last executing test programs: 4.769968205s ago: executing program 1 (id=96): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x15, 0x8, 0x8, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0xf, &(0x7f0000000c80)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {0x7, 0x0, 0xb, 0x2}, {0x85, 0x0, 0x0, 0x51}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x5}}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) 4.766553398s ago: executing program 1 (id=97): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x15, 0x8, 0x8, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0xf, &(0x7f0000000c80)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {0x7, 0x0, 0xb, 0x2}, {0x85, 0x0, 0x0, 0x51}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x5}}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) (fail_nth: 2) 4.420170112s ago: executing program 1 (id=98): socket$nl_route(0x10, 0x3, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) socket$inet6_sctp(0xa, 0x1, 0x84) syz_open_dev$hidraw(&(0x7f0000000280), 0x0, 0x0) syz_open_dev$hidraw(&(0x7f0000000940), 0x0, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) pselect6(0x40, &(0x7f00000000c0)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x3}, 0x0, &(0x7f0000000140)={0x1ff, 0xfffffffffffffffd, 0x0, 0x4, 0x0, 0x0, 0x3, 0x2}, 0x0, 0x0) getdents(0xffffffffffffffff, 0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x803}) ioctl$TUNSETCARRIER(r0, 0x400454e2, &(0x7f0000000100)) ioctl$TUNSETCARRIER(r0, 0x400454e2, &(0x7f00000001c0)=0x1) close(r0) 3.560609692s ago: executing program 1 (id=108): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0x4048aecb, &(0x7f0000000600)={0x4, 0x0, [{0x7}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}, {}]}) 3.460703799s ago: executing program 1 (id=110): bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xd, 0x4, &(0x7f0000000340)=ANY=[@ANYBLOB="b40000000000000061114800000000004600feff0000000095000000000000003539b6768fa5ade56fa2db970d96d1755e50ed3b3e0f9487c23830fc3092a43c486a439bb1aaf1"], &(0x7f0000000080)='GPL\x00', 0x4, 0x3e0, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x76, 0x0, 0xffffffffffffffff, 0xffffff33, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) r0 = openat$audio1(0xffffff9c, &(0x7f0000000580), 0x4000, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=@RTM_NEWMDB={0x38, 0x54, 0x1e5, 0x0, 0x0, {}, [@MDBA_SET_ENTRY={0x20, 0x1, {r3, 0x1, 0x3, 0x2, {@in6_addr=@mcast2, 0x86dd}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4800}, 0x0) mkdir(&(0x7f00000005c0)='./file0\x00', 0x10) ioctl$FIOCLEX(r0, 0x5451) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r4 = syz_usb_connect(0x0, 0x24, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000cc1ef420890b070064ef000000010902120001000000000904"], 0x0) syz_usb_disconnect(r4) r5 = syz_open_dev$evdev(&(0x7f0000000040), 0x3e, 0x208604) r6 = syz_usb_connect$cdc_ecm(0x0, 0x5e, &(0x7f0000000000)=ANY=[@ANYBLOB="12011001020000402505a1a440000102030d0902"], 0x0) syz_usb_disconnect(r6) syz_usb_disconnect(r5) syz_usb_connect(0x0, 0x2d, &(0x7f0000000180)=ANY=[], 0x0) syz_open_dev$char_usb(0xc, 0xb4, 0x0) syz_usb_disconnect(r6) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x3, 0x4, &(0x7f0000000140)=@framed={{0x18, 0x2, 0x0, 0x0, 0x82b, 0x0, 0x0, 0x0, 0x400}, [@call={0x85, 0x0, 0x0, 0x97}]}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r7, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x4c) r8 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_REPLACE(r8, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x51c, 0x0, 0x25, 0x148, 0x340, 0x60, 0x488, 0x2a8, 0x2a8, 0x488, 0x2a8, 0x3, 0x0, {[{{@ip={@multicast2, @local, 0xffffffff, 0xff000000, 'bridge_slave_1\x00', 'veth1\x00', {0xff}, {0xff}, 0x73, 0x2, 0x48}, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x0, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@empty, @empty, 0x0, 0x0, 'syzkaller0\x00', 'veth0_to_team\x00'}, 0x0, 0xe8, 0x148, 0x0, {}, [@common=@set={{0x40}, {{0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}}}, @common=@unspec=@statistic={{0x38}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x0, [], 0x0, 0x2}}}}], {{'\x00', 0xc8, 0x70, 0x94}, {0x24}}}}, 0x578) 2.580453166s ago: executing program 2 (id=116): syz_open_procfs(0x0, &(0x7f0000000040)='stack\x00') socket$nl_generic(0x10, 0x3, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) userfaultfd(0x801) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', 0x0}) r2 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000001300a7cc4a372eaf541d002007000000", @ANYRES32=r1, @ANYBLOB="00000000030000001c001a80080002802d00ff0008000200", @ANYRES16=r0, @ANYRES32=r2], 0x44}}, 0x0) 2.580111098s ago: executing program 2 (id=117): socket$inet6(0xa, 0x2, 0x3a) personality(0x4100001) pselect6(0xfffffe1b, 0x0, 0x0, 0x0, &(0x7f0000000200), &(0x7f0000000140)={&(0x7f0000000240)={[0x5a9819a5]}, 0x8}) socket$inet6_udplite(0xa, 0x2, 0x88) socket$netlink(0x10, 0x3, 0x10) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0200"], 0x48) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x0, 0x0}, &(0x7f0000000440)=0xc) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x71, &(0x7f0000000080)={r1}, &(0x7f00000000c0)=0x18) r2 = syz_io_uring_setup(0x4672, &(0x7f0000000480)={0x0, 0x0, 0x6, 0x1, 0x2c5}, &(0x7f0000000500), &(0x7f0000000140)) io_uring_enter(r2, 