriptor of length 4, skipping [ 431.632630][ T5973] usb 7-1: New USB device found, idVendor=0530, idProduct=a4a8, bcdDevice= 0.40 [ 431.636520][ T5973] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 431.640209][ T5973] usb 7-1: Product: syz [ 431.641979][ T5973] usb 7-1: Manufacturer: syz [ 431.643925][ T5973] usb 7-1: SerialNumber: syz [ 432.173353][T18788] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4727'. [ 432.191333][T18788] 8021q: adding VLAN 0 to HW filter on device bond3 [ 432.224746][ T40] audit: type=1400 audit(432.344:1415): avc: denied { relabelfrom } for pid=18762 comm="syz.2.4720" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1 [ 432.235226][ T40] audit: type=1400 audit(432.344:1416): avc: denied { relabelto } for pid=18762 comm="syz.2.4720" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1 [ 432.301277][T18799] netlink: 'syz.5.4729': attribute type 1 has an invalid length. [ 432.315826][T18799] 8021q: adding VLAN 0 to HW filter on device bond4 [ 432.842372][ T5941] Bluetooth: hci2: command tx timeout [ 432.924427][T18822] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4737'. [ 433.014165][T18826] sg_write: process 41 (syz.1.4739) changed security contexts after opening file descriptor, this is not allowed. [ 433.020697][ T40] audit: type=1400 audit(433.148:1417): avc: denied { bind } for pid=18825 comm="syz.1.4739" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 433.388838][ T5941] Bluetooth: hci2: unexpected event 0x3d length: 104 > 14 [ 433.446457][T18820] 9pnet_fd: p9_fd_create_tcp (18820): problem connecting socket to 127.0.0.1 [ 433.493948][ T40] audit: type=1400 audit(433.620:1418): avc: denied { read } for pid=5329 comm="acpid" name="mouse5" dev="devtmpfs" ino=3411 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1 [ 433.495374][T18849] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4749'. [ 433.501373][ T40] audit: type=1400 audit(433.630:1419): avc: denied { open } for pid=5329 comm="acpid" path="/dev/input/mouse5" dev="devtmpfs" ino=3411 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1 [ 433.510492][ T40] audit: type=1400 audit(433.630:1420): avc: denied { ioctl } for pid=5329 comm="acpid" path="/dev/input/mouse5" dev="devtmpfs" ino=3411 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1 [ 434.200700][ T3338] usb 7-1: USB disconnect, device number 48 [ 434.228169][T18859] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4752'. [ 434.247140][ T40] audit: type=1400 audit(434.383:1421): avc: denied { append } for pid=18857 comm="syz.2.4752" name="001" dev="devtmpfs" ino=742 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 434.412413][T18874] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18874 comm=syz.2.4758 [ 434.843473][ T3338] usb 10-1: new high-speed USB device number 2 using dummy_hcd [ 434.877880][T18906] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4771'. [ 434.881839][T18906] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4771'. [ 434.890427][T18906] netlink: 137 bytes leftover after parsing attributes in process `syz.0.4771'. [ 434.895483][T18906] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4771'. [ 435.003842][ T3338] usb 10-1: Using ep0 maxpacket: 32 [ 435.007906][ T3338] usb 10-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 435.015233][ T3338] usb 10-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 435.022637][ T3338] usb 10-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 435.025993][ T3338] usb 10-1: Product: syz [ 435.027709][ T3338] usb 10-1: Manufacturer: syz [ 435.029564][ T3338] usb 10-1: SerialNumber: syz [ 435.040156][ T3338] usb 10-1: config 0 descriptor?? [ 435.043107][T18896] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 435.047502][ T3338] hub 10-1:0.0: bad descriptor, ignoring hub [ 435.049985][ T3338] hub 10-1:0.0: probe with driver hub failed with error -5 [ 435.361391][ T5974] usb 10-1: USB disconnect, device number 2 [ 435.826450][T18930] FAULT_INJECTION: forcing a failure. [ 435.826450][T18930] name failslab, interval 1, probability 0, space 0, times 0 [ 435.832043][T18930] CPU: 1 UID: 0 PID: 18930 Comm: syz.5.4781 Not tainted 6.15.0-rc7-syzkaller-00014-gd608703fcdd9 #0 PREEMPT(full) [ 435.832070][T18930] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 435.832082][T18930] Call Trace: [ 435.832088][T18930] [ 435.832096][T18930] dump_stack_lvl+0x16c/0x1f0 [ 435.832127][T18930] should_fail_ex+0x512/0x640 [ 435.832152][T18930] ? fs_reclaim_acquire+0xae/0x150 [ 435.832178][T18930] ? tomoyo_encode2+0x100/0x3e0 [ 435.832204][T18930] should_failslab+0xc2/0x120 [ 435.832223][T18930] __kmalloc_noprof+0xd2/0x510 [ 435.832247][T18930] tomoyo_encode2+0x100/0x3e0 [ 435.832273][T18930] tomoyo_encode+0x29/0x50 [ 435.832297][T18930] tomoyo_realpath_from_path+0x18f/0x6e0 [ 435.832325][T18930] ? tomoyo_profile+0x47/0x60 [ 435.832347][T18930] tomoyo_path_number_perm+0x245/0x580 [ 435.832368][T18930] ? tomoyo_path_number_perm+0x237/0x580 [ 435.832393][T18930] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 435.832416][T18930] ? find_held_lock+0x2b/0x80 [ 435.832465][T18930] ? find_held_lock+0x2b/0x80 [ 435.832484][T18930] ? hook_file_ioctl_common+0x145/0x410 [ 435.832510][T18930] ? __fget_files+0x20e/0x3c0 [ 435.832532][T18930] security_file_ioctl+0x9b/0x240 [ 435.832559][T18930] __x64_sys_ioctl+0xb7/0x200 [ 435.832584][T18930] do_syscall_64+0xcd/0x260 [ 435.832611][T18930] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 435.832629][T18930] RIP: 0033:0x7f997418e969 [ 435.832643][T18930] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 435.832660][T18930] RSP: 002b:00007f9975021038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 435.832678][T18930] RAX: ffffffffffffffda RBX: 00007f99743b5fa0 RCX: 00007f997418e969 [ 435.832690][T18930] RDX: 0000200000001600 RSI: 00000000c080aebe RDI: 0000000000000005 [ 435.832701][T18930] RBP: 00007f9975021090 R08: 0000000000000000 R09: 0000000000000000 [ 435.832711][T18930] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 435.832722][T18930] R13: 0000000000000000 R14: 00007f99743b5fa0 R15: 00007fff50ad70a8 [ 435.832747][T18930] [ 435.832765][T18930] ERROR: Out of memory at tomoyo_realpath_from_path. [ 436.011244][T18947] No such timeout policy "syz1" [ 436.494046][T18957] FAULT_INJECTION: forcing a failure. [ 436.494046][T18957] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 436.501004][T18957] CPU: 1 UID: 0 PID: 18957 Comm: syz.0.4791 Not tainted 6.15.0-rc7-syzkaller-00014-gd608703fcdd9 #0 PREEMPT(full) [ 436.501021][T18957] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 436.501028][T18957] Call Trace: [ 436.501032][T18957] [ 436.501038][T18957] dump_stack_lvl+0x16c/0x1f0 [ 436.501067][T18957] should_fail_ex+0x512/0x640 [ 