last executing test programs: 21.767605322s ago: executing program 1 (id=1074): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000009500000000000000587b377115a789008380adefc907253e"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) r1 = socket$inet6(0xa, 0x5, 0x0) setsockopt$sock_int(r1, 0x1, 0x4000000000000002, 0x0, 0x0) r2 = socket$netlink(0x10, 0x3, 0x9) sendmsg$NFT_BATCH(r2, &(0x7f0000004a80)={0x0, 0x0, &(0x7f0000004a40)={&(0x7f0000000400)=ANY=[@ANYBLOB="14000000f900010000000000010000000000000a1400000000000000000014000000f803010000000000000000000000000a4cd475bade6fe0cb63537166c264d42c0a32eaeb5799d672846f564788ac750f8b489294c3e824801b49ba67b72529424d3793ced1c755b6eb6b88d2257f7633c62e2ea16fc5311bbe4e293ddf9e8e52031d0282cbbfb12779a42b96d320097c9773e7b8e8fab7adc141df08124abc9b80042e"], 0x3c}}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r3, 0x0) r4 = socket$inet_udp(0x2, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000040000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) setsockopt$sock_int(r4, 0x1, 0x7, &(0x7f0000000080), 0x4) bind$inet(r4, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10) setsockopt$sock_int(r4, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4) sendto$inet(r4, 0x0, 0x0, 0x40440d6, &(0x7f0000000180)={0x2, 0x4e21, @private=0xa010101}, 0x10) r5 = syz_open_dev$sg(&(0x7f0000000300), 0x8, 0x311000) ioctl$SCSI_IOCTL_SYNC(r5, 0x4) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x0, 0x0, @private2}]}, &(0x7f0000000180)=0x10) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f00000001c0)={r7, @in6={{0xa, 0x4e21, 0xffff, @private2, 0x8}}, 0x0, 0xfffa, 0x6, 0xfffffffe, 0x90}, 0x9c) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r6, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x200, 0x2c}, 0x9c) r8 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f00000003c0)={'wlan0\x00', 0x0}) socket$vsock_stream(0x28, 0x1, 0x0) sendmsg$NL80211_CMD_CHANNEL_SWITCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB, @ANYRES16, @ANYBLOB="010000000000660000000800030000000000", @ANYRES32=r9, @ANYRESOCT=r2], 0x2c}}, 0x0) syz_genetlink_get_family_id$l2tp(&(0x7f00000001c0), 0xffffffffffffffff) r10 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000500)={'ip6gre0\x00', &(0x7f0000000600)={'syztnl2\x00', 0x0, 0x4, 0xd, 0x7, 0x4, 0x0, @dev={0xfe, 0x80, '\x00', 0x1f}, @private0={0xfc, 0x0, '\x00', 0x1}, 0x726, 0x8, 0x38, 0x7fffffff}}) listen(r10, 0x0) ioctl$sock_inet_tcp_SIOCOUTQNSD(r10, 0x894b, 0x0) 21.6102011s ago: executing program 1 (id=1077): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000100), r0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000180)={'batadv_slave_0\x00'}) sendmsg$MPTCP_PM_CMD_SUBFLOW_DESTROY(r0, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x14, r1, 0x401, 0x470bd2c, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x40001}, 0x2) r2 = openat$dsp(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r3) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f0000000100)={'ip6gre0\x00', &(0x7f00000004c0)={'syztnl1\x00', 0x0, 0x0, 0x5, 0x94, 0x8000, 0x0, @remote, @empty, 0x80, 0x0, 0x2, 0x1}}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x50000000000000, 0x8, 0x4, 0x100000000, 0x100, 0x80000000, 0xa3fe0000000000, 0x3, 0x9, 0x0, 0x5, 0x7, 0x3, 0x6, 0x2, 0x9], 0x4000, 0x200}) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r5 = openat$binderfs(0xffffff9c, &(0x7f0000000580)='./binderfs/binder0\x00', 0x3, 0x0) fchdir(r5) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b702000002100000850000008600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r6}, 0x10) socket$netlink(0x10, 0x3, 0x14) sendmsg$TIPC_CMD_SET_NODE_ADDR(r3, &(0x7f0000000480)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x24, 0x0, 0x800, 0x70bd2b, 0x25dfdbfe, {{}, {}, {0x8, 0x11, 0xe78}}, ["", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x20004010}, 0x20008000) r7 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCL_BLANKSCREEN(r7, 0x541c, &(0x7f00000001c0)) write$cgroup_int(r3, &(0x7f0000000540)=0x8000, 0x12) openat$userio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r8, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_CT_DIRECTION={0x5}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x14}, @NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x80}}, 0x0) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff, 0xfffffffffffffffa}, 0x0, 0x0) close_range(r2, 0xffffffffffffffff, 0x0) 20.968733232s ago: executing program 1 (id=1080): sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x20082, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100800001) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mknod$loop(0x0, 0x0, 0x1) mount(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080)='msdos\x00', 0x0, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000340)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10) ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1}) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) syz_emit_ethernet(0x0, 0x0, 0x0) openat$audio(0xffffff9c, 0x0, 0x0, 0x0) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="54010000100013070000000000000000e0000002000000000000000000000000ff01000000000000000000000000000100"/64, @ANYRES32=0xee00, @ANYBLOB="ac14143e0000000000000000000000000000000032000000ac1e00010000000000000000000000000000000000000000000000000000000000000007000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000300000000000000fcffffffffffffff00000000000000000000000000000000000000000000000000000000020000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c001c000000000000000000000000000000000028bd700000000000"], 0x154}}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r4 = socket$inet6_sctp(0xa, 0x801, 0x84) getsockopt$bt_hci(r4, 0x84, 0x7f, 0x0, &(0x7f0000001180)) ioctl$CEC_ADAP_S_LOG_ADDRS(0xffffffffffffffff, 0xc05c6104, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x0, 0x0, 0x81, 0x0, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_CREATE(0x0, 0x0, 0x0) 13.081094509s ago: executing program 1 (id=1100): syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000380)={'wlan0\x00'}) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000440)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r2, @ANYBLOB="4200330000000000080300000001080211000000f80cdf28352000000000000000002d1a00000000000000000000000000000000004300000000000000000000040093000800cd"], 0x6c}, 0x1, 0x0, 0x5000000}, 0x0) 12.960013315s ago: executing program 1 (id=1101): sched_setaffinity(0x0, 0xfffffffffffffe58, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000032680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) fsopen(0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x18, "000080f100df000000a7d9de16c708db7200"}) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) r1 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000000)={0x4}, 0x10) write(r1, &(0x7f0000000100)="1400000052004f7fb3e4bf80a000f00c00000000", 0x14) socket$nl_route(0x10, 0x3, 0x0) recvmmsg(r1, &(0x7f0000001b40), 0x0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000480)=[{&(0x7f00000000c0)=""/217, 0xd9}, {&(0x7f0000000040)=""/112, 0x70}], 0x2, &(0x7f0000000880)=[{0x0}], 0x1, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) syz_io_uring_setup(0x56c1, &(0x7f0000000580)={0x0, 0x4f89, 0x400, 0xfffffffd, 0x1}, &(0x7f0000000280), &(0x7f0000000200)) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0)) r2 = epoll_create1(0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@nfs_export_on}]}) chdir(&(0x7f00000000c0)='./bus\x00') r3 = creat(&(0x7f0000000440)='./file0\x00', 0x0) open_by_handle_at(r3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000fb000000fffb000000000000cc7c4fd0012268313756d085b4f536631c1d0a19be9723843e3019e2829f176b541ea8475c2ce0d6ceadafa34fcd86ab4a996eb511e7ce077aec7e0664c8e28d8cf5f57dc6"], 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) epoll_create1(0x80000) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r4, &(0x7f0000000100)={0x20000014}) prctl$PR_SCHED_CORE(0x3e, 0x4, 0x0, 0x3, 0x0) getpid() 2.770275736s ago: executing program 3 (id=1139): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_open_dev$dri(&(0x7f0000000080), 0x0, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_FD(r1, 0xc01064c1, &(0x7f0000000280)) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', 0x0}) r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001800)={0x6, 0x3, &(0x7f00000005c0)=ANY=[@ANYRES8=r0], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r2, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000040)={r3, r2, 0x25, 0x8, @void}, 0x10) 2.688677854s ago: executing program 3 (id=1142): sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000000300)=""/102400, 0x19000) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r1, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000002c0)=[@in6={0xa, 0x0, 0x0, @private0}]}, &(0x7f0000000180)=0x10) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_CONTEXT(r1, 0x84, 0x7d, &(0x7f0000019340), 0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_init_net_socket$rose(0xb, 0x5, 0x0) connect$pppl2tp(0xffffffffffffffff, 0x0, 0x0) r2 = socket$phonet_pipe(0x23, 0x5, 0x2) connect$phonet_pipe(r2, &(0x7f0000000200), 0x10) r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) syz_io_uring_setup(0x239, &(0x7f0000000080)={0x0, 0x80000}, &(0x7f0000000000), 0x0) pipe2(&(0x7f0000000240), 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r3, 0x40345410, &(0x7f00000083c0)={{0x1}}) readv(r3, &(0x7f0000001380), 0x0) ioctl$SNDRV_TIMER_IOCTL_START(r3, 0x54a0) r4 = syz_open_dev$usbfs(&(0x7f0000000040), 0x20000007d, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000600), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_GET(r5, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000000001f0000540000000e0001006e657464657673696d0000000f0002"], 0x34}}, 0x0) r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000600), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_GET(r5, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)={0x14, r7, 0x1, 0x0, 0x0, {0x54}}, 0x14}}, 0x0) dup3(0xffffffffffffffff, r4, 0x0) socket$inet6_sctp(0xa, 0x5, 0x84) openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) 2.37983267s ago: executing program 2 (id=1146): bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x3, 0x4, &(0x7f0000000a40)=ANY=[@ANYBLOB="850000002e000000350000000000000085000000230000009500000000000000f4670880271e3503000ffa95a2c8c037c5fcadf78683149e17e24e96a142dfa8ba6287066c5197fabd5f7010e81ae0b737126ea6f7dc39cd34d5aeed8d38665c01002ff5dde54704d25c79949c23e2eb15d755a2350ea7c09c6db5640c11664baf8adb2142a9c28de194f44800000000b0d3712c7e93363af3c075ff1e23160104d95433bb755af3d57609d700ab56e77201bc692c5a2ad40709d031f40f3012e9576e51a7f550afc852003b2ff3462664c744ae6af3c037102124e25cec074c6949e1d76d067a97000247fe5f17fdab800f4104dbaba46aac3abe6c4d7f47ef6d02ba536cdacecf7eb6baaa4a9779f8555eaea76899f2c221c110ef050000000ee282ab76f593d928cf95846be6277cd8a4f8dc8dcba00b1b2d2547c45b0c52087b5efabf8496b9a9812ed03cee579251667dd58ea032eda2296efb19a34268335648e1f844ce328c10752a42dca52fb98c1452b651ebf942f7297f7b2744419a2f238f173d0cd46dafc6e9d929e03e5309ec91d83cf4fbd775e629b3000000000000000000000000000000000000000000000000004e410700ff9cfa139a35a8a669689144ff0173b15aa0f3794dbe2b0e6523155f5c4631f4cd2947de92f74fe3889ea5786118a4a8010e0de54a7d37885343e2545cffe14c8206da26a9ebf6cda6f5c081a320020bb82f56c0ab09797161997af2ad43ab7347a8c2ba7726a60459f43f8482482cc85096f11f14eecff54dca4a32ee9cfa02b397ef622284c5286e186cb7d73119c6a356722c890c9b06c42853c4043e9d44c306e7b1a03fb70317a75a013f617a834283a978fc460bdab3ba34e8336608eb0f591e4815ac1e51f1c20ef5"], &(0x7f0000000140)='GPL\x00', 0x0, 0x99, &(0x7f0000000180)=""/153, 0x40f00, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$OBJ_GET_MAP(0x7, 0x0, 0x0) syz_emit_vhci(0x0, 0x22) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x275a, 0x0) syz_open_procfs(0x0, 0x0) ioctl$KVM_SET_REGS(r0, 0x4090ae82, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x68) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r1, &(0x7f00000001c0)=[{&(0x7f0000033a80)=""/102386, 0x18ff2}], 0x1, 0x0, 0x0) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0e00000004000000040000000c00000000000000637c5c023565bce634cbd248ce9dcd9c560be4ed92e0db29ed86559f9d0cf5c7a54b22e57d7ccea0ee954a87df60c8055f776b4b6504e104f7c850234b15e0fac331573fb8002930e49b7aa1e252371ebb437c7fb7da19a918735da8bb332f29ad9a6cf3dee47c9bbd6843d96b791f3b5833dfcaeef04a28acac104cd79461e835345aeabdcb049fc7a3ea59b977f99485d6eb9bb35c427c7b6e8e6e9bf6353f4767707b56dfd23441d03efddfb6056b7c97688a895dcb2c088e067943183e0568ed760c10189cae6100", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) syz_io_uring_setup(0xf3d, &(0x7f0000000480), &(0x7f0000000080), &(0x7f0000000540)) openat$qrtrtun(0xffffffffffffff9c, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) socket$packet(0x11, 0x3, 0x300) r2 = openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$int_in(r2, 0x40000000af01, 0x0) r3 = socket$kcm(0x10, 0x2, 0x10) r4 = syz_open_procfs$userns(0x0, &(0x7f0000000040)) fsetxattr$system_posix_acl(r4, &(0x7f00000000c0)='system.posix_acl_default\x00', 0x0, 0x0, 0x0) r5 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x32, &(0x7f00000000c0)=r6, 0x4) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xb, &(0x7f0000001480)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000885000000a00000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r8 = getuid() setreuid(0xee00, r8) ioprio_get$uid(0x3, r8) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r5}, &(0x7f0000000100), &(0x7f0000000140)=r7}, 0x20) 1.720205297s ago: executing program 0 (id=1148): syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = socket$inet6_udp(0xa, 0x2, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = getpid() process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) fcntl$lock(r3, 0x25, &(0x7f0000000200)={0x1, 0x1, 0x0, 0xc6, r2}) socket$inet6(0xa, 0x2, 0x0) sendmsg$inet6(0xffffffffffffffff, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYRESHEX=0x0, @ANYRESHEX, @ANYBLOB="06000000000000000000000000000000000000008789feb223c88553199e7c1e333ed6349330a75f165c647579f58fcf076820b99902925bb5284c4c66ce1be9a9c0", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00'], 0x50) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r4, 0x0, 0x0) r5 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, &(0x7f0000000180)) epoll_pwait(r5, 0x0, 0x0, 0xfeffffff, 0x0, 0x0) write$sndseq(r4, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8) keyctl$search(0xa, 0x0, 0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1b00000000000000000001000080080000000000", @ANYRES32, @ANYBLOB="00002b6300000000000000000000000000030000", @ANYRES32=0x0, @ANYRES32], 0x50) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000001b00)=@raw={'raw\x00', 0x3c1, 0x3, 0x318, 0x188, 0x150, 0x150, 0x0, 0xf8010000, 0x250, 0x238, 0x238, 0x250, 0x238, 0x3, 0x0, {[{{@ipv6={@loopback, @ipv4={'\x00', '\xff\xff', @private}, [0x0, 0x0, 0xff], [], 'team_slave_0\x00', 'hsr0\x00'}, 0x0, 0x120, 0x188, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'batadv0\x00', {0x0, 0x0, 0x4, 0x100000, 0x0, 0x1, 0x4}}}, @common=@hl={{0x24}, {0x0, 0x40}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'pptp\x00', 'syz0\x00'}}}, {{@ipv6={@remote, @mcast1, [], [], 'batadv_slave_0\x00', 'gre0\x00'}, 0x0, 0xa4, 0xc8}, @common=@inet=@SYNPROXY={0x24}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x374) socket$nl_route(0x10, 0x3, 0x0) 1.646932604s ago: executing program 3 (id=1149): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000800000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000140)='contention_end\x00', r0}, 0x10) r1 = syz_io_uring_setup(0x4d06, &(0x7f0000000500)={0x0, 0x0, 0x100, 0x0, 0x8000}, &(0x7f0000000300), &(0x7f0000000200)) io_uring_enter(r1, 0x1064, 0x0, 0x0, 0x0, 0xffffff8d) r2 = syz_io_uring_setup(0x184b, &(0x7f0000000480)={0x0, 0x9a5e, 0x20, 0x4000000, 0x26d, 0x0, r1}, &(0x7f0000000240), &(0x7f0000000280)) r3 = syz_io_uring_setup(0x7f54, &(0x7f0000000100)={0x0, 0x0, 0x3e00, 0x0, 0x3b, 0x0, r2}, &(0x7f0000000000), &(0x7f00000000c0)) r4 = socket$rds(0x15, 0x5, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a14000000020a010300000000000000000200000014000000110001000000000000005d232cb6986f9d3ad86604ab7000020000000a16f45694fef77ed8f4c09d07ed48c589d07335ee7c8a425b0a79f32a440de0584ced6a59178e3f1b0e6c28eb7d5013f127c1eef51c388a483b0f44cd4b9c0809433bfbeea5cb6bc27e1b454bd72eda842d2d"], 0x3c}}, 0x0) sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) bind$rds(r4, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10) sendmsg$rds(r4, &(0x7f0000000080)={&(0x7f0000000180)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r7 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_SEND(0xffffffffffffffff, 0xc0182101, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_SEND(0xffffffffffffffff, 0xc0182101, 0x0) pipe2(&(0x7f00000001c0), 0x84000) r8 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_CHANNELS_SET(r8, 0x0, 0x0) shutdown(r7, 0x0) ppoll(&(0x7f00000002c0)=[{r3}], 0x1, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) fchdir(0xffffffffffffffff) 1.490226097s ago: executing program 2 (id=1150): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@private, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {}, {0x1}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0xb8}}, 0x0) sendmsg$nl_xfrm(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000500)=ANY=[@ANYBLOB="ec000000210001000000000000000000ac1ee100000000002000000a00000000403403f438bd9e2800000000000000000000000000000000020000edffffff00", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000009c0011"], 0xec}}, 0x0) 1.296920784s ago: executing program 2 (id=1151): r0 = socket$kcm(0x1e, 0x1, 0x0) r1 = epoll_create1(0x0) r2 = syz_io_uring_setup(0x239, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000380)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r2, 0x2def, 0x0, 0x0, 0x0, 0x0) r5 = signalfd(0xffffffffffffffff, &(0x7f0000000100), 0x8) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r5, &(0x7f00000000c0)) r6 = signalfd(0xffffffffffffffff, &(0x7f0000000100), 0x8) signalfd(r6, &(0x7f0000000100), 0x8) setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f00000008c0), 0x43) socket$kcm(0x1e, 0x1, 0x0) r7 = socket$kcm(0x1e, 0x1, 0x0) setsockopt$sock_attach_bpf(r7, 0x10f, 0x87, &(0x7f00000008c0), 0x43) sendmsg$kcm(r0, &(0x7f0000000100)={&(0x7f0000000080)=@tipc, 0x80, 0x0}, 0x0) 1.179752585s ago: executing program 2 (id=1152): syz_pidfd_open(0x0, 0x0) syz_open_dev$tty20(0xc, 0x4, 0x1) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00'}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) read$FUSE(0xffffffffffffffff, &(0x7f0000004000)={0x2020}, 0x2020) mlock2(&(0x7f0000ffa000/0x2000)=nil, 0x2000, 0x0) write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xb, &(0x7f0000002180)=ANY=[@ANYBLOB="180200000000000000000000000000001801000020c6702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xb3, &(0x7f000000cf3d)=""/179, 0x41000, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000340)=@base={0x12, 0x2, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a14000000060a000000000000000000000000000020000000000a010800000000000000000a2000000900010073797a310000000048000000030a010100000000000000000a00fffe080007006e61740014000480080002400000000008000140000000010900010073797a310000000009000300"], 0xa4}}, 0x0) 760.547902ms ago: executing program 3 (id=1153): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f00000022c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x2100, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x9, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="05000000000000007b114800000000008510000002000000850000000000000095000000000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) io_setup(0x8, &(0x7f0000000600)) openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000002740), 0x101002) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f0000000080)={@local, @broadcast}, &(0x7f00000023c0)=0xc) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)) getsockname$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000280)=0x14) r0 = socket$inet_udplite(0x2, 0x2, 0x88) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x28, 0x0, 0x0, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_TX_RATES={0xc, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x8, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HT={0x4}]}]}]}, 0x28}}, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2c0000003b0007010000000000000000027c00000400000014000180060006000806000008"], 0x2c}}, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0xb, 0x88, 0x8, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r2, &(0x7f0000000000), &(0x7f0000000040)=@udp}, 0x20) r3 = memfd_secret(0x80000) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f00000002c0)="b169c74e1caa44dd52570500a5f22a962feebc8cb3f611088ca33706f37bd4be7a65a5ca7e6dd055fcfea068f929d07f87cbeafbde2ae79e4fc0060f81c9f99feb87e594c496822d9a64abacf86b7f4ae779e2f3af1e6aab05bd9a581ad27ecd38ac2282f42a7c21713a954e2bc72973e821f8db7a6502db916d81ede46046ed0fee4cde94899ae22339c67adb37aba6ca9ba321ded53a639c39069634da56b5e10b3bb9fb8ce8e9ea990fc2fef482d408f86505394564f8ffa52efed3b866da5257aaad90aebc9b25adbf91", 0xcc) getsockname$inet(r0, &(0x7f00000003c0)={0x2, 0x0, @multicast1}, &(0x7f0000000400)=0x10) bpf$MAP_LOOKUP_BATCH(0x1b, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000540), 0x0, 0x7fff, r2}, 0x38) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50) 448.589002ms ago: executing program 3 (id=1154): openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$inet6(0xa, 0x80002, 0x88) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000006000/0x3000)=nil, 0x3000, 0x1, 0x0, 0x0, 0x0) (async) mbind(&(0x7f0000006000/0x3000)=nil, 0x3000, 0x1, 0x0, 0x0, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000240)='numa_maps\x00') read$FUSE(r1, &(0x7f0000002e40)={0x2020}, 0xffffffffffffff40) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x10010000004e20}, 0x1c) syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaa79ff030486dd601b8b97004d88c19e9ace00000000000000002100000002ff02000000000000000000000000000104004e200008b0"], 0x0) syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[], 0x0) (async) syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[], 0x0) recvmmsg(r0, &(0x7f0000000540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x42, 0x0) (async) recvmmsg(r0, &(0x7f0000000540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x42, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x20040000) (async) sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x20040000) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000008c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000980)={&(0x7f00000006c0)=ANY=[@ANYBLOB="3854b5994c19caec4e35a6059908875224ce860839566563213db78dfc859f52cf7fc1e1111d8e136d912050fde22365649c2b1bf604344e6ee97688b1ddf105f634f7a6a6f7abea486a158f4ad5fbb1e52fbbcbbf35435d270f070606e7d4f11c364dc9c8fb8845f21b51369cb022ab001c7195fc0dddef1562c4cece50f7d2fe2e7751ebcbbefd6787f1c12a2b0b4abee3168d0e00687eb67dfc38d9ae76dd7388184ad4f44e3b70e208b4d96fbc914d44d1121d5c044b2515e01d02bb1edfc991471e32d8aced0c674ee3cc5eb6", @ANYRES16=r3, @ANYBLOB="010000000000000000000700000008000300", @ANYRES32=r4, @ANYBLOB="0c0099000000000000000000140004006e6963766630000000000000000000000800050006000000"], 0x44}}, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000680), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_TRIGGER_SCAN(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000000000000002100000008000300", @ANYRES32=r7], 0x30}}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) (async) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r8 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r8, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) (async) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r8, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r8, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1}) ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r8, 0xc02064b9, &(0x7f0000000dc0)={&(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000200), 0x4, r9}) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r8, 0xc04064a0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)=[0x0], 0x0, 0x0, 0x0, 0x1}) r10 = syz_open_dev$dri(&(0x7f0000000580), 0x20, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r10, 0xc04064a0, &(0x7f0000000440)={0x0, &(0x7f0000000380)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r10, 0xc06864a1, &(0x7f0000000b40)={0x0, 0x0, r11}) (async) ioctl$DRM_IOCTL_MODE_GETCRTC(r10, 0xc06864a1, &(0x7f0000000b40)={0x0, 0x0, r11, 0x0}) ioctl$DRM_IOCTL_MODE_DIRTYFB(0xffffffffffffffff, 0xc01864b1, &(0x7f0000000040)={r12, 0x0, 0x0, 0x0, 0x0}) (async) ioctl$DRM_IOCTL_MODE_DIRTYFB(0xffffffffffffffff, 0xc01864b1, &(0x7f0000000040)={r12, 