0x567, 0x0, 0x1, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x20000000000001a1, &(0x7f0000000040)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000340)=[{0x0, 0x1, 0xa, 0xb}, {0x4000005, 0x2, 0x13, 0x2}, {0x5, 0x5, 0x5, 0xa}], 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r3 = syz_open_dev$vim2m(&(0x7f0000000280), 0x0, 0x2) ioctl$vim2m_VIDIOC_QUERYCAP(r3, 0x80685600, &(0x7f0000000380)) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4) r5 = openat$vicodec1(0xffffff9c, &(0x7f00000003c0), 0x2, 0x0) ioctl$VIDIOC_G_EXT_CTRLS(r5, 0xc0185647, &(0x7f0000000480)={0xa10000, 0x401, 0x5, 0xffffffffffffffff, 0x0, 0x0}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) timer_create(0x3, &(0x7f0000000040)={0x0, 0x27, 0x1, @tid=r4}, &(0x7f00000000c0)) connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r7, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'vxcan0\x00'}) 1.630724716s ago: executing program 2 (id=123): openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2) openat$procfs(0xffffffffffffff9c, &(0x7f0000000600)='/proc/mdstat\x00', 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 1.630283903s ago: executing program 2 (id=124): r0 = fsopen(&(0x7f0000000100)='ceph\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='source', &(0x7f0000000000)=':::\n-&\xf5\xcc\xd7\x06f\xcdY\xb9\xc7\x9d\xb2a\r\xd7\xef\xc5\x112i\x88\n\x13.\xd6\xfa\xd5?\xc7\xfd&\x8d*\xbb\xa7&,\xe9\xa3\'\x91>C\x1b\x15\x87\xeb\xfe\x1c\x9d\\C\xfeI\'\xae\x8fKHq\x89\x83\xbb\x9dC\xd6Hy\x04\xa4\xb6\x88\xdb\xa1b\xae\xa7\x87\xcc\xc7\xa4\xdc\n:///\x00\x00\x00\x85^\x00\x0f\bu\x01\xab\x8c\x95?\x90\x8d_r\xe7\r\'-06,\xff\x84x\'+\xd5\xd4?[e\x19\xa3\\J\xe9\x8a\xb9\xe4r\x93\xb3\xd3J \x06\x03\xae', 0xfeffffff00000000) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r1 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000ce8000/0x2000)=nil, 0x930, 0x0, 0x12, r1, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = socket$alg(0x26, 0x5, 0x0) mount$tmpfs(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x40000, &(0x7f0000000300)={[{@huge_always}, {@mpol={'mpol', 0x3d, {'prefer', '=relative', @val={0x3a, [0x35, 0x37]}}}}, {@inode32}, {@grpquota_inode_hardlimit={'grpquota_inode_hardlimit', 0x3d, [0x65, 0x30, 0x31, 0x67, 0x39, 0x30, 0x32]}}, {@nr_blocks={'nr_blocks', 0x3d, [0x34, 0x25, 0x38, 0x38, 0x35]}}, {@quota}, {@usrquota_inode_hardlimit={'usrquota_inode_hardlimit', 0x3d, [0x35, 0x30]}}, {@grpquota_block_hardlimit={'grpquota_block_hardlimit', 0x3d, [0x6b]}}], [{@subj_type={'subj_type', 0x3d, '/dev/hpet\x00'}}, {@dont_appraise}, {@obj_role={'obj_role', 0x3d, 'crct10dif-generic\x00'}}, {@obj_role={'obj_role', 0x3d, 'ceph\x00'}}, {@subj_role={'subj_role', 0x3d, ':::\n-&\xf5\xcc\xd7\x06f\xcdY\xb9\xc7\x9d\xb2a\r\xd7\xef\xc5\x112i\x88\n\x13.\xd6\xfa\xd5?\xc7\xfd&\x8d*\xbb\xa7&,\xe9\xa3\'\x91>C\x1b\x15\x87\xeb\xfe\x1c\x9d\\C\xfeI\'\xae\x8fKHq\x89\x83\xbb\x9dC\xd6Hy\x04\xa4\xb6\x88\xdb\xa1b\xae\xa7\x87\xcc\xc7\xa4\xdc\n:///\x00\x00\x00\x85^\x00\x0f\bu\x01\xab\x8c\x95?\x90\x8d_r\xe7\r\'-06,\xff\x84x\'+\xd5\xd4?[e\x19\xa3\\J\xe9\x8a\xb9\xe4r\x93\xb3\xd3J \x06\x03\xae'}}]}) bind$alg(r2, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'crct10dif-generic\x00'}, 0x58) fcntl$addseals(0xffffffffffffffff, 0x409, 0x8) bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301) writev(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000300)="4800000014001d0d09074beafd0d8c560284606080ffe0064e204e20590000a2bc5603ca00000f7f8907000020008d42188fedc22e47ad8f75edc6d100000101ff0000000309ff", 0x47}], 0x1) ioctl$USBDEVFS_CLEAR_HALT(r3, 0xc0105502, &(0x7f0000000340)={0x1, 0x1}) r4 = accept4(r2, 0x0, 0x0, 0x0) socket$nl_audit(0x10, 0x3, 0x9) sendmsg$netlink(r4, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000140), 0x0, 0x0, 0x0, 0x4}, 0x0) syz_clone(0x46201000, 0x0, 0x0, 0x0, 0x0, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xf, &(0x7f0000000480)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x4009}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r7 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r7, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000840)='virtio_transport_alloc_pkt\x00', r6}, 0x18) setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r7, 0x28, 0x1, &(0x7f0000000100)=0xfffffffffffffffe, 0x112) socket$pppl2tp(0x18, 0x1, 0x1) 1.530579698s ago: executing program 2 (id=125): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001600), 0x0, 0x0) ioctl$TCSBRKP(r0, 0x5425, 0x0) r1 = io_uring_setup(0x4aada, &(0x7f0000000100)={0x0, 0xf9e2, 0x1000, 0x0, 0x247}) close(r1) ioctl$TCSETSW2(r0, 0x5425, 0x0) 1.380198303s ago: executing program 3 (id=127): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000180)=0x3, 0x12) syz_init_net_socket$rose(0xb, 0x5, 0x0) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r3, 0x84, 0x12, &(0x7f00000002c0)=0x2, 0x4) r4 = socket$kcm(0x21, 0x2, 0xa) sendmsg$kcm(r4, &(0x7f0000000080)={&(0x7f0000000100)=@rxrpc=@in6={0x21, 0x1, 0x2, 0x1c, {0xa, 0x4e20, 0x9c00fc00, @dev={0xfe, 0x80, '\x00', 0x30}, 0x1df}}, 0x80, 0x0, 0x0, &(0x7f0000001240)=[{0x10, 0x110, 0x1, "dc"}], 0x10}, 0x0) bind$inet6(r3, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r3, 0x0, 0x0, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) 980.567681ms ago: executing program 2 (id=128): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) syz_genetlink_get_family_id$nfc(0x0, 