436.501094][T18957] _copy_from_user+0x2e/0xd0 [ 436.501119][T18957] kstrtouint_from_user+0xd6/0x1d0 [ 436.501139][T18957] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 436.501157][T18957] ? __lock_acquire+0xaa4/0x1ba0 [ 436.501190][T18957] proc_fail_nth_write+0x83/0x250 [ 436.501213][T18957] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 436.501239][T18957] vfs_write+0x25f/0x1180 [ 436.501256][T18957] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 436.501276][T18957] ? __pfx___mutex_lock+0x10/0x10 [ 436.501293][T18957] ? __pfx_vfs_write+0x10/0x10 [ 436.501315][T18957] ? __fget_files+0x20e/0x3c0 [ 436.501330][T18957] ksys_write+0x12a/0x240 [ 436.501348][T18957] ? __pfx_ksys_write+0x10/0x10 [ 436.501364][T18957] ? rcu_is_watching+0x12/0xc0 [ 436.501383][T18957] do_syscall_64+0xcd/0x260 [ 436.501405][T18957] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 436.501419][T18957] RIP: 0033:0x7f816898d41f [ 436.501429][T18957] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 436.501441][T18957] RSP: 002b:00007f8169803030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 436.501452][T18957] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f816898d41f [ 436.501460][T18957] RDX: 0000000000000001 RSI: 00007f81698030a0 RDI: 0000000000000004 [ 436.501467][T18957] RBP: 00007f8169803090 R08: 0000000000000000 R09: 0000000000000000 [ 436.501474][T18957] R10: 0000200000000000 R11: 0000000000000293 R12: 0000000000000001 [ 436.501481][T18957] R13: 0000000000000001 R14: 00007f8168bb6080 R15: 00007ffe5e57d2f8 [ 436.501496][T18957] [ 436.585264][T18966] netlink: 'syz.5.4795': attribute type 1 has an invalid length. [ 436.591765][T18969] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 436.600768][T18966] 8021q: adding VLAN 0 to HW filter on device bond5 [ 436.612635][T18966] netlink: 44 bytes leftover after parsing attributes in process `syz.5.4795'. [ 436.711232][ T40] audit: type=1400 audit(436.854:1422): avc: denied { write } for pid=18970 comm="syz.0.4797" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 438.244442][T19020] netlink: 'syz.5.4811': attribute type 21 has an invalid length. [ 438.247785][T19020] netlink: 132 bytes leftover after parsing attributes in process `syz.5.4811'. [ 438.398021][T19028] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4816'. [ 438.442579][T19034] fuse: Unknown parameter 'ÿÿÿÿÿÿÿÿ00000000000000000004' [ 438.874551][T19045] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4822'. [ 439.065931][ T40] audit: type=1400 audit(439.214:1423): avc: denied { write } for pid=19052 comm="syz.2.4825" path="socket:[74424]" dev="sockfs" ino=74424 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 439.196772][T19062] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4828'. [ 439.318453][T19071] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4833'. [ 439.322129][T19071] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=19071 comm=syz.5.4833 [ 439.516320][T19084] netlink: 'syz.5.4839': attribute type 1 has an invalid length. [ 439.530424][T19084] 8021q: adding VLAN 0 to HW filter on device bond6 [ 439.601829][T19078] kvm: kvm [19077]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x100000080 [ 439.618136][ T1418] ieee802154 phy0 wpan0: encryption failed: -22 [ 439.620827][ T1418] ieee802154 phy1 wpan1: encryption failed: -22 [ 439.630908][T19078] kvm: kvm [19077]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0x80 [ 439.636047][T19078] kvm: kvm [19077]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x11e) = 0xbe702111 [ 439.658544][T19078] kvm: kvm [19077]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x186) = 0x80 [ 440.021401][ T24] usb 10-1: new high-speed USB device number 3 using dummy_hcd [ 440.180816][ T24] usb 10-1: Using ep0 maxpacket: 32 [ 440.186558][ T24] usb 10-1: config index 0 descriptor too short (expected 156, got 27) [ 440.190120][ T24] usb 10-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 440.195076][ T24] usb 10-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 440.199604][ T24] usb 10-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 440.206923][ T24] usb 10-1: config 0 interface 0 has no altsetting 0 [ 440.211436][ T24] usb 10-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 440.215180][ T24] usb 10-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 440.218121][ T24] usb 10-1: Product: syz [ 440.219518][ T24] usb 10-1: Manufacturer: syz [ 440.221819][ T24] usb 10-1: SerialNumber: syz [ 440.227199][ T24] usb 10-1: config 0 descriptor?? [ 440.233292][ T24] ldusb 10-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 440.238853][ T24] ldusb 10-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 440.260779][T19109] netlink: 'syz.0.4848': attribute type 1 has an invalid length. [ 440.282516][T19109] 8021q: adding VLAN 0 to HW filter on device bond10 [ 440.332538][T19109] __nla_validate_parse: 6 callbacks suppressed [ 440.332558][T19109] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4848'. [ 440.338898][T19109] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4848'. [ 440.657484][T19139] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it. [ 440.661422][T19139] overlayfs: missing 'lowerdir' [ 440.721163][T19139] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7) [ 440.723764][T19139] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 440.728280][T19139] vhci_hcd vhci_hcd.0: Device attached [ 440.737406][T19141] vhci_hcd: connection closed [ 440.738138][ T1139] vhci_hcd: stop threads [ 440.741142][ T1139] vhci_hcd: release socket [ 440.742588][ T1139] vhci_hcd: disconnect device [ 440.813122][T19146] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4859'. [ 440.822661][T19146] erspan0: entered promiscuous mode [ 440.826939][T19146] erspan0: left promiscuous mode [ 440.878159][ T834] usb 6-1: new high-speed USB device number 40 using dummy_hcd [ 440.953168][T19149] netlink: 'syz.2.4860': attribute type 1 has an invalid length. [ 440.967588][T19149] 8021q: adding VLAN 0 to HW filter on device bond2 [ 440.974549][T19149] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4860'. [ 441.037210][ T834] usb 6-1: Using ep0 maxpacket: 16 [ 441.041085][ T834] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 441.044680][ T834] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 441.048205][ T834] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 441.053578][ T834] usb 6-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 441.058020][ T834] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 441.062127][ T834] usb 6-1: config 0 descriptor?? [ 441.468325][ T834] shield 0003:0955:7214.001F: unknown main item tag 0x0 [ 441.471298][ T834] shield 0003:0955:7214.001F: unknown main item tag 0x0 [ 441.474003][ T834] shield 