0x0, 0x0, 0x0, 0x0}) 350.172482ms ago: executing program 0 (id=1155): r0 = socket$kcm(0x1e, 0x1, 0x0) setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f00000008c0), 0x43) 349.66629ms ago: executing program 0 (id=1156): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = socket$netlink(0x10, 0x3, 0x4) sendmsg$nl_route_sched(r0, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)=@gettclass={0x24, 0x2a, 0x8, 0x70bd2d, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0xffff, 0xffe0}, {0xd, 0x6}, {0xd, 0x4}}, ["", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4000800}, 0x4000000) r1 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x181c0, 0x0) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYRES32=r2, @ANYRESDEC=0x0]) read$FUSE(r2, &(0x7f00000021c0)={0x2020}, 0x2020) syz_fuse_handle_req(r2, &(0x7f000000e3c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d838aae8c05dd22d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_fuse_handle_req(r2, &(0x7f0000006300)="a28096c80abf3543ecde7564abff5085d2227ebcb0f164ae92706ad0b083a3f469a3efd15b4921e9c3063b98b3082068e7c31950dde842eac55df0f991453cad62a6956b0b6f7b8cf49b506a3060fe1127eca99663ade8efa89ee189acb5f3b92f6bc4c46621c803eed0d0bb5f32384870ed08f89d4f74445762fb99715e083c4c92a8878be19ffacc30d0f2da64f971cd40563163adc15670ecf25cd3ad96138967c4b53ad9d04b5193ab5fb674aa0030a9d703d1baf810ce897f969121f142161919e583c275671b999e7f363891dfdfdf3556d01b86ee29eca8fccbfeaf1771395148706cc6e6be7ce29fc9ffef061b5420950c1a525bf75ad06edec51538d1c5bbc77da72dc90fd9998936fffdda2427e5a68966c7e2208f76304680182ec73007e482f034195712af922db2726195d997708734db9e7825a864be00b2a4f800881fc0363f5e618398454f35b148b4ccb88d418269fac868a8ba4a2d5b4f06a1ac01b5ad158b842e05adca22c7372585bf4ce95560b6c1e021a3ed2ff7bd3b6b3c7734c3b66d7e4c460096312082f89b16baa6e73814aa60925780cd92cd65087e260ec046fc363264366a9df2c849c0644911303946adad544521ceb469a3e193ecc9a7876403fac461a4a70d6193b2451189a5c5120b3535e9edf619108af7f517b58abd3fa7fb1ab832213430d2e6901076fba9c9e1acc6c6f48ff0e419bbc45589745a176f52a7407ad5e3dd49acb31b47862806f47077dda04905e45a80a12cbcd4d2dd9fe66c2d1f99394fed8ec60961cd2dc7115a96ece432fac86d51bebb08b95f447a83792fe80291fca7b298c9043ef2c26f0f7e42798d3f54c84b94c24c76c555d83ecc53b99bb22d71845e5cf21a5ba7fbeffeb6306e1730db14561b950a3f24bcfd78d4ab0d97de8054bb1a6077ae7cca6e45d846d3df82298d07212922742cb0facac3b77edfbab90e9ee2d4f7b0ee9b17bb11ec5e5721340d84cb6bd93428167e69b47759172557acda313c3decdfc6fe9336bfade459f43b39d0f2289f9142db280f4ee668e650e12858c577e12e2b9a57ee66c834be97979bcbe94747fa5d8d0b7d3a9f8f218df1bf960f828429a1efe838616b18faf6629236ddbded43a093efae163228e5c38fd7714743c2fcca47e3382bcfb1ab893fd7377527b4ec43f3fa60ebd338161d8de7cad65b15579e4af258f5fe3a63c2637a15703207029b0899b5427767647baef11e291358e6e54f6f13d3d2ca7a5e7969e04d2733b3b9ab822c69a3cfac097384de5071a9b74a656136d55eb190df08747b509fd610ff62b4950ef71c934fe21a48a4931d3d9458b415f112cee65c660f5490e982341da1c58634b3967ca6f3596d20cc90f508382156e36f16539093240ef5f2aa6a2c0dff2a67df30dcf50bf6e0b82a3d49f2d532a8dde1b3ceefcf0837190b74186090d1c18b59917d7efce1adfb238ef4a7b1d22c4cef09320221de883e97e6882466508de06fcdabad3b741bdca2cff879d57ddda52f42b3dcb8a78cfc05826af7e4ff155960ff8491194f4d321ef195990abaeeefdcb852d1e1e3703f317385a9458b6c2dd9db830f757ec29c9939fc7313e639fe485bc1e41ddaaef3fbf1f7cc527c8fad0d21b8082482caad7bee440e5097665f636c3dfec82f8c98afb6243bc3944939675a594277d278ba4361461f7da52e224e4ce5dee4a467bf6ae9f67b61ac6eb0a440406abac2016eec907e241c57f5f44be47290fd0fef785ff04df3810ccd637b4d97a84bae8486a36f75d872e645fe46625969fc2d1f032c56ed44bd98ea27bd9b6ddc8eb2dc2ec9f90f2f1ca1bd20e37ac58b03c84c872f4ba47310654986641460dfdd531ac62a76ad87b89c103ac5c9c2e7e70c66447b3412d4a1e5cbc30e16939505116c04de33ae054ed366de8d1f971c2de439957a194e22a488f58d7efd46439177f3f3c45a1475927eecd846d3d2e6a2ab5c7f8addd99062c2fc6b272d1f51bb8f22f1b6f8bb3faf8aa85e5eb9abf7df5cf8f26267323808b0833a987989cbe59205e7ad06556e2d1b8a4873ca1cbcbc8d43abc145fd4eb832e7a58ab2c793d003ce7b1850ce45eb7480417a1e9eb9d39a1028a2a04a2aa649c098c4f8eee514db5f6021173bb254b8e22b150b2ca01dc7ff235db46ed78d07f43d1adab13b8445d1b32069eb45f9d389fcf5a3f7d3ebe243c5b1fe17b1f5a3d571b65f21b9e471e818172554dc956749b99cb7a5f303ec480d7194a2ba86e204f06aa1becdddc8c49082c527e7064ac2ad77dc05639d3d2a7778f6943ed6105ebf6f0b9e94fddbe05c236ec000f4d1d4e496b10068211ab68ada4c7f7ac61f5f5ba5f1810d5bbe87ff4f8356af0d3f682baedb0ad8f8488b277421f0a03fc5e3095ee34bc4472d8f17e3f7013cf2f79f5ff3ea4b6bae56d1365a33b09bfa9a496323f7da923b7e29dce4beb81035f13130004c96e56d7ef6ca6c101d20c27a218e623227c33c9e488b17e7ae9ac20da8240501f7b614a1730f164553fe479ef149866e4ea47296814284a3d3eb7cbb294289ffb996e0eb053b9c16e54cf267832e3d360eb196ed51305630223309ea97215628f01ec9d3ea48096418d5e962cac5063460f0a18772ec7ce66d14a1cce14b52c40bbbfafccbf1e76f09e57ff0718048e5b993157a6cf4718826b1e09430413a3596a15c4a620fa8c8e1d1663e5739f9f790ddbb3be0e00187d43717d659242467d8681ac10303346157f894d9037641417010e9654c6a5b22263e73a5a37128f50078a980c30930321aa5c5e7851d5d392ddce3a14a96916fa8421ae6728f37f5de7c3e98feb4babd4e1bd2315d595e209d52748f70adc2284fcdaa6ad880470d2a071f3490aaf3491fb64b4547419e8eccdc491a8921156cb4811ad1e66514a32b0b31b641438881f28c1e6461b4f451938999af671e8c6a5cd0c072a9fe4cdbefe24ca616f3d0a15ac97cca835b1a440e04fa28340c6044176c8ecc8ee0d033d47db8a0aacfa0eabdfa1c9509fc2604008f01cbafeb5bd2b503b809ed672340b9a576593f1ef388391b54b605e7a15bef7b1345627a34fca57738b0f8f4f19eea93c903495274a4425a1a1cc6c4c6e335b631df5185c95b485e4257867b5347a40e4e14dcc560f061fd4fd265137dc68afd548adde778f1330f769acb1ccf5da14ff6992c24e210ea6e6179421881b803393bc6974e37106c5b5b3b5d0b3469f8969bffb7e4ceb2c98e928e74366492d27235ae4c74a2f48511aeeaa53a2beafa7a331b50e454c507af1b63350a5cef35668a5b9325014192277e509561008b3601088f79d42eaa8b1e4ae2000b31749e2b8094312ddb7f3c1cd625ef885c11fa22a66e374b52b3425e0b8016154e1fd8471339e32e7373d63ab646d893fbe09ae07b06074c01401ea76b3c382a9d32f24f93c789964e16bc4206ecd75c10917ab84ffd8d6cdf4cd28fd90375ff28518f8c1a3befc538e1b9e427fb671988d29f2fb2fcd039f4d341c84eb4d7cf600ddaba88bb094e4d87a1419180149f491368e648b69985b05ac39a4ecdd3c5135f3a5c8ad7792dacb6470144bb9e67805a211efb3ec9ccaf8e0901345fb19e4da579e1fbe86a1207f4f13c3436009c2c640b7cf3f8b77ca7bd994bf93308027359c6dd1b7db1e153fc0821968ef36c003b6c73fe890f4de24f5c6458dbaaf3819edeaa91783c3cfc7e773689236248195c7bbd60113f2476fa3687621d668d1728ee433d2f8f4db707345d30f1e52ab87a2a0afd547c6bb06500f59f17facde48f693490e22494b75d11df1a143b85068d143ef6a9bb5937a9df380c8948f1a01e9675e18409edb0f6b9605b68e34632fcce472dc50b90b0f6dcd57931f78e1e8861a0fb62e72b0baad6f9d23c1cfb0f19b25013c8d9fcd786a2f6f79768b5fb398f7b2baa31ce8156d1fc4a46c1c463fdf30360d42aeed2ef11611d0b7f654bb51052fd4dc39328f8ec4c58bbda05e6f1b3c8f6d8adca0268f2410e9a4a7d63b6616006d0e02f6edacc10e5c54fd85f15a8bd7648a293f23d6a699bd9a675250475a73a96d7475e4fabb89fb5e7de5d7a3479aa485c0befc60d0ac4fd5ac6dbecceb06cad86e219fc0ce4720758917811a3215f8d13e413bfb64fc065fc421aede0b56691797dac428c7e463479fa591b9072c309b7533e427c5cc11a1f6cf9a5b995d328d796d874c5b55dfc12a5039b413ce319cf5ba1f355c4e0717d32650b43e18010f37f048731931c52c4f36eb969dda702afe96c2a5241350a67ba2d026946189c5e281293c9a8e2cff3784776f1de78b917101b54e5ab00c045ea15f28a0e3f509962cf8bd3385d85250737eae5c34ece86b86669c13b00308a3b13c0ac3c83ff26fb52a4aa83c1233a9490cb9ca917a056908931751bddb88a62379a713395f0764e4a393faf253a4026d0472270e6036287d56850df1751543484d65b3062155b6300e0024241c59a862ae769c1a9232a2d9fb24705177a09cceb3eefbf9f106f67e01be14cdeb4d2fc7d8661df3e75de5ccd09a7e559f028fb9837c621ea0045b4d1b679067f246339c974631aa7134d4e910efb28d3c48929cef1df7e6c73668762d55086b6c59c36ac90154135fd7ca4e4047dd0aa161fa982d8edf9c0cb9666477e096c55718f6e4742415fefd4f696d1f1ccd6322bc19496ddebd36282a7c707d5b44113e30678e6e33ab7d34be04a59ac614d6a54134490998be02636fa91633d6294781c2b9a54c611c0045cfcfe81f49aa21b29d835cd2047c854486fd8e65a2ebf629f7ced602b9dd107bfde483e5c9b5cbba4a08cdce09920bda9978b7fc2b4a89bf1573a26389e52090fdf5dccf22111dc8c42fd3c8c477092895398086cc22cca665269e193fc650742a361a44b857d258429f701f22e9b7615bc3dab78c1479a41cf8575cdb17169470b347adfc03e03daea3e269725cfc72df5664b9df36d2f2b55013b71133e0b80577a47182511ebb308b6248d457bd2af7b28e77182c305241178c4124ab102771fd5a8c3dacb8775de881301d71587c76bcf0a97a72ad244d0c42fd71aceec32dd48bb5c9a95b391166c832ac5bac8c7cae4d18b3f7d9f2e4782fdf97732e3d51f67bbb57f989ee0d7589dbd0c2a5c63840e914b9d7d720fa120acbffebf816b588b2ccc052e7fa78992e0ea39dd21a122add41195f8e2e1acd777c1a4e8ef4362fef441feb4d9252c6bfbd2742152300a32027776e3341620d3c8d9365e10e81adcca7d87a0e555c98a0353c692557d90ee9be3fbaab766abf93e2462149fd99c92a5fc58d899ee75535cd1fe1386c5ab0b157c2102039d6015258f59cef3f15b951893a30ae839f740402a30b34e7be73796286403c5beb0853d856d83f1b00b48328f56dcb32e1faab08a3435b1482bf18b21c95aefeaafa7fd761c7f28d416fcde06bf7aee5c6e9eb50e55874253ba3f1d0ce2505b4fc7c3fc996bfbb8446bafe84f5bea94bfd7ca5aeaf237fe793b66e5c521d4092e4e1f9bde1dfcfe53fa55005d21cfa833a338fd9792614129336060e10d1911862070761aa20c2902eb7c5a355eff4cf6253d7102a2ca1fead4c53b57d576d104c081310d92797e4e2e8c269d19910d0d4cedf30fa28ba680c00137f83de940624229b6a125ce5233c6cf4a3640b74f58f288dad8451fbe37641c5559a5f3caf1299c8bfb230723652278fe378efd8e459b9da26cffeb58468a6301dbc06d713ba2d8d43d9038f5f2dc8b831ba58a88eeb5b1786b21e398aeeeb7c1f3d6f01d82b3947862fb9e7cbd7da5d04c5fcd34da28d53e2246e3ac1e3a619ad174efa6435eaa0fc94d610799ce0158421dce046306eb5042143daa336d52206b12610ea6389cdda49bf5af1d4ee42ac090a94ae7b7612073f3a5c36a2205eda887f41478f7d20f18667f941f71eebcfa76c1ab28f2a49a3bd56bd3f4e6bd079ab3fe2d94782236e83585a03e52907abaef7456a95d5d3f3d37efdc035dbfd7c41b8ba0af2df8adf1cf24f7ff0beccd3d26bc91caf42314ef7e466f74e19ae0df2e2298fc2f694a7ec134632035585d530e7e19f65c256f001d75382d9825ef741bc213af186377d9ca10d3722354e1897ca5c23ac6a52c9ad0e6b686e1776f7ec65df033e8f4d5db80c1bc354093b319cb70df93d610667675816328c99322f14e636b95f04e6497f139d508b453f53ddb5c289d849fd5407c9bdcefd1642abd46e28cb4e94371bdc606eeb67c9fe17747c68f2d50e82711da4d3edb0eda06f41b7f93fa8fb4d83cf21c79da67000bac2275508217ade1659fa8d24e5f8efb9f4bd21073ebef3d06368eb03fa3cf0d638448bd055ed20d292033ffdba538559c8ff9a2a5c8f83b5c393643d6585d1df994c3be43e72b8f3f53114d2a5f6bcedb573842b23b6a3eb7fca8495bf03bd03fde7b19bd39a16cec49e01f38e671af33cae082d9788e3202799bc466babec2080528d0609c0b731964719093735b4c1e73bd0705637c47516922197c552baeaf3516b5e3bbc2cd1afa3ef8215196ed580d9561092f620b897e98e786a0c7cbb0eedda8063292ba6482497f5f6bb62fb5ab4c97cb7658dc6579718eb97b547fcf47ced1426561af93a15fb4dc6d3d93b868644943c2c94b23b0570bbb81df2666c24f5abccfcdd71e209f3bb43c01d17f9bc8b9af2c26762fc6a741a150b7d1186e4f35175f3c315243e1c11e92c43a1fc492eef5a13c77a81fcf514ebfd0f8e645dae15a07e86b2f01fda065db4505a5eea83cb616f744f6bee731be191c65449c02603556d5a51422cf9c2f19f8d6843e0c1091e0708aa271e91f71c8602b9fa72189e036b7cb6af1569f21269283de94a6d7fe5849fd433d5b719c80419873db0587fc29786cc598d896fb16360bddd2ce12e54d05418f4f5e5f2d7aafe9fcd6268cbe2e9e6329ffb6c67fab8f3ce673028cc06aaa6b857556bba3b44d3fab5b6e875e70a2f3ad4b2ff76f31ead3462d3801ba373b3c2f545e94f57021575e2947f81f53283fc0a5137fd44fa3d074c92de54a0a3465c858f5a7ef08313faddbc3663e4e0167f3cba39612057a7518fbfb031f5ad0f9f75831973ebd733b82e554bf3fdec84e51f65dab6028c6c51366d9d4700fdf255e4c7bd70766e7f2281b3f2a5363f85ce49f9135904d14bcb117ad754c2594dcdca2d30e40ff265b5accfb116f64ed99aad570c4c5a91efdbb984ac651d8721405a0342cf77f448c17a152eabf29e88950558a86d0074e1cefab1eb7c366682f686ee1338737e675ea58eb8b4c86b9f28a6f6e96459f29e3b4dc59ff044c61a0dcc5c31d803e6e98420e446229ccdec3d0f705e92ffe016bb3696373eadab7f35ccf65ab4d9be09a085ce21bbd7c0555376e4d7fe68b5e7a64f48b5127825fb2be598d991f9c1a54bf52713417dcc599e812d85513a537e6eafa738edc972b67e065595d11678449bce6cd3d69800a649b560d0e057c502ca3e72e97820829ecfea801192c3f4e2c8763c095a43ee6fe45fe8730130937668df1d4ee577ada28238be03286481f2d2a004cc4d48856e71fbd64f1a0043a4520ecbbf1b3abdc96b87a27be8495a20542967aa4cd3a44a11502419a083d84e97abfde0901b66dde48388649a0ed6d93b9f20c530e990c7c52370a114d800d6ab3f6687d6bbc105b63738fe05fa6cac98ad6663936bb18cb923264e44312c24c2ce8e642bb73c921012b68a26a70977446b8f15f9d62467d8b356560c183a6bd6cd76ec868c3bd94a595cd7bf996755a508a814980c5e588b275200c45afd900c8c2de329ec2484b0e3ecd7b0960e5e3425881d1ff7f8bd8b20f5cc98ffc3acb77f5e88775a4bd3ab9f9eb027e27d3af55ebdf4eebab48ea911128d668d00fc3f5b5480aa0d9a4af563ba577384448e5425157133d59e1cef3c722f33700bd372825046b1fa5824e405154a3af1440bc2b75acfbd07cf92e8c162587e74b5ab66b1c6aeab3ad5fa3ee91da4900ef30ad04baea326df912517dd96e1696b4a91faa66675978a375e81f25464a1073dc6737af08d7e25956bb31d438548a7da38662d49db812a8cf1d6cc65f5c63879fd9ee7fd2a66ca3fc1a768cb239aab88c87206470b4c60592afeb6d69ed97a8f990155862ba4e22b64804142c131a23792937aa8a8696e165c24d7692a04bb4471b0f0d2507fe7c8618421428fc7a0acc984ca5cc6bacb772e8a717bbaa646f9643275910a6037afaf5a80678d18edda138a4e13d06d04a5d06431eab48738225cf1567e960e765728dc12e91b91c6f2b33dfb6e033aa68c1c2334d24335abc4a7a1df5636dec29091da54d5f5a1fff41e4a35a0c2f04f968f7d78e2f51c73577e2192bb20f289aaba5a175c2ed533855bd9ed9a842ad482136dd5e0cf45eb5e2d31ff62a3be1cf8a94a58316e74f4ab9fc54f3a0bb83beef0f355993bdea2c83e61cdc796bf2564ae51fae616799e8711998cd88d35cd9824452fdd65226174b46792cb87f4dd282e4e6f67eb66da413ad877ed6ce775f7e19bc93f48bb9e5ec04009de3c042aeacf7f4b25ad6b30e017303f64fe07ac79e8744aab6926d117f13513d0469cef335fe1d0d787c2d0b2c031a9521786ac10e9f8b768271680337f2c3262abdccb5d3107c632bf1f74c83ee91f49988222fb080cc8faa9b1a02526d8b6087e0b2354173d29016b3309587c16f057dd812aa63c3169150de81f3af97d082a8f8da4ce4f909ff649821d7f96d97613552e8cc4902e046ecfa329b1d980ff5ece69b8f1615fdff5244f41cec0af924624ae1641ecae5fa26c5fb9006e57100ee71377ced7c255ae17a0845e2ee0287c62c1852f93877f9f86157ca9675d383fff5cd6f2b001ec0136c07cf37f5ace1853122c2baa1092d418e2a490c4a5c8f56b828ce1bafeef4e77f095d6b4ed99d56f66812cb19be540ebe5d52e7eff2d69cbb8477e11514f7e3604bf9999f78c2f1ca6f60a2216b87fa0f25269c425b7d50709b200912b3b7899c95e12d6e9c4dacc19e327721860e0477a53e6793fbb7fb9704a848f395f48c24a6e79b9e1358cc3497251de88b8d3a7b22c6d8af1a7fab81530d9f0cc98f62debb222b54780d89794238532717b447d71b46a60ed481c21db85b590b31720009695ecffd4ef029964e5d5149622233ac013e960a005c924f73ea82c318455546c53d74aa3f7e2ff26aa074c40a55aba8b08027fc19b596eec6c4f89bae39e74b9aad88344f7cc5ad3eefa5095f2ab47222e9a357ecd71c6700ac576025201490d9e446603dfd4bda7617dd500981b2d2ab8c43882a5208494cb3f8ebc720bca8a7cf6c80bd7aaaf89507bb3412ea490a78973f12cc30413e9df1458917ea3d68b438d424c1314bc8d01939c5a5a842438281e62d0c800dee704b2a6cd3e1e4b885a6b26b894a98765fa3308c9e4b87f93625faecdb17c29a27cd243bf6030a67874ec9f2443cf8154261ac2a834c01cbe1f314ee7aa3ca552e1648cf8b42a63f249e3538026e09e44d69dc259adb0d1a0cbccb5a5dd5d0dccc90d023da79d5634188ff060f7e35a5f9d7ad99546824d63975d4452de876093f4e997dc46eedcd80a9eebf5e4f077fbb10c7d9e19a3419e7b845972a3b62613c5404a209b16fa88e0ff49d7b4f21fecc1f773c5b4be61021e0cab8602c6e8257649303aaeafcbb178e7a460ff07f219c46eb6fe5bf8113723e454003bd707767c107daf4255751daaf8decf35262640058924eb6587868b2c08230b317e97396ebc928ba8d274ca0eed0bfcb637676003c64e8c1e1a0420b6c96a44226061ced41b8448382abd2f3d0c472afcde231fbc9ee90c2f1132f8e2391246f95ad93354c7460e20de996ad0f61b13b27646887a637cede90b94b7d8c3130f0fe060e8d955c711a2700b302a75bdeb32a0a6802ea795cb114f5f82a1a381a86bbff88b299e47728b746dff964c94c52b661b9429376b1320b46081426b7c340206dc0da151bf84be2a49e78b6b5938753d2b1be8d9e67c43c5d70e72519f5f90d0500e84ee38f82b191ac4d968b0a37901fd923cb289d585693ac3c3f8a94fca6df45e694e199a9cd0b1bc1fa7394bcc96aae670dca6605a998793b7e067ac410ba631057b8b76fcbe9524df820c02efef1608b743cd2aa6d60d3d8e476fa12d3acc329f8272b087d89471177ed531fec1f9c24a975ca2fcd8c246a33e291a3f00b7f234052067a0059c86762475256bb5e7dac6f121a0925506b18933c6e314915d4b3b2130aafc2483ef22ff8bb7b887565b1bd22fabca22037d8fc9437f675c5313526266f60bb7c7c47f30c7d567ed142ea5ec367c4298328d20e5344f01c0c90cf8a6302f4d84b6ba7495fba314a05ba29b63bb6d458fdb05a4411136958309f418fb178e19aa09ff9e62b29732fb2986c96e738f7a688cb2122dbb8f2ad9a5f28bc49ec0c462413552afee8e403259b55ad6dc334dde7f2d306929dd01f2aa6036cafd41874522689301b81c9e50e86828894140356db0a3317b081ed9d8148c41e77e6bda6287762532b86eb91f5480915680deb8a91fb8656b7f0109064865d2b846af0861f67d3f720d6e306540cd7b68f095ef3690b88ea93fb6a402ff5697597cda83171f159e85307d1a8c01611189bd4eb4f0453ab88d43ae181a562a76902a67c687514079d6f4304d9a7c0fa24b6e86074ea0a9fd8187c120312078f5ebfa674adc0303734bf8f6b5585943706594192ad24c9f7d9794fb83758924f862855ddd50bff58b522c43d73c03289baec628cd693cab93101b1e473b76532510e10f03e86812fea6f2d6f5467dcf29e6d7cf8524f383a0ded3f0951c3ffb171a6b8a6d97b5fa8899a19f1a3d0e934a1d4741076e4394ba225158f697bf7d5651717c6950229a0be22e8120d76a414edbcd03d505264b7ede8272ccbd6dbdcebaf11daf6a652f6f9eb74ba7a3ecc942892891388005ae5d971e4e79d696564906dffd44845b704a9abc2fa5ba1bb69a548423a08044ad6d0e365db7e6bea0f3844a452759716cb98dcf326001ec90c1c343174098cdf47ea2e13341058ca014d2a30e9ba3c526de72a6e387181bf76a278c9cbc518d8c374a3f1d9802a39464a100903dbec16f8f095f5d82d9d09507281e4f7fe0ce4fbeced193902a5f658af2a4c1d0952dabdc6ae5830b6b5a2c3f5b8d33a73665990822e5f4a7ce5366755a1615543bdf78299c71e890e0bedb6ec277b10a389d6a3ba9c037221421279e51ab50fb115de2076cc99444202e88ebd9d0fbe4e60234b7b761495ac6c9e615ddac8176164a88fb6d6cc2b52672c8949afe3efc1e87a598896bc93e421423844fcaafe65af898a015b3bcaf623ebeef9a57155af5278ceb52b995f7ca466d9e18b05e86380679e0257cff6d0c6750078462f2ee4701d6d8289ed848b877cf5918625b7937060d667c11119881c30809056892352c6c53c01e395af6866ea350e6f21fa3db772c1177c759999973b51e11ffc5908", 0x2000, &(0x7f0000000c80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x790c9058, 0x0, 0x0, 0x9, 0x0, 0x0, 0xb3, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x5}}}, 0x0, 0x0, 0x0, 0x0, 0x0}) close(r1) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x165801, 0xf8) io_setup(0x202, &(0x7f0000000200)) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f0000000080)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes192\x00'}, 0x58) openat$nvram(0xffffff9c, &(0x7f0000000580), 0x800, 0x0) close(r3) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, 0x0, 0x0) r4 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) pwritev(r4, &(0x7f0000000240)=[{&(0x7f0000000140)="f9aced89f174d7ee8162d8af47da9b2d9f6d2121d4fa87d34ad531814294a95cf79eb84aba490a8d33b28d63bc13445abac137393b0052c52bd12806f9d1b423452648a99b456e37e1b5ed1edabafef4b5ad19179608dc711f4a5bdb452fdc342d051b4fbdaed8239a35ddcb8a18014e2cd41a780a7caf1fea4aa45386b98324a97590d714", 0x85}], 0x1, 0x3, 0xd4bd) ioctl$VIDIOC_S_STD(r4, 0x40085618, &(0x7f0000000040)=0x10000) bind$alg(r3, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_ctr_aes128\x00'}, 0x58) r5 = socket(0x10, 0x4, 0x2) r6 = openat$sndseq(0xffffff9c, &(0x7f0000000140), 0x10002) write$binfmt_script(r6, &(0x7f0000000cc0)={'#! ', './file0', [{0x20, '$'}], 0xa, "ab11ab4d969a02240063d8f5ed43772e4b8a9d7cf7c4cada369908d9375c2258d21dd6f2f1fa26510d2ba14a960a11237071d50faf78a34ad263715ed837d3a1a4b99177e7bc7e27321db255321e817af7c2cf36d7cf7ad267f20b75a6f2de7540647076bc58b58c0055c6694a8fe4c8eb6f9d106d0d0708f2204cd3a3914b92ddf5e892f31f9ef9f142f65f5c279bcce80d926c5a9ae5b0d607a576deb02d8a6e763b19ae477d98ad21d52fdde0766cbdef9ec6cf84bbd8dc442e77148121e599b6d6d2518e723761cf541876099da7febe1b221d8e4e44c06f40620f521c765c27ca5c9891d790a06bc5da6000c6fd5c9bb8bdfa38b1dc5d32696ccf55fc6532c6c7305ad8b5710a8e8e474a534b965d197a983ee8da954428821a12e50c99a9967cba2031e03baced78757fb59b3a1022188746bd6948831a41152ee9985b2132211cd7a0f389cfc1d43d67fe7d47439c0d2fdc9722102ea7e9949f60870564ba03ef93954ff3f5d71d742cd8e411501bda533b0b937446fd3929815cc8d01c00cc90d4a38bbe7af792f6cc57b1e40942d2e45545760727ddaf8bb8110bb72bb1a8eed9b30125c5ea6c2e78662976409f95fbea87c10894c1dd2c774bfa7f32df82cb951b695a3e9313c8579e0532a0c77b0822e0540dd932e1c0821e4d9b4391daa84964b28991e63e3e7d171ac515359bbf0215809f32e02906c84ed68380db24d69cc5d24f0a15642da9a3acee85d8f904d48827c8d664a4a43503b58d8dd2f3f9146ff754a74792df651f075505db79312016a885967252e3772ca91a64c552836f09433d26cd41a215ba252bbdae9c6cb069dca19b41c4f7844a542958efe9a3c9debc2374069cd6d8168ed2900237fab35d70868dfeb154d14f30b62e260dcc4e625da09fe748d03492803841f20f7c0978ee5e22eb566a2d9ff9569d9bb9b9a0d36ca924da32e2a9398c0379fae880be53856917d05f132057db69dab0155153a013c15e5a2a27bb5c14e6eecff0f0d89d245c7a8b66b65aa230e32789596f27c1da454fd0923ee81dea36a8d6fe35432e148890375d1cefaaa2883c514e4a0680ae2dc1070f07e63eba93731ea2f35b579daf93388c78afca8946a45bab4b9247c089982b7c1badd3abb34ca9f5118762b4b8c4e8aaa1318196637cd03811c3f8a749f15b4db2e43d2a05b61c824cbc20e5a070903a11f8121f58f184def64565dae62f29890f4acfe1b242d387288ca474004bf621aebce5af37680dbc582b94981c730574300a6c8a40d947ae548ab7aae1bbe1fd76bacceea16a630fe71cfd01be1ff628be69abe63cf3aaca9551c3e39b500e6ed143303ff1be7cea7b160d477b4134458ceb05692c85b503515ce6145abf9884ac84832c31e6bb60c493645b9e530d81320e0c863a25fa6daeb49ec80122ff5b4a4ff4d416e751c4d7e84553da72fc65d6831821e227d14c38d1c88943ef9e338652e1bded72f5ea380fc4b2dc42a601e416b5fd2a0d2063ce2be6559abb7aecfe39fa6eef4426513e763aec459e032627b94b47ac98188f3b274397d9291a621501bac1abe1daf31f118f6ff0b5d4bee3b4a501a531eb88b37f6d2eb14bd4cebe13ff5d6f8536cd9c9883f81c48ddd586cec33ab513e13fdd6ed4192e8ec5e8eb5db386ee062bcb1d5dcef5d1aefc841231dff8ab4f07cfbf50f99e9cffe4edad08bdd43f2cdc4e94740de657a2ece547e7d203d0f3f5779ed98694d47af28916dc1bbb9853928252b3ba87b3420769b93f04bc6d23f5376a3c82c27d8aaa78afd2076224d5deb30e812147eddb55e20584dbf84e10cfd2822b6eae6aaad20f852d5f82fb923d239fd9e48ae79e1ac6efe266c7acbd62e5c2d533202d68a95d5c87479825b3668f8b8f052ba56a4eb8d51b243017c5435b946c8bc27c7cfc1f15d25bd483fde76296bbd67159e138214854bb4d35ca83ce4e77af3e0329424d6dae3eeca501dc361bfa40f6c6dcc7ef7c91beb3a9187a4855fe4c3cbc04f27f06086527b7854cf302d5161d0a8adb78cd2988b93c0b8978873e436e6661e80d7d255138e9302efe15252bdfcec688f3387cea701713b405da38e90e324ec39ba12c970a6cddb04da23272a207daee239383665c95df01e60d0a5d9b42953f7e23862da627d033dc54673d40e273b368e15bb84456cf9f7404d165bc97fb4a262536c4cdb6cbfb4be89072eaef9ff05ffb8a968b07b1968e8086ed3e4a8023c64a720e97ad671d26792731d2743aeadc6c680e81be1f2115432a58074ea4c69908c9f03a18688a1a44dabf653579e1d2a32ef33dfc544a20345e441a61f814bf742a11a8bf2bb4bcdd12298b81a92a276422ac68f9c564ab61014fdab241c8c6287700adf8d069b8bf8fea91dabf2b1938524f11c0d014871b466def4724ecf17987eb339a17ffa88a16ae33243b1fccc22326f669d4b9e17d8253dc2aa295470637d959f54de0509d5e30055610234a6965674d1d4e1c8dbc764ba131cdc3d980470a5563c0aa1f44db002e493e1a52b0037ed8f62ea0f32d4d06da3fc76160719f2ff871331d33e811b8bd5f84e0910ef83995c0ab4299256e244764e229073c16462fdf9a34e8423a0da18052e9dc064f2f7cbba39f8763fceaaf5d1eb399ae74cb32569cd22f97657145e3a487cb1de4c23e4be83b0d45b3882a100889670002b0efcf3a77eaf918e92cb87bbe03a2dbf2be6622117791113356f42a0786aeabbbd11c6055f03a672df44400fa9de14da817733b2cfe244a52670ed7df41ec9327d30fa732ab43f2b7c7d08046354535d520fd1ee54d1f3955b15c67888d7a010fccf7460ad4dbbe791ab9f29111d9c5eb83716f95354fe99aec0a488f2a53ce8c1ed26a421f63d294562b0d46900309014661ec39325e87496690324c9777013b6709252cb618582dd4a1c8bb99dd5b0f460b2538f86cd21feb0b231f82bda602a67270f9e4cb97112c215205bd8aa373db0ee18041f39fd55036c0d10c6233f6564def80f3efa13ccd23108695f467b92101f511d701fc2209412dcbad01e2b178094633239db89d78ca006884f1978eb8a066c8f870e65733acdb420876b1739f2583498a9ec2e3a791de0773efbc2c79f13d76991a926f7b990a990367d288c080fd5570d8e4b088e0efa9826fdfd1242859c8670a870c18bfe53fbb6057de954bb2dac26048c5d65b878eecb0276a09925cf16cd52b982b5b81b8ba88d972e353db2755c43a7b75ac3562c87da2e04deee7f25d65d1c2db7b18ffbf17ee3c9b5e6095c3490cbb6ea1affe0fba9ef7a53bc206aa396b355776360fc1d1b7b40594ec75d5579cd776fb2f6d89e725f320f48ffeb55b173843fae42c860494f8d69cb900c51cf3ce1f8f50128110e00cec85ede2ae40f57b7c948471f734245f2a541f29fae8baba818d22bed9a53b7771234be05892c200025bf307a49b38c66d52d44f0a327e87d88695b74857a52d2e43c40bac87897141c54477b5e8baee8216c46d0dfe8cd8522020d6b7e72911d3a9bb0b9b24610fc0906a57a98420cea15ea044c180f3b4c4947de8e296521544b75d296bd3939fb900630e3c976cf8876ae74c2cd40220dd2b561f9a0830f1e61f7fda4c9f17a1894c8b764e5ca575f0f52192354f1c98935bc24e44f5ed0f3ab943aeb4fc9ebe17d5293d7911ca6aefec4696e269b285ee4a0847e886bc3a26742a21c4bff189e2bf8a5ac0587443c58a36ae6187ef6d645040742f9005db5ac2d5eb5e4c66595e51dce88a824c481511b2a3fa076dc91c444f1d4e52446b6a4f8c1896cc08a5c6a4ada47c80a7e2eae21c30abf0a4ef215461b092470e14d54ed31542aa07cfbe9857a21a7b4dfc7a1dc4b8fb4dc35695524cd96c1ca1dbf078289b6f0a20951a7febcdd89998a11a1adcdfa954c1dad9c1f9ee484113d96f072798b4a8d72760a0d6865f9309f23bc800e7c82eb73b309708d6fdf8c4e5eac5e08067bf437ebae8c559876c90f172e475f0b3314f9f8279f60ee62e2dca9d49bd889dbd5b3557789b7dae9bd3825bec94060ffdc2741a9e6316eda07bd4fd4bdeb26b0e02dde17002c3d0c2f9a08d029c7fe6fe3a6736172152d86338c132ad7c9413334acbe87d4f008c1dcda139ba5899346b07d4fa0e4feca32879f183d7185ddc653cc540535411ef060749ff56c4616f32a47ea0f512378ba273c8d679e0d28bc329e7e90681e7b52640e4b08e4e98323579265e0fabd8b2fb883a8268ff72f8f0c940eb19c3430d917bcb2f10a2228429c5a1233c3ec47314110ac566fa35716b54c335cdc99d8a8107802b435632ca3330b0adf6581fdd04c03835ffd4ad6f51a0f900740fbdbfb7e746fcae32ee7ff397959edabe7c40b07d639a2def101415411030ecd0a09307fccf283d8d7e08907120c9d5617d1300b11839b81600daa29d7b757dada0ae5999023ee4980a866e2edf09388f9ccb01b3dfbf0ddce91efda0c3b3c18e70ae7ed928b65440b2e330cbdd26abcb94f57a2d075b7d690d95d22a1faa244bc8fd6e9369dec96dfac68feb2b0f489a3c98ab402ebe2978892160bc863e2b50d28f00e539530d28425a7b308d382a7bb078ba019aa7867aade5988fd7773af8355afe439d4c340cfa7966bae6843a37129652fce61abc2838ef8cce8b45d1e0bb451af6fbece297a525155b7618967d5be59895dcceff5999ddd102ee490598729b2b013b55f9b8cffa32a8354b4d4d7cda6092d8bf2449a2f99f89b21489a89716d952987e770d9865d6ef1ad229db19e1a6e06bd650d64226e0b8d2c1a05bc0101df2ece03aa0de2e91decd127d54aa99723f83c71f6500c9c9ece8c8cf9116095cf325c334fe901a6e9d223da9d0759edc48777274dddd6f3f662355c2287a30c9fc88f4ef83780b574744be0e3b3969784290b4bc7cd909c86dcd9b120c6bff914cce305aa85e875bc8f29e607d2936c8c218e6cfa13b75a446190b882a08ce455c3b54ff1fae19ec6d8ae6c6269b5dd4f0c6746491e960b52bfa39d94c26189d9bfc3ddf1e976b930b6f8158086c5db8e3cc75cdb422694ffd447d997e3282257d456a1d978cce56f861fef4dd4b6d236683a4556bb0bfc472934f0f905b0d552bc2e86146cdcbbe41acee534e1bab28e318ff78ad7e04ba9925e89bc6659ae8260caf2d83a076579166c819c039c5d15528ecb4e70f30cf8bde42223b136181b93b31fa0de4f3615f8ac3874bd2c787c08e53b34512a55c7fcd0f0d49637c9bab71b500f3e56ee1602ff8b7403c7be1e236400aef5d1aa8d3bcc16baee993027b80744dc6034737a876052baed86db2710bdb0d43c75c271f7bb42dd02ca710f1786c2782846c41816dc4d71c2082fb4cb7b8be0cb581440c17ae318f230af13dce90e25f57784be13b43d316e4d259cc5925b5683ff8271a499ad12b986c43f136d99d100e9d99dc356ef84af6ed84bf24cce5cb7c245e2e709bf72a374ab0c1b3b7b04fe51779aaf7ce862227ad0a3c467e109a355a9a49877ece0e9336a123d0fa961ed3945f31b2bc65f7acfe2fc5f50b09c760727946da6b618c5c65c60dab22a483e242d805d62c909e1573f45978607a9c07847c1374146c1e62ac1a1f3e05604babe8947751f6ea262b095d0782c18b431ac626b322d0537751596ecdc271e0e91eeff976e6391516475cd285439fda4d90cd332071459642b83460d8353fd99d5e36f94a5c2584a36f09ef8764ed4905f1c4d264d72fed514dea7e8440a63b"}, 