0xffffffffffffffff) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f0000000480)=[{{&(0x7f0000000300)=@qipcrtr, 0x80, &(0x7f0000000000)=[{&(0x7f0000000380)=""/229, 0xe5}], 0x1, 0x0, 0x15}, 0x10}], 0x1, 0x2, 0x0) madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) syz_emit_ethernet(0x0, 0x0, 0x0) syz_open_dev$sg(0x0, 0x0, 0x8002) socket$inet6_udp(0xa, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000041000000850000008600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70200000000f400850000008600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) close(r5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)) ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) 810.933043ms ago: executing program 0 (id=129): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x21, 0x2, 0x2) recvmmsg(r1, &(0x7f0000000380)=[{{0x0, 0x0, 0x0}, 0x3378}], 0x1, 0x2022, 0x0) setsockopt$sock_int(r0, 0x1, 0x2a, &(0x7f0000fee000)=0xba, 0x4) 810.843477ms ago: executing program 0 (id=130): mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0) execve(&(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000640)={[&(0x7f0000000480)='=3-\x00']}) 760.598502ms ago: executing program 0 (id=131): mkdir(&(0x7f0000000400)='./file0\x00', 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='tmpfs\x00', 0x0, &(0x7f00000001c0)='grpquota') umount2(&(0x7f0000000340)='./file0\x00', 0x1) 758.82635ms ago: executing program 0 (id=132): r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2) openat$procfs(0xffffffffffffff9c, &(0x7f0000000600)='/proc/mdstat\x00', 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 700.776097ms ago: executing program 0 (id=133): r0 = fsopen(&(0x7f0000000100)='ceph\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='source', &(0x7f0000000000)=':::\n-&\xf5\xcc\xd7\x06f\xcdY\xb9\xc7\x9d\xb2a\r\xd7\xef\xc5\x112i\x88\n\x13.\xd6\xfa\xd5?\xc7\xfd&\x8d*\xbb\xa7&,\xe9\xa3\'\x91>C\x1b\x15\x87\xeb\xfe\x1c\x9d\\C\xfeI\'\xae\x8fKHq\x89\x83\xbb\x9dC\xd6Hy\x04\xa4\xb6\x88\xdb\xa1b\xae\xa7\x87\xcc\xc7\xa4\xdc\n:///\x00\x00\x00\x85^\x00\x0f\bu\x01\xab\x8c\x95?\x90\x8d_r\xe7\r\'-06,\xff\x84x\'+\xd5\xd4?[e\x19\xa3\\J\xe9\x8a\xb9\xe4r\x93\xb3\xd3J \x06\x03\xae', 0xfeffffff00000000) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r1 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000ce8000/0x2000)=nil, 0x930, 0x0, 0x12, r1, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = socket$alg(0x26, 0x5, 0x0) mount$tmpfs(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x40000, &(0x7f0000000300)={[{@huge_always}, {@mpol={'mpol', 0x3d, {'prefer', '=relative', @val={0x3a, [0x35, 0x37]}}}}, {@inode32}, {@grpquota_inode_hardlimit={'grpquota_inode_hardlimit', 0x3d, [0x65, 0x30, 0x31, 0x67, 0x39, 0x30, 0x32]}}, {@nr_blocks={'nr_blocks', 0x3d, [0x34, 0x25, 0x38, 0x38, 0x35]}}, {@quota}, {@usrquota_inode_hardlimit={'usrquota_inode_hardlimit', 0x3d, [0x35, 0x30]}}, {@grpquota_block_hardlimit={'grpquota_block_hardlimit', 0x3d, [0x6b]}}], [{@subj_type={'subj_type', 0x3d, '/dev/hpet\x00'}}, {@dont_appraise}, {@obj_role={'obj_role', 0x3d, 'crct10dif-generic\x00'}}, {@obj_role={'obj_role', 0x3d, 'ceph\x00'}}, {@subj_role={'subj_role', 0x3d, ':::\n-&\xf5\xcc\xd7\x06f\xcdY\xb9\xc7\x9d\xb2a\r\xd7\xef\xc5\x112i\x88\n\x13.\xd6\xfa\xd5?\xc7\xfd&\x8d*\xbb\xa7&,\xe9\xa3\'\x91>C\x1b\x15\x87\xeb\xfe\x1c\x9d\\C\xfeI\'\xae\x8fKHq\x89\x83\xbb\x9dC\xd6Hy\x04\xa4\xb6\x88\xdb\xa1b\xae\xa7\x87\xcc\xc7\xa4\xdc\n:///\x00\x00\x00\x85^\x00\x0f\bu\x01\xab\x8c\x95?\x90\x8d_r\xe7\r\'-06,\xff\x84x\'+\xd5\xd4?[e\x19\xa3\\J\xe9\x8a\xb9\xe4r\x93\xb3\xd3J \x06\x03\xae'}}]}) bind$alg(r2, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'crct10dif-generic\x00'}, 0x58) fcntl$addseals(0xffffffffffffffff, 0x409, 0x8) bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301) writev(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000300)="4800000014001d0d09074beafd0d8c560284606080ffe0064e204e20590000a2bc5603ca00000f7f8907000020008d42188fedc22e47ad8f75edc6d100000101ff0000000309ff", 0x47}], 0x1) ioctl$USBDEVFS_CLEAR_HALT(r3, 0xc0105502, &(0x7f0000000340)={0x1, 0x1}) r4 = accept4(r2, 0x0, 0x0, 0x0) socket$nl_audit(0x10, 0x3, 0x9) sendmsg$netlink(r4, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000140), 0x0, 0x0, 0x0, 0x4}, 0x0) syz_clone(0x46201000, 0x0, 0x0, 0x0, 0x0, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xf, &(0x7f0000000480)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x4009}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r7 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r7, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000840)='virtio_transport_alloc_pkt\x00', r6}, 0x18) setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r7, 0x28, 0x1, &(0x7f0000000100)=0xfffffffffffffffe, 0x112) mremap(&(0x7f0000000000/0x9000)=nil, 0x200003, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil) 610.338028ms ago: executing program 0 (id=134): write$char_usb(0xffffffffffffffff, 0x0, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000040), 0x8, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1}) syz_usb_connect(0x0, 0x2d, &(0x7f00000003c0)=ANY=[@ANYBLOB="120100009ac0b620110f211066865578ac0109029c000100000400090400bf900b64ea00090587033b"], 0x0) r1 = epoll_create1(0x0) capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000200)={0x0, 