0003:0955:7214.001F: unknown main item tag 0x0 [ 441.476437][ T834] shield 0003:0955:7214.001F: unknown main item tag 0x0 [ 441.479336][ T834] shield 0003:0955:7214.001F: unknown main item tag 0x0 [ 441.482856][ T834] input: HID 0955:7214 Haptics as /devices/virtual/input/input35 [ 441.500697][ T834] shield 0003:0955:7214.001F: Registered Thunderstrike controller [ 441.503508][ T834] shield 0003:0955:7214.001F: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.1-1/input0 [ 441.575640][T19167] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 441.579008][T19167] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 441.582983][T19167] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 441.586284][T19167] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 441.665849][T19137] random: crng reseeded on system resumption [ 441.668917][T19137] FAULT_INJECTION: forcing a failure. [ 441.668917][T19137] name failslab, interval 1, probability 0, space 0, times 0 [ 441.674685][T19137] CPU: 2 UID: 0 PID: 19137 Comm: syz.1.4857 Not tainted 6.15.0-rc7-syzkaller-00014-gd608703fcdd9 #0 PREEMPT(full) [ 441.674710][T19137] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 441.674722][T19137] Call Trace: [ 441.674729][T19137] [ 441.674737][T19137] dump_stack_lvl+0x116/0x1f0 [ 441.674767][T19137] should_fail_ex+0x512/0x640 [ 441.674797][T19137] should_failslab+0xc2/0x120 [ 441.674818][T19137] __kmalloc_cache_noprof+0x6a/0x3e0 [ 441.674846][T19137] ? alloc_fw_cache_entry+0x3f/0xd0 [ 441.674873][T19137] ? __pfx_fw_name_devm_release+0x10/0x10 [ 441.674899][T19137] alloc_fw_cache_entry+0x3f/0xd0 [ 441.674925][T19137] dev_create_fw_entry+0x3d/0x150 [ 441.674951][T19137] ? __pfx_fw_name_devm_release+0x10/0x10 [ 441.674974][T19137] devres_for_each_res+0x170/0x1d0 [ 441.674995][T19137] ? __pfx_devm_name_match+0x10/0x10 [ 441.675016][T19137] ? __pfx_dev_create_fw_entry+0x10/0x10 [ 441.675044][T19137] ? __pfx_dev_cache_fw_image+0x10/0x10 [ 441.675070][T19137] dev_cache_fw_image+0xa2/0x490 [ 441.675097][T19137] ? __pfx_dev_cache_fw_image+0x10/0x10 [ 441.675128][T19137] ? __pfx_dev_cache_fw_image+0x10/0x10 [ 441.675154][T19137] dpm_for_each_dev+0x5d/0xb0 [ 441.675179][T19137] fw_pm_notify+0x81/0x150 [ 441.675202][T19137] notifier_call_chain+0xbc/0x410 [ 441.675226][T19137] ? __pfx_fw_pm_notify+0x10/0x10 [ 441.675255][T19137] blocking_notifier_call_chain_robust+0xc8/0x160 [ 441.675284][T19137] ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10 [ 441.675310][T19137] ? __pfx_avc_has_perm+0x10/0x10 [ 441.675345][T19137] pm_notifier_call_chain_robust+0x27/0x60 [ 441.675374][T19137] snapshot_open+0x218/0x2b0 [ 441.675399][T19137] ? __pfx_snapshot_open+0x10/0x10 [ 441.675424][T19137] misc_open+0x35d/0x420 [ 441.675452][T19137] ? __pfx_misc_open+0x10/0x10 [ 441.675479][T19137] chrdev_open+0x231/0x6a0 [ 441.675499][T19137] ? __pfx_chrdev_open+0x10/0x10 [ 441.675520][T19137] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 441.675554][T19137] do_dentry_open+0x744/0x1c10 [ 441.675581][T19137] ? __pfx_chrdev_open+0x10/0x10 [ 441.675606][T19137] vfs_open+0x82/0x3f0 [ 441.675630][T19137] path_openat+0x1e5e/0x2d40 [ 441.675660][T19137] ? __pfx_path_openat+0x10/0x10 [ 441.675685][T19137] do_filp_open+0x20b/0x470 [ 441.675703][T19137] ? __pfx_do_filp_open+0x10/0x10 [ 441.675741][T19137] ? alloc_fd+0x471/0x7d0 [ 441.675779][T19137] do_sys_openat2+0x11b/0x1d0 [ 441.675800][T19137] ? __pfx_do_sys_openat2+0x10/0x10 [ 441.675823][T19137] ? __fget_files+0x20e/0x3c0 [ 441.675846][T19137] __x64_sys_openat+0x174/0x210 [ 441.675894][T19137] ? __pfx___x64_sys_openat+0x10/0x10 [ 441.675915][T19137] ? ksys_write+0x1b9/0x240 [ 441.675942][T19137] ? rcu_is_watching+0x12/0xc0 [ 441.675973][T19137] do_syscall_64+0xcd/0x260 [ 441.676003][T19137] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 441.676021][T19137] RIP: 0033:0x7fa35b18e969 [ 441.676038][T19137] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 441.676055][T19137] RSP: 002b:00007fa35bf89038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 441.676073][T19137] RAX: ffffffffffffffda RBX: 00007fa35b3b5fa0 RCX: 00007fa35b18e969 [ 441.676084][T19137] RDX: 000000000000003f RSI: 00002000000001c0 RDI: ffffffffffffff9c [ 441.676095][T19137] RBP: 00007fa35bf89090 R08: 0000000000000000 R09: 0000000000000000 [ 441.676106][T19137] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 441.676117][T19137] R13: 0000000000000000 R14: 00007fa35b3b5fa0 R15: 00007ffc43582908 [ 441.676143][T19137] [ 441.958906][T19181] netlink: 'syz.2.4871': attribute type 1 has an invalid length. [ 442.005405][T19181] 8021q: adding VLAN 0 to HW filter on device bond3 [ 442.024965][T19181] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4871'. [ 442.038920][ T10] shield 0003:0955:7214.001F: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 442.040352][ T6930] usb 6-1: USB disconnect, device number 40 [ 442.044575][ T10] shield 0003:0955:7214.001F: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 442.050258][ T10] shield 0003:0955:7214.001F: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 442.055235][ T10] shield 0003:0955:7214.001F: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 442.543272][T19213] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4881'. [ 442.599121][T19213] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19213 comm=syz.2.4881 [ 442.781813][ T5974] usb 10-1: USB disconnect, device number 3 [ 442.786093][ T5974] ldusb 10-1:0.0: LD USB Device #0 now disconnected [ 443.412176][T19247] netlink: 'syz.0.4893': attribute type 10 has an invalid length. [ 443.419495][T19247] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 443.427918][ T3338] usb 10-1: new high-speed USB device number 4 using dummy_hcd [ 443.429818][ T1138] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 443.434414][ T1138] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 443.504705][T19251] netlink: 'syz.0.4895': attribute type 1 has an invalid length. [ 443.529599][T19251] 8021q: adding VLAN 0 to HW filter on device bond11 [ 443.583589][T19251] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4895'. [ 443.590902][ T3338] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 443.594777][ T3338] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 443.598176][ T3338] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 443.604289][ T3338] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 443.608791][ T3338] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 443.621354][ T3338] usb 10-1: config 0 descriptor?? [ 443.698688][T19262] netlink: 'syz.0.4898': attribute type 1 has an invalid length. [ 443.701988][T19262] netlink: 'syz.0.4898': attribute type 2 has an invalid length. [ 444.033506][ T3338] plantronics 0003:047F:FFFF.0020: unknown main