0x100d) setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f00000001c0)={0x5813}, 0x10) ioctl$sock_inet_SIOCGIFPFLAGS(r5, 0x8935, &(0x7f0000000100)={'ip_vti0\x00'}) syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="04131906c9000500c900f8ff00009e82c8000100ea000041cc000500bdcc53d1420e5d68fab767abec1be916bc7dd1d7ae000df3770c4edcf78416ddd7c0aaac56338c054a740cdb0ee65792af257798004572b1b1561289b804c3d458baced4d2d9d0af86431d352923f2a4acc8f1d6f6054b92ebd9e6bd4207a16ee8d0faf535e2abadc2036ddb0ffe5126d4e78e535d9adc9c79070b2a2ddff20ea629da32e2032c08d6c850b364a88c281af68eb9e70e7af40b31cb3e0d3a457b807c7072cdd53a206d37cc9180b15fc885cb00011229449895cc4005b40d2e"], 0x1c) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xc, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r7}, 0x10) 269.309115ms ago: executing program 3 (id=1157): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB='y\x00\x00\x00\x00\x00\x00\x00\x00\x00~'], 0x1c}, 0x1, 0x0, 0x0, 0xffffffff}, 0x0) 189.227036ms ago: executing program 0 (id=1158): r0 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000000c0)={0x0, 0x0, 0x0}, &(0x7f0000000100)=0xc) mount$nfs(&(0x7f0000000000)='ct\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x140012, &(0x7f0000000340)=ANY=[@ANYBLOB="01b9ff2506000000000000006d69745f646972656374696f2c7065726d49745f646972656374696f2c646f6e745f6de56173757265027063723d30303030303030303030303030303030303033322c666f776e65723e25bf1afbd284560ff6e27c0153e2070c6daa1183aa131cf1e64ef0ce49ac25e3816e61051f2f16c1384317c5292e21f7ea80413225fed938c1a2f0a91061b0c4f9f0cc249d61d6b9380501df7a0afdee8b1d5ec9dcabf043a521d2eb49638e103337c12338d6de72e6149c8e596c3fd81f99f3ce04d791094b4bce5015f14b0cd1495585", @ANYRESDEC=r1, @ANYBLOB=',smackfstransmute=ct\x00,\x00']) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000180), 0x121001, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r3, &(0x7f0000000d40)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)=ANY=[@ANYBLOB="2c00000011000500000000000000000007000000", @ANYRES32=r5, @ANYBLOB="00000000000000000c001a800800048004000880"], 0x2c}}, 0x0) r6 = openat$sr(0xffffff9c, &(0x7f0000000140), 0x80000, 0x0) r7 = syz_open_dev$vcsn(&(0x7f0000000b40), 0x40, 0x40000) mq_open(&(0x7f0000000b80)='nfs\x00', 0x40, 0x10, &(0x7f0000000bc0)={0xd9, 0x2, 0x9}) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001d80)={&(0x7f0000000700)=ANY=[@ANYBLOB="9feb0100180000000000000067000000670000000a0000000b0000000100000f0300000002000000040000000900000089f0130000000000000003000000000300000003000000090000000000000000000003000000000100000005000000030000000300000000000001ec00000031000c040300000000000008040000000000612e005f5f2e2e5f001ace666e858d9033458e6b24b6"], &(0x7f0000000cc0)=""/112, 0x8a, 0x70, 0x1, 0x4, 0x0, @void, @value}, 0x28) socket$unix(0x1, 0x0, 0x0) getgroups(0x4, &(0x7f0000001dc0)=[r2, r2, r2, r2]) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000004300)={&(0x7f0000000480)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000007000000080000000000000100f9ffff0b001a020800000000009a35030000e07a77753f57a30000306100615f00"], &(0x7f0000004240)=""/167, 0x3b, 0xa7, 0x1, 0xe, 0x0, @void, @value}, 0x28) ioctl$SYNC_IOC_MERGE(r6, 0xc0303e03, &(0x7f0000004340)={"a008244c442d4493d9f614dd05faa11936ce4bc2d55edc0bb767a492de3cf597", r6}) fcntl$getown(r6, 0x9) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000380)={'wlan0\x00'}) sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)={0x2c, r9, 0x1, 0x0, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x8, 0x52}}}}, [@NL80211_ATTR_MESH_ID={0xa}]}, 0x2c}}, 0x0) r10 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r10, 0x6, 0xd, &(0x7f0000001100)='nv\x00', 0x3) getsockopt$inet_tcp_buf(r7, 0x6, 0x1a, 0x0, &(0x7f0000002240)=0xfebe) r11 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt$sock_int(r11, 0x1, 0x35, &(0x7f0000000240), 0x4) socket$pppl2tp(0x18, 0x1, 0x1) r12 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000005c0)={r12}, 0x4) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x18, &(0x7f0000000600)=ANY=[@ANYBLOB="1802000063f9ffff000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000060000008500000006000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r12, @ANYBLOB="0000000000000000b7050000080000001e24716a3f3f228fd6fe4a12687685000000a50000009500000000000000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) 90.324327ms ago: executing program 2 (id=1159): r0 = socket$kcm(0x1e, 0x1, 0x0) r1 = epoll_create1(0x0) r2 = syz_io_uring_setup(0x239, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000380)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r2, 0x2def, 0x0, 0x0, 0x0, 0x0) r5 = signalfd(0xffffffffffffffff, &(0x7f0000000100), 0x8) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r5, &(0x7f00000000c0)) r6 = signalfd(0xffffffffffffffff, &(0x7f0000000100), 0x8) signalfd(r6, &(0x7f0000000100), 0x8) setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f00000008c0), 0x43) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x10f, 0x87, &(0x7f00000008c0), 0x43) r7 = socket$kcm(0x1e, 0x1, 0x0) setsockopt$sock_attach_bpf(r7, 0x10f, 0x87, &(0x7f00000008c0), 0x43) sendmsg$kcm(r0, &(0x7f0000000100)={&(0x7f0000000080)=@tipc, 0x80, 0x0}, 0x0) 71.954524ms ago: executing program 0 (id=1160): r0 = socket$unix(0x1, 0x5, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(0x0, r1, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x1, 0xf, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {}, [], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x6}}}, &(0x7f0000000980)='GPL\x00', 0x2000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) 402.101µs ago: executing program 2 (id=1161): r0 = socket(0x15, 0x5, 0x0) socket(0x2, 0x80805, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = syz_io_uring_complete(0x0) ioctl$sock_SIOCOUTQNSD(r2, 0x894b, &(0x7f0000000000)) r3 = socket$tipc(0x1e, 0x5, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000380)={0x1ff, 0x2, 0x2000, 0x2000, &(0x7f0000feb000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r7}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r8 = getpid() process_vm_readv(r8, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r9 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3) ioctl$FS_IOC_GETFSLABEL(r9, 0x800452d2, &(0x7f0000000100)) r10 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCL_GETMOUSEREPORTING(r10, 0x5412, 0x0) arch_prctl$ARCH_SET_CPUID(0x1012, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000040)={0x42}, 0x10) process_mrelease(r1, 0x0) ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r0, 0x8982, &(0x7f00000002c0)={0x0, 'batadv0\x00', {0x4}, 0x1}) syz_emit_ethernet(0x5e, &(0x7f0000001100)={@empty, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @val={@val={0x88a8, 0x2, 0x1, 0x3}, {0x8100, 0x2}}, {@canfd={0xd, {{0x0, 0x0, 0x1, 0x1}, 0x25, 0x1, 0x0, 0x0, "66211c7503d92c169f090b6b43540c7ef5c5c204cb630ed71920fd3c61021afe68f78c03c0d27fd1a06df2aea1cd9acf43441f6c6a55f212291c511ab6cfe90f"}}}}, &(0x7f0000001040)={0x0, 0x1, [0xb5c, 0x270, 0x747, 0x516]}) 144.14µs ago: executing program 0 (id=1162): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f00000022c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x2100, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x9, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="05000000000000007b114800000000008510000002000000850000000000000095000000000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) io_setup(0x8, &(0x7f0000000600)) openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000002740), 0x101002) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f0000000080)={@local, @broadcast}, &(0x7f00000023c0)=0xc) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)) getsockname$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000280)=0x14) r0 = socket$inet_udplite(0x2, 0x2, 0x88) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x28, 0x0, 0x0, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_TX_RATES={0xc, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x8, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HT={0x4}]}]}]}, 0x28}}, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2c0000003b0007010000000000000000027c00000400000014000180060006000806000008"], 0x2c}}, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0xb, 0x88, 0x8, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r2, &(0x7f0000000000), &(0x7f0000000040)=@udp}, 0x20) r3 = memfd_secret(0x80000) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f00000002c0)="b169c74e1caa44dd52570500a5f22a962feebc8cb3f611088ca33706f37bd4be7a65a5ca7e6dd055fcfea068f929d07f87cbeafbde2ae79e4fc0060f81c9f99feb87e594c496822d9a64abacf86b7f4ae779e2f3af1e6aab05bd9a581ad27ecd38ac2282f42a7c21713a954e2bc72973e821f8db7a6502db916d81ede46046ed0fee4cde94899ae22339c67adb37aba6ca9ba321ded53a639c39069634da56b5e10b3bb9fb8ce8e9ea990fc2fef482d408f86505394564f8ffa52efed3b866da5257aaad90aebc9b25adbf91", 0xcc) getsockname$inet(r0, &(0x7f00000003c0)={0x2, 0x0, @multicast1}, &(0x7f0000000400)=0x10) bpf$MAP_LOOKUP_BATCH(0x1b, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000540), 0x0, 0x7fff, r2}, 0x38) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50) 0s ago: executing program 1 (id=1135): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xc, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r0}, 0x10) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000940)) (fail_nth: 9) kernel console output (not intermixed with test programs): esumption [ 196.263906][ T7451] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 196.495837][ T7452] can0: slcan on ttyprintk. [ 196.510710][ T7459] netlink: 32 bytes leftover after parsing attributes in process `syz.2.595'. [ 197.071286][ T7450] can0 (unregistered): slcan off ttyprintk. [ 197.700503][ T5392] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 197.950393][ T5392] usb 5-1: Using ep0 maxpacket: 8 [ 197.958909][ T5392] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 197.963441][ T5392] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 197.967773][ T5392] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 197.972243][ T5392] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 197.977115][ T5392] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 197.981340][ T5392] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 198.034876][ T7490] block nbd1: shutting down sockets [ 198.200533][ T7473] netlink: 'syz.0.596': attribute type 8 has an invalid length. [ 198.204636][ T7473] netlink: 161700 bytes leftover after parsing attributes in process `syz.0.596'. [ 198.209664][ T5392] usb 5-1: usb_control_msg returned -71 [ 198.211249][ T5392] usbtmc 5-1:16.0: can't read capabilities [ 198.219071][ T5392] usb 5-1: USB disconnect, device number 11 [ 199.461065][ T7511] netlink: 68 bytes leftover after parsing attributes in process `syz.0.609'. [ 199.463718][ T7511] netlink: 68 bytes leftover after parsing attributes in process `syz.0.609'. [ 199.660756][ T7511] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(12) [ 199.662692][ T7511] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 199.664958][ T7511] vhci_hcd vhci_hcd.0: Device attached [ 199.742042][ T7515] vhci_hcd: connection closed [ 199.742267][ T1134] vhci_hcd: stop threads [ 199.744662][ T1134] vhci_hcd: release socket [ 199.745852][ T1134] vhci_hcd: disconnect device [ 200.341379][ T7518] netlink: 4 bytes leftover after parsing attributes in process `syz.1.610'. [ 200.412045][ T7522] random: crng reseeded on system resumption [ 201.200474][ T2788] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 201.390836][ T2788] usb 6-1: Using ep0 maxpacket: 16 [ 201.623599][ T2788] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 201.632850][ T2788] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 201.641147][ T2788] usb 6-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 201.666661][ T2788] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 201.674999][ T2788] usb 6-1: config 0 descriptor?? [ 202.617917][ T7529] netlink: 8 bytes leftover after parsing attributes in process `syz.1.614'. [ 203.811859][ T7528] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 203.841102][ T7528] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 204.240642][ T2788] usbhid 6-1:0.0: can't add hid device: -71 [ 204.242469][ T2788] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 204.312364][ T2788] usb 6-1: USB disconnect, device number 9 [ 206.010396][ T7549] i801_smbus 0000:00:1f.3: Illegal SMBus block read size 0 [ 206.090955][ T7552] random: crng reseeded on system resumption [ 206.375969][ T7556] netlink: 28 bytes leftover after parsing attributes in process `syz.1.622'. [ 206.436483][ T5360] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 206.443069][ T5360] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 206.446712][ T5360] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 206.450062][ T5360] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 206.453133][ T5360] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 206.455393][ T5360] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 207.116154][ T7565] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1 [ 207.121012][ T7565] gretap1: entered promiscuous mode [ 207.122464][ T7565] gretap1: entered allmulticast mode [ 207.175453][ T7559] chnl_net:caif_netlink_parms(): no params data found [ 207.332231][ T7583] netlink: 68 bytes leftover after parsing attributes in process `syz.0.629'. [ 207.334671][ T7583] netlink: 68 bytes leftover after parsing attributes in process `syz.0.629'. [ 207.564525][ T7589] netlink: 'syz.1.631': attribute type 8 has an invalid length. [ 207.567481][ T7589] netlink: 161700 bytes leftover after parsing attributes in process `syz.1.631'. [ 207.580885][ T7581] sit0: entered promiscuous mode [ 207.688178][ T7559] bridge0: port 1(bridge_slave_0) entered blocking state [ 207.690512][ T7559] bridge0: port 1(bridge_slave_0) entered disabled state [ 207.692480][ T7559] bridge_slave_0: entered allmulticast mode [ 207.694930][ T7559] bridge_slave_0: entered promiscuous mode [ 207.701344][ T7559] bridge0: port 2(bridge_slave_1) entered blocking state [ 207.703288][ T7559] bridge0: port 2(bridge_slave_1) entered disabled state [ 207.705692][ T7559] bridge_slave_1: entered allmulticast mode [ 207.709177][ T7559] bridge_slave_1: entered promiscuous mode [ 207.712526][ T7595] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(12) [ 207.714939][ T7595] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 207.720720][ T7595] vhci_hcd vhci_hcd.0: Device attached [ 207.846265][ T7559] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 207.964365][ T7559] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 208.030495][ T5412] usb 14-1: SetAddress Request (6) to port 0 [ 208.032209][ T5412] usb 14-1: new SuperSpeed USB device number 6 using vhci_hcd [ 208.098346][ T7596] vhci_hcd: connection reset by peer [ 208.100630][ T1134] vhci_hcd: stop threads [ 208.101832][ T1134] vhci_hcd: release socket [ 208.112383][ T1134] vhci_hcd: disconnect device [ 208.290097][ T45] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 208.336578][ T7559] team0: Port device team_slave_0 added [ 208.362313][ T7559] team0: Port device team_slave_1 added [ 208.560501][ T5353] Bluetooth: hci5: command tx timeout [ 208.602872][ T45] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 208.624129][ T7559] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 208.632085][ T7559] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 208.659329][ T7559] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 208.663499][ T7559] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 208.665361][ T7559] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 208.690019][ T7559] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 209.088695][ T45] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 209.254711][ T7559] hsr_slave_0: entered promiscuous mode [ 209.263090][ T7559] hsr_slave_1: entered promiscuous mode [ 209.265300][ T7559] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 209.267736][ T7559] Cannot create hsr debugfs directory [ 209.758371][ T45] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 209.846126][ T7613] netlink: 92 bytes leftover after parsing attributes in process `syz.0.637'. [ 209.848490][ T7613] netlink: 92 bytes leftover after parsing attributes in process `syz.0.637'. [ 210.118632][ T45] bridge_slave_1: left allmulticast mode [ 210.121054][ T45] bridge_slave_1: left promiscuous mode [ 210.122989][ T45] bridge0: port 2(bridge_slave_1) entered disabled state [ 210.141822][ T45] bridge_slave_0: left allmulticast mode [ 210.143513][ T45] bridge_slave_0: left promiscuous mode [ 210.145358][ T45] bridge0: port 1(bridge_slave_0) entered disabled state [ 210.260454][ T7621] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(10) [ 210.262762][ T7621] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 210.307199][ T7621] vhci_hcd vhci_hcd.0: Device attached [ 210.344011][ T7625] random: crng reseeded on system resumption [ 210.623449][ T45] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 210.632261][ T45] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 210.639094][ T45] bond0 (unregistering): Released all slaves [ 210.640427][ T5353] Bluetooth: hci5: command tx timeout [ 210.667925][ T7622] vhci_hcd: connection closed [ 210.668242][ T1105] vhci_hcd: stop threads [ 210.674128][ T1105] vhci_hcd: release socket [ 210.680003][ T1105] vhci_hcd: disconnect device [ 211.111877][ T45] hsr_slave_0: left promiscuous mode [ 211.114704][ T45] hsr_slave_1: left promiscuous mode [ 211.117112][ T45] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 211.119563][ T45] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 211.138546][ T45] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 211.140582][ T45] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 211.239341][ T45] veth1_macvtap: left promiscuous mode [ 211.241723][ T45] veth0_macvtap: left promiscuous mode [ 211.243225][ T45] veth1_vlan: left promiscuous mode [ 211.248150][ T45] veth0_vlan: left promiscuous mode [ 211.532599][ T7652] netlink: 232 bytes leftover after parsing attributes in process `syz.0.644'. [ 211.534997][ T7652] netlink: 72 bytes leftover after parsing attributes in process `syz.0.644'. [ 212.720428][ T5353] Bluetooth: hci5: command tx timeout [ 212.878836][ T45] team0 (unregistering): Port device team_slave_1 removed [ 212.890364][ T2788] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 213.079513][ T7665] random: crng reseeded on system resumption [ 213.082773][ T2788] usb 6-1: Using ep0 maxpacket: 32 [ 213.103261][ T2788] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 213.109976][ T45] team0 (unregistering): Port device team_slave_0 removed [ 213.111218][ T2788] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 213.112947][ T5412] usb 14-1: device descriptor read/8, error -110 [ 213.115162][ T2788] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 213.115184][ T2788] usb 6-1: Product: syz [ 213.130953][ T2788] usb 6-1: Manufacturer: syz [ 213.134021][ T2788] usb 6-1: SerialNumber: syz [ 213.148103][ T2788] usb 6-1: config 0 descriptor?? [ 213.159568][ T7663] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 213.439602][ T2788] usb 6-1: USB disconnect, device number 10 [ 213.531117][ T5412] usb usb14-port1: attempt power cycle [ 214.152159][ T7662] netlink: 72 bytes leftover after parsing attributes in process `syz.1.646'. [ 214.155795][ T7662] netlink: 72 bytes leftover after parsing attributes in process `syz.1.646'. [ 214.170984][ T5412] usb usb14-port1: unable to enumerate USB device [ 214.214178][ T7559] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 214.219552][ T7559] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 214.233673][ T7559] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 214.261941][ T39] audit: type=1326 audit(1726597844.166:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7671 comm="syz.3.649" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f71579 code=0x7ffc0000 [ 214.269516][ T7559] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 214.275745][ T39] audit: type=1326 audit(1726597844.166:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7671 comm="syz.3.649" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f71579 code=0x7ffc0000 [ 214.283670][ T39] audit: type=1326 audit(1726597844.166:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7671 comm="syz.3.649" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f71579 code=0x7ffc0000 [ 214.291665][ T39] audit: type=1326 audit(1726597844.166:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7671 comm="syz.3.649" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f71579 code=0x7ffc0000 [ 214.299427][ T39] audit: type=1326 audit(1726597844.166:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7671 comm="syz.3.649" exe="/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf7f71579 code=0x7ffc0000 [ 214.308034][ T39] audit: type=1326 audit(1726597844.166:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7671 comm="syz.3.649" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f71579 code=0x7ffc0000 [ 214.325731][ T39] audit: type=1326 audit(1726597844.166:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7671 comm="syz.3.649" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f71579 code=0x7ffc0000 [ 214.338230][ T39] audit: type=1326 audit(1726597844.176:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7671 comm="syz.3.649" exe="/syz-executor" sig=0 arch=40000003 syscall=374 compat=1 ip=0xf7f71579 code=0x7ffc0000 [ 214.362702][ T7559] 8021q: adding VLAN 0 to HW filter on device bond0 [ 214.365892][ T39] audit: type=1326 audit(1726597844.176:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7671 comm="syz.3.649" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f71579 code=0x7ffc0000 [ 214.374120][ T39] audit: type=1326 audit(1726597844.176:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7671 comm="syz.3.649" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f71579 code=0x7ffc0000 [ 214.384745][ T7559] 8021q: adding VLAN 0 to HW filter on device team0 [ 214.402190][ T1207] bridge0: port 1(bridge_slave_0) entered blocking state [ 214.404879][ T1207] bridge0: port 1(bridge_slave_0) entered forwarding state [ 214.425379][ T1134] bridge0: port 2(bridge_slave_1) entered blocking state [ 214.427095][ T1134] bridge0: port 2(bridge_slave_1) entered forwarding state [ 214.641899][ T7559] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 214.674674][ T7559] veth0_vlan: entered promiscuous mode [ 214.684443][ T7662] syz.1.646 (7662) used greatest stack depth: 20144 bytes left [ 214.688842][ T7559] veth1_vlan: entered promiscuous mode [ 214.726652][ T7559] veth0_macvtap: entered promiscuous mode [ 214.737705][ T7559] veth1_macvtap: entered promiscuous mode [ 214.748272][ T7559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 214.752600][ T7559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 214.755494][ T7559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 214.758444][ T7559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 214.761131][ T7559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 214.763878][ T7559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 214.766547][ T7559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 214.769161][ T7559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 214.774980][ T7559] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 214.781193][ T7559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 214.784302][ T7559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 214.787098][ T7559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 214.789807][ T7559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 214.792548][ T5353] Bluetooth: hci5: command tx timeout [ 214.797240][ T7559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 214.799938][ T7559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 214.802487][ T7559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 214.805215][ T7559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 214.808907][ T7559] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 214.817529][ T7559] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 214.819855][ T7559] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 214.830324][ T7559] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 214.832741][ T7559] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 214.896458][ T1207] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 214.898712][ T1207] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 214.941437][ T1105] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 214.945502][ T1105] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 215.333593][ T7695] netlink: 32 bytes leftover after parsing attributes in process `syz.3.653'. [ 215.409771][ T7696] netlink: 'syz.1.652': attribute type 10 has an invalid length. [ 215.600821][ T7696] team0: Port device wlan1 added [ 216.021889][ T7705] evm: overlay not supported [ 216.498904][ T7710] batadv_slave_1: entered promiscuous mode [ 216.571186][ T7708] batadv_slave_1: left promiscuous mode [ 218.343044][ T7736] netlink: 'syz.1.665': attribute type 8 has an invalid length. [ 218.345113][ T7736] netlink: 161700 bytes leftover after parsing attributes in process `syz.1.665'. [ 218.604156][ T7745] netlink: 20 bytes leftover after parsing attributes in process `syz.2.668'. [ 218.971990][ T7754] xt_CT: You must specify a L4 protocol and not use inversions on it [ 219.136569][ T7768] netlink: 'syz.3.677': attribute type 8 has an invalid length. [ 219.138595][ T7768] netlink: 161700 bytes leftover after parsing attributes in process `syz.3.677'. [ 219.656310][ T7778] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(10) [ 219.658057][ T7778] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 219.660173][ T7778] vhci_hcd vhci_hcd.0: Device attached [ 219.718437][ T7760] syzkaller0: entered promiscuous mode [ 219.722744][ T7760] syzkaller0: entered allmulticast mode [ 219.733655][ T7783] vhci_hcd: connection closed [ 219.734436][ T1207] vhci_hcd: stop threads [ 219.736795][ T1207] vhci_hcd: release socket [ 219.737970][ T1207] vhci_hcd: disconnect device [ 221.241053][ T7803] random: crng reseeded on system resumption [ 223.383834][ T7788] sch_fq: defrate 1 ignored. [ 224.066066][ T7815] 9pnet_fd: Insufficient options for proto=fd [ 224.838126][ T7841] netlink: 232 bytes leftover after parsing attributes in process `syz.2.695'. [ 224.844192][ T7841] netlink: 72 bytes leftover after parsing attributes in process `syz.2.695'. [ 225.814849][ T7858] block nbd2: shutting down sockets [ 226.651510][ T7876] netlink: 92 bytes leftover after parsing attributes in process `syz.3.705'. [ 226.653848][ T7876] netlink: 92 bytes leftover after parsing attributes in process `syz.3.705'. [ 226.830397][ T7876] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(10) [ 226.832781][ T7876] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 226.835532][ T7876] vhci_hcd vhci_hcd.0: Device attached [ 226.840704][ T7878] vhci_hcd: connection closed [ 226.842857][ T1207] vhci_hcd: stop threads [ 226.845485][ T1207] vhci_hcd: release socket [ 226.846667][ T1207] vhci_hcd: disconnect device [ 227.414689][ T7885] netlink: 4 bytes leftover after parsing attributes in process `syz.2.707'. [ 227.744917][ T7896] netlink: 4 bytes leftover after parsing attributes in process `syz.3.711'. [ 228.099029][ T7906] netlink: 4 bytes leftover after parsing attributes in process `syz.3.715'. [ 228.338410][ T7909] netlink: 'syz.2.716': attribute type 8 has an invalid length. [ 228.341247][ T7909] netlink: 161700 bytes leftover after parsing attributes in process `syz.2.716'. [ 228.533371][ T7918] openvswitch: netlink: Key type 90 is out of range max 32 [ 229.290381][ T30] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 229.513158][ T30] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 229.516193][ T30] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 229.519752][ T30] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 229.533590][ T30] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 229.574235][ T30] usb 6-1: config 0 descriptor?? [ 229.989286][ T30] usbhid 6-1:0.0: can't add hid device: -71 [ 230.014737][ T30] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 230.031297][ T30] usb 6-1: USB disconnect, device number 11 [ 230.710738][ T7939] netlink: 68 bytes leftover after parsing attributes in process `syz.2.726'. [ 230.714065][ T7939] netlink: 68 bytes leftover after parsing attributes in process `syz.2.726'. [ 231.037166][ T7939] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(12) [ 231.038971][ T7939] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 231.045273][ T7939] vhci_hcd vhci_hcd.0: Device attached [ 231.050582][ T7944] vhci_hcd: connection closed [ 231.050809][ T1105] vhci_hcd: stop threads [ 231.054122][ T1105] vhci_hcd: release socket [ 231.055728][ T1105] vhci_hcd: disconnect device [ 231.618362][ T7959] netlink: 'syz.1.731': attribute type 1 has an invalid length. [ 231.620814][ T7959] netlink: 112860 bytes leftover after parsing attributes in process `syz.1.731'. [ 232.051027][ T7966] warning: `syz.2.733' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 232.089993][ T5353] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci5/hci5:201' [ 232.093899][ T5353] CPU: 2 UID: 0 PID: 5353 Comm: kworker/u33:3 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0 [ 232.097450][ T5353] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 232.101112][ T5353] Workqueue: hci5 hci_rx_work [ 232.102761][ T5353] Call Trace: [ 232.103947][ T5353] [ 232.104970][ T5353] dump_stack_lvl+0x16c/0x1f0 [ 232.106260][ T5353] sysfs_warn_dup+0x7f/0xa0 [ 232.107452][ T5353] sysfs_create_dir_ns+0x24d/0x2b0 [ 232.108783][ T5353] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 232.110265][ T5353] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 232.111675][ T5353] ? do_raw_spin_unlock+0x172/0x230 [ 232.113208][ T5353] kobject_add_internal+0x2c8/0x990 [ 232.114709][ T5353] kobject_add+0x16f/0x240 [ 232.115909][ T5353] ? __pfx_kobject_add+0x10/0x10 [ 232.117233][ T5353] ? do_raw_spin_unlock+0x172/0x230 [ 232.118622][ T5353] ? kobject_put+0xab/0x5a0 [ 232.119841][ T5353] device_add+0x289/0x1a70 [ 232.121028][ T5353] ? __pfx_dev_set_name+0x10/0x10 [ 232.122397][ T5353] ? __pfx_device_add+0x10/0x10 [ 232.123683][ T5353] ? mgmt_send_event_skb+0x2f2/0x460 [ 232.125139][ T5353] hci_conn_add_sysfs+0x17e/0x230 [ 232.126522][ T5353] le_conn_complete_evt+0xfc7/0x1cf0 [ 232.128131][ T5353] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 232.130206][ T5353] ? trace_contention_end+0xea/0x140 [ 232.132147][ T5353] hci_le_enh_conn_complete_evt+0x23d/0x380 [ 232.134310][ T5353] ? skb_pull_data+0x166/0x210 [ 232.136114][ T5353] hci_le_meta_evt+0x2e2/0x5d0 [ 232.137940][ T5353] ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10 [ 232.140109][ T5353] hci_event_packet+0x666/0x1190 [ 232.141888][ T5353] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 232.143531][ T5353] ? __pfx_hci_event_packet+0x10/0x10 [ 232.145224][ T5353] ? mark_held_locks+0x9f/0xe0 [ 232.146544][ T5353] ? kcov_remote_start+0x3cf/0x6e0 [ 232.148192][ T5353] ? lockdep_hardirqs_on+0x7c/0x110 [ 232.149798][ T5353] hci_rx_work+0x2c6/0x1610 [ 232.151077][ T5353] process_one_work+0x958/0x1ad0 [ 232.152729][ T5353] ? __pfx_lock_acquire+0x10/0x10 [ 232.154304][ T5353] ? __pfx_process_one_work+0x10/0x10 [ 232.156133][ T5353] ? assign_work+0x1a0/0x250 [ 232.157675][ T5353] worker_thread+0x6c8/0xf00 [ 232.159387][ T5353] ? __pfx_worker_thread+0x10/0x10 [ 232.160935][ T5353] kthread+0x2c1/0x3a0 [ 232.162238][ T5353] ? _raw_spin_unlock_irq+0x23/0x50 [ 232.163960][ T5353] ? __pfx_kthread+0x10/0x10 [ 232.165298][ T5353] ret_from_fork+0x45/0x80 [ 232.166467][ T5353] ? __pfx_kthread+0x10/0x10 [ 232.167755][ T5353] ret_from_fork_asm+0x1a/0x30 [ 232.169195][ T5353] [ 232.170288][ C2] vkms_vblank_simulate: vblank timer overrun [ 232.172644][ T5353] kobject: kobject_add_internal failed for hci5:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 232.177539][ T5353] Bluetooth: hci5: failed to register connection device [ 232.329290][ T7970] netlink: 8 bytes leftover after parsing attributes in process `syz.0.734'. [ 232.355539][ T7970] netlink: 5 bytes leftover after parsing attributes in process `syz.0.734'. [ 232.360660][ T7970] 0ªX¹¦D: renamed from gretap0 (while UP) [ 232.368789][ T7970] 0ªX¹¦D: entered allmulticast mode [ 232.370691][ T7970] A link change request failed with some changes committed already. Interface 30ªX¹¦D may have been left with an inconsistent configuration, please check. [ 232.480064][ T7974] netlink: 'syz.0.735': attribute type 2 has an invalid length. [ 232.483245][ T7974] netlink: 36 bytes leftover after parsing attributes in process `syz.0.735'. [ 232.609825][ T7977] xt_CT: You must specify a L4 protocol and not use inversions on it [ 232.764247][ T7982] IPVS: set_ctl: invalid protocol: 0 172.20.20.187:0 [ 232.935472][ C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 233.093631][ T5383] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 233.121104][ T39] kauditd_printk_skb: 573 callbacks suppressed [ 233.121116][ T39] audit: type=1326 audit(1726597863.026:591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7988 comm="syz.2.740" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf73ee579 code=0x0 [ 233.282244][ T5383] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 233.285098][ T5383] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 233.287617][ T5383] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 233.299848][ T5383] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 233.302536][ T5383] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 233.311548][ T5383] usb 8-1: config 0 descriptor?? [ 233.722011][ T5383] usbhid 8-1:0.0: can't add hid device: -71 [ 233.723667][ T5383] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 233.732367][ T5383] usb 8-1: USB disconnect, device number 3 [ 234.052020][ T8008] openvswitch: netlink: Key 2 has unexpected len 0 expected 4 [ 234.093498][ T8010] random: crng reseeded on system resumption [ 234.242799][ T5353] Bluetooth: hci5: command tx timeout [ 234.906771][ T8028] netlink: 4 bytes leftover after parsing attributes in process `syz.1.752'. [ 234.941649][ T8030] netlink: 68 bytes leftover after parsing attributes in process `syz.1.753'. [ 234.944486][ T8030] netlink: 68 bytes leftover after parsing attributes in process `syz.1.753'. [ 235.054516][ T8031] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(12) [ 235.056387][ T8031] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 235.090559][ T8031] vhci_hcd vhci_hcd.0: Device attached [ 235.165989][ T8032] vhci_hcd: connection closed [ 235.166294][ T1101] vhci_hcd: stop threads [ 235.168864][ T1101] vhci_hcd: release socket [ 235.170099][ T1101] vhci_hcd: disconnect device [ 235.195207][ T8040] random: crng reseeded on system resumption [ 235.275406][ T8046] openvswitch: netlink: Key 2 has unexpected len 0 expected 4 [ 235.783004][ T8077] random: crng reseeded on system resumption [ 235.912476][ T8083] netlink: 4 bytes leftover after parsing attributes in process `syz.0.768'. [ 237.398702][ T8094] openvswitch: netlink: Key 2 has unexpected len 0 expected 4 [ 237.949198][ T8103] netlink: 232 bytes leftover after parsing attributes in process `syz.3.774'. [ 237.951959][ T8103] netlink: 72 bytes leftover after parsing attributes in process `syz.3.774'. [ 238.683350][ T8111] FAULT_INJECTION: forcing a failure. [ 238.683350][ T8111] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 238.690690][ T8111] CPU: 3 UID: 0 PID: 8111 Comm: syz.3.776 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0 [ 238.693461][ T8111] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 238.696480][ T8111] Call Trace: [ 238.697461][ T8111] [ 238.698251][ T8111] dump_stack_lvl+0x16c/0x1f0 [ 238.699523][ T8111] should_fail_ex+0x497/0x5b0 [ 238.700787][ T8111] _copy_from_iter+0x29b/0x13f0 [ 238.702456][ T8111] ? __pfx__copy_from_iter+0x10/0x10 [ 238.704276][ T8111] ? __virt_addr_valid+0x5e/0x590 [ 238.706047][ T8111] ? const_folio_flags.constprop.0+0x56/0x150 [ 238.708103][ T8111] ? __phys_addr_symbol+0x30/0x80 [ 238.709829][ T8111] ? __check_object_size+0x497/0x720 [ 238.711571][ T8111] af_alg_sendmsg+0x1212/0x2a80 [ 238.713258][ T8111] ? __pfx_af_alg_sendmsg+0x10/0x10 [ 238.715027][ T8111] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 238.716884][ T8111] ? skcipher_check_key.isra.0+0x78/0x1e0 [ 238.718835][ T8111] ? __local_bh_enable_ip+0xa4/0x120 [ 238.720640][ T8111] ? lockdep_hardirqs_on+0x7c/0x110 [ 238.722428][ T8111] ? skcipher_check_key.isra.0+0x78/0x1e0 [ 238.724379][ T8111] ? __local_bh_enable_ip+0xa4/0x120 [ 238.726218][ T8111] skcipher_sendmsg_nokey+0x12c/0x190 [ 238.728068][ T8111] __sys_sendto+0x479/0x4d0 [ 238.729634][ T8111] ? __pfx___sys_sendto+0x10/0x10 [ 238.731379][ T8111] ? __fget_files+0x244/0x3f0 [ 238.733060][ T8111] ? ksys_write+0x1ab/0x260 [ 238.734668][ T8111] ? __pfx_ksys_write+0x10/0x10 [ 238.736337][ T8111] __ia32_sys_sendto+0xdd/0x1b0 [ 238.738010][ T8111] ? lockdep_hardirqs_on+0x7c/0x110 [ 238.739783][ T8111] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 238.742042][ T8111] __do_fast_syscall_32+0x73/0x120 [ 238.743796][ T8111] do_fast_syscall_32+0x32/0x80 [ 238.745521][ T8111] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 238.747591][ T8111] RIP: 0023:0xf7f71579 [ 238.748671][ T8111] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 238.753729][ T8111] RSP: 002b:00000000f56d556c EFLAGS: 00000296 ORIG_RAX: 0000000000000171 [ 238.755914][ T8111] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000080 [ 238.757980][ T8111] RDX: 00000000ffffff9d RSI: 0000000000000000 RDI: 0000000000000000 [ 238.760052][ T8111] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 238.762124][ T8111] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 238.764175][ T8111] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 238.766274][ T8111] [ 244.200912][ T8115] netlink: 4 bytes leftover after parsing attributes in process `syz.1.777'. [ 246.031100][ T8142] openvswitch: netlink: Key 2 has unexpected len 0 expected 4 [ 247.254521][ T5360] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 247.258987][ T5360] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 247.262261][ T5360] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 247.266517][ T5360] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 247.276201][ T5360] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 247.278602][ T5360] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 247.348559][ T8154] No source specified [ 247.394662][ T39] audit: type=1804 audit(1726597877.306:592): pid=8154 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.784" name="/newroot/174/bus/file0" dev="overlay" ino=926 res=1 errno=0 [ 247.530223][ T8159] netlink: 4 bytes leftover after parsing attributes in process `syz.0.785'. [ 247.571430][ T8150] chnl_net:caif_netlink_parms(): no params data found [ 247.700379][ T5438] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 247.794735][ T8150] bridge0: port 1(bridge_slave_0) entered blocking state [ 247.796665][ T8150] bridge0: port 1(bridge_slave_0) entered disabled state [ 247.798609][ T8150] bridge_slave_0: entered allmulticast mode [ 247.801467][ T8150] bridge_slave_0: entered promiscuous mode [ 247.804793][ T8150] bridge0: port 2(bridge_slave_1) entered blocking state [ 247.806752][ T8150] bridge0: port 2(bridge_slave_1) entered disabled state [ 247.808664][ T8150] bridge_slave_1: entered allmulticast mode [ 247.813947][ T8150] bridge_slave_1: entered promiscuous mode [ 247.878984][ T8150] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 247.883912][ T8150] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 247.910519][ T5438] usb 8-1: Using ep0 maxpacket: 8 [ 247.930587][ T5438] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 247.934357][ T5438] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 247.936927][ T5438] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 247.939462][ T5438] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 247.945738][ T5438] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 247.948198][ T5438] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 247.964523][ T8150] team0: Port device team_slave_0 added [ 247.969087][ T8150] team0: Port device team_slave_1 added [ 248.043936][ T8150] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 248.046142][ T8150] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 248.057377][ T8150] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 248.062558][ T8150] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 248.064420][ T8150] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 248.075688][ T8150] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 248.232218][ T5438] usb 8-1: GET_CAPABILITIES returned 0 [ 248.233731][ T5438] usbtmc 8-1:16.0: can't read capabilities [ 248.236881][ T8150] hsr_slave_0: entered promiscuous mode [ 248.249608][ T8150] hsr_slave_1: entered promiscuous mode [ 248.259903][ T8150] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 248.268866][ T8150] Cannot create hsr debugfs directory [ 248.460053][ T5412] usb 8-1: USB disconnect, device number 4 [ 248.512468][ T8150] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 248.589587][ T8150] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 248.671701][ T8170] random: crng reseeded on system resumption [ 248.687721][ T8150] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 248.772103][ T8150] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 248.927525][ T8150] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 248.934824][ T8150] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 248.946047][ T8150] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 248.951470][ T8150] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 249.114668][ T8150] 8021q: adding VLAN 0 to HW filter on device bond0 [ 249.191166][ T8150] 8021q: adding VLAN 0 to HW filter on device team0 [ 249.210024][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 249.212707][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 249.255950][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 249.258702][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 249.350534][ T5353] Bluetooth: hci4: command tx timeout [ 249.445752][ T8150] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 249.479000][ T8150] veth0_vlan: entered promiscuous mode [ 249.488958][ T8150] veth1_vlan: entered promiscuous mode [ 249.514204][ T8150] veth0_macvtap: entered promiscuous mode [ 249.519135][ T8150] veth1_macvtap: entered promiscuous mode [ 249.529674][ T8150] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 249.533443][ T8150] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 249.538406][ T8150] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 249.542701][ T8150] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 249.545377][ T8150] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 249.548371][ T8150] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 249.553840][ T8150] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 249.556568][ T8150] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 249.559125][ T8150] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 249.562201][ T8150] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 249.566328][ T8150] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 249.573877][ T8150] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 249.576571][ T8150] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 249.579106][ T8150] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 249.582241][ T8150] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 249.584798][ T8150] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 249.587651][ T8150] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 249.590211][ T8150] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 249.594819][ T8150] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 249.597380][ T8150] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 249.599813][ T8187] netlink: 4 bytes leftover after parsing attributes in process `syz.1.790'. [ 249.600040][ T8150] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 249.607408][ T8150] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 249.614133][ T8150] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 249.616525][ T8150] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 249.618995][ T8150] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 249.621904][ T8150] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 249.665546][ T1105] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 249.668703][ T1105] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 249.691645][ T1134] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 249.693749][ T1134] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 251.243175][ T8214] bridge0: port 2(bridge_slave_1) entered disabled state [ 251.245497][ T8214] bridge0: port 1(bridge_slave_0) entered disabled state [ 251.253639][ T8214] bridge0: entered allmulticast mode [ 251.312722][ T8216] bridge0: port 2(bridge_slave_1) entered blocking state [ 251.314692][ T8216] bridge0: port 2(bridge_slave_1) entered forwarding state [ 251.317790][ T8216] bridge0: port 1(bridge_slave_0) entered blocking state [ 251.319738][ T8216] bridge0: port 1(bridge_slave_0) entered forwarding state [ 251.326334][ T8216] bridge0: entered promiscuous mode [ 251.430612][ T5353] Bluetooth: hci4: command tx timeout [ 252.111257][ T8219] usb usb8: usbfs: process 8219 (syz.2.800) did not claim interface 0 before use [ 252.784245][ T8232] overlay: ./bus is not a directory [ 253.511688][ T5353] Bluetooth: hci4: command tx timeout [ 253.677639][ T8246] openvswitch: netlink: Key 2 has unexpected len 0 expected 4 [ 253.779363][ T8248] netlink: 4 bytes leftover after parsing attributes in process `syz.3.806'. [ 253.848387][ T8251] netlink: 4 bytes leftover after parsing attributes in process `syz.2.809'. [ 254.721745][ T8256] capability: warning: `syz.1.810' uses 32-bit capabilities (legacy support in use) [ 254.942832][ T8256] kvm: pic: non byte read [ 254.964655][ T8256] kvm: pic: non byte read [ 254.974136][ T8256] kvm: pic: non byte read [ 254.976279][ T8256] kvm: pic: non byte read [ 255.590842][ T5353] Bluetooth: hci4: command tx timeout [ 255.596210][ T1378] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.598351][ T1378] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.644704][ T8279] FAULT_INJECTION: forcing a failure. [ 255.644704][ T8279] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 255.648019][ T8279] CPU: 1 UID: 0 PID: 8279 Comm: syz.1.818 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0 [ 255.650455][ T8279] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 255.653125][ T8279] Call Trace: [ 255.653930][ T8279] [ 255.654652][ T8279] dump_stack_lvl+0x16c/0x1f0 [ 255.655822][ T8279] should_fail_ex+0x497/0x5b0 [ 255.656996][ T8279] _copy_from_iter+0x29b/0x13f0 [ 255.658194][ T8279] ? __pfx__copy_from_iter+0x10/0x10 [ 255.659456][ T8279] ? __virt_addr_valid+0x5e/0x590 [ 255.660652][ T8279] ? const_folio_flags.constprop.0+0x56/0x150 [ 255.662109][ T8279] ? __phys_addr_symbol+0x30/0x80 [ 255.663310][ T8279] ? __check_object_size+0x497/0x720 [ 255.664490][ T8279] af_alg_sendmsg+0x1212/0x2a80 [ 255.665670][ T8279] ? __pfx_af_alg_sendmsg+0x10/0x10 [ 255.666906][ T8279] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 255.668201][ T8279] ? skcipher_check_key.isra.0+0x78/0x1e0 [ 255.669636][ T8279] ? __local_bh_enable_ip+0xa4/0x120 [ 255.671208][ T8279] ? lockdep_hardirqs_on+0x7c/0x110 [ 255.672847][ T8279] ? skcipher_check_key.isra.0+0x78/0x1e0 [ 255.674552][ T8279] ? __local_bh_enable_ip+0xa4/0x120 [ 255.676457][ T8279] skcipher_sendmsg_nokey+0x12c/0x190 [ 255.678068][ T8279] __sys_sendto+0x479/0x4d0 [ 255.679121][ T8279] ? __pfx___sys_sendto+0x10/0x10 [ 255.680302][ T8279] ? __fget_files+0x244/0x3f0 [ 255.681420][ T8279] ? ksys_write+0x1ab/0x260 [ 255.682510][ T8279] ? __pfx_ksys_write+0x10/0x10 [ 255.683672][ T8279] __ia32_sys_sendto+0xdd/0x1b0 [ 255.684853][ T8279] ? lockdep_hardirqs_on+0x7c/0x110 [ 255.686096][ T8279] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 255.687638][ T8279] __do_fast_syscall_32+0x73/0x120 [ 255.688852][ T8279] do_fast_syscall_32+0x32/0x80 [ 255.690003][ T8279] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 255.691385][ T8279] RIP: 0023:0xf7f55579 [ 255.692215][ T8279] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 255.696587][ T8279] RSP: 002b:00000000f56b556c EFLAGS: 00000296 ORIG_RAX: 0000000000000171 [ 255.698464][ T8279] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000080 [ 255.700303][ T8279] RDX: 00000000ffffff9d RSI: 0000000000000000 RDI: 0000000000000000 [ 255.702156][ T8279] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 255.704010][ T8279] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 255.705882][ T8279] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 255.707746][ T8279] [ 256.213118][ T8282] veth1_macvtap: left promiscuous mode [ 256.819156][ T8292] random: crng reseeded on system resumption [ 256.898577][ T8296] openvswitch: netlink: Missing key (keys=44, expected=2000) [ 262.886141][ T8313] xt_CT: You must specify a L4 protocol and not use inversions on it [ 263.774204][ T8317] openvswitch: netlink: Missing key (keys=44, expected=2000) [ 264.716932][ T8329] xt_CT: You must specify a L4 protocol and not use inversions on it [ 264.901334][ T8324] ebtables: wrong size: *len 80, entries_size 144, replsz 144 [ 265.396364][ T8333] netlink: 20 bytes leftover after parsing attributes in process `syz.0.838'. [ 265.469883][ T5360] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 265.474891][ T5360] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 265.478252][ T5360] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 265.481818][ T5360] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 265.484661][ T5360] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 265.487460][ T5360] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 265.540665][ T8333] overlayfs: failed to resolve './file1': -2 [ 265.677762][ T8335] chnl_net:caif_netlink_parms(): no params data found [ 265.903546][ T8335] bridge0: port 1(bridge_slave_0) entered blocking state [ 265.905629][ T8335] bridge0: port 1(bridge_slave_0) entered disabled state [ 265.907654][ T8335] bridge_slave_0: entered allmulticast mode [ 265.910163][ T8335] bridge_slave_0: entered promiscuous mode [ 265.913877][ T8335] bridge0: port 2(bridge_slave_1) entered blocking state [ 265.915887][ T8335] bridge0: port 2(bridge_slave_1) entered disabled state [ 265.917952][ T8335] bridge_slave_1: entered allmulticast mode [ 265.920419][ T8335] bridge_slave_1: entered promiscuous mode [ 265.993384][ T8335] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 266.000827][ T8335] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 266.264162][ T8335] team0: Port device team_slave_0 added [ 266.273292][ T8335] team0: Port device team_slave_1 added [ 266.512725][ T8335] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 266.514651][ T8335] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 266.524664][ T8335] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 266.538708][ T8335] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 266.542396][ T8335] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 266.549010][ T8335] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 266.600673][ T8359] openvswitch: netlink: Missing key (keys=44, expected=2000) [ 266.878697][ T8335] hsr_slave_0: entered promiscuous mode [ 266.888805][ T8335] hsr_slave_1: entered promiscuous mode [ 266.900516][ T8335] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 266.904568][ T8335] Cannot create hsr debugfs directory [ 267.186502][ T8335] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 267.300991][ T8335] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 267.428673][ T8335] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 267.559276][ T8335] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 267.590734][ T5353] Bluetooth: hci5: command tx timeout [ 267.788420][ T8335] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 267.798850][ T8335] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 267.807914][ T8335] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 267.819098][ T8335] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 267.941898][ T8335] 8021q: adding VLAN 0 to HW filter on device bond0 [ 267.970062][ T8335] 8021q: adding VLAN 0 to HW filter on device team0 [ 267.983775][ T45] bridge0: port 1(bridge_slave_0) entered blocking state [ 267.985838][ T45] bridge0: port 1(bridge_slave_0) entered forwarding state [ 268.026725][ T1101] bridge0: port 2(bridge_slave_1) entered blocking state [ 268.028626][ T1101] bridge0: port 2(bridge_slave_1) entered forwarding state [ 268.112981][ T8368] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 268.120444][ T8368] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 268.140333][ T8368] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 268.142605][ T8368] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 268.164359][ T8368] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 268.166598][ T8368] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 268.182641][ T8368] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 268.315978][ T8335] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 268.357695][ T8335] veth0_vlan: entered promiscuous mode [ 268.368208][ T8335] veth1_vlan: entered promiscuous mode [ 268.398816][ T8335] veth0_macvtap: entered promiscuous mode [ 268.408992][ T8335] veth1_macvtap: entered promiscuous mode [ 268.424009][ T8335] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 268.427255][ T8335] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 268.429927][ T8335] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 268.433413][ T8335] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 268.436130][ T8335] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 268.438922][ T8335] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 268.443303][ T8335] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 268.446191][ T8335] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 268.449050][ T8335] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 268.455974][ T8335] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 268.459703][ T8335] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 268.464536][ T8335] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 268.469906][ T8335] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 268.489826][ T8335] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 268.494530][ T8335] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 268.498013][ T8335] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 268.505140][ T8335] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 268.507702][ T8335] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 268.510664][ T8335] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 268.513274][ T8335] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 268.516033][ T8335] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 268.518642][ T8335] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 268.522831][ T8335] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 268.526119][ T8335] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 268.529039][ T8335] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 268.533487][ T8335] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 268.540813][ T8335] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 268.543393][ T8335] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 268.545822][ T8335] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 268.548136][ T8335] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 268.621556][ T1134] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 268.623768][ T1134] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 268.643297][ T45] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 268.645568][ T45] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 269.779314][ T8405] xt_CT: You must specify a L4 protocol and not use inversions on it [ 269.868261][ T8408] netlink: 12 bytes leftover after parsing attributes in process `syz.0.855'. [ 270.150401][ T5353] Bluetooth: hci2: command 0x0405 tx timeout [ 270.150510][ T5353] Bluetooth: hci1: command 0x0406 tx timeout [ 270.241487][ T5360] Bluetooth: hci5: command 0x040f tx timeout [ 270.610702][ T8413] netlink: 'syz.3.857': attribute type 8 has an invalid length. [ 270.614904][ T8413] netlink: 161700 bytes leftover after parsing attributes in process `syz.3.857'. [ 270.645008][ T8416] netlink: 8 bytes leftover after parsing attributes in process `syz.3.859'. [ 270.645412][ T8416] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 270.645427][ T8416] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 271.741236][ T8431] netlink: 4 bytes leftover after parsing attributes in process `syz.3.863'. [ 272.230444][ T5360] Bluetooth: hci1: command 0x0406 tx timeout [ 272.232527][ T5353] Bluetooth: hci2: command 0x0405 tx timeout [ 272.310966][ T5360] Bluetooth: hci5: command 0x040f tx timeout [ 272.466915][ T8438] netlink: 'syz.0.867': attribute type 8 has an invalid length. [ 272.469508][ T8438] netlink: 161700 bytes leftover after parsing attributes in process `syz.0.867'. [ 272.620648][ T8441] netlink: 4 bytes leftover after parsing attributes in process `syz.0.868'. [ 274.392567][ T5360] Bluetooth: hci5: command 0x040f tx timeout [ 276.480533][ T5360] Bluetooth: hci5: command 0x040f tx timeout [ 277.244603][ T8457] FAULT_INJECTION: forcing a failure. [ 277.244603][ T8457] name failslab, interval 1, probability 0, space 0, times 0 [ 277.248113][ T8457] CPU: 2 UID: 0 PID: 8457 Comm: syz.2.872 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0 [ 277.250881][ T8457] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 277.253627][ T8457] Call Trace: [ 277.254506][ T8457] [ 277.255291][ T8457] dump_stack_lvl+0x16c/0x1f0 [ 277.256510][ T8457] should_fail_ex+0x497/0x5b0 [ 277.257747][ T8457] ? fs_reclaim_acquire+0xae/0x160 [ 277.259092][ T8457] should_failslab+0xc2/0x120 [ 277.260343][ T8457] __kmalloc_noprof+0xcb/0x410 [ 277.261660][ T8457] ? __pfx___mutex_trylock_common+0x10/0x10 [ 277.263323][ T8457] genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 277.265364][ T8457] genl_family_rcv_msg_doit+0xbf/0x2f0 [ 277.266877][ T8457] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 277.268525][ T8457] ? bpf_lsm_capable+0x9/0x10 [ 277.269762][ T8457] ? security_capable+0x7e/0x260 [ 277.271061][ T8457] genl_rcv_msg+0x565/0x800 [ 277.272256][ T8457] ? __pfx_genl_rcv_msg+0x10/0x10 [ 277.273574][ T8457] ? __pfx_netlbl_cipsov4_add+0x10/0x10 [ 277.275011][ T8457] ? __pfx___lock_acquire+0x10/0x10 [ 277.276364][ T8457] netlink_rcv_skb+0x165/0x410 [ 277.277702][ T8457] ? __pfx_genl_rcv_msg+0x10/0x10 [ 277.279038][ T8457] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 277.280633][ T8457] ? down_read+0xc9/0x330 [ 277.281935][ T8457] ? __pfx_down_read+0x10/0x10 [ 277.283249][ T8457] ? netlink_deliver_tap+0x1ae/0xcf0 [ 277.284953][ T8457] genl_rcv+0x28/0x40 [ 277.286182][ T8457] netlink_unicast+0x53c/0x7f0 [ 277.287490][ T8457] ? __pfx_netlink_unicast+0x10/0x10 [ 277.288913][ T8457] ? __phys_addr_symbol+0x30/0x80 [ 277.290256][ T8457] ? __check_object_size+0x497/0x720 [ 277.291668][ T8457] netlink_sendmsg+0x8b8/0xd70 [ 277.292957][ T8457] ? __pfx_netlink_sendmsg+0x10/0x10 [ 277.294337][ T8457] ____sys_sendmsg+0x9ae/0xb40 [ 277.295647][ T8457] ? __pfx_____sys_sendmsg+0x10/0x10 [ 277.297064][ T8457] ? get_compat_msghdr+0x11b/0x170 [ 277.298385][ T8457] ? __pfx___lock_acquire+0x10/0x10 [ 277.299758][ T8457] ___sys_sendmsg+0x135/0x1e0 [ 277.301015][ T8457] ? __pfx____sys_sendmsg+0x10/0x10 [ 277.302358][ T8457] ? find_held_lock+0x2d/0x110 [ 277.303624][ T8457] ? ksys_write+0x21c/0x260 [ 277.304852][ T8457] ? __fget_light+0x173/0x210 [ 277.306078][ T8457] __sys_sendmsg+0x117/0x1f0 [ 277.307387][ T8457] ? __pfx___sys_sendmsg+0x10/0x10 [ 277.308936][ T8457] __do_fast_syscall_32+0x73/0x120 [ 277.310507][ T8457] do_fast_syscall_32+0x32/0x80 [ 277.311940][ T8457] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 277.313835][ T8457] RIP: 0023:0xf7fa6579 [ 277.314895][ T8457] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 277.319825][ T8457] RSP: 002b:00000000f572656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 277.321991][ T8457] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200001c0 [ 277.324196][ T8457] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 277.326783][ T8457] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 277.328936][ T8457] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 277.331000][ T8457] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 277.333064][ T8457] [ 277.333978][ C2] vkms_vblank_simulate: vblank timer overrun [ 278.550425][ T5360] Bluetooth: hci5: command 0x040f tx timeout [ 279.790379][ T25] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 279.972048][ T25] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 279.972080][ T25] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 279.972103][ T25] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 279.972121][ T25] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 279.972159][ T25] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 279.972179][ T25] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 279.973941][ T25] usb 8-1: config 0 descriptor?? [ 280.432021][ T25] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 280.434560][ T25] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 280.436798][ T25] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 280.438791][ T25] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 280.449149][ T25] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving [ 280.477583][ T25] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 280.836571][ T5438] usb 8-1: USB disconnect, device number 5 [ 280.962318][ T8498] netlink: 92 bytes leftover after parsing attributes in process `syz.2.881'. [ 280.967061][ T8498] netlink: 92 bytes leftover after parsing attributes in process `syz.2.881'. [ 281.163852][ T8498] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(10) [ 281.166313][ T8498] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 281.169390][ T8498] vhci_hcd vhci_hcd.0: Device attached [ 281.173661][ T8500] vhci_hcd: connection closed [ 281.173968][ T45] vhci_hcd: stop threads [ 281.176828][ T45] vhci_hcd: release socket [ 281.178175][ T45] vhci_hcd: disconnect device [ 281.521189][ T8503] netlink: 4 bytes leftover after parsing attributes in process `syz.0.882'. [ 281.658750][ T8509] overlayfs: failed to resolve './file1': -2 [ 281.872969][ T8510] netlink: 'syz.0.884': attribute type 4 has an invalid length. [ 281.875130][ T8510] netlink: 'syz.0.884': attribute type 4 has an invalid length. [ 281.877135][ T8510] netlink: 126012 bytes leftover after parsing attributes in process `syz.0.884'. [ 282.008613][ T8515] FAULT_INJECTION: forcing a failure. [ 282.008613][ T8515] name failslab, interval 1, probability 0, space 0, times 0 [ 282.016608][ T8515] CPU: 2 UID: 0 PID: 8515 Comm: syz.2.885 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0 [ 282.019823][ T8515] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 282.023156][ T8515] Call Trace: [ 282.024141][ T8515] [ 282.025184][ T8515] dump_stack_lvl+0x16c/0x1f0 [ 282.026662][ T8515] should_fail_ex+0x497/0x5b0 [ 282.028190][ T8515] ? fs_reclaim_acquire+0xae/0x160 [ 282.029603][ T8515] should_failslab+0xc2/0x120 [ 282.031168][ T8515] __kmalloc_cache_noprof+0x6b/0x310 [ 282.032729][ T8515] ? netlbl_cipsov4_add+0x376/0x2450 [ 282.034359][ T8515] netlbl_cipsov4_add+0x376/0x2450 [ 282.036006][ T8515] ? __nla_parse+0x40/0x60 [ 282.037436][ T8515] ? __pfx_netlbl_cipsov4_add+0x10/0x10 [ 282.039222][ T8515] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 282.041488][ T8515] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 282.043437][ T8515] genl_family_rcv_msg_doit+0x202/0x2f0 [ 282.045130][ T8515] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 282.046826][ T8515] ? bpf_lsm_capable+0x9/0x10 [ 282.048123][ T8515] ? security_capable+0x7e/0x260 [ 282.049484][ T8515] genl_rcv_msg+0x565/0x800 [ 282.050716][ T8515] ? __pfx_genl_rcv_msg+0x10/0x10 [ 282.052062][ T8515] ? __pfx_netlbl_cipsov4_add+0x10/0x10 [ 282.053709][ T8515] ? __pfx___lock_acquire+0x10/0x10 [ 282.055327][ T8515] netlink_rcv_skb+0x165/0x410 [ 282.056879][ T8515] ? __pfx_genl_rcv_msg+0x10/0x10 [ 282.058597][ T8515] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 282.060504][ T8515] ? down_read+0xc9/0x330 [ 282.062083][ T8515] ? __pfx_down_read+0x10/0x10 [ 282.063817][ T8515] ? netlink_deliver_tap+0x1ae/0xcf0 [ 282.065751][ T8515] genl_rcv+0x28/0x40 [ 282.067196][ T8515] netlink_unicast+0x53c/0x7f0 [ 282.068947][ T8515] ? __pfx_netlink_unicast+0x10/0x10 [ 282.070836][ T8515] ? __phys_addr_symbol+0x30/0x80 [ 282.072619][ T8515] ? __check_object_size+0x497/0x720 [ 282.074537][ T8515] netlink_sendmsg+0x8b8/0xd70 [ 282.076261][ T8515] ? __pfx_netlink_sendmsg+0x10/0x10 [ 282.078174][ T8515] ____sys_sendmsg+0x9ae/0xb40 [ 282.079913][ T8515] ? __pfx_____sys_sendmsg+0x10/0x10 [ 282.081777][ T8515] ? get_compat_msghdr+0x11b/0x170 [ 282.083346][ T8515] ? __pfx___lock_acquire+0x10/0x10 [ 282.084987][ T8515] ___sys_sendmsg+0x135/0x1e0 [ 282.086588][ T8515] ? __pfx____sys_sendmsg+0x10/0x10 [ 282.088216][ T8515] ? find_held_lock+0x2d/0x110 [ 282.089606][ T8515] ? ksys_write+0x21c/0x260 [ 282.090951][ T8515] ? __fget_light+0x173/0x210 [ 282.092251][ T8515] __sys_sendmsg+0x117/0x1f0 [ 282.093525][ T8515] ? __pfx___sys_sendmsg+0x10/0x10 [ 282.094909][ T8515] __do_fast_syscall_32+0x73/0x120 [ 282.096666][ T8515] do_fast_syscall_32+0x32/0x80 [ 282.098400][ T8515] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 282.100627][ T8515] RIP: 0023:0xf7fa6579 [ 282.102081][ T8515] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 282.108863][ T8515] RSP: 002b:00000000f572656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 282.111748][ T8515] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200001c0 [ 282.114546][ T8515] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 282.117438][ T8515] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 282.120292][ T8515] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 282.123076][ T8515] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 282.125882][ T8515] [ 282.127156][ C2] vkms_vblank_simulate: vblank timer overrun [ 283.485223][ T8530] random: crng reseeded on system resumption [ 283.786948][ T8539] netlink: 4 bytes leftover after parsing attributes in process `syz.2.891'. [ 285.481858][ T8557] FAULT_INJECTION: forcing a failure. [ 285.481858][ T8557] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 285.535220][ T8557] CPU: 1 UID: 0 PID: 8557 Comm: syz.1.897 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0 [ 285.538974][ T8557] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 285.542279][ T8557] Call Trace: [ 285.543256][ T8557] [ 285.544103][ T8557] dump_stack_lvl+0x16c/0x1f0 [ 285.545467][ T8557] should_fail_ex+0x497/0x5b0 [ 285.546716][ T8557] _copy_from_iter+0x29b/0x13f0 [ 285.548020][ T8557] ? __pfx__copy_from_iter+0x10/0x10 [ 285.549940][ T8557] ? __virt_addr_valid+0x5e/0x590 [ 285.551806][ T8557] ? const_folio_flags.constprop.0+0x56/0x150 [ 285.554025][ T8557] ? __phys_addr_symbol+0x30/0x80 [ 285.555838][ T8557] ? __check_object_size+0x497/0x720 [ 285.557697][ T8557] af_alg_sendmsg+0x1212/0x2a80 [ 285.559289][ T8557] ? __pfx_af_alg_sendmsg+0x10/0x10 [ 285.560853][ T8557] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 285.562538][ T8557] ? skcipher_check_key.isra.0+0x78/0x1e0 [ 285.564287][ T8557] ? __local_bh_enable_ip+0xa4/0x120 [ 285.565935][ T8557] ? lockdep_hardirqs_on+0x7c/0x110 [ 285.567696][ T8557] ? skcipher_check_key.isra.0+0x78/0x1e0 [ 285.569680][ T8557] ? __local_bh_enable_ip+0xa4/0x120 [ 285.571521][ T8557] skcipher_sendmsg_nokey+0x12c/0x190 [ 285.573543][ T8557] __sys_sendto+0x479/0x4d0 [ 285.575107][ T8557] ? __pfx___sys_sendto+0x10/0x10 [ 285.576470][ T8557] ? __fget_files+0x244/0x3f0 [ 285.577741][ T8557] ? ksys_write+0x1ab/0x260 [ 285.579099][ T8557] ? __pfx_ksys_write+0x10/0x10 [ 285.580711][ T8557] __ia32_sys_sendto+0xdd/0x1b0 [ 285.582338][ T8557] ? lockdep_hardirqs_on+0x7c/0x110 [ 285.584052][ T8557] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 285.585831][ T8557] __do_fast_syscall_32+0x73/0x120 [ 285.587178][ T8557] do_fast_syscall_32+0x32/0x80 [ 285.588606][ T8557] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 285.590510][ T8557] RIP: 0023:0xf7f55579 [ 285.591907][ T8557] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 285.597080][ T8557] RSP: 002b:00000000f56b556c EFLAGS: 00000296 ORIG_RAX: 0000000000000171 [ 285.599357][ T8557] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000080 [ 285.601492][ T8557] RDX: 00000000ffffff9d RSI: 0000000000000000 RDI: 0000000000000000 [ 285.604042][ T8557] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 285.606322][ T8557] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 285.608511][ T8557] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 285.610662][ T8557] [ 287.293626][ T8577] openvswitch: netlink: Missing key (keys=44, expected=2000) [ 288.206118][ T8583] random: crng reseeded on system resumption [ 292.737950][ T8620] random: crng reseeded on system resumption [ 292.842615][ T8622] netlink: 40 bytes leftover after parsing attributes in process `syz.0.919'. [ 292.845816][ T8622] netlink: 20 bytes leftover after parsing attributes in process `syz.0.919'. [ 292.848331][ T8622] netlink: 40 bytes leftover after parsing attributes in process `syz.0.919'. [ 292.854422][ T8622] netlink: 20 bytes leftover after parsing attributes in process `syz.0.919'. [ 292.857429][ T8622] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check. [ 292.863627][ T8622] random: crng reseeded on system resumption [ 293.030892][ T8624] openvswitch: netlink: Missing key (keys=44, expected=2000) [ 293.210430][ T8633] netlink: 4 bytes leftover after parsing attributes in process `syz.1.923'. [ 293.927234][ T8648] vivid-001: ================= START STATUS ================= [ 293.932001][ T8648] vivid-001: Radio HW Seek Mode: Bounded [ 293.937733][ T8648] vivid-001: Radio Programmable HW Seek: false [ 293.948015][ T8648] vivid-001: RDS Rx I/O Mode: Block I/O [ 293.969285][ T8650] FAULT_INJECTION: forcing a failure. [ 293.969285][ T8650] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 293.971652][ T8648] vivid-001: Generate RBDS Instead of RDS: [ 293.973215][ T8650] CPU: 2 UID: 0 PID: 8650 Comm: syz.3.928 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0 [ 293.973251][ T8650] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 293.973259][ T8650] Call Trace: [ 293.973264][ T8650] [ 293.973270][ T8650] dump_stack_lvl+0x16c/0x1f0 [ 293.973287][ T8650] should_fail_ex+0x497/0x5b0 [ 293.973303][ T8650] _copy_to_user+0x30/0xc0 [ 293.973320][ T8650] simple_read_from_buffer+0xd0/0x160 [ 293.973333][ T8650] proc_fail_nth_read+0x198/0x270 [ 293.973350][ T8650] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 293.973376][ T8650] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 293.973400][ T8650] vfs_read+0x1ce/0xbd0 [ 293.973423][ T8650] ? __fdget_pos+0xe8/0x170 [ 293.973437][ T8650] ? __pfx_vfs_read+0x10/0x10 [ 293.973450][ T8650] ? __pfx___mutex_lock+0x10/0x10 [ 293.973464][ T8650] ? __fget_files+0x244/0x3f0 [ 293.973494][ T8650] ksys_read+0x12f/0x260 [ 293.973516][ T8650] ? __pfx_ksys_read+0x10/0x10 [ 293.973545][ T8650] __do_fast_syscall_32+0x73/0x120 [ 293.973560][ T8650] do_fast_syscall_32+0x32/0x80 [ 293.973571][ T8650] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 293.973586][ T8650] RIP: 0023:0xf7f71579 [ 293.973600][ T8650] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 293.973618][ T8650] RSP: 002b:00000000f56f65a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 293.973635][ T8650] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f56f6620 [ 293.973646][ T8650] RDX: 000000000000000f RSI: 00000000f73fbff4 RDI: 0000000000000000 [ 293.973657][ T8650] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000 [ 293.973666][ T8650] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 293.973672][ T8650] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 293.973690][ T8650] [ 294.042456][ T8648] false [ 294.043604][ T8648] vivid-001: RDS Reception: true [ 294.045165][ T8648] vivid-001: RDS Program Type: 0 inactive [ 294.057522][ T8648] vivid-001: RDS PS Name: inactive [ 294.062578][ T8648] vivid-001: RDS Radio Text: inactive [ 294.084014][ T8648] vivid-001: RDS Traffic Announcement: false