0x1, 0x0, 0xffffffff, 0x9}) r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r2) ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, r2, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$TIPC_CMD_SET_LINK_TOL(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010025bd7000ffdbdf2501000000000000000741"], 0x68}, 0x1, 0x0, 0x0, 0x40001}, 0x400c090) epoll_pwait(r1, &(0x7f0000000200)=[{}], 0x1, 0x6e, &(0x7f00000001c0)={[0x400000000000009]}, 0x8) r5 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ppoll(&(0x7f0000000340)=[{r5, 0x122}], 0x1, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_script(r7, &(0x7f0000002880), 0x4) splice(r6, 0x0, 0xffffffffffffffff, 0x0, 0x4, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc044560f, &(0x7f00000001c0)=@mmap={0x0, 0x2, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "2063569a"}, 0x401}) 417.507319ms ago: executing program 3 (id=135): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x1) (fail_nth: 36) 350.205764ms ago: executing program 3 (id=136): r0 = socket$nl_rdma(0x10, 0x3, 0x14) syz_emit_ethernet(0x405, &(0x7f00000003c0)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x41}, @void, {@ipv6={0x86dd, @icmpv6={0xf, 0x6, "bea028", 0x3cf, 0x3a, 0xff, @local, @empty, {[@fragment={0x0, 0x0, 0x1, 0x1, 0x0, 0x18, 0x64}, @hopopts={0x1, 0x0, '\x00', [@ra={0x5, 0x2, 0x9}]}, @hopopts={0x16, 0x2, '\x00', [@enc_lim={0x4, 0x1, 0x2}, @hao={0xc9, 0x10, @dev={0xfe, 0x80, '\x00', 0xd}}]}, @dstopts, @fragment={0x88, 0x0, 0x0, 0x0, 0x0, 0x0, 0x67}, @fragment={0x33, 0x0, 0x5, 0x1, 0x0, 0xd, 0x65}, @routing={0x33, 0x4, 0x1, 0xf8, 0x0, [@empty, @private2]}], @ndisc_ra={0x86, 0x0, 0x0, 0x1, 0xb, 0x3, 0x3, 0xffffffff, [{0x27}, {0x0, 0x6, "7328271112e4b724d3dfbf2746fb1f1a257a4148fa0510c217c58b9b8452c79b4fadc809e3bef2b1058a3c5e147e7db538c2d7"}, {0x5, 0x14, "b708b0f9a05590aad6b015df3b8755148c695e187371724a4bcb2917949f81d051544095dae478748b5e02b593921d6f7716093589f57ed1ed557dc1dc926104a4e1d47e472af3707beec38b94973ecd7f715879ce6ef269c657924b8a922c65fe60c43e307fd438f99a0393c92aca23534756dc9c3d86ac504273eea13e783d7431cd4793d7799884444adb9e7aba6643e4991cfbac1b08e1f495f8c9d7c22cd2"}, {0xe}, {0x3, 0x1e, "193b65234c24d5cc6dde7aceef3027d673c3ccd647fb5e45d0a182021898b1d8f4bc7920ac41dd7720009fb228fd0132b731e8af3bd29bda8164677a64d051fec009af99824bb2904208f64c5ce07070a0a7e2dd6a30e6c86c89ad08e31e0d4faa8b406cc24f1d7b224683e01bb5283197ca43aaab34943c64a08ef03aae181c347dfbada2ded64940a3f60a3d6ab8632d72df4a3b192991788cc36938fd59bc5b0f05ac6ab7f13529f35758bbef08e3a7779f77e853ac339a41a46d9f1d456a5b3a5996707689d1a1b984453909431eb4548b844e51beadeaadced947c86c23ac947b74cc83533e1937f165a431978a4ccb"}, {0x4, 0x10, "145b82bc2886f2696e256ce59a872357e653988da737d0db5c7754d894be6e219897f50e6d7001792bb458a6babf70eaa3d2571595350829eefdf103162b12cbcc9dc27b458902a6138caf2fd92f4317c844effc12a39ed07019827d0874b578e8d55380de89466fd064e6135c3e69df62701d7733ae4260970067dca949fb6dbd"}, {0x18, 0x1e, "9c636512d78124cd1880af7b2c6bf4155c00cd99f759bde6b83dd59cbfe2ff968a88e6bdd919efa6ca22aa0d178e2b2ad86220f17b934a2bed49860045c63fecbc97a020d1db0a6c140381d4bdd8cf3b2c7f231b820de9f0a1651361f3c2a04b8be2fcabe6f0154eac9540269cff8939c9049aad16f3c9763ecbbb9de08eb82a4357f004ee9b620295ffcc793cdc0f0383561acbaffb4201cbc947d47dfce62cfd1fe5a78b72c768d3f56ccefc63cb92fa704db940aa4b109ff74a83d7a795457521634319f4d4683165d2214fccf7ef771958d0a7a85b6580d01a64d2b86095b70cd53ccea1dd41235662a343b00560b932"}]}}}}}}, 0x0) (async) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003780)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83c6e613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038d0100a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b17680100969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06de269e97fbb0776bf56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105cfdf8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f01000080000000004febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60133641a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2e9a20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1015ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846899c6b23c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33694f40000000000005d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b95bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca86f750189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc681b6c9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8504611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c01446234437b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c64cd14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e87973d574ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c314"], &(0x7f0000000380)='GPL\x00', 0xfffffffb, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0x3}, 0x8, 0x10, &(0x7f0000000000)={0x0, 0x0, 0x2}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r1}, 0x10) (async) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32) r3 = socket$nl_generic(0x10, 0x3, 0x10) (rerun: 32) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_JOIN_MESH(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="052000000000026e935996000000080003", @ANYRES32, @ANYBLOB="0c00238008"], 0x28}}, 0x40) r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000880)={0x1, 