item tag 0x0 [ 444.036567][ T3338] plantronics 0003:047F:FFFF.0020: No inputs registered, leaving [ 444.042924][ T3338] plantronics 0003:047F:FFFF.0020: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0 [ 445.426540][T19271] No source specified [ 445.914056][ T40] audit: type=1400 audit(446.090:1424): avc: denied { setopt } for pid=19278 comm="syz.5.4904" lport=41648 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 445.939948][ T5941] Bluetooth: hci2: unexpected event 0x3d length: 104 > 14 [ 446.013242][T19292] loop2: detected capacity change from 0 to 7 [ 446.023072][T19292] loop2: [POWERTEC] p1 [ 446.025643][T19292] loop2: p1 size 3014656 extends beyond EOD, truncated [ 446.027153][T19291] 9pnet_virtio: no channels available for device 127.0.0.1 [ 446.088813][T19295] netlink: 64 bytes leftover after parsing attributes in process `syz.1.4910'. [ 446.113726][ T5974] usb 10-1: USB disconnect, device number 4 [ 446.259210][ T5941] Bluetooth: hci1: unexpected event 0x3d length: 104 > 14 [ 446.295296][T19315] bridge0: port 3(vlan3) entered blocking state [ 446.299727][T19315] bridge0: port 3(vlan3) entered disabled state [ 446.301919][T19315] vlan3: entered allmulticast mode [ 446.303548][T19315] bond0: entered allmulticast mode [ 446.305196][T19315] bond_slave_0: entered allmulticast mode [ 446.307235][T19315] bond_slave_1: entered allmulticast mode [ 446.310274][T19315] vlan3: entered promiscuous mode [ 446.311975][T19315] bond0: entered promiscuous mode [ 446.313550][T19315] bond_slave_0: entered promiscuous mode [ 446.315438][T19315] bond_slave_1: entered promiscuous mode [ 446.377207][T19325] syz_tun: entered allmulticast mode [ 446.409420][ T40] audit: type=1400 audit(446.592:1425): avc: denied { unmount } for pid=12740 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 446.416281][T19323] syz_tun: left allmulticast mode [ 446.587456][ T5941] Bluetooth: hci1: unexpected event 0x3d length: 104 > 14 [ 446.699351][T19351] netlink: 'syz.5.4928': attribute type 32 has an invalid length. [ 446.704026][T19351] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4928'. [ 446.708067][T19351] (unnamed net_device) (uninitialized): Setting coupled_control to off (0) [ 446.785746][ T3338] usb 7-1: new high-speed USB device number 49 using dummy_hcd [ 446.840516][T19354] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 446.934836][ T3338] usb 7-1: Using ep0 maxpacket: 32 [ 446.938633][ T3338] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 446.944668][ T3338] usb 7-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 446.948255][ T3338] usb 7-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 446.951569][ T3338] usb 7-1: Product: syz [ 446.953301][ T3338] usb 7-1: Manufacturer: syz [ 446.955493][ T3338] usb 7-1: SerialNumber: syz [ 446.959491][ T3338] usb 7-1: config 0 descriptor?? [ 446.962539][T19340] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 446.978688][ T3338] hub 7-1:0.0: bad descriptor, ignoring hub [ 446.981199][ T3338] hub 7-1:0.0: probe with driver hub failed with error -5 [ 447.141371][T19354] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 447.197145][T19354] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 447.283632][ T834] usb 7-1: USB disconnect, device number 49 [ 447.304066][T19354] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 447.363237][ T5973] usb 6-1: new high-speed USB device number 41 using dummy_hcd [ 447.390792][T19354] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 447.398984][T19354] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 447.407454][T19354] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 447.417700][T19354] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 447.513266][ T5973] usb 6-1: Using ep0 maxpacket: 16 [ 447.519469][ T5973] usb 6-1: config 13 has an invalid interface number: 120 but max is 0 [ 447.522213][ T5973] usb 6-1: config 13 has no interface number 0 [ 447.525442][ T5973] usb 6-1: config 13 interface 120 has no altsetting 0 [ 447.525548][T19379] input: syz0 as /devices/virtual/input/input36 [ 447.533928][ T5973] usb 6-1: New USB device found, idVendor=07c4, idProduct=a000, bcdDevice= 0.07 [ 447.537824][ T5973] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 447.541192][ T5973] usb 6-1: Product: syz [ 447.543135][ T5973] usb 6-1: Manufacturer: syz [ 447.545312][ T5973] usb 6-1: SerialNumber: syz [ 447.762669][ T5973] ums-datafab 6-1:13.120: USB Mass Storage device detected [ 447.827958][ T5973] usb 6-1: USB disconnect, device number 41 [ 447.851740][ T29] usb 5-1: new high-speed USB device number 43 using dummy_hcd [ 448.022734][ T29] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 448.039072][ T29] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 448.044987][ T29] usb 5-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00 [ 448.048326][ T29] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 448.056948][ T29] usb 5-1: config 0 descriptor?? [ 448.176705][T19399] FAULT_INJECTION: forcing a failure. [ 448.176705][T19399] name failslab, interval 1, probability 0, space 0, times 0 [ 448.182394][T19399] CPU: 1 UID: 0 PID: 19399 Comm: syz.2.4946 Not tainted 6.15.0-rc7-syzkaller-00014-gd608703fcdd9 #0 PREEMPT(full) [ 448.182421][T19399] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 448.182432][T19399] Call Trace: [ 448.182438][T19399] [ 448.182445][T19399] dump_stack_lvl+0x16c/0x1f0 [ 448.182489][T19399] should_fail_ex+0x512/0x640 [ 448.182509][T19399] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 448.182528][T19399] should_failslab+0xc2/0x120 [ 448.182542][T19399] __kmalloc_cache_noprof+0x6a/0x3e0 [ 448.182560][T19399] ? fuse_create_open+0x17c/0xcc0 [ 448.182578][T19399] fuse_create_open+0x17c/0xcc0 [ 448.182596][T19399] ? __pfx_fuse_create_open+0x10/0x10 [ 448.182610][T19399] ? find_held_lock+0x2b/0x80 [ 448.182625][T19399] ? fuse_dentry_settime+0x215/0x280 [ 448.182645][T19399] ? __pfx_fuse_lookup+0x10/0x10 [ 448.182672][T19399] fuse_atomic_open+0x325/0x470 [ 448.182689][T19399] ? __pfx_fuse_atomic_open+0x10/0x10 [ 448.182705][T19399] lookup_open.isra.0+0x83d/0x1580 [ 448.182725][T19399] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 448.182750][T19399] ? __pfx_down_write+0x10/0x10 [ 448.182760][T19399] ? mnt_get_write_access+0x20c/0x300 [ 448.182778][T19399] path_openat+0x905/0x2d40 [ 448.182804][T19399] ? __pfx_path_openat+0x10/0x10 [ 448.182822][T19399] ? __lock_acquire+0xaa4/0x1ba0 [ 448.182854][T19399] do_filp_open+0x20b/0x470 [ 448.182874][T19399] ? __pfx_do_filp_open+0x10/0x10 [ 448.182912][T19399] ? _raw_spin_unlock+0x28/0x50 [ 448.182930][T19399] ? alloc_fd+0x471/0x7d0 [ 448.182952][T19399] do_sys_openat2+0x11b/0x1d0 [ 448.182967][T19399] ? __pfx_do_sys_openat2+0x10/0x10 [ 448.182981][T19399] ? __fget_files+0x20e/0x3c0 [ 448.182995][T19399] __x64_sys_creat+0xcc/0x120 [ 448.183010][T19399] ? __pfx___x64_sys_creat+0x10/0x10 [ 448.183024][T19399] ? __pfx_ksys_write+0x10/0x10 [ 448.183049][T19399] ? rcu_is_watching+0x12/0xc0 [ 448.183063][T19399] ? do_syscall_64+0x91/0x260 [ 448.183080][T19399] do_syscall_64+0xcd/0x260 [ 448.183097][T19399] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 448.183109][T19399] RIP: 0033:0x7f64f538e969 [ 448.183119][T19399] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 448.183129][T19399] RSP: 002b:00007f64f61c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055 [ 448.183140][T19399] RAX: ffffffffffffffda RBX: 00007f64f55b6080 RCX: 00007f64f538e969 [ 448.183147][T19399] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000180 [ 448.183153][T19399] RBP: 00007f64f61c7090 R08: 0000000000000000 R09: 0000000000000000 [ 448.183159][T19399] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 448.183166][T19399] R13: 0000000000000000 R14: 00007f64f55b6080 R15: 00007ffc0908b688 [ 448.183179][T19399] [ 448.339233][T19404] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4948'. [ 448.342667][T19403] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4948'. [ 448.490871][T19419] input: syz1 as /devices/virtual/input/input37 [ 449.029343][ T40] audit: type=1400 audit(449.222:1426): avc: denied { read } for pid=19436 comm="syz.2.4961" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 449.108148][T19441] program syz.2.4963 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 449.112009][ T40] audit: type=1400 audit(449.302:1427): avc: denied { listen } for pid=19440 comm="syz.2.4963" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1 [ 449.167923][ T3228] usb 10-1: new high-speed USB device number 5 using dummy_hcd [ 449.328095][ T3228] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 449.331868][ T3228] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 449.335216][ T3228] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 449.340490][ T3228] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0 [ 449.345611][ T3228] usb 10-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13 [ 449.348780][ T3228] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 449.351388][ T3228] usb 10-1: Product: syz [ 449.352788][ T3228] usb 10-1: Manufacturer: syz [ 449.354403][ T3228] usb 10-1: SerialNumber: syz [ 449.358143][ T3228] usb 10-1: config 0 descriptor?? [ 449.375003][T19451] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4967'. [ 449.447348][T19453] dns_resolver: Unsupported server list version (0) [ 449.449866][T19453] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4968'. [ 449.569343][ T3228] adutux 10-1:0.0: ADU208 4242424 now attached to /dev/usb/adutux0 [ 449.797438][T19430] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 449.855151][ T3228] usb 10-1: USB disconnect, device number 5 [ 450.509755][ T5941] Bluetooth: hci1: unexpected event 0x3d length: 104 > 14 [ 450.618702][ T5974] usb 5-1: USB disconnect, device number 43 [ 450.649996][ T40] audit: type=1400 audit(450.847:1428): avc: denied { unmount } for pid=18569 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 450.738614][ T5973] libceph: connect (1)[c::]:6789 error -101 [ 450.740940][ T5973] libceph: mon0 (1)[c::]:6789 connect error [ 451.003290][ T5973] libceph: connect (1)[c::]:6789 error -101 [ 451.005639][ T5973] libceph: mon0 (1)[c::]:6789 connect error [ 451.114628][T19481] kAFS: unable to lookup cell '/,c¾ûL' [ 451.167137][T19483] ALSA: seq fatal error: cannot create timer (-22) [ 451.176717][T19483] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4979'. [ 451.510024][ T3228] libceph: connect (1)[c::]:6789 error -101 [ 451.512342][T19473] ceph: No mds server is up or the cluster is laggy [ 451.517279][ T3228] libceph: mon0 (1)[c::]:6789 connect error [ 451.588696][T19489] IPVS: You probably need to specify IP address on multicast interface. [ 451.593001][T19489] IPVS: Error connecting to the multicast addr [ 451.769765][T19503] net_ratelimit: 11 callbacks suppressed [ 451.769783][T19503] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 451.777694][T19503] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:1) [ 451.782399][T19503] bridge_slave_0: default FDB implementation only supports local addresses [ 451.820714][T19507] netlink: 'syz.5.4988': attribute type 11 has an invalid length. [ 451.826722][T19503] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 451.829643][T19503] IPv6: NLM_F_CREATE should be set when creating new route [ 451.832052][T19503] IPv6: NLM_F_CREATE should be set when creating new route [ 451.834744][T19503] IPv6: NLM_F_CREATE should be set when creating new route [ 452.405014][T19527] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 452.803663][T19542] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 452.807711][T19542] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 452.812567][T19542] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 452.816145][T19542] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 453.029639][T19557] netlink: 'syz.2.5009': attribute type 2 has an invalid length. [ 453.074462][T19560] netlink: 68 bytes leftover after parsing attributes in process `syz.0.5005'. [ 453.104763][T19566] FAULT_INJECTION: forcing a failure. [ 453.104763][T19566] name failslab, interval 1, probability 0, space 0, times 0 [ 453.109974][T19566] CPU: 3 UID: 0 PID: 19566 Comm: syz.1.5012 Not tainted 6.15.0-rc7-syzkaller-00014-gd608703fcdd9 #0 PREEMPT(full) [ 453.109997][T19566] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 453.110008][T19566] Call Trace: [ 453.110015][T19566] [ 453.110022][T19566] dump_stack_lvl+0x16c/0x1f0 [ 453.110059][T19566] should_fail_ex+0x512/0x640 [ 453.110087][T19566] should_failslab+0xc2/0x120 [ 453.110108][T19566] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 453.110127][T19566] ? find_held_lock+0x2b/0x80 [ 453.110147][T19566] ? sctp_chunkify+0x51/0x2d0 [ 453.110175][T19566] sctp_chunkify+0x51/0x2d0 [ 453.110199][T19566] sctp_rcv+0x1161/0x3c60 [ 453.110237][T19566] ? __pfx_sctp_rcv+0x10/0x10 [ 453.110259][T19566] ? raw6_local_deliver+0x452/0xa40 [ 453.110285][T19566] ? raw6_local_deliver+0x45c/0xa40 [ 453.110306][T19566] ? __pfx_nf_nat_ipv6_local_in+0x10/0x10 [ 453.110334][T19566] ? lock_acquire+0x179/0x350 [ 453.110361][T19566] ? __pfx_raw6_local_deliver+0x10/0x10 [ 453.110386][T19566] ? __pfx_sctp6_rcv+0x10/0x10 [ 453.110402][T19566] sctp6_rcv+0x3c/0x60 [ 453.110420][T19566] ip6_protocol_deliver_rcu+0xf86/0x1520 [ 453.110459][T19566] ip6_input_finish+0x102/0x180 [ 453.110477][T19566] ip6_input+0x105/0x2f0 [ 453.110492][T19566] ? __pfx_ip6_input+0x10/0x10 [ 453.110506][T19566] ipv6_rcv+0x265/0x680 [ 453.110522][T19566] ? __pfx_ipv6_rcv+0x10/0x10 [ 453.110536][T19566] __netif_receive_skb_one_core+0x12d/0x1e0 [ 453.110547][T19566] ? __pfx___netif_receive_skb_one_core+0x10/0x10 [ 453.110559][T19566] ? lock_acquire+0x179/0x350 [ 453.110577][T19566] ? __might_fault+0xe3/0x190 [ 453.110590][T19566] __netif_receive_skb+0x1d/0x160 [ 453.110600][T19566] netif_receive_skb+0x137/0x7b0 [ 453.110611][T19566] ? __pfx_netif_receive_skb+0x10/0x10 [ 453.110620][T19566] ? _copy_from_iter+0x161/0x15b0 [ 453.110641][T19566] tun_rx_batched.isra.0+0x3ee/0x740 [ 453.110661][T19566] ? __pfx_tun_rx_batched.isra.0+0x10/0x10 [ 453.110681][T19566] ? tun_get_user+0x1c0d/0x3b10 [ 453.110691][T19566] ? rcu_is_watching+0x12/0xc0 [ 453.110706][T19566] tun_get_user+0x2897/0x3b10 [ 453.110723][T19566] ? __pfx_tun_get_user+0x10/0x10 [ 453.110732][T19566] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 453.110752][T19566] ? find_held_lock+0x2b/0x80 [ 453.110766][T19566] ? tun_get+0x191/0x370 [ 453.110785][T19566] tun_chr_write_iter+0xdc/0x210 [ 453.110798][T19566] vfs_write+0x5ba/0x1180 [ 453.110815][T19566] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 453.110827][T19566] ? __pfx_vfs_write+0x10/0x10 [ 453.110843][T19566] ? find_held_lock+0x2b/0x80 [ 453.110864][T19566] ksys_write+0x12a/0x240 [ 453.110880][T19566] ? __pfx_ksys_write+0x10/0x10 [ 453.110900][T19566] do_syscall_64+0xcd/0x260 [ 453.110918][T19566] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 453.110930][T19566] RIP: 0033:0x7fa35b18d41f [ 453.110940][T19566] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 453.110951][T19566] RSP: 002b:00007fa35bf89000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 453.110961][T19566] RAX: ffffffffffffffda RBX: 00007fa35b3b5fa0 RCX: 00007fa35b18d41f [ 453.110968][T19566] RDX: 0000000000000f87 RSI: 0000200000001180 RDI: 00000000000000c8 [ 453.110975][T19566] RBP: 00007fa35bf89090 R08: 0000000000000000 R09: 0000000000000000 [ 453.110982][T19566] R10: 0000000000000f87 R11: 0000000000000293 R12: 0000000000000001 [ 453.110988][T19566] R13: 0000000000000001 R14: 00007fa35b3b5fa0 R15: 00007ffc43582908 [ 453.111002][T19566] [ 453.256461][T19568] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3) [ 453.258620][T19568] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 453.261142][T19568] vhci_hcd vhci_hcd.0: Device attached [ 453.522043][ T34] usb 39-1: new high-speed USB device number 2 using vhci_hcd [ 453.526449][T19569] vhci_hcd: connection closed [ 453.526660][ T1139] vhci_hcd: stop threads [ 453.529827][ T1139] vhci_hcd: release socket [ 453.533669][ T1139] vhci_hcd: disconnect device [ 453.542016][ T3338] usb 7-1: new high-speed USB device number 50 using dummy_hcd [ 453.701398][ T3338] usb 7-1: Using ep0 maxpacket: 16 [ 453.704895][ T3338] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 453.708925][ T3338] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 453.712407][ T3338] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 453.716400][ T3338] usb 7-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 453.719297][ T3338] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 453.723855][ T3338] usb 7-1: config 0 descriptor?? [ 453.933467][T19575] loop6: detected capacity change from 0 to 63 [ 453.937644][ T40] audit: type=1400 audit(454.148:1429): avc: denied { map } for pid=19574 comm="syz.0.5015" path="/dev/loop6" dev="devtmpfs" ino=664 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 453.943258][T19575] Buffer I/O error on dev loop6, logical block 0, async page read [ 453.946125][ T40] audit: type=1400 audit(454.148:1430): avc: denied { execute } for pid=19574 comm="syz.0.5015" path="/dev/loop6" dev="devtmpfs" ino=664 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 453.949443][T19575] Buffer I/O error on dev loop6, logical block 1, async page read [ 453.960467][T19575] Buffer I/O error on dev loop6, logical block 2, async page read [ 453.965491][T19575] Buffer I/O error on dev loop6, logical block 3, async page read [ 453.968472][T19575] Buffer I/O error on dev loop6, logical block 0, async page read [ 453.972349][T19575] Buffer I/O error on dev loop6, logical block 1, async page read [ 453.974862][T19575] Buffer I/O error on dev loop6, logical block 2, async page read [ 453.977382][T19575] Buffer I/O error on dev loop6, logical block 3, async page read [ 453.983822][T12930] Buffer I/O error on dev loop6, logical block 0, async page read [ 453.986515][T12930] Buffer I/O error on dev loop6, logical block 1, async page read [ 454.035385][T19583] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5018'. [ 454.040045][T19582] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5018'. [ 454.093488][T19583] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 454.339946][T19572] random: crng reseeded on system resumption [ 454.342161][T19572] FAULT_INJECTION: forcing a failure. [ 454.342161][T19572] name failslab, interval 1, probability 0, space 0, times 0 [ 454.346548][T19572] CPU: 3 UID: 0 PID: 19572 Comm: syz.2.5014 Not tainted 6.15.0-rc7-syzkaller-00014-gd608703fcdd9 #0 PREEMPT(full) [ 454.346563][T19572] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 454.346571][T19572] Call Trace: [ 454.346575][T19572] [ 454.346580][T19572] dump_stack_lvl+0x16c/0x1f0 [ 454.346601][T19572] should_fail_ex+0x512/0x640 [ 454.346621][T19572] should_failslab+0xc2/0x120 [ 454.346634][T19572] __kmalloc_cache_noprof+0x6a/0x3e0 [ 454.346651][T19572] ? do_raw_spin_lock+0x12c/0x2b0 [ 454.346663][T19572] ? find_held_lock+0x2b/0x80 [ 454.346675][T19572] ? async_schedule_node_domain+0x54/0x120 [ 454.346693][T19572] ? __pfx___async_dev_cache_fw_image+0x10/0x10 [ 454.346712][T19572] async_schedule_node_domain+0x54/0x120 [ 454.346729][T19572] dev_cache_fw_image+0x38e/0x490 [ 454.346746][T19572] ? __pfx_dev_cache_fw_image+0x10/0x10 [ 454.346765][T19572] ? __pfx_dev_cache_fw_image+0x10/0x10 [ 454.346782][T19572] dpm_for_each_dev+0x5d/0xb0 [ 454.346798][T19572] fw_pm_notify+0x81/0x150 [ 454.346812][T19572] notifier_call_chain+0xbc/0x410 [ 454.346828][T19572] ? __pfx_fw_pm_notify+0x10/0x10 [ 454.346846][T19572] blocking_notifier_call_chain_robust+0xc8/0x160 [ 454.346864][T19572] ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10 [ 454.346881][T19572] ? __pfx_avc_has_perm+0x10/0x10 [ 454.346897][T19572] pm_notifier_call_chain_robust+0x27/0x60 [ 454.346915][T19572] snapshot_open+0x218/0x2b0 [ 454.346930][T19572] ? __pfx_snapshot_open+0x10/0x10 [ 454.346946][T19572] misc_open+0x35d/0x420 [ 454.346964][T19572] ? __pfx_misc_open+0x10/0x10 [ 454.346980][T19572] chrdev_open+0x231/0x6a0 [ 454.346992][T19572] ? __pfx_chrdev_open+0x10/0x10 [ 454.347005][T19572] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 454.347026][T19572] do_dentry_open+0x744/0x1c10 [ 454.347043][T19572] ? __pfx_chrdev_open+0x10/0x10 [ 454.347057][T19572] vfs_open+0x82/0x3f0 [ 454.347073][T19572] path_openat+0x1e5e/0x2d40 [ 454.347090][T19572] ? __pfx_path_openat+0x10/0x10 [ 454.347104][T19572] do_filp_open+0x20b/0x470 [ 454.347115][T19572] ? __pfx_do_filp_open+0x10/0x10 [ 454.347136][T19572] ? alloc_fd+0x471/0x7d0 [ 454.347158][T19572] do_sys_openat2+0x11b/0x1d0 [ 454.347176][T19572] ? __pfx_do_sys_openat2+0x10/0x10 [ 454.347191][T19572] ? __fget_files+0x20e/0x3c0 [ 454.347204][T19572] __x64_sys_openat+0x174/0x210 [ 454.347218][T19572] ? __pfx___x64_sys_openat+0x10/0x10 [ 454.347231][T19572] ? ksys_write+0x1b9/0x240 [ 454.347248][T19572] ? rcu_is_watching+0x12/0xc0 [ 454.347265][T19572] do_syscall_64+0xcd/0x260 [ 454.347283][T19572] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 454.347295][T19572] RIP: 0033:0x7f64f538e969 [ 454.347305][T19572] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 454.347316][T19572] RSP: 002b:00007f64f61e8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 454.347327][T19572] RAX: ffffffffffffffda RBX: 00007f64f55b5fa0 RCX: 00007f64f538e969 [ 454.347334][T19572] RDX: 000000000000003f RSI: 00002000000001c0 RDI: ffffffffffffff9c [ 454.347340][T19572] RBP: 00007f64f61e8090 R08: 0000000000000000 R09: 0000000000000000 [ 454.347347][T19572] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 454.347354][T19572] R13: 0000000000000000 R14: 00007f64f55b5fa0 R15: 00007ffc0908b688 [ 454.347368][T19572] [ 454.482210][T19572] [ 454.483025][T19572] ============================================ [ 454.484938][T19572] WARNING: possible recursive locking detected [ 454.486849][T19572] 6.15.0-rc7-syzkaller-00014-gd608703fcdd9 #0 Not tainted [ 454.489845][T19572] -------------------------------------------- [ 454.492410][T19572] syz.2.5014/19572 is trying to acquire lock: [ 454.494286][T19572] ffffffff8f2f3f88 (fw_lock){+.+.}-{4:4}, at: assign_fw+0x4e/0x640 [ 454.496731][T19572] [ 454.496731][T19572] but task is already holding lock: [ 454.498999][T19572] ffffffff8f2f3f88 (fw_lock){+.+.}-{4:4}, at: fw_pm_notify+0x69/0x150 [ 454.501538][T19572] [ 454.501538][T19572] other info that might help us debug this: [ 454.503994][T19572] Possible unsafe locking scenario: [ 454.503994][T19572] [ 454.506274][T19572] CPU0 [ 454.507328][T19572] ---- [ 454.508385][T19572] lock(fw_lock); [ 454.509569][T19572] lock(fw_lock); [ 454.510757][T19572] [ 454.510757][T19572] *** DEADLOCK *** [ 454.510757][T19572] [ 454.513223][T19572] May be due to missing lock nesting notation [ 454.513223][T19572] [ 454.515757][T19572] 5 locks held by syz.2.5014/19572: [ 454.517333][T19572] #0: ffffffff8f0e4688 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420 [ 454.519976][T19572] #1: ffffffff8e283dc8 (system_transition_mutex){+.+.}-{4:4}, at: lock_system_sleep+0x87/0xa0 [ 454.523066][T19572] #2: ffffffff8e2c3910 ((pm_chain_head).rwsem){++++}-{4:4}, at: blocking_notifier_call_chain_robust+0xa8/0x160 [ 454.526705][T19572] #3: ffffffff8f2f3f88 (fw_lock){+.+.}-{4:4}, at: fw_pm_notify+0x69/0x150 [ 454.529385][T19572] #4: ffffffff8f2eeba8 (dpm_list_mtx){+.+.}-{4:4}, at: dpm_for_each_dev+0x2d/0xb0 [ 454.532281][T19572] [ 454.532281][T19572] stack backtrace: [ 454.534113][T19572] CPU: 2 UID: 0 PID: 19572 Comm: syz.2.5014 Not tainted 6.15.0-rc7-syzkaller-00014-gd608703fcdd9 #0 PREEMPT(full) [ 454.534129][T19572] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 454.534136][T19572] Call Trace: [ 454.534142][T19572] [ 454.534146][T19572] dump_stack_lvl+0x116/0x1f0 [ 454.534165][T19572] print_deadlock_bug+0x1e9/0x240 [ 454.534182][T19572] __lock_acquire+0xff7/0x1ba0 [ 454.534200][T19572] ? __kasan_slab_free+0x51/0x70 [ 454.534212][T19572] lock_acquire+0x179/0x350 [ 454.534228][T19572] ? assign_fw+0x4e/0x640 [ 454.534244][T19572] ? __pfx___might_resched+0x10/0x10 [ 454.534258][T19572] ? do_sys_openat2+0x11b/0x1d0 [ 454.534271][T19572] ? __x64_sys_openat+0x174/0x210 [ 454.534284][T19572] ? do_syscall_64+0xcd/0x260 [ 454.534300][T19572] __mutex_lock+0x199/0xb90 [ 454.534317][T19572] ? assign_fw+0x4e/0x640 [ 454.534332][T19572] ? assign_fw+0x4e/0x640 [ 454.534347][T19572] ? __pfx___mutex_lock+0x10/0x10 [ 454.534364][T19572] ? kasan_quarantine_put+0x10a/0x240 [ 454.534381][T19572] ? lockdep_hardirqs_on+0x7c/0x110 [ 454.534397][T19572] ? assign_fw+0x4e/0x640 [ 454.534411][T19572] assign_fw+0x4e/0x640 [ 454.534426][T19572] ? _request_firmware+0x957/0x1470 [ 454.534442][T19572] _request_firmware+0x988/0x1470 [ 454.534460][T19572] ? __pfx__request_firmware+0x10/0x10 [ 454.534477][T19572] ? dump_stack_lvl+0x185/0x1f0 [ 454.534491][T19572] ? lockdep_hardirqs_on+0x7c/0x110 [ 454.534507][T19572] __async_dev_cache_fw_image+0xb1/0x340 [ 454.534524][T19572] ? __pfx___async_dev_cache_fw_image+0x10/0x10 [ 454.534541][T19572] ? mark_held_locks+0x49/0x80 [ 454.534557][T19572] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 454.534571][T19572] ? __pfx___async_dev_cache_fw_image+0x10/0x10 [ 454.534589][T19572] async_schedule_node_domain+0xd4/0x120 [ 454.534605][T19572] dev_cache_fw_image+0x38e/0x490 [ 454.534621][T19572] ? __pfx_dev_cache_fw_image+0x10/0x10 [ 454.534637][T19572] ? __pfx_dev_cache_fw_image+0x10/0x10 [ 454.534652][T19572] dpm_for_each_dev+0x5d/0xb0 [ 454.534666][T19572] fw_pm_notify+0x81/0x150 [ 454.534680][T19572] notifier_call_chain+0xbc/0x410 [ 454.534695][T19572] ? __pfx_fw_pm_notify+0x10/0x10 [ 454.534711][T19572] blocking_notifier_call_chain_robust+0xc8/0x160 [ 454.534728][T19572] ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10 [ 454.534745][T19572] ? __pfx_avc_has_perm+0x10/0x10 [ 454.534758][T19572] pm_notifier_call_chain_robust+0x27/0x60 [ 454.534775][T19572] snapshot_open+0x218/0x2b0 [ 454.534790][T19572] ? __pfx_snapshot_open+0x10/0x10 [ 454.534805][T19572] misc_open+0x35d/0x420 [ 454.534821][T19572] ? __pfx_misc_open+0x10/0x10 [ 454.534837][T19572] chrdev_open+0x231/0x6a0 [ 454.534848][T19572] ? __pfx_chrdev_open+0x10/0x10 [ 454.534858][T19572] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 454.534877][T19572] do_dentry_open+0x744/0x1c10 [ 454.534894][T19572] ? __pfx_chrdev_open+0x10/0x10 [ 454.534905][T19572] vfs_open+0x82/0x3f0 [ 454.534917][T19572] path_openat+0x1e5e/0x2d40 [ 454.534930][T19572] ? __pfx_path_openat+0x10/0x10 [ 454.534941][T19572] do_filp_open+0x20b/0x470 [ 454.534954][T19572] ? __pfx_do_filp_open+0x10/0x10 [ 454.534968][T19572] ? alloc_fd+0x471/0x7d0 [ 454.534986][T19572] do_sys_openat2+0x11b/0x1d0 [ 454.534999][T19572] ? __pfx_do_sys_openat2+0x10/0x10 [ 454.535012][T19572] ? __fget_files+0x20e/0x3c0 [ 454.535022][T19572] __x64_sys_openat+0x174/0x210 [ 454.535035][T19572] ? __pfx___x64_sys_openat+0x10/0x10 [ 454.535048][T19572] ? ksys_write+0x1b9/0x240 [ 454.535064][T19572] ? rcu_is_watching+0x12/0xc0 [ 454.535078][T19572] do_syscall_64+0xcd/0x260 [ 454.535094][T19572] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 454.535106][T19572] RIP: 0033:0x7f64f538e969 [ 454.535115][T19572] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 454.535126][T19572] RSP: 002b:00007f64f61e8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 454.535137][T19572] RAX: ffffffffffffffda RBX: 00007f64f55b5fa0 RCX: 00007f64f538e969 [ 454.535144][T19572] RDX: 000000000000003f RSI: 00002000000001c0 RDI: ffffffffffffff9c [ 454.535151][T19572] RBP: 00007f64f61e8090 R08: 0000000000000000 R09: 0000000000000000 [ 454.535157][T19572] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 454.535164][T19572] R13: 0000000000000000 R14: 00007f64f55b5fa0 R15: 00007ffc0908b688 [ 454.535173][T19572] [ 454.667086][ T3338] shield 0003:0955:7214.0021: unknown main item tag 0x0 [ 454.870368][ T3338] shield 0003:0955:7214.0021: unknown main item tag 0x0 [ 454.872607][ T3338] shield 0003:0955:7214.0021: unknown main item tag 0x0 [ 454.874677][ T3338] shield 0003:0955:7214.0021: unknown main item tag 0x0 [ 454.876855][ T3338] shield 0003:0955:7214.0021: unknown main item tag 0x0 [ 458.656660][ T34] vhci_hcd: vhci_device speed not set VM DIAGNOSIS: 02:06:39 Registers: info registers vcpu 0 CPU#0 RAX=0000000000bc215c RBX=0000000000000000 RCX=ffffffff8b6d3419 RDX=ffffed100d4865be RSI=ffffffff8bf4a220 RDI=ffffffff8191adf1 RBP=fffffbfff1c12ee8 RSP=ffffffff8e007e10 R8 =0000000000000000 R9 =ffffed100d4865bd R10=ffff88806a432deb R11=0000000000000001 R12=0000000000000000 R13=ffffffff8e097740 R14=ffffffff90852e10 R15=0000000000000000 RIP=ffffffff8b6d1caf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d69da000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f9974381c78 CR3=000000001fcab000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000097 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000306e61637876 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa35b211a8a ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa35b211a97 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa35b211a91 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa35b211aa5 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa35b211b2b ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa35b211c09 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa35b383488 00007fa35b383480 00007fa35b383478 00007fa35b383450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa35beed100 00007fa35b383440 00007fa35b380004 0008000f0010000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa35b383498 00007fa35b383490 00007fa35b383488 00007fa35b383480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 0000000000000000 0000000000000000 00000000000000a0 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000001 RBX=ffff88806a532de8 RCX=ffffffff81c30b3f RDX=0000000000000000 RSI=ffffffff8bf4a220 RDI=ffffffff8dcf0d28 RBP=0000000000000001 RSP=ffffc90003df78e8 R8 =0000000000000000 R9 =fffffbfff210a5c2 R10=ffffffff90852e17 R11=ffff88806a53a688 R12=ffffffff8b6e5a44 R13=ffffffff8b6e5a44 R14=0000000000000001 R15=ffff88806a539dc0 RIP=ffffffff81a0f082 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6ada000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000200000005000 CR3=000000001fcab000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa35b211a8a ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa35b211a97 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa35b211a91 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa35b211aa5 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa35b211b2b ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa35b211c09 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa35b383488 00007fa35b383480 00007fa35b383478 00007fa35b383450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa35beed100 00007fa35b383440 00007fa35b380004 0008000f0010000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa35b383498 00007fa35b383490 00007fa35b383488 00007fa35b383480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 0000000000000000 0000000000000000 00000000000000a0 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000035 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff854f9bb5 RDI=ffffffff9adfe5a0 RBP=ffffffff9adfe560 RSP=ffffc900035c6d08 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d R12=0000000000000000 R13=0000000000000035 R14=ffffffff9adfe560 R15=ffffffff854f9b50 RIP=ffffffff854f9bdf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 00007f64f61e86c0 ffffffff 00c00000 GS =0000 ffff8880d6bda000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000001b3001fffc CR3=0000000023cd1000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9974211a8a ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9974211a97 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9974211a91 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9974211aa5 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9974211b2b ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9974211c09 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9974383488 00007f9974383480 00007f9974383478 00007f9974383450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9974eed100 00007f9974383440 00007f9974383458 00007f99743834a0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9974383498 00007f9974383490 00007f9974383488 00007f9974383480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=000000000001165d RBX=0000000000000001 RCX=000000000001165d RDX=dffffc0000000000 RSI=00000000000a7102 RDI=ffffffff91d8a060 RBP=ffffc90007257980 RSP=ffffc900072578c8 R8 =0000000000000000 R9 =0000000000000000 R10=ffffc90007257938 R11=000000000001165d R12=ffffc90007257988 R13=ffffc90007257938 R14=ffffc9000725796d R15=ffffffff82165d3f RIP=ffffffff8169db4a RFL=00000287 [--S--PC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 000055556e8e8500 ffffffff 00c00000 GS =0000 ffff8880d6cda000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f997437d2d8 CR3=0000000045106000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000080202040 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff50ad7430 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9974211a8a ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9974211a97 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9974211a91 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9974211aa5 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9974211b2b ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9974211c09 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000030 0000000000000020 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00656b616873646e 6148006c61697469 6e4900656c676e61 6d006574756f7262 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000