inactive [ 294.086793][ T8648] vivid-001: RDS Traffic Program: false inactive [ 294.092630][ T8648] vivid-001: RDS Music: false inactive [ 294.100609][ T8648] vivid-001: ================== END STATUS ================== [ 294.146985][ T8657] sp0: Synchronizing with TNC [ 294.403698][ T8664] netlink: 4 bytes leftover after parsing attributes in process `syz.3.931'. [ 294.450642][ T8666] openvswitch: netlink: Missing key (keys=44, expected=2000) [ 295.202797][ T8676] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(10) [ 295.204558][ T8676] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 295.206651][ T8676] vhci_hcd vhci_hcd.0: Device attached [ 295.213130][ T8679] vhci_hcd: connection closed [ 295.213274][ T1207] vhci_hcd: stop threads [ 295.222965][ T1207] vhci_hcd: release socket [ 295.224224][ T1207] vhci_hcd: disconnect device [ 296.488820][ T8703] openvswitch: netlink: Missing key (keys=44, expected=2000) [ 296.704170][ T8708] netlink: 'syz.2.943': attribute type 7 has an invalid length. [ 297.000410][ T30] usb 7-1: new full-speed USB device number 7 using dummy_hcd [ 297.194488][ T30] usb 7-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 297.202319][ T30] usb 7-1: New USB device found, idVendor=0499, idProduct=1038, bcdDevice=5b.36 [ 297.205889][ T30] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 297.245933][ T30] usb 7-1: config 0 descriptor?? [ 297.268149][ T30] usb 7-1: Quirk or no altset; falling back to MIDI 1.0 [ 297.422607][ T30] snd-usb-audio 7-1:0.0: probe with driver snd-usb-audio failed with error -2 [ 297.554227][ T833] usb 7-1: USB disconnect, device number 7 [ 297.607362][ T8727] netlink: 8 bytes leftover after parsing attributes in process `syz.1.949'. [ 297.610743][ T8727] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 297.613340][ T8727] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 297.631328][ T8707] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 297.813256][ T8730] xt_CT: You must specify a L4 protocol and not use inversions on it [ 298.264048][ T8732] openvswitch: netlink: Missing key (keys=44, expected=2000) [ 298.287783][ T8735] netlink: 68 bytes leftover after parsing attributes in process `syz.2.951'. [ 298.290587][ T8735] netlink: 68 bytes leftover after parsing attributes in process `syz.2.951'. [ 298.379607][ T8739] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(12) [ 298.381945][ T8739] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 298.390105][ T8739] vhci_hcd vhci_hcd.0: Device attached [ 298.465616][ T8746] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 298.493378][ T8747] overlayfs: metacopy with no lower data found - abort lookup (/file0) [ 298.499846][ T8745] overlayfs: metacopy with no lower data found - abort lookup (/file0) [ 298.588993][ T8740] vhci_hcd: connection closed [ 298.589957][ T1101] vhci_hcd: stop threads [ 298.597445][ T1101] vhci_hcd: release socket [ 298.599238][ T1101] vhci_hcd: disconnect device [ 298.607545][ T8754] netlink: 8 bytes leftover after parsing attributes in process `syz.3.957'. [ 298.611123][ T8754] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 298.614406][ T8754] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 299.253142][ T8765] netlink: 36 bytes leftover after parsing attributes in process `syz.2.962'. [ 299.305656][ T8772] netlink: 4 bytes leftover after parsing attributes in process `syz.0.964'. [ 299.461446][ T8779] FAULT_INJECTION: forcing a failure. [ 299.461446][ T8779] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 299.465278][ T8779] CPU: 0 UID: 0 PID: 8779 Comm: syz.2.966 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0 [ 299.468006][ T8779] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 299.470884][ T8779] Call Trace: [ 299.471761][ T8779] [ 299.472518][ T8779] dump_stack_lvl+0x16c/0x1f0 [ 299.473766][ T8779] should_fail_ex+0x497/0x5b0 [ 299.475012][ T8779] _copy_from_user+0x30/0xf0 [ 299.476242][ T8779] get_compat_msghdr+0xa8/0x170 [ 299.477547][ T8779] ? __pfx_get_compat_msghdr+0x10/0x10 [ 299.478985][ T8779] ? find_held_lock+0x2d/0x110 [ 299.480306][ T8779] ___sys_recvmsg+0x193/0x1a0 [ 299.481609][ T8779] ? __pfx____sys_recvmsg+0x10/0x10 [ 299.483038][ T8779] ? __fget_light+0x173/0x210 [ 299.484342][ T8779] do_recvmmsg+0x51a/0x750 [ 299.485583][ T8779] ? __pfx_do_recvmmsg+0x10/0x10 [ 299.486937][ T8779] ? __pfx_lock_release+0x10/0x10 [ 299.488290][ T8779] ? vfs_write+0x14d/0x1140 [ 299.489515][ T8779] ? __fget_files+0x244/0x3f0 [ 299.490893][ T8779] __sys_recvmmsg+0x21e/0x280 [ 299.492124][ T8779] ? __pfx___sys_recvmmsg+0x10/0x10 [ 299.493493][ T8779] ? __pfx_ksys_write+0x10/0x10 [ 299.494782][ T8779] __ia32_compat_sys_recvmmsg_time32+0xc4/0x160 [ 299.496687][ T8779] ? lockdep_hardirqs_on+0x7c/0x110 [ 299.498190][ T8779] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 299.499804][ T8779] __do_fast_syscall_32+0x73/0x120 [ 299.501130][ T8779] do_fast_syscall_32+0x32/0x80 [ 299.502448][ T8779] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 299.504179][ T8779] RIP: 0023:0xf7fa6579 [ 299.505329][ T8779] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 299.510041][ T8779] RSP: 002b:00000000f572656c EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 299.512186][ T8779] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020004580 [ 299.514119][ T8779] RDX: 0000000000000300 RSI: 0000000000010062 RDI: 0000000000000000 [ 299.516021][ T8779] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 299.518044][ T8779] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 299.520000][ T8779] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 299.522441][ T8779] [ 299.675681][ T8791] xt_CT: You must specify a L4 protocol and not use inversions on it [ 299.726738][ T8797] netlink: 4 bytes leftover after parsing attributes in process `syz.1.973'. [ 299.901059][ T8800] FAULT_INJECTION: forcing a failure. [ 299.901059][ T8800] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 299.906435][ T8800] CPU: 1 UID: 0 PID: 8800 Comm: syz.1.974 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0 [ 299.910230][ T8800] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 299.914209][ T8800] Call Trace: [ 299.915426][ T8800] [ 299.916516][ T8800] dump_stack_lvl+0x16c/0x1f0 [ 299.918288][ T8800] should_fail_ex+0x497/0x5b0 [ 299.920031][ T8800] ? fs_reclaim_acquire+0xae/0x160 [ 299.921955][ T8800] should_fail_alloc_page+0xe7/0x130 [ 299.923932][ T8800] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 299.926190][ T8800] ? __pfx_mark_lock+0x10/0x10 [ 299.928003][ T8800] __alloc_pages_noprof+0x194/0x2460 [ 299.929947][ T8800] ? __pfx___up_read+0x10/0x10 [ 299.931715][ T8800] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 299.933806][ T8800] ? mark_held_locks+0x9f/0xe0 [ 299.935549][ T8800] ? irqentry_exit+0x3b/0x90 [ 299.937251][ T8800] ? lockdep_hardirqs_on+0x7c/0x110 [ 299.939161][ T8800] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 299.941311][ T8800] ? policy_nodemask+0xea/0x4e0 [ 299.943087][ T8800] alloc_pages_mpol_noprof+0x275/0x610 [ 299.945083][ T8800] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 299.947255][ T8800] ? const_folio_flags.constprop.0+0x56/0x150 [ 299.949451][ T8800] ? __phys_addr_symbol+0x30/0x80 [ 299.951282][ T8800] ? __check_object_size+0x497/0x720 [ 299.953187][ T8800] af_alg_sendmsg+0x110e/0x2a80 [ 299.954502][ T8800] ? __pfx_af_alg_sendmsg+0x10/0x10 [ 299.955894][ T8800] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 299.957353][ T8800] ? skcipher_check_key.isra.0+0x78/0x1e0 [ 299.958850][ T8800] ? __local_bh_enable_ip+0xa4/0x120 [ 299.960245][ T8800] ? lockdep_hardirqs_on+0x7c/0x110 [ 299.961802][ T8800] ? skcipher_check_key.isra.0+0x78/0x1e0 [ 299.963320][ T8800] ? __local_bh_enable_ip+0xa4/0x120 [ 299.964755][ T8800] skcipher_sendmsg_nokey+0x12c/0x190 [ 299.966362][ T8800] __sys_sendto+0x479/0x4d0 [ 299.967588][ T8800] ? __pfx___sys_sendto+0x10/0x10 [ 299.968971][ T8800] ? __fget_files+0x244/0x3f0 [ 299.970233][ T8800] ? ksys_write+0x1ab/0x260 [ 299.971443][ T8800] ? __pfx_ksys_write+0x10/0x10 [ 299.972853][ T8800] __ia32_sys_sendto+0xdd/0x1b0 [ 299.974168][ T8800] ? lockdep_hardirqs_on+0x7c/0x110 [ 299.975564][ T8800] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 299.977309][ T8800] __do_fast_syscall_32+0x73/0x120 [ 299.978666][ T8800] do_fast_syscall_32+0x32/0x80 [ 299.979958][ T8800] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 299.981616][ T8800] RIP: 0023:0xf7f55579 [ 299.982685][ T8800] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 299.987659][ T8800] RSP: 002b:00000000f56b556c EFLAGS: 00000296 ORIG_RAX: 0000000000000171 [ 299.989824][ T8800] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000080 [ 299.991866][ T8800] RDX: 00000000ffffff9d RSI: 0000000000000000 RDI: 0000000000000000 [ 299.993931][ T8800] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 299.995994][ T8800] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 299.998042][ T8800] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 300.000085][ T8800] [ 300.323344][ T8808] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 300.332265][ T8808] random: crng reseeded on system resumption [ 301.012338][ T8822] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 301.393520][ T8835] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 301.829452][ T8840] netlink: 92 bytes leftover after parsing attributes in process `syz.2.987'. [ 301.833529][ T8840] netlink: 92 bytes leftover after parsing attributes in process `syz.2.987'. [ 302.025489][ T8844] netlink: 8 bytes leftover after parsing attributes in process `syz.1.988'. [ 302.046981][ T8844] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 302.050855][ T8844] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 302.135483][ T8841] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(10) [ 302.137741][ T8841] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 302.140227][ T8841] vhci_hcd vhci_hcd.0: Device attached [ 302.312627][ T8845] vhci_hcd: connection closed [ 302.313588][ T1101] vhci_hcd: stop threads [ 302.316038][ T1101] vhci_hcd: release socket [ 302.328638][ T1101] vhci_hcd: disconnect device [ 302.580328][ T39] audit: type=1326 audit(2000000006.659:593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8837 comm="syz.0.986" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7fc00000 [ 302.585878][ T39] audit: type=1326 audit(2000000006.659:594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8837 comm="syz.0.986" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf748e579 code=0x7fc00000 [ 302.600341][ T39] audit: type=1326 audit(2000000006.659:595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8837 comm="syz.0.986" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7fc00000 [ 302.605902][ T39] audit: type=1326 audit(2000000006.659:596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8837 comm="syz.0.986" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7fc00000 [ 302.620488][ T39] audit: type=1326 audit(2000000006.659:597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8837 comm="syz.0.986" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7fc00000 [ 302.626445][ T39] audit: type=1326 audit(2000000006.659:598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8837 comm="syz.0.986" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7fc00000 [ 302.650336][ T39] audit: type=1326 audit(2000000006.669:599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8837 comm="syz.0.986" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7fc00000 [ 302.656144][ T39] audit: type=1326 audit(2000000006.669:600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8837 comm="syz.0.986" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7fc00000 [ 302.670421][ T39] audit: type=1326 audit(2000000006.669:601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8837 comm="syz.0.986" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7fc00000 [ 302.676656][ T39] audit: type=1326 audit(2000000006.669:602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8837 comm="syz.0.986" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7fc00000 [ 302.749558][ T8848] FAULT_INJECTION: forcing a failure. [ 302.749558][ T8848] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 302.757285][ T8848] CPU: 1 UID: 0 PID: 8848 Comm: syz.3.990 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0 [ 302.760050][ T8848] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 302.762826][ T8848] Call Trace: [ 302.763707][ T8848] [ 302.764509][ T8848] dump_stack_lvl+0x16c/0x1f0 [ 302.765944][ T8848] should_fail_ex+0x497/0x5b0 [ 302.767679][ T8848] _copy_from_user+0x30/0xf0 [ 302.769004][ T8848] get_compat_msghdr+0xa8/0x170 [ 302.770283][ T8848] ? __pfx_get_compat_msghdr+0x10/0x10 [ 302.771723][ T8848] ? kfree+0x245/0x3b0 [ 302.772810][ T8848] ? find_held_lock+0x2d/0x110 [ 302.774064][ T8848] ___sys_recvmsg+0x193/0x1a0 [ 302.775332][ T8848] ? __pfx____sys_recvmsg+0x10/0x10 [ 302.776700][ T8848] ? __pfx___might_resched+0x10/0x10 [ 302.778072][ T8848] ? __fget_light+0x173/0x210 [ 302.779300][ T8848] do_recvmmsg+0x51a/0x750 [ 302.780475][ T8848] ? __pfx_do_recvmmsg+0x10/0x10 [ 302.781782][ T8848] ? __pfx_lock_release+0x10/0x10 [ 302.783100][ T8848] ? vfs_write+0x14d/0x1140 [ 302.784311][ T8848] ? __fget_files+0x244/0x3f0 [ 302.785630][ T8848] __sys_recvmmsg+0x21e/0x280 [ 302.786872][ T8848] ? __pfx___sys_recvmmsg+0x10/0x10 [ 302.788234][ T8848] ? __pfx_ksys_write+0x10/0x10 [ 302.789518][ T8848] __ia32_compat_sys_recvmmsg_time32+0xc4/0x160 [ 302.791134][ T8848] ? lockdep_hardirqs_on+0x7c/0x110 [ 302.792486][ T8848] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 302.794197][ T8848] __do_fast_syscall_32+0x73/0x120 [ 302.795675][ T8848] do_fast_syscall_32+0x32/0x80 [ 302.797471][ T8848] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 302.799775][ T8848] RIP: 0023:0xf7f71579 [ 302.800919][ T8848] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 302.805994][ T8848] RSP: 002b:00000000f56f656c EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 302.808300][ T8848] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020004580 [ 302.810615][ T8848] RDX: 0000000000000300 RSI: 0000000000010062 RDI: 0000000000000000 [ 302.812992][ T8848] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 302.815148][ T8848] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 302.817981][ T8848] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 302.820059][ T8848] [ 302.933854][ T8860] random: crng reseeded on system resumption [ 303.408846][ T8875] FAULT_INJECTION: forcing a failure. [ 303.408846][ T8875] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 303.417213][ T8875] CPU: 1 UID: 0 PID: 8875 Comm: syz.1.998 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0 [ 303.419979][ T8875] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 303.423118][ T8875] Call Trace: [ 303.424055][ T8875] [ 303.424896][ T8875] dump_stack_lvl+0x16c/0x1f0 [ 303.426228][ T8875] should_fail_ex+0x497/0x5b0 [ 303.427548][ T8875] _copy_from_iter+0x29b/0x13f0 [ 303.428926][ T8875] ? __pfx__copy_from_iter+0x10/0x10 [ 303.430412][ T8875] ? __virt_addr_valid+0x5e/0x590 [ 303.432333][ T8875] ? const_folio_flags.constprop.0+0x56/0x150 [ 303.436689][ T8875] ? __phys_addr_symbol+0x30/0x80 [ 303.438154][ T8875] ? __check_object_size+0x497/0x720 [ 303.439571][ T8875] af_alg_sendmsg+0x1212/0x2a80 [ 303.440937][ T8875] ? __pfx_af_alg_sendmsg+0x10/0x10 [ 303.442476][ T8875] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 303.443951][ T8875] ? skcipher_check_key.isra.0+0x78/0x1e0 [ 303.445913][ T8875] ? __local_bh_enable_ip+0xa4/0x120 [ 303.447641][ T8875] ? lockdep_hardirqs_on+0x7c/0x110 [ 303.449311][ T8875] ? skcipher_check_key.isra.0+0x78/0x1e0 [ 303.450805][ T8875] ? __local_bh_enable_ip+0xa4/0x120 [ 303.452627][ T8875] skcipher_sendmsg_nokey+0x12c/0x190 [ 303.454454][ T8875] __sys_sendto+0x479/0x4d0 [ 303.455999][ T8875] ? __pfx___sys_sendto+0x10/0x10 [ 303.457729][ T8875] ? __fget_files+0x244/0x3f0 [ 303.459340][ T8875] ? ksys_write+0x1ab/0x260 [ 303.460902][ T8875] ? __pfx_ksys_write+0x10/0x10 [ 303.462557][ T8875] __ia32_sys_sendto+0xdd/0x1b0 [ 303.464225][ T8875] ? lockdep_hardirqs_on+0x7c/0x110 [ 303.465991][ T8875] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 303.468217][ T8875] __do_fast_syscall_32+0x73/0x120 [ 303.469971][ T8875] do_fast_syscall_32+0x32/0x80 [ 303.471632][ T8875] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 303.473757][ T8875] RIP: 0023:0xf7f55579 [ 303.475093][ T8875] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 303.480984][ T8875] RSP: 002b:00000000f56b556c EFLAGS: 00000296 ORIG_RAX: 0000000000000171 [ 303.483788][ T8875] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000080 [ 303.486488][ T8875] RDX: 00000000ffffff9d RSI: 0000000000000000 RDI: 0000000000000000 [ 303.489168][ T8875] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 303.491954][ T8875] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 303.494085][ T8875] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 303.496462][ T8875] [ 304.714063][ T8887] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1002'. [ 304.780529][ T8888] overlay: Unknown parameter 'permit_directio' [ 305.773926][ T8899] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1007'. [ 305.776328][ T8899] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1007'. [ 305.783226][ T8897] xt_CT: You must specify a L4 protocol and not use inversions on it [ 306.033416][ T8900] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(12) [ 306.035200][ T8900] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 306.037331][ T8900] vhci_hcd vhci_hcd.0: Device attached [ 306.360350][ T8901] vhci_hcd: connection closed [ 306.360415][ T2788] usb 18-1: SetAddress Request (8) to port 0 [ 306.364399][ T2788] usb 18-1: new SuperSpeed USB device number 8 using vhci_hcd [ 306.365762][ T1105] vhci_hcd: stop threads [ 306.368425][ T1105] vhci_hcd: release socket [ 306.390120][ T1105] vhci_hcd: disconnect device [ 306.400620][ T2788] usb 18-1: enqueue for inactive port 0 [ 306.864519][ T2788] usb usb18-port1: attempt power cycle [ 307.553127][ T2788] usb usb18-port1: unable to enumerate USB device [ 307.635136][ T8923] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1013'. [ 307.643802][ T8923] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 307.647328][ T8923] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 307.771213][ T8926] xt_CT: You must specify a L4 protocol and not use inversions on it [ 307.855934][ T8928] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1016'. [ 308.221696][ T8931] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1017'. [ 308.632715][ T8940] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1021'. [ 308.636143][ T8940] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1021'. [ 308.920179][ T8940] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(12) [ 308.921970][ T8940] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 308.924166][ T8940] vhci_hcd vhci_hcd.0: Device attached [ 308.927267][ T8945] vhci_hcd: connection closed [ 308.929064][ T1207] vhci_hcd: stop threads [ 308.932012][ T1207] vhci_hcd: release socket [ 308.933223][ T1207] vhci_hcd: disconnect device [ 309.761245][ T8954] FAULT_INJECTION: forcing a failure. [ 309.761245][ T8954] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 309.764837][ T8954] CPU: 1 UID: 0 PID: 8954 Comm: syz.3.1025 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0 [ 309.767488][ T8954] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 309.770295][ T8954] Call Trace: [ 309.771183][ T8954] [ 309.771966][ T8954] dump_stack_lvl+0x16c/0x1f0 [ 309.773219][ T8954] should_fail_ex+0x497/0x5b0 [ 309.774468][ T8954] ? fs_reclaim_acquire+0xae/0x160 [ 309.775819][ T8954] should_fail_alloc_page+0xe7/0x130 [ 309.777210][ T8954] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 309.778829][ T8954] ? __pfx_mark_lock+0x10/0x10 [ 309.780106][ T8954] __alloc_pages_noprof+0x194/0x2460 [ 309.781507][ T8954] ? __pfx___up_read+0x10/0x10 [ 309.782778][ T8954] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 309.784280][ T8954] ? mark_held_locks+0x9f/0xe0 [ 309.785580][ T8954] ? irqentry_exit+0x3b/0x90 [ 309.786802][ T8954] ? lockdep_hardirqs_on+0x7c/0x110 [ 309.788180][ T8954] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 309.789742][ T8954] ? policy_nodemask+0xea/0x4e0 [ 309.791031][ T8954] alloc_pages_mpol_noprof+0x275/0x610 [ 309.792490][ T8954] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 309.794101][ T8954] ? const_folio_flags.constprop.0+0x56/0x150 [ 309.795797][ T8954] ? __phys_addr_symbol+0x30/0x80 [ 309.797253][ T8954] ? __check_object_size+0x497/0x720 [ 309.798803][ T8954] af_alg_sendmsg+0x110e/0x2a80 [ 309.800217][ T8954] ? __pfx_af_alg_sendmsg+0x10/0x10 [ 309.801695][ T8954] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 309.803095][ T8954] ? skcipher_check_key.isra.0+0x78/0x1e0 [ 309.804599][ T8954] ? __local_bh_enable_ip+0xa4/0x120 [ 309.805985][ T8954] ? lockdep_hardirqs_on+0x7c/0x110 [ 309.807346][ T8954] ? skcipher_check_key.isra.0+0x78/0x1e0 [ 309.808839][ T8954] ? __local_bh_enable_ip+0xa4/0x120 [ 309.810215][ T8954] skcipher_sendmsg_nokey+0x12c/0x190 [ 309.811631][ T8954] __sys_sendto+0x479/0x4d0 [ 309.812829][ T8954] ? __pfx___sys_sendto+0x10/0x10 [ 309.814171][ T8954] ? __fget_files+0x244/0x3f0 [ 309.815425][ T8954] ? ksys_write+0x1ab/0x260 [ 309.816640][ T8954] ? __pfx_ksys_write+0x10/0x10 [ 309.817920][ T8954] __ia32_sys_sendto+0xdd/0x1b0 [ 309.819203][ T8954] ? lockdep_hardirqs_on+0x7c/0x110 [ 309.820611][ T8954] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 309.822327][ T8954] __do_fast_syscall_32+0x73/0x120 [ 309.823668][ T8954] do_fast_syscall_32+0x32/0x80 [ 309.824959][ T8954] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 309.826609][ T8954] RIP: 0023:0xf7f71579 [ 309.827682][ T8954] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 309.832550][ T8954] RSP: 002b:00000000f56f656c EFLAGS: 00000296 ORIG_RAX: 0000000000000171 [ 309.834621][ T8954] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000080 [ 309.836607][ T8954] RDX: 00000000ffffff9d RSI: 0000000000000000 RDI: 0000000000000000 [ 309.838656][ T8954] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 309.840721][ T8954] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 309.842773][ T8954] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 309.844847][ T8954] [ 310.652275][ T8974] netlink: 'syz.3.1032': attribute type 2 has an invalid length. [ 310.778045][ T8984] openvswitch: netlink: Missing key (keys=44, expected=2000) [ 311.043182][ T8995] netlink: 92 bytes leftover after parsing attributes in process `syz.3.1039'. [ 311.045579][ T8995] netlink: 92 bytes leftover after parsing attributes in process `syz.3.1039'. [ 311.294751][ T8995] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7) [ 311.296758][ T8995] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 311.299109][ T8995] vhci_hcd vhci_hcd.0: Device attached [ 311.312633][ T8998] vhci_hcd: connection closed [ 311.312823][ T1207] vhci_hcd: stop threads [ 311.315388][ T1207] vhci_hcd: release socket [ 311.316579][ T1207] vhci_hcd: disconnect device [ 312.074747][ T9008] FAULT_INJECTION: forcing a failure. [ 312.074747][ T9008] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 312.078868][ T9008] CPU: 3 UID: 0 PID: 9008 Comm: syz.3.1043 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0 [ 312.081630][ T9008] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 312.084115][ T9008] Call Trace: [ 312.084927][ T9008] [ 312.085672][ T9008] dump_stack_lvl+0x16c/0x1f0 [ 312.086779][ T9008] should_fail_ex+0x497/0x5b0 [ 312.087885][ T9008] _copy_from_iter+0x29b/0x13f0 [ 312.089040][ T9008] ? __pfx__copy_from_iter+0x10/0x10 [ 312.090272][ T9008] ? __virt_addr_valid+0x5e/0x590 [ 312.091466][ T9008] ? const_folio_flags.constprop.0+0x56/0x150 [ 312.092993][ T9008] ? __phys_addr_symbol+0x30/0x80 [ 312.094168][ T9008] ? __check_object_size+0x497/0x720 [ 312.095528][ T9008] af_alg_sendmsg+0x1212/0x2a80 [ 312.097152][ T9008] ? __pfx_af_alg_sendmsg+0x10/0x10 [ 312.098859][ T9008] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 312.100489][ T9008] ? skcipher_check_key.isra.0+0x78/0x1e0 [ 312.101823][ T9008] ? __local_bh_enable_ip+0xa4/0x120 [ 312.103058][ T9008] ? lockdep_hardirqs_on+0x7c/0x110 [ 312.104296][ T9008] ? skcipher_check_key.isra.0+0x78/0x1e0 [ 312.105750][ T9008] ? __local_bh_enable_ip+0xa4/0x120 [ 312.106985][ T9008] skcipher_sendmsg_nokey+0x12c/0x190 [ 312.108242][ T9008] __sys_sendto+0x479/0x4d0 [ 312.109327][ T9008] ? __pfx___sys_sendto+0x10/0x10 [ 312.110508][ T9008] ? __fget_files+0x244/0x3f0 [ 312.111610][ T9008] ? ksys_write+0x1ab/0x260 [ 312.112689][ T9008] ? __pfx_ksys_write+0x10/0x10 [ 312.113837][ T9008] __ia32_sys_sendto+0xdd/0x1b0 [ 312.114990][ T9008] ? lockdep_hardirqs_on+0x7c/0x110 [ 312.116246][ T9008] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 312.117806][ T9008] __do_fast_syscall_32+0x73/0x120 [ 312.119007][ T9008] do_fast_syscall_32+0x32/0x80 [ 312.120154][ T9008] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 312.121717][ T9008] RIP: 0023:0xf7f71579 [ 312.122696][ T9008] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 312.127244][ T9008] RSP: 002b:00000000f56d556c EFLAGS: 00000296 ORIG_RAX: 0000000000000171 [ 312.129189][ T9008] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000080 [ 312.131018][ T9008] RDX: 00000000ffffff9d RSI: 0000000000000000 RDI: 0000000000000000 [ 312.132860][ T9008] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 312.134690][ T9008] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 312.136523][ T9008] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 312.138364][ T9008] [ 314.434844][ T9016] openvswitch: netlink: Missing key (keys=44, expected=2000) [ 317.032460][ T1378] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.034064][ T1378] ieee802154 phy1 wpan1: encryption failed: -22 [ 318.415084][ T5353] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 318.424482][ T5353] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 318.427066][ T5353] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 318.429831][ T5353] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 318.432396][ T5353] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 318.434430][ T5353] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 318.565495][ T9039] chnl_net:caif_netlink_parms(): no params data found [ 318.642876][ T9039] bridge0: port 1(bridge_slave_0) entered blocking state [ 318.645554][ T9039] bridge0: port 1(bridge_slave_0) entered disabled state [ 318.647525][ T9039] bridge_slave_0: entered allmulticast mode [ 318.653388][ T9039] bridge_slave_0: entered promiscuous mode [ 318.658020][ T9039] bridge0: port 2(bridge_slave_1) entered blocking state [ 318.660115][ T9039] bridge0: port 2(bridge_slave_1) entered disabled state [ 318.664004][ T9039] bridge_slave_1: entered allmulticast mode [ 318.667047][ T9039] bridge_slave_1: entered promiscuous mode [ 318.725080][ T9039] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 318.730161][ T9039] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 318.914333][ T9039] team0: Port device team_slave_0 added [ 318.918065][ T9039] team0: Port device team_slave_1 added [ 318.989157][ T9039] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 318.992568][ T9039] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 318.999317][ T9039] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 319.007323][ T9039] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 319.010525][ T9039] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 319.017633][ T9039] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 319.125985][ T9055] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1053'. [ 319.154912][ T9039] hsr_slave_0: entered promiscuous mode [ 319.170661][ T9039] hsr_slave_1: entered promiscuous mode [ 319.170731][ T9058] openvswitch: netlink: Missing key (keys=44, expected=2000) [ 319.176138][ T9039] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 319.178104][ T9039] Cannot create hsr debugfs directory [ 319.439909][ T9039] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 319.545929][ T9039] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 319.649720][ T9039] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 319.757069][ T9039] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 319.986964][ T9039] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 319.995811][ T9039] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 320.005018][ T9039] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 320.014765][ T9039] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 320.118832][ T9039] 8021q: adding VLAN 0 to HW filter on device bond0 [ 320.133784][ T9039] 8021q: adding VLAN 0 to HW filter on device team0 [ 320.173868][ T79] bridge0: port 1(bridge_slave_0) entered blocking state [ 320.175869][ T79] bridge0: port 1(bridge_slave_0) entered forwarding state [ 320.189156][ T79] bridge0: port 2(bridge_slave_1) entered blocking state [ 320.191187][ T79] bridge0: port 2(bridge_slave_1) entered forwarding state [ 320.243498][ T9039] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 320.246376][ T9039] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 320.319954][ T9072] FAULT_INJECTION: forcing a failure. [ 320.319954][ T9072] name failslab, interval 1, probability 0, space 0, times 0 [ 320.326773][ T9072] CPU: 2 UID: 0 PID: 9072 Comm: syz.0.1059 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0 [ 320.329499][ T9072] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 320.332321][ T9072] Call Trace: [ 320.333219][ T9072] [ 320.334022][ T9072] dump_stack_lvl+0x16c/0x1f0 [ 320.335288][ T9072] should_fail_ex+0x497/0x5b0 [ 320.336578][ T9072] ? fs_reclaim_acquire+0xae/0x160 [ 320.337944][ T9072] should_failslab+0xc2/0x120 [ 320.339205][ T9072] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 320.340655][ T9072] ? sk_prot_alloc+0x60/0x2a0 [ 320.341917][ T9072] sk_prot_alloc+0x60/0x2a0 [ 320.343154][ T9072] sk_alloc+0x36/0xb90 [ 320.344319][ T9072] tipc_sk_create+0xcd/0x2100 [ 320.345655][ T9072] ? __sock_create+0x2f1/0x800 [ 320.346986][ T9072] ? __pfx_lock_release+0x10/0x10 [ 320.348376][ T9072] ? inode_init_always+0xc7c/0xf90 [ 320.349752][ T9072] __sock_create+0x32e/0x800 [ 320.350992][ T9072] __sys_socketpair+0x1d9/0x5a0 [ 320.352286][ T9072] ? __pfx___sys_socketpair+0x10/0x10 [ 320.353718][ T9072] ? fput+0x30/0x390 [ 320.354742][ T9072] ? __pfx_ksys_write+0x10/0x10 [ 320.356074][ T9072] __ia32_sys_socketpair+0x95/0x100 [ 320.357541][ T9072] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 320.359390][ T9072] __do_fast_syscall_32+0x73/0x120 [ 320.360852][ T9072] do_fast_syscall_32+0x32/0x80 [ 320.362162][ T9072] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 320.363826][ T9072] RIP: 0023:0xf748e579 [ 320.364940][ T9072] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 320.369853][ T9072] RSP: 002b:00000000f577656c EFLAGS: 00000296 ORIG_RAX: 0000000000000168 [ 320.371930][ T9072] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 0000000000000005 [ 320.374044][ T9072] RDX: 0000000000000000 RSI: 0000000020000940 RDI: 0000000000000000 [ 320.376114][ T9072] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 320.378197][ T9072] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 320.380265][ T9072] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 320.382341][ T9072] [ 320.383212][ C2] vkms_vblank_simulate: vblank timer overrun [ 320.449914][ T9039] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 320.470808][ T5353] Bluetooth: hci4: command tx timeout [ 320.834162][ T9039] veth0_vlan: entered promiscuous mode [ 320.862383][ T9039] veth1_vlan: entered promiscuous mode [ 320.889700][ T9086] openvswitch: netlink: Missing key (keys=44, expected=2000) [ 320.897389][ T9039] veth0_macvtap: entered promiscuous mode [ 320.905416][ T9039] veth1_macvtap: entered promiscuous mode [ 320.918575][ T9039] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 320.922095][ T9039] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 320.925307][ T9039] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 320.928193][ T9039] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 320.932042][ T9039] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 320.935445][ T9039] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 320.938604][ T9039] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 320.942858][ T9039] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 320.945893][ T9039] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 320.949306][ T9039] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 320.956528][ T9039] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 320.960156][ T9039] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 320.964044][ T9039] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 320.967610][ T9039] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 320.973904][ T9039] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 320.985072][ T9039] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 320.988362][ T9039] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 320.991500][ T9039] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 320.994882][ T9039] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 320.997919][ T9039] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 321.004984][ T9039] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 321.008035][ T9039] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 321.015365][ T9039] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 321.018442][ T9039] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 321.024889][ T9039] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 321.027922][ T9039] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 321.035052][ T9039] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 321.037736][ T9039] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 321.040592][ T9039] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 321.047248][ T9039] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 321.057399][ T9039] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 321.059929][ T9039] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 321.063518][ T9039] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 321.066249][ T9039] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 321.189609][ T1105] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 321.203331][ T1105] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 321.226191][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 321.228305][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 321.758264][ T9110] ax25_connect(): syz.3.1068 uses autobind, please contact jreuter@yaina.de [ 322.068604][ T9114] openvswitch: netlink: Missing key (keys=44, expected=2000) [ 322.551146][ T5353] Bluetooth: hci4: command tx timeout [ 323.240942][ T9152] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1080'. [ 323.400681][ T9158] openvswitch: netlink: Missing key (keys=44, expected=2000) [ 323.530907][ T5353] Bluetooth: hci4: ACL packet for unknown connection handle 1993 [ 323.594781][ T9164] ADFS-fs (nullb0): unrecognised mount option "¾ØUm2u" or missing value [ 324.630478][ T5353] Bluetooth: hci4: command tx timeout [ 324.886077][ T9163] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 324.888309][ T9163] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 324.892490][ T9163] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 324.894636][ T9163] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 324.898536][ T9163] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 325.260497][ T9173] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 325.681256][ T5353] Bluetooth: hci1: command 0x0406 tx timeout [ 326.190392][ T5438] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 326.384376][ T5438] usb 8-1: Using ep0 maxpacket: 8 [ 326.389760][ T5438] usb 8-1: unable to get BOS descriptor or descriptor too short [ 326.398646][ T5438] usb 8-1: string descriptor 0 read error: -22 [ 326.400672][ T5438] usb 8-1: New USB device found, idVendor=1415, idProduct=0003, bcdDevice=65.5d [ 326.403192][ T5438] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 326.410690][ T5438] usb 8-1: config 0 descriptor?? [ 326.417505][ T9188] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1091'. [ 326.425910][ T9188] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 326.428521][ T9188] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 326.642484][ T9184] netlink: 'syz.3.1090': attribute type 10 has an invalid length. [ 326.764821][ T5438] dvb-usb: found a 'Sony PlayTV' in cold state, will try to load a firmware [ 326.777781][ T5438] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw' [ 326.779922][ T5438] dib0700: firmware download failed at 7 with -22 [ 326.783718][ T5438] usb 8-1: USB disconnect, device number 6 [ 326.950485][ T5353] Bluetooth: hci4: command 0x0c1a tx timeout [ 326.960385][ T5353] Bluetooth: hci2: command 0x0405 tx timeout [ 327.640369][ T35] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 327.683426][ T9195] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 327.840388][ T35] usb 7-1: Using ep0 maxpacket: 8 [ 327.846905][ T35] usb 7-1: config index 0 descriptor too short (expected 301, got 45) [ 327.849070][ T35] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 327.851823][ T35] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 327.854218][ T35] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 327.856821][ T35] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 327.860099][ T35] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 327.863018][ T35] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 328.080859][ T35] usb 7-1: usb_control_msg returned -32 [ 328.082378][ T35] usbtmc 7-1:16.0: can't read capabilities [ 328.440239][ T9197] usbtmc 7-1:16.0: INITIATE_CLEAR returned 0 [ 328.644685][ T25] usb 7-1: USB disconnect, device number 8 [ 329.030730][ T5353] Bluetooth: hci4: command 0x0c1a tx timeout [ 329.486149][ T9203] netlink: 'syz.0.1096': attribute type 3 has an invalid length. [ 329.879668][ T9205] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1097'. [ 329.894343][ T9205] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1097'. [ 330.240856][ T9205] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(12) [ 330.242607][ T9205] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 330.246761][ T9205] vhci_hcd vhci_hcd.0: Device attached [ 330.260856][ T9207] vhci_hcd: connection closed [ 330.263033][ T1207] vhci_hcd: stop threads [ 330.265456][ T1207] vhci_hcd: release socket [ 330.266664][ T1207] vhci_hcd: disconnect device [ 331.116277][ T5353] Bluetooth: hci4: command 0x0c1a tx timeout [ 331.714882][ T9236] random: crng reseeded on system resumption [ 331.847953][ T9219] overlayfs: failed to decode file handle (len=6, type=251, flags=0, err=-61) [ 332.298594][ T9242] netlink: 'syz.2.1107': attribute type 8 has an invalid length. [ 332.301942][ T9242] netlink: 161700 bytes leftover after parsing attributes in process `syz.2.1107'. [ 332.478790][ T9253] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1111'. [ 332.645724][ T9258] xt_CT: You must specify a L4 protocol and not use inversions on it [ 332.970590][ T9263] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1115'. [ 333.482001][ T9271] openvswitch: netlink: Missing key (keys=44, expected=2000) [ 333.556872][ T9273] openvswitch: netlink: Missing key (keys=44, expected=2000) [ 334.336408][ T9288] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(10) [ 334.338195][ T9288] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 334.343766][ T9288] vhci_hcd vhci_hcd.0: Device attached [ 334.357845][ T9292] vhci_hcd: connection closed [ 334.358930][ T13] vhci_hcd: stop threads [ 334.363713][ T13] vhci_hcd: release socket [ 334.365214][ T13] vhci_hcd: disconnect device [ 335.064797][ T9301] openvswitch: netlink: Missing key (keys=44, expected=2000) [ 335.380042][ T9310] Illegal XDP return value 4294967274 on prog (id 368) dev syz_tun, expect packet loss! [ 341.111683][ T9318] netlink: 'syz.3.1136': attribute type 8 has an invalid length. [ 341.113797][ T9318] netlink: 161700 bytes leftover after parsing attributes in process `syz.3.1136'. [ 341.237542][ T5360] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 341.244446][ T5360] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 341.247122][ T5360] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 341.249966][ T5360] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 341.252160][ T5360] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 341.254105][ T5360] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 341.271642][ T5351] bridge0: port 3(syz_tun) entered disabled state [ 341.306211][ T5351] syz_tun (unregistering): left allmulticast mode [ 341.307940][ T5351] syz_tun (unregistering): left promiscuous mode [ 341.310010][ T5351] bridge0: port 3(syz_tun) entered disabled state [ 341.502111][ T9329] chnl_net:caif_netlink_parms(): no params data found [ 341.717286][ T9329] bridge0: port 1(bridge_slave_0) entered blocking state [ 341.721682][ T9329] bridge0: port 1(bridge_slave_0) entered disabled state [ 341.723964][ T9329] bridge_slave_0: entered allmulticast mode [ 341.730867][ T9329] bridge_slave_0: entered promiscuous mode [ 341.738988][ T9329] bridge0: port 2(bridge_slave_1) entered blocking state [ 341.741957][ T9329] bridge0: port 2(bridge_slave_1) entered disabled state [ 341.744871][ T9329] bridge_slave_1: entered allmulticast mode [ 341.748392][ T9329] bridge_slave_1: entered promiscuous mode [ 341.806926][ T9329] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 341.815866][ T9329] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 341.881875][ T9329] team0: Port device team_slave_0 added [ 341.887698][ T9329] team0: Port device team_slave_1 added [ 341.946636][ T9329] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 341.948593][ T9329] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 341.958049][ T9329] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 341.962416][ T9329] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 341.964365][ T9329] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 341.971900][ T9329] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 342.042130][ T9329] hsr_slave_0: entered promiscuous mode [ 342.045089][ T9329] hsr_slave_1: entered promiscuous mode [ 342.047288][ T9329] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 342.050396][ T9329] Cannot create hsr debugfs directory [ 342.270639][ T9329] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 342.403598][ T9329] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 342.518031][ T9329] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 342.526315][ T9363] xt_CT: You must specify a L4 protocol and not use inversions on it [ 342.681158][ T9329] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 342.817826][ T9329] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 342.830134][ T9329] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 342.834262][ T9329] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 342.839134][ T9329] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 342.954754][ T9329] 8021q: adding VLAN 0 to HW filter on device bond0 [ 342.968651][ T9329] 8021q: adding VLAN 0 to HW filter on device team0 [ 342.976575][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 342.978539][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 342.998204][ T45] bridge0: port 2(bridge_slave_1) entered blocking state [ 343.000193][ T45] bridge0: port 2(bridge_slave_1) entered forwarding state [ 343.286760][ T5360] Bluetooth: hci5: command tx timeout [ 343.310790][ T9378] openvswitch: netlink: Missing key (keys=44, expected=2000) [ 343.422615][ T9329] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 343.601795][ T9329] veth0_vlan: entered promiscuous mode [ 343.603123][ T9381] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1154'. [ 343.609775][ T9329] veth1_vlan: entered promiscuous mode [ 343.636508][ T9329] veth0_macvtap: entered promiscuous mode [ 343.642264][ T9329] veth1_macvtap: entered promiscuous mode [ 343.655846][ T9329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 343.658526][ T9329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 343.661192][ T9329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 343.664094][ T9329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 343.666528][ T9329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 343.669118][ T9329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 343.676206][ T9329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 343.678853][ T9329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 343.682202][ T9329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 343.684877][ T9329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 343.687732][ T9329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 343.695160][ T9329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 343.697861][ T9329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 343.701070][ T9329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 343.703852][ T9329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 343.706515][ T9329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 343.711418][ T9329] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 343.717703][ T9390] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1157'. [ 343.724716][ T9329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 343.727558][ T9329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 343.730589][ T9329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 343.733297][ T9329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 343.735869][ T9329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 343.738596][ T9329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 343.750871][ T9329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 343.753610][ T9329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 343.756131][ T9329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 343.758815][ T9329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 343.770494][ T9329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 343.773330][ T9329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 343.775878][ T9329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 343.778468][ T9329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 343.782231][ T9329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 343.785017][ T9329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 343.788928][ T9329] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 343.793254][ T9390] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 343.796288][ T9329] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 343.797326][ T9392] random: crng reseeded on system resumption [ 343.798790][ T9329] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 343.800405][ T9390] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 343.803135][ T9329] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 343.807158][ T9329] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 343.875538][ T1101] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 343.877867][ T1101] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 343.909458][ T1134] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 343.912733][ T1134] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 343.977776][ T9401] FAULT_INJECTION: forcing a failure. [ 343.977776][ T9401] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 343.977830][ T9401] [ 343.977833][ T9401] ====================================================== [ 343.977835][ T9401] WARNING: possible circular locking dependency detected [ 343.977839][ T9401] 6.11.0-syzkaller-02574-ga430d95c5efa #0 Not tainted [ 343.977844][ T9401] ------------------------------------------------------ [ 343.977847][ T9401] syz.1.1135/9401 is trying to acquire lock: [ 343.977851][ T9401] ffffffff8dda7cb8 ((console_sem).lock){-.-.}-{2:2}, at: down_trylock+0x12/0x70 [ 343.977878][ T9401] [ 343.977878][ T9401] but task is already holding lock: [ 343.977880][ T9401] ffff88802b72a858 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x5d/0x220 [ 343.977901][ T9401] [ 343.977901][ T9401] which lock already depends on the new lock. [ 343.977901][ T9401] [ 343.977904][ T9401] [ 343.977904][ T9401] the existing dependency chain (in reverse order) is: [ 343.977906][ T9401] [ 343.977906][ T9401] -> #3 (&base->lock){-.-.}-{2:2}: [ 343.977916][ T9401] _raw_spin_lock_irqsave+0x3a/0x60 [ 343.977930][ T9401] lock_timer_base+0x5d/0x220 [ 343.977940][ T9401] __mod_timer+0x426/0xdc0 [ 343.977951][ T9401] add_timer_global+0x8a/0xc0 [ 343.977963][ T9401] __queue_delayed_work+0x1ba/0x2e0 [ 343.977978][ T9401] queue_delayed_work_on+0x12a/0x150 [ 343.977992][ T9401] psi_task_change+0x1b4/0x2e0 [ 343.978002][ T9401] enqueue_task+0x1a5/0x350 [ 343.978016][ T9401] wake_up_new_task+0x5ba/0xd30 [ 343.978028][ T9401] kernel_clone+0x236/0x960 [ 343.978038][ T9401] user_mode_thread+0xb4/0xf0 [ 343.978048][ T9401] rest_init+0x23/0x2b0 [ 343.978058][ T9401] start_kernel+0x3e4/0x4d0 [ 343.978071][ T9401] x86_64_start_reservations+0x18/0x30 [ 343.978083][ T9401] x86_64_start_kernel+0xb2/0xc0 [ 343.978095][ T9401] common_startup_64+0x13e/0x148 [ 343.978105][ T9401] [ 343.978105][ T9401] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 343.978115][ T9401] _raw_spin_lock_nested+0x31/0x40 [ 343.978128][ T9401] raw_spin_rq_lock_nested+0x29/0x130 [ 343.978141][ T9401] task_fork_fair+0x73/0x250 [ 343.978152][ T9401] sched_cgroup_fork+0x3cf/0x510 [ 343.978160][ T9401] copy_process+0x470a/0x6f50 [ 343.978170][ T9401] kernel_clone+0xfd/0x960 [ 343.978179][ T9401] user_mode_thread+0xb4/0xf0 [ 343.978189][ T9401] rest_init+0x23/0x2b0 [ 343.978198][ T9401] start_kernel+0x3e4/0x4d0 [ 343.978215][ T9401] x86_64_start_reservations+0x18/0x30 [ 343.978228][ T9401] x86_64_start_kernel+0xb2/0xc0 [ 343.978240][ T9401] common_startup_64+0x13e/0x148 [ 343.978248][ T9401] [ 343.978248][ T9401] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 343.978259][ T9401] _raw_spin_lock_irqsave+0x3a/0x60 [ 343.978271][ T9401] try_to_wake_up+0x9a/0x13e0 [ 343.978283][ T9401] up+0x79/0xb0 [ 343.978291][ T9401] console_unlock+0x23e/0x290 [ 343.978299][ T9401] vga_remove_vgacon+0x90/0xd0 [ 343.978311][ T9401] aperture_remove_conflicting_pci_devices+0x16a/0x1e0 [ 343.978321][ T9401] bochs_pci_probe+0x101/0x1150 [ 343.978330][ T9401] local_pci_probe+0xde/0x1b0 [ 343.978344][ T9401] pci_device_probe+0x29d/0x7b0 [ 343.978352][ T9401] really_probe+0x23e/0xa90 [ 343.978361][ T9401] __driver_probe_device+0x1de/0x440 [ 343.978370][ T9401] driver_probe_device+0x4c/0x1b0 [ 343.978379][ T9401] __driver_attach+0x283/0x580 [ 343.978388][ T9401] bus_for_each_dev+0x13c/0x1d0 [ 343.978401][ T9401] bus_add_driver+0x2e9/0x690 [ 343.978408][ T9401] driver_register+0x15c/0x4b0 [ 343.978418][ T9401] bochs_pci_driver_init+0x67/0x80 [ 343.978431][ T9401] do_one_initcall+0x128/0x630 [ 343.978444][ T9401] kernel_init_freeable+0x660/0xc50 [ 343.978457][ T9401] kernel_init+0x1c/0x2b0 [ 343.978466][ T9401] ret_from_fork+0x45/0x80 [ 343.978479][ T9401] ret_from_fork_asm+0x1a/0x30 [ 343.978492][ T9401] [ 343.978492][ T9401] -> #0 ((console_sem).lock){-.-.}-{2:2}: [ 343.978502][ T9401] __lock_acquire+0x24ed/0x3cb0 [ 343.978514][ T9401] lock_acquire+0x1b1/0x560 [ 343.978526][ T9401] _raw_spin_lock_irqsave+0x3a/0x60 [ 343.978538][ T9401] down_trylock+0x12/0x70 [ 343.978546][ T9401] __down_trylock_console_sem+0x40/0x140 [ 343.978559][ T9401] vprintk_emit+0x3d3/0x600 [ 343.978567][ T9401] vprintk+0x7f/0xa0 [ 343.978575][ T9401] _printk+0xc8/0x100 [ 343.978586][ T9401] should_fail_ex+0x46c/0x5b0 [ 343.978596][ T9401] strncpy_from_user+0x38/0x320 [ 343.978606][ T9401] strncpy_from_user_nofault+0x7f/0x180 [ 343.978618][ T9401] bpf_probe_read_user_str+0x26/0x70 [ 343.978628][ T9401] bpf_prog_fc0bb622e9a87770+0x45/0x47 [ 343.978635][ T9401] bpf_trace_run2+0x231/0x590 [ 343.978646][ T9401] enqueue_timer+0x2b4/0x550 [ 343.978657][ T9401] __mod_timer+0x8d7/0xdc0 [ 343.978668][ T9401] sk_reset_timer+0x21/0xc0 [ 343.978678][ T9401] tipc_sk_finish_conn+0x183/0x790 [ 343.978692][ T9401] tipc_socketpair+0x364/0x470 [ 343.978704][ T9401] __sys_socketpair+0x2f0/0x5a0 [ 343.978713][ T9401] __ia32_sys_socketpair+0x95/0x100 [ 343.978723][ T9401] __do_fast_syscall_32+0x73/0x120 [ 343.978732][ T9401] do_fast_syscall_32+0x32/0x80 [ 343.978741][ T9401] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 343.978750][ T9401] [ 343.978750][ T9401] other info that might help us debug this: [ 343.978750][ T9401] [ 343.978752][ T9401] Chain exists of: [ 343.978752][ T9401] (console_sem).lock --> &rq->__lock --> &base->lock [ 343.978752][ T9401] [ 343.978763][ T9401] Possible unsafe locking scenario: [ 343.978763][ T9401] [ 343.978765][ T9401] CPU0 CPU1 [ 343.978767][ T9401] ---- ---- [ 343.978769][ T9401] lock(&base->lock); [ 343.978773][ T9401] lock(&rq->__lock); [ 343.978778][ T9401] lock(&base->lock); [ 343.978783][ T9401] lock((console_sem).lock); [ 343.978788][ T9401] [ 343.978788][ T9401] *** DEADLOCK *** [ 343.978788][ T9401] [ 343.978790][ T9401] 2 locks held by syz.1.1135/9401: [ 343.978795][ T9401] #0: ffff88802b72a858 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x5d/0x220 [ 343.978816][ T9401] #1: ffffffff8ddb9b60 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run2+0x1c2/0x590 [ 343.978837][ T9401] [ 343.978837][ T9401] stack backtrace: [ 343.978840][ T9401] CPU: 1 UID: 0 PID: 9401 Comm: syz.1.1135 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0 [ 343.978851][ T9401] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 343.978857][ T9401] Call Trace: [ 343.978861][ T9401] [ 343.978865][ T9401] dump_stack_lvl+0x116/0x1f0 [ 343.978877][ T9401] check_noncircular+0x31a/0x400 [ 343.978890][ T9401] ? __pfx_check_noncircular+0x10/0x10 [ 343.978904][ T9401] ? __pfx__prb_read_valid+0x10/0x10 [ 343.978915][ T9401] ? __pfx_format_decode+0x10/0x10 [ 343.978930][ T9401] ? lockdep_lock+0xc6/0x200 [ 343.978940][ T9401] ? __pfx_lockdep_lock+0x10/0x10 [ 343.978949][ T9401] ? vsnprintf+0x40f/0x1870 [ 343.978959][ T9401] __lock_acquire+0x24ed/0x3cb0 [ 343.978975][ T9401] ? __pfx___lock_acquire+0x10/0x10 [ 343.978988][ T9401] ? vprintk_store+0x222/0xbb0 [ 343.979003][ T9401] lock_acquire+0x1b1/0x560 [ 343.979016][ T9401] ? down_trylock+0x12/0x70 [ 343.979026][ T9401] ? __pfx_lock_acquire+0x10/0x10 [ 343.979039][ T9401] ? hlock_class+0x4e/0x130 [ 343.979050][ T9401] ? vprintk+0x7f/0xa0 [ 343.979059][ T9401] _raw_spin_lock_irqsave+0x3a/0x60 [ 343.979073][ T9401] ? down_trylock+0x12/0x70 [ 343.979082][ T9401] down_trylock+0x12/0x70 [ 343.979091][ T9401] __down_trylock_console_sem+0x40/0x140 [ 343.979106][ T9401] vprintk_emit+0x3d3/0x600 [ 343.979115][ T9401] vprintk+0x7f/0xa0 [ 343.979125][ T9401] _printk+0xc8/0x100 [ 343.979137][ T9401] ? __pfx__printk+0x10/0x10 [ 343.979149][ T9401] ? __pfx___lock_acquire+0x10/0x10 [ 343.979162][ T9401] ? ___ratelimit+0x24c/0x580 [ 343.979171][ T9401] ? map_id_up+0x290/0x370 [ 343.979186][ T9401] ? __pfx____ratelimit+0x10/0x10 [ 343.979195][ T9401] ? __pfx_map_id_up+0x10/0x10 [ 343.979214][ T9401] should_fail_ex+0x46c/0x5b0 [ 343.979226][ T9401] strncpy_from_user+0x38/0x320 [ 343.979238][ T9401] strncpy_from_user_nofault+0x7f/0x180 [ 343.979251][ T9401] bpf_probe_read_user_str+0x26/0x70 [ 343.979261][ T9401] bpf_prog_fc0bb622e9a87770+0x45/0x47 [ 343.979268][ T9401] bpf_trace_run2+0x231/0x590 [ 343.979280][ T9401] ? __pfx_bpf_trace_run2+0x10/0x10 [ 343.979290][ T9401] ? __pfx_debug_object_activate+0x10/0x10 [ 343.979308][ T9401] enqueue_timer+0x2b4/0x550 [ 343.979321][ T9401] __mod_timer+0x8d7/0xdc0 [ 343.979335][ T9401] ? __pfx___mod_timer+0x10/0x10 [ 343.979349][ T9401] ? net_generic+0xea/0x2a0 [ 343.979362][ T9401] ? __pfx_lock_release+0x10/0x10 [ 343.979375][ T9401] sk_reset_timer+0x21/0xc0 [ 343.979386][ T9401] tipc_sk_finish_conn+0x183/0x790 [ 343.979401][ T9401] tipc_socketpair+0x364/0x470 [ 343.979415][ T9401] __sys_socketpair+0x2f0/0x5a0 [ 343.979426][ T9401] ? __pfx___sys_socketpair+0x10/0x10 [ 343.979436][ T9401] ? fput+0x30/0x390 [ 343.979446][ T9401] ? __pfx_ksys_write+0x10/0x10 [ 343.979460][ T9401] __ia32_sys_socketpair+0x95/0x100 [ 343.979470][ T9401] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 343.979486][ T9401] __do_fast_syscall_32+0x73/0x120 [ 343.979496][ T9401] do_fast_syscall_32+0x32/0x80 [ 343.979505][ T9401] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 343.979516][ T9401] RIP: 0023:0xf7f55579 [ 343.979522][ T9401] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 343.979532][ T9401] RSP: 002b:00000000f56d656c EFLAGS: 00000296 ORIG_RAX: 0000000000000168 [ 343.979540][ T9401] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 0000000000000005 [ 343.979546][ T9401] RDX: 0000000000000000 RSI: 0000000020000940 RDI: 0000000000000000 [ 343.979551][ T9401] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 343.979557][ T9401] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 343.979562][ T9401] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 343.979571][ T9401] [ 344.236394][ T9401] CPU: 1 UID: 0 PID: 9401 Comm: syz.1.1135 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0 [ 344.238881][ T9401] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 344.241528][ T9401] Call Trace: [ 344.242335][ T9401] [ 344.243044][ T9401] dump_stack_lvl+0x116/0x1f0 [ 344.244217][ T9401] should_fail_ex+0x497/0x5b0 [ 344.245378][ T9401] strncpy_from_user+0x38/0x320 [ 344.246560][ T9401] strncpy_from_user_nofault+0x7f/0x180 [ 344.247905][ T9401] bpf_probe_read_user_str+0x26/0x70 [ 344.249183][ T9401] bpf_prog_fc0bb622e9a87770+0x45/0x47 [ 344.250496][ T9401] bpf_trace_run2+0x231/0x590 [ 344.251636][ T9401] ? __pfx_bpf_trace_run2+0x10/0x10 [ 344.252917][ T9401] ? __pfx_debug_object_activate+0x10/0x10 [ 344.254356][ T9401] enqueue_timer+0x2b4/0x550 [ 344.255487][ T9401] __mod_timer+0x8d7/0xdc0 [ 344.256610][ T9401] ? __pfx___mod_timer+0x10/0x10 [ 344.257818][ T9401] ? net_generic+0xea/0x2a0 [ 344.259039][ T9401] ? __pfx_lock_release+0x10/0x10 [ 344.260342][ T9401] sk_reset_timer+0x21/0xc0 [ 344.261577][ T9401] tipc_sk_finish_conn+0x183/0x790 [ 344.262926][ T9401] tipc_socketpair+0x364/0x470 [ 344.264198][ T9401] __sys_socketpair+0x2f0/0x5a0 [ 344.265465][ T9401] ? __pfx___sys_socketpair+0x10/0x10 [ 344.266808][ T9401] ? fput+0x30/0x390 [ 344.267818][ T9401] ? __pfx_ksys_write+0x10/0x10 [ 344.269090][ T9401] __ia32_sys_socketpair+0x95/0x100 [ 344.270432][ T9401] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 344.272374][ T9401] __do_fast_syscall_32+0x73/0x120 [ 344.273832][ T9401] do_fast_syscall_32+0x32/0x80 [ 344.275034][ T9401] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 344.276553][ T9401] RIP: 0023:0xf7f55579 [ 344.277785][ T9401] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 344.282554][ T9401] RSP: 002b:00000000f56d656c EFLAGS: 00000296 ORIG_RAX: 0000000000000168 [ 344.284576][ T9401] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 0000000000000005 [ 344.286515][ T9401] RDX: 0000000000000000 RSI: 0000000020000940 RDI: 0000000000000000 [ 344.288422][ T9401] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 344.290604][ T9401] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 344.293073][ T9401] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 344.295270][ T9401] [ 344.314311][ T9398] openvswitch: netlink: Missing key (keys=44, expected=2000) SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 344.394739][ T1101] bridge_slave_1: left allmulticast mode [ 344.396291][ T1101] bridge_slave_1: left promiscuous mode [ 344.397853][ T1101] bridge0: port 2(bridge_slave_1) entered disabled state [ 344.401343][ T1101] bridge_slave_0: left allmulticast mode [ 344.402840][ T1101] bridge_slave_0: left promiscuous mode [ 344.405153][ T1101] bridge0: port 1(bridge_slave_0) entered disabled state [ 344.586160][ T1101] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 344.612531][ T1101] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 344.616217][ T1101] bond0 (unregistering): Released all slaves [ 344.936738][ T1101] hsr_slave_0: left promiscuous mode [ 344.938600][ T1101] hsr_slave_1: left promiscuous mode [ 344.940873][ T1101] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 344.943015][ T1101] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 344.945395][ T1101] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 344.947386][ T1101] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 344.951108][ T1101] veth1_macvtap: left promiscuous mode [ 344.952595][ T1101] veth0_macvtap: left promiscuous mode [ 344.954098][ T1101] veth1_vlan: left promiscuous mode [ 344.955526][ T1101] veth0_vlan: left promiscuous mode [ 345.165113][ T1101] team0 (unregistering): Port device team_slave_1 removed [ 345.239786][ T1101] team0 (unregistering): Port device team_slave_0 removed [ 345.988281][ T1101] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 346.077148][ T1101] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 346.157167][ T1101] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 346.234896][ T1101] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 346.295037][ T1101] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 346.355565][ T1101] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 346.396195][ T1101] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 346.457987][ T1101] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 346.560009][ T1101] bridge_slave_1: left allmulticast mode [ 346.562784][ T1101] bridge_slave_1: left promiscuous mode [ 346.564360][ T1101] bridge0: port 2(bridge_slave_1) entered disabled state [ 346.573465][ T1101] bridge_slave_0: left allmulticast mode [ 346.574963][ T1101] bridge_slave_0: left promiscuous mode [ 346.576500][ T1101] bridge0: port 1(bridge_slave_0) entered disabled state [ 346.580719][ T1101] bridge_slave_1: left allmulticast mode [ 346.582746][ T1101] bridge_slave_1: left promiscuous mode [ 346.584879][ T1101] bridge0: port 2(bridge_slave_1) entered disabled state [ 346.589090][ T1101] bridge_slave_0: left allmulticast mode [ 346.591952][ T1101] bridge_slave_0: left promiscuous mode [ 346.594088][ T1101] bridge0: port 1(bridge_slave_0) entered disabled state [ 346.599143][ T1101] bridge_slave_1: left allmulticast mode [ 346.604440][ T1101] bridge_slave_1: left promiscuous mode [ 346.605949][ T1101] bridge0: port 2(bridge_slave_1) entered disabled state [ 346.609045][ T1101] bridge_slave_0: left allmulticast mode [ 346.610653][ T1101] bridge_slave_0: left promiscuous mode [ 346.612211][ T1101] bridge0: port 1(bridge_slave_0) entered disabled state [ 346.615712][ T1101] bridge_slave_1: left allmulticast mode [ 346.617201][ T1101] bridge_slave_1: left promiscuous mode [ 346.618889][ T1101] bridge0: port 2(bridge_slave_1) entered disabled state [ 346.623322][ T1101] bridge_slave_0: left allmulticast mode [ 346.624790][ T1101] bridge_slave_0: left promiscuous mode [ 346.626291][ T1101] bridge0: port 1(bridge_slave_0) entered disabled state [ 347.326353][ T1101] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 347.330192][ T1101] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 347.334008][ T1101] bond0 (unregistering): Released all slaves [ 347.341944][ T1101] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 347.346399][ T1101] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 347.349805][ T1101] bond0 (unregistering): Released all slaves [ 347.354655][ T1101] bond1 (unregistering): Released all slaves [ 347.362367][ T1101] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 347.365971][ T1101] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 347.369227][ T1101] bond0 (unregistering): Released all slaves [ 347.377138][ T1101] bond1 (unregistering): Released all slaves [ 347.383699][ T1101] bond2 (unregistering): Released all slaves [ 347.394599][ T1101] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 347.398278][ T1101] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 347.403877][ T1101] bond0 (unregistering): Released all slaves [ 347.411520][ T1101] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 347.415244][ T1101] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 347.418498][ T1101] bond0 (unregistering): Released all slaves [ 348.058706][ T1101] team0: Port device wlan1 removed [ 348.619157][ T1101] hsr_slave_0: left promiscuous mode [ 348.621867][ T1101] hsr_slave_1: left promiscuous mode [ 348.624883][ T1101] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 348.627482][ T1101] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 348.633994][ T1101] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 348.636633][ T1101] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 348.641627][ T1101] hsr_slave_0: left promiscuous mode [ 348.643449][ T1101] hsr_slave_1: left promiscuous mode [ 348.645432][ T1101] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 348.647418][ T1101] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 348.649752][ T1101] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 348.651982][ T1101] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 348.656607][ T1101] hsr_slave_0: left promiscuous mode [ 348.658502][ T1101] hsr_slave_1: left promiscuous mode [ 348.660598][ T1101] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 348.662538][ T1101] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 348.664858][ T1101] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 348.666829][ T1101] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 348.671524][ T1101] hsr_slave_0: left promiscuous mode [ 348.673354][ T1101] hsr_slave_1: left promiscuous mode [ 348.675241][ T1101] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 348.677197][ T1101] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 348.679502][ T1101] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 348.682358][ T1101] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 348.686729][ T1101] hsr_slave_0: left promiscuous mode [ 348.688642][ T1101] hsr_slave_1: left promiscuous mode [ 348.691261][ T1101] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 348.693831][ T1101] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 348.697843][ T1101] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 348.700419][ T1101] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 348.711734][ T1101] veth1_macvtap: left promiscuous mode [ 348.713544][ T1101] veth0_macvtap: left promiscuous mode [ 348.715038][ T1101] veth1_vlan: left promiscuous mode [ 348.716698][ T1101] veth0_vlan: left promiscuous mode [ 348.718997][ T1101] veth1_macvtap: left promiscuous mode [ 348.721243][ T1101] veth0_macvtap: left promiscuous mode [ 348.722694][ T1101] veth1_vlan: left promiscuous mode [ 348.724058][ T1101] veth0_vlan: left promiscuous mode [ 348.726332][ T1101] veth1_macvtap: left promiscuous mode [ 348.727840][ T1101] veth0_macvtap: left promiscuous mode [ 348.729348][ T1101] veth1_vlan: left promiscuous mode [ 348.730785][ T1101] veth0_vlan: left promiscuous mode [ 348.733193][ T1101] veth1_macvtap: left promiscuous mode [ 348.734637][ T1101] veth0_macvtap: left promiscuous mode [ 348.736480][ T1101] veth1_vlan: left promiscuous mode [ 348.738175][ T1101] veth0_vlan: left promiscuous mode [ 348.740623][ T1101] veth1_macvtap: left promiscuous mode [ 348.742141][ T1101] veth0_macvtap: left promiscuous mode [ 348.743667][ T1101] veth1_vlan: left promiscuous mode [ 348.745138][ T1101] veth0_vlan: left promiscuous mode [ 349.360492][ T1101] team0 (unregistering): Port device team_slave_1 removed [ 349.414042][ T1101] team0 (unregistering): Port device team_slave_0 removed [ 349.941378][ T1101] team0 (unregistering): Port device team_slave_1 removed [ 349.949515][ T1101] team0 (unregistering): Port device team_slave_0 removed [ 350.382102][ T1101] team0 (unregistering): Port device team_slave_1 removed [ 350.430774][ T1101] team0 (unregistering): Port device team_slave_0 removed [ 350.726676][ T1101] team0 (unregistering): Port device team_slave_1 removed [ 350.782144][ T1101] team0 (unregistering): Port device team_slave_0 removed [ 351.267875][ T1101] team0 (unregistering): Port device team_slave_1 removed [ 351.326217][ T1101] team0 (unregistering): Port device team_slave_0 removed VM DIAGNOSIS: 18:32:54 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000000 RBX=0000000000000003 RCX=ffffffff813bf4ae RDX=ffff888025792440 RSI=ffffffff813bf4cb RDI=0000000000000000 RBP=ffff88802b72a840 RSP=ffffc900000073f8 R8 =0000000000000000 R9 =0000000000000003 R10=0000000000000003 R11=ffff88802b628a40 R12=0000000000000003 R13=0000000000000003 R14=ffff88802b63fa40 R15=ffffed10056e5508 RIP=ffffffff813bf4cc RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f0479ab3d00 ffffffff 00c00000 GS =0000 ffff88802b600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000000000000 CR3=00000000466a6000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=4027b196fbdb1f7b 6490263dce7db6c8 3579e7967ded34a2 30e52b06390fbdd0 24ae22a8a32c0a0d 0f3ce47a625e5045 db6f32ac2c84c90d 3b8d449550cbfc21 ZMM17=08003c080006004a fe1c000002400000 000d000000010000 0000000004900000 0014000000000000 0000000000000000 0000000000150000 00000001df8a0000 ZMM18=0008000488030008 0004800303800201 00000a0806020800 0100000208060801 03d6001000038803 0008000380031008 0004800201080006 0a4aa80008000488 ZMM19=0000000000000000 0000000001ffffff ffffffffffd7080e d8030004000ed403 0004000ed0030010 000ec0030004000e bc030004000eb803 0008000eb0030010 ZMM20=29952c3b29952c3b 29952c3b29952c3b 29952c3b29952c3b 29952c3b29952c3b 29952c3b29952c3b 29952c3b29952c3b 29952c3b29952c3b 29952c3b29952c3b ZMM21=e3468fe6e3468fe6 e3468fe6e3468fe6 e3468fe6e3468fe6 e3468fe6e3468fe6 e3468fe6e3468fe6 e3468fe6e3468fe6 e3468fe6e3468fe6 e3468fe6e3468fe6 ZMM22=66927ac166927ac1 66927ac166927ac1 66927ac166927ac1 66927ac166927ac1 66927ac166927ac1 66927ac166927ac1 66927ac166927ac1 66927ac166927ac1 ZMM23=9933765a9933765a 9933765a9933765a 9933765a9933765a 9933765a9933765a 9933765a9933765a 9933765a9933765a 9933765a9933765a 9933765a9933765a ZMM24=036cf939036cf939 036cf939036cf939 036cf939036cf939 036cf939036cf939 036cf939036cf939 036cf939036cf939 036cf939036cf939 036cf939036cf939 ZMM25=5905676d5905676d 5905676d5905676d 5905676d5905676d 5905676d5905676d 5905676d5905676d 5905676d5905676d 5905676d5905676d 5905676d5905676d ZMM26=f4fc64f5f4fc64f5 f4fc64f5f4fc64f5 f4fc64f5f4fc64f5 f4fc64f5f4fc64f5 f4fc64f5f4fc64f5 f4fc64f5f4fc64f5 f4fc64f5f4fc64f5 f4fc64f5f4fc64f5 ZMM27=bec181f6bec181f6 bec181f6bec181f6 bec181f6bec181f6 bec181f6bec181f6 bec181f6bec181f6 bec181f6bec181f6 bec181f6bec181f6 bec181f6bec181f6 ZMM28=000000100000000f 0000000e0000000d 0000000c0000000b 0000000a00000009 0000000800000007 0000000600000005 0000000400000003 0000000200000001 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=d1080000d1080000 d1080000d1080000 d1080000d1080000 d1080000d1080000 d1080000d1080000 d1080000d1080000 d1080000d1080000 d1080000d1080000 info registers vcpu 1 CPU#1 RAX=0000000000000034 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff84fcd3b5 RDI=ffffffff9a5e9460 RBP=ffffffff9a5e9420 RSP=ffffc90002e6f648 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d R12=0000000000000000 R13=0000000000000034 R14=ffffffff84fcd350 R15=0000000000000000 RIP=ffffffff84fcd3df RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b700000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f56d5fbc CR3=000000006dcc2000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=ffff88802b746300 RCX=ffffffff817efdcb RDX=ffff88802097a440 RSI=ffffffff817efda5 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc90006d4f910 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000 R12=ffffed10056e8c61 R13=0000000000000001 R14=ffff88802b746308 R15=ffff88802b83fd80 RIP=ffffffff817efdb1 RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b800000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000000000000 CR3=000000000db7c000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000044000001 Opmask01=0000000000000000 Opmask02=000000007ffeffff Opmask03=2040000404420020 Opmask04=00000000ffffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4b5f5455504e495f 4449006b636f6c62 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff8ea3e4e0 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff8ea3de70 0000003000000010 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000ff00000000 00ff000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00ff000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 737326a393d9c343 737326a393d853d3 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 3e8da1fa3a7a4be1 737326a6ced7a477 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6d25203a7325206b 6e696c6d79732065 7461657263206f74 2064656c69614600 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4800051f5600054e 4b4c49485c560540 5144405746054a51 054140494c444600 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000003 000055d0e0a94060 0000000000000051 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000302f716d2f 32706f6f6c2f6b63 6f6c622f6c617574 7269762f73656369 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 65642f3000021f4a 44191d0b432f1811 0a1a0b5d08615a11 1e1c12401e4a1010 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 777e7f7f7e3f3f6b 773f5fffffefffdf 7f7f7fdfffffffdd 5f7f7ff5fefbdbdf ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 49383a3a2648383a 3a2633383a3a2632 383a3a263d383a3a 263c383a3a263f38 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 70632f2f2f716d2f 00006f6f6c2f6b63 0000622f6c617574 0000000000003069 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000002f2f716d2f 00006f6f6c2f6b63 0000622f6c617508 0000000000003069 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000001 RBX=ffff88802b646340 RCX=ffffffff817efdcb RDX=ffff8880255ec880 RSI=0000000000000000 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc90002e7fc00 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=1ffff1100d897d74 R12=ffffed10056c8c69 R13=0000000000000001 R14=ffff88802b646348 R15=ffff88802b93fd80 RIP=ffffffff818b2558 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b900000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000030818ff8 CR3=0000000072a14000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff8ea3de50 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2a2a2a2a2a2a2a2a 2a2a2a2a2a2a2a2a ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ff000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ff000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 737326a393d9c343 737326a393d853d3 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 3e8da1fa3a7a4be1 737326a6ced7a477 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000