0x58, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) bind$can_j1939(r0, &(0x7f00000008c0)={0x1d, r6, 0x1, {0x1, 0xff, 0x3}, 0x1}, 0x18) (async) ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000180)={'wpan1\x00', 0x0}) r8 = socket$inet6_udplite(0xa, 0x2, 0x88) (async, rerun: 64) bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000200)=@bloom_filter={0x1e, 0x9, 0x9, 0x9, 0x20000, 0x1, 0x5ab00000, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x2, 0x1, 0xa, @void, @value, @void, @value}, 0x50) (async, rerun: 64) r9 = getpid() r10 = syz_open_procfs$namespace(r9, &(0x7f0000000980)='ns/ipc\x00') (async) r11 = ioctl$TUNGETDEVNETNS(0xffffffffffffffff, 0x54e3, 0x0) sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r2, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000940)={&(0x7f00000009c0)={0x58, r5, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_NETNS_FD={0x8, 0x1d, r10}, @NL802154_ATTR_NETNS_FD={0x8, 0x1d, r11}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x3}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r7}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r7}, @NL802154_ATTR_PID={0x8, 0x1c, r9}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}]}, 0x58}, 0x1, 0x0, 0x0, 0x4050}, 0x8004) (async) ioctl$sock_inet_SIOCSIFADDR(r8, 0x8916, &(0x7f0000000140)={'veth0_vlan\x00', {0x2, 0x4e23, @rand_addr=0x64010102}}) (async) sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x24, 0x140f, 0x1, 0x70bd27, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_CHARDEV_TYPE={0xb, 0x45, 'uverbs\x00'}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000) (async) r12 = syz_io_uring_setup(0x52e5, &(0x7f0000000000)={0x0, 0x9d84, 0x20, 0x1, 0x35}, &(0x7f0000000080), &(0x7f00000000c0)) io_uring_register$IORING_REGISTER_BUFFERS(r12, 0x0, &(0x7f0000000340)=[{&(0x7f0000000100)=""/28, 0x1c}, {&(0x7f0000000280)=""/138, 0x8a}, {&(0x7f00000003c0)=""/210, 0xd2}, {&(0x7f0000000140)=""/99, 0x63}, {&(0x7f0000000200)=""/19, 0x13}], 0x5) (async) socket$inet6_mptcp(0xa, 0x1, 0x106) r13 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r13, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r13, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a50000000060a0b040000000000000000020000002400048020000180080001006f736600140002800800034013000001080001400000000f0900010073797a30000000000900020073797a32"], 0x78}}, 0x0) 349.971906ms ago: executing program 3 (id=137): mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0) execve(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f00000002c0)={[&(0x7f0000000200)=' '], 0xf50f}) 349.773273ms ago: executing program 3 (id=138): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340)={0x3, &(0x7f0000000000)=[{0x2, 0x9, 0x6c, 0x10}, {0x7, 0x10, 0x1, 0xbe}, {0x8, 0x40, 0x71, 0x8}]}) socket$unix(0x1, 0x5, 0x0) r0 = socket(0x15, 0x2, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x2000, 0x0, @remote}}}, 0x104) r1 = socket(0x80000000000000a, 0x2, 0x0) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @sliced={0x0, [0x2, 0x0, 0x0, 0x7ff, 0x1951, 0x51d5, 0x7ff, 0x60f4, 0x100, 0x7, 0x8, 0x404, 0x1006, 0x8, 0xfffa, 0x0, 0x1, 0x9, 0x4, 0x71, 0x6, 0x1, 0x7, 0x7fff, 0xfffa, 0x5, 0x5, 0x8000, 0x40, 0xfd7d, 0x80, 0x3b, 0x401, 0xe, 0x7, 0xa, 0xfb, 0x5, 0x7, 0x0, 0x1, 0x9, 0x6, 0x7, 0x10, 0x0, 0x2, 0x5], 0x80000000}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, 0x0, 0x0) bpf$MAP_CREATE(0xb00000000000000, &(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000400000000000000000000000000000000000000000000002745f6a51097afb53e9b4efebcff7decd1"], 0x48) mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x1000007, 0x2172, 0xffffffffffffffff, 0x0) r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r3, 0xaf01, 0x0) r4 = eventfd(0x4) ioctl$VHOST_SET_VRING_BASE(r3, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f}) ioctl$VHOST_SET_LOG_FD(r3, 0x4004af07, &(0x7f0000000240)=r4) ioctl$VHOST_SET_VRING_KICK(r3, 0x4008af20, &(0x7f0000000040)={0x1, r4}) r5 = userfaultfd(0x80800) ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f0000000380)) ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f00000002c0)={0x0, 0x1, 0x0, &(0x7f0000000600)=""/42, 0x0, 0xffff1000}) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/236, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/66}) ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]}) ioctl$VHOST_SET_VRING_CALL(r3, 0x4008af21, &(0x7f0000000300)={0x1, r4}) munmap(&(0x7f0000004000/0x2000)=nil, 0x2000) syz_clone(0x21a91411, 0x0, 0x0, 0x0, 0x0, 0x0) setsockopt$inet6_group_source_req(r1, 0x29, 0x2a, &(0x7f0000000080)={0x20, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108) 160.294384ms ago: executing program 3 (id=139): socket$inet_udplite(0x2, 0x2, 0x88) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) r1 = openat$null(0xffffffffffffff9c, 0x0, 0x14d00, 0x0) read$FUSE(r1, 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r2 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$mptcp(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_GET_LIMITS(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB="3161faffc60f24b471dd190164fa3a13f7d52d89b8ec09f5035872a1398b2a8ac4904ca2330633bd81bd2af260f7220d651d95167522f2e3ec8e9bcec6ec49708809dde4ab54c5bb62b8f1239331bbc1a9adc9645080763dc5e4383fb3bbc0b48979669792e7203cb8b42639f810e64bee5f47cc3d1d499bbb9056ead17338715413f7129f3283c3be224582cb2391229808cc10ce724459ccd0192b148431bdf82e7cd5dd3998409f8b90555253169a63cc6664ab43a009698548c26162abd57a8f582c1b5782a69d49c03c3169586ceae98d136def5ae084530b", @ANYRES16=r4, @ANYBLOB="0100000000000000000006000000"], 0x14}}, 0x0) ioctl$EVIOCSMASK(r2, 0x40104593, &(0x7f0000000000)={0x0, 0x0, 0x0}) madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x3) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) read$FUSE(r5, &(0x7f0000001340)={0x2020}, 0x2020) syz_io_uring_setup(0x7531, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x0, 0x29b}, &(0x7f0000000340), 0x0) syz_io_uring_setup(0x5c2, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5}, &(0x7f0000000300)=0x0, &(0x7f0000000380)) ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioprio_set$pid(0x2, 0x0, 0x0) gettid() listen(0xffffffffffffffff, 0x0) accept4$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r8 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_pts(r8, 0x0) r9 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/partitions\x00', 0x0, 0x0) r10 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0) sendfile(r10, r9, &(0x7f0000002080)=0x64, 0x23b) syz_io_uring_submit(r7, 0x0, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x4}) 0s ago: executing program 1 (id=140): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r1 = syz_open_dev$dri(&(0x7f00000005c0), 0x2, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f0000000080)={0x0, 0x0, 0x100000, 0x0, 0xffffffffffffffff}) close_range(r1, r1, 0x0) r3 = syz_io_uring_setup(0x239, &(0x7f0000000300)={0x0, 0x200000, 0x10100}, &(0x7f0000000180)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r3, 0x2def, 0x4000, 0x0, 0x0, 0x0) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000850000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='signal_generate\x00', r6}, 0x10) syz_open_procfs$namespace(0x0, 0xfffffffffffffffe) syz_usb_connect(0x0, 0xab2, &(0x7f0000000600)={{0x12, 0x1, 0x310, 0xb5, 0x72, 0x17, 0x10, 0x424, 0xcf19, 0xb524, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xaa0, 0x3, 0x8, 0x7, 0x60, 0x1, [{{0x9, 0x4, 0xc3, 0x14, 0xe, 0x39, 0xe6, 0x9b, 0x4, [@hid_hid={0x9, 0x21, 0x800, 0x2, 0x1, {0x22, 0xe55}}, @generic={0x44, 0x1, "ad039b76a6cd81cd7e5ef6c81f48ac69456832b12f98a29a8bd5e3c545e414c0877a6b91e661013421e6b195ffead448250c1a80ffd884735f347e8969c158ad96fd"}], [{{0x9, 0x5, 0x9, 0x4, 0x20, 0xff, 0x10, 0x0, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0x1, 0xfe01}]}}, {{0x9, 0x5, 0x7, 0x8, 0x10, 0x23, 0x2c, 0x7, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0x3, 0x2}, @generic={0x2a, 0x21, "a8bcbf0a85ce748f6c7d42962de25a8f33ba106c9811838f81f6b12ec0575a70e6334c62f7e386fd"}]}}, {{0x9, 0x5, 0x8, 0x0, 0x40, 0x3, 0x9, 0x5, [@generic={0x4c, 0x21, "1dfab8174a3bdf8a7a0dfe45d7ca5a850e025a815a7f9f820076f30a83d8297bcf50b6a2b0f2a5af3dbb9f23ba0428e75b41ae7f81c1a9a8e24792e41977d4edc9f74753cfaa1c797e31"}]}}, {{0x9, 0x5, 0x9, 0x0, 0x3ff, 0x3, 0x9, 0x4}}, {{0x9, 0x5, 0x0, 0x17, 0x60, 0xb, 0xb, 0xfe}}, {{0x9, 0x5, 0xa, 0x0, 0x40, 0x7f, 0xef, 0x9, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x8, 0x2}, @uac_iso={0x7, 0x25, 0x1, 0x80, 0xac, 0x3}]}}, {{0x9, 0x5, 0x80, 0x0, 0x10, 0xa4, 0x0, 0x8, [@uac_iso={0x7, 0x25, 0x1, 0x83, 0x0, 0x7f}]}}, {{0x9, 0x5, 0xc, 0xc, 0x79f, 0x5, 0xff, 0x68}}, {{0x9, 0x5, 0x0, 0x0, 0x400, 0x6, 0x9, 0x3, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x7, 0x401}, @generic={0xa0, 0x9, "616461a1b91b70d874cf08bcd94706f47cf2a6fcdc4caf528cf421ea434ee81272514259c458cc5274819b2f89e9e0d0b6c6131d973e9a2ad3391c37d35d7c66826fc70d487cab09a577e531ff69ea32a3c7e2f5aa4337358362d075b815195ab9d091d8967d8e25747459838afd497b30c0630a68da8dc570c1ec1a775374af68a882e9bbfa380398ffe67b478819838f5e01c91ece547fa0dc0d8338b0"}]}}, {{0x9, 0x5, 0x5, 0x10, 0x200, 0x8b, 0xf8, 0x1, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0xd, 0x69}]}}, {{0x9, 0x5, 0x0, 0x10, 0x10, 0x1, 0x5, 0xc, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0x7, 0x2}]}}, {{0x9, 0x5, 0xd, 0x1, 0x10, 0x7f, 0x3a, 0x8, [@generic={0x6b, 0x2, "63c180e83350e6ad37c02f3a050342ead9ae8c401760193d508ac703947dd789bbe40d4bc839549a5714d6fa128accbad8bf67536fdf4b810ffe7a555ab2b0c3de20e590f2458128fe509ed0b648739c93450aa1c510a3ea3c2709b1fc924cde7ebeae76c5629f2d5a"}]}}, {{0x9, 0x5, 0x80, 0xc, 0x400, 0xf5, 0x6, 0x8, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x1, 0x769}, @generic={0x33, 0x0, "5b7baaf184ed8c442cc705eb2f7ac37622830f76f91ed55ebeeae4153536ea9344a91decee529b6a5c90158a9be7a3cfcf"}]}}, {{0x9, 0x5, 0x4, 0x10, 0x20, 0x3, 0x8, 0xcf}}]}}, {{0x9, 0x4, 0xcd, 0x2, 0x8, 0x3f, 0x1a, 0x33, 0x17, [@uac_control={{0xa, 0x24, 0x1, 0x2, 0x7}, [@input_terminal={0xc, 0x24, 0x2, 0x6, 0x201, 0x3, 0x1, 0x8f, 0x7f, 0xff}]}], [{{0x9, 0x5, 0xd, 0x13, 0x40, 0xfd, 0x5, 0x81}}, {{0x9, 0x5, 0x0, 0x8, 0x8, 0xf8, 0x94, 0x2, [@generic={0x81, 0x30, "79750003090b17cf9ff4466bab59ca8bbdbc0d07c53239830302a2663b0e6860d2aeadf7d86d57b108d5b34641f71b481b4536a52987858b2ba80e8d05b20a2178eca1ddcb78bfb16c4222940c2c468356b72fd73da80ca4dc6377ec4c7bc0612b0c141316f5d4ecc770564dfecba755805006f82ab48be8bfdcf9cf8a7ef5"}, @generic={0x6e, 0x21, "d8ec2ee0675137ac54965284d66bd858b4ae7822711f52c0a9440d247958d90c9ef967d30b3437ad1e6459f8b861790761ecd8455586a5f68b19b4642211e6454059ccad6191778e7aaf91c6ce12b5f763e8b900b593af66a8c8e2d606b006a816953c51ac12b52d2080167d"}]}}, {{0x9, 0x5, 0x8, 0x0, 0x40, 0x1, 0xf, 0xa}}, {{0x9, 0x5, 0xc, 0x10, 0x200, 0xff, 0x8, 0x9, [@generic={0x6b, 0x4, "e65472f5b7bc7ee7499ff3f09aba954f6f72cea49a4a8a7838be777237473d40c2d421a5c7582afae0ee3b9c4c528bbb45550a24ebea64a74856bcfa07108f28ba3d9fff9e6403d02a418ae5b7f9b7b0c5c7294a4df518379dab1c56dbb6b0c2d144169d3bcaf1fdb4"}, @generic={0x83, 0x6, "03bd59c32190f39c8cde2b8ecf808855015c151d47d92ae0990792a439d518f63a9d98b1a232af9956e9d590e397d715fe9ead552d0334c0874b42e96b975db3e15b543c61d91ff164322cea608f413c116054251bd10f023d87bdadd8c9e53acce6dfb7f6174648dc90eacbc8f3c259d3f838fa4d7876d0c9435084a8e1667375"}]}}, {{0x9, 0x5, 0xb, 0x8, 0x200, 0xf, 0x10, 0x3, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x0, 0x3ff}, @uac_iso={0x7, 0x25, 0x1, 0x82, 0x4f}]}}, {{0x9, 0x5, 0xc, 0x1, 0x40, 0xd, 0x5, 0x8}}, {{0x9, 0x5, 0x9, 0x2, 0x8, 0x3, 0x2, 0x7, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0xd, 0x7f}]}}, {{0x9, 0x5, 0x4, 0x3, 0x3ff, 0x0, 0x5}}]}}, {{0x9, 0x4, 0x23, 0x0, 0x10, 0xff, 0x4, 0x6b, 0x9, [@uac_control={{0xa, 0x24, 0x1, 0x8, 0x7}}], [{{0x9, 0x5, 0xb, 0x0, 0x10, 0xc4, 0x5f, 0x9, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x7f, 0x6}, @generic={0x30, 0x23, "48e8919a6628084a0151e6638658178caad07e774aa038be2b52c4c22403d59b0d3937263a236a958492d76fb7cc"}]}}, {{0x9, 0x5, 0xc, 0x1, 0x10, 0x6, 0x7, 0x9, [@generic={0xaa, 0xc, "56c7f623461c6deb044f79fe2a40b8933cb6ffb94df5365399cec9e9fbc006cc009193d18ef86726dfe7a5c250ecaedb53cce5c8060b189b0eba01966928c96cc166656dc7d53b247ecc95f3c3a9aae48fa3512f7ea29e8cc143f26bbbbf7bb5d43ebe793b101210a69dcd12ee2836f9792ca10ace1a8ca04aa677942bbff96750e3de133d7ec3cfa4d9427323954bdcba11aef8715d63dfdb6e60c40f4d433a9a28baddc728052e"}]}}, {{0x9, 0x5, 0x1, 0x10, 0x8, 0x81, 0x63, 0x7, [@generic={0x2e, 0xe, "8502ec3911bb88aaf55edafc61c6ffabc18374d71e71f32103218c9cd9204c47b7416e86209178e9cf2c7c9c"}]}}, {{0x9, 0x5, 0x9, 0x5, 0x10, 0xb, 0x1, 0x1, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0x3, 0x8}]}}, {{0x9, 0x5, 0x9, 0x0, 0x20, 0x3b, 0x15, 0x6, [@generic={0xdd, 0x3, "fedf6287e09121d422ecfb63fdf47e51ae15be840d0a4bc2d7cd2abed934fd11461765817eaa764889823ec31c6c11065a11fe4cc1f3d4031045f4a48768a090627698e81c41e1f117f695c673abf151f7991ad7a7049f3988cb6ad1334c3a80a2e3b66b5f70c57b7ed609e8298e9bb50ee3c1636020635384ad7c637fefc56b7c6f912b51c1b64184c5bf8b45302703ce41f7a25a2669819dac86923879480046add9649c68838b3abee84c9146904bdd5a95a178a7ae1065c2112762631f22c7e98a7ac0acb70b7bb31117b2099a5c55eb6fa0755acf91345b5e"}]}}, {{0x9, 0x5, 0xe, 0x0, 0x20, 0x7, 0xfb, 0xb, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0xd, 0x2}]}}, {{0x9, 0x5, 0x4, 0x0, 0x200, 0x2, 0x8, 0x7}}, {{0x9, 0x5, 0xf, 0x4, 0x3ff, 0x3, 0x6, 0x4, [@generic={0x68, 0xf, "1a996f5bf804803f0ff1c67691b4f45c082d82b4a3b5cf8214cb986acf9a840c0ad8b48e127d15cc475d0203e93f3f36049335d9d7d0a1799cf42998603220d311baeb78cee1e721baf35610294bdbe256468b17ccb917b030c9049fb398f7604b353938f12a"}, @uac_iso={0x7, 0x25, 0x1, 0x1, 0x90, 0xa4}]}}, {{0x9, 0x5, 0x5, 0x0, 0x3ff, 0x5a, 0xb, 0xc4, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x2, 0x200}, @uac_iso={0x7, 0x25, 0x1, 0x80, 0x10, 0x1}]}}, {{0x9, 0x5, 0x1, 0x0, 0x10, 0x7, 0x40, 0x7f, [@generic={0xa8, 0x21, "fed547c8257ba7d68657919725d818e8168885b21a33e6665c462822c25a730d030d8ef73572077f750b36e278ebee26d2f37ccee646ffdedcc5d407219d35e7ee657982285c77e5854cd06c9714248d4520327a0ac7d7b0f4734339b21a6df574f8f4dfb63a521cc109edd5a2413ecc7e138375fc5880ae89bde66d8ea6e033125b503037e627a3daf9354f09e57c50706186495520936bbef727d94908afbed777fbd610c7"}]}}, {{0x9, 0x5, 0x9, 0x10, 0x200, 0x4, 0x3, 0x2, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x9, 0x7}, @uac_iso={0x7, 0x25, 0x1, 0x0, 0x9, 0x4}]}}, {{0x9, 0x5, 0x6, 0x8, 0x40, 0x73, 0x7, 0x6}}, {{0x9, 0x5, 0x3, 0x10, 0x10, 0x0, 0x4, 0x2, [@generic={0x73, 0x2, "40d5c5b45d6cee096e0adaacdf24c14d13c778990dbbcd3b9f967546ab43957408ec233ee46629dbed09891b089f86bd2c8a0c5054031498dd0eab8a200fab9001d8fefd39b659562561470ced78c479c20c346c06ade83cbf67d5d064bfbc57b60dd7364eae07810631353d9b3bfc3ad5"}, @generic={0x76, 0xb, "7a5c7cb1cad6c9a5daa5e9d194a61c67da7ee38dd80efa04fb06cf00c2d6b8670efa24234c5dbbf1fc1a5152310201fe51f0ab72c516a6708dc683f79fa9ba2338b454190b12ebffe75c84cbde502b1fcf175c49a37931ff4504a5e556801f9c2e68a7803c5815487b357a3c11c85e787d0ab547"}]}}, {{0x9, 0x5, 0x0, 0x3, 0x40, 0xd0, 0xf0, 0x8}}, {{0x9, 0x5, 0x0, 0x12, 0x3ff, 0xa, 0x9, 0x8, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0x5, 0x9}]}}, {{0x9, 0x5, 0x7, 0x10, 0x3bf, 0x0, 0x1, 0x44, [@generic={0xb9, 0x21, "4d80e50dfb11a35d996fbdf248af7ec3ebde22ffa94c1d61ebed331fc61c4b9e6ef418cff226c68b2968f970fec3e079110a84cf0311f9ee9ffabd7b2ed4c72d5b82acdaae92df53bc86a3a021d428d690e1c612ae896914f8685058be0b153470be8a8d0e8323ed81e1be1c7ca0bb66488ea885fbed8bfe8c2cfb1ace85ddc3e416ebfda5a4fc8115be9bb58de2449901b69bb0acc820b6abcc65692ea0eac6ef3422587b2fbb58a97c52199cd17fd686030abd6814ef"}]}}]}}]}}]}}, &(0x7f0000001200)={0xa, &(0x7f00000010c0)={0xa, 0x6, 0x300, 0x3c, 0x2, 0x2, 0x40, 0xc9}, 0x7a, &(0x7f0000001100)={0x5, 0xf, 0x7a, 0x6, [@ssp_cap={0x1c, 0x10, 0xa, 0x7, 0x4, 0x5, 0xf00, 0xf, [0xff00cf, 0x3f00, 0x3f00, 0xc000]}, @ssp_cap={0x24, 0x10, 0xa, 0xf3, 0x6, 0x7, 0xf, 0x8000, [0xc0, 0xf, 0x1f8f, 0x0, 0x1fb0, 0xc000]}, @ss_container_id={0x14, 0x10, 0x4, 0x0, "b1329b4b3d6d1ae7921df17de78d1d3e"}, @ss_cap={0xa, 0x10, 0x3, 0xe9e399cea911d57a, 0x3, 0x4, 0xe, 0x7e88}, @ss_container_id={0x14, 0x10, 0x4, 0x4d, "a9ed58ef81f7fff2519f72b46bb23da5"}, @ptm_cap={0x3}]}, 0x1, [{0x71, &(0x7f0000001180)=@string={0x71, 0x3, "f763229d52d79d54be490bc6b6dffe000a8435b316b3cc26b9f874d9d72e4e03607e228c86f5fc95ff70d482a54bea040f1764df9f3774e1a23fedab57ccdcdd8cc6be98eb8e2764e15553482c950af5357664d5380c673149ad942286ae5ca563735557548f8cc8d8ed7a574db373"}}]}) io_uring_register$IORING_REGISTER_SYNC_CANCEL(r3, 0x18, &(0x7f0000000100)={0xdad, r0, 0x0, {0x5, 0xd}, 0x8}, 0x1) ioctl$DRM_IOCTL_SET_MASTER(r2, 0x641e) write$uinput_user_dev(r0, &(0x7f0000000080)={'syz0\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0xb]}, 0x45c) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x5) r7 = openat$uinput(0xffffff9c, &(0x7f0000000580), 0x802, 0x0) ioctl$UI_DEV_CREATE(r7, 0x5501) r8 = syz_open_dev$vim2m(&(0x7f0000000280), 0x8, 0x2) ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4008ae90, &(0x7f0000000140)=ANY=[@ANYBLOB="0100"]) r9 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000000)={r9, r9, r9}, &(0x7f00000000c0)=""/92, 0x5c, &(0x7f0000000540)={&(0x7f0000000500)={'xxhash64\x00'}}) r10 = socket$pppl2tp(0x18, 0x1, 0x1) ioctl$sock_SIOCETHTOOL(r10, 0x8946, &(0x7f0000000240)={'veth0_vlan\x00', &(0x7f00000001c0)=@ethtool_gfeatures={0x3a, 0x1, [{}]}}) ioctl$vim2m_VIDIOC_TRY_FMT(r8, 0xc0d05640, &(0x7f0000000040)={0x3, @sdr={0x584e4f53, 0x10}}) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:9042' (ED25519) to the list of known hosts. [ 34.769015][ T5938] cgroup: Unknown subsys name 'net' [ 34.907735][ T5938] cgroup: Unknown subsys name 'cpuset' [ 34.910584][ T5938] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 35.671925][ T5938] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 37.494699][ T5978] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 37.497130][ T5978] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 37.499484][ T5978] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 37.502182][ T5978] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 37.504250][ T5978] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 37.504417][ T5979] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 37.506593][ T5978] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 37.509279][ T5981] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 37.510378][ T5978] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 37.512484][ T5981] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 37.513802][ T5978] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 37.515879][ T5981] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 37.517633][ T5978] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 37.519141][ T5980] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 37.519158][ T5981] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 37.523064][ T5982] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 37.526527][ T5978] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 37.527592][ T5982] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 37.529624][ T5980] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 37.532265][ T5980] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 37.534132][ T5980] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 37.534215][ T5978] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 37.538270][ T5978] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 37.540293][ T5980] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 37.673302][ T5967] chnl_net:caif_netlink_parms(): no params data found [ 37.706208][ T5975] chnl_net:caif_netlink_parms(): no params data found [ 37.710827][ T5966] chnl_net:caif_netlink_parms(): no params data found [ 37.723224][ T5968] chnl_net:caif_netlink_parms(): no params data found [ 37.783493][ T5967] bridge0: port 1(bridge_slave_0) entered blocking state [ 37.785575][ T5967] bridge0: port 1(bridge_slave_0) entered disabled state [ 37.787585][ T5967] bridge_slave_0: entered allmulticast mode [ 37.789623][ T5967] bridge_slave_0: entered promiscuous mode [ 37.822111][ T5967] bridge0: port 2(bridge_slave_1) entered blocking state [ 37.824059][ T5967] bridge0: port 2(bridge_slave_1) entered disabled state [ 37.826186][ T5967] bridge_slave_1: entered allmulticast mode [ 37.828189][ T5967] bridge_slave_1: entered promiscuous mode [ 37.853198][ T5966] bridge0: port 1(bridge_slave_0) entered blocking state [ 37.855183][ T5966] bridge0: port 1(bridge_slave_0) entered disabled state [ 37.857115][ T5966] bridge_slave_0: entered allmulticast mode [ 37.859259][ T5966] bridge_slave_0: entered promiscuous mode [ 37.861817][ T5975] bridge0: port 1(bridge_slave_0) entered blocking state [ 37.863692][ T5975] bridge0: port 1(bridge_slave_0) entered disabled state [ 37.865834][ T5975] bridge_slave_0: entered allmulticast mode [ 37.867818][ T5975] bridge_slave_0: entered promiscuous mode [ 37.884509][ T5968] bridge0: port 1(bridge_slave_0) entered blocking state [ 37.888103][ T5968] bridge0: port 1(bridge_slave_0) entered disabled state [ 37.889991][ T5968] bridge_slave_0: entered allmulticast mode [ 37.892005][ T5968] bridge_slave_0: entered promiscuous mode [ 37.894376][ T5968] bridge0: port 2(bridge_slave_1) entered blocking state [ 37.896491][ T5968] bridge0: port 2(bridge_slave_1) entered disabled state [ 37.898378][ T5968] bridge_slave_1: entered allmulticast mode [ 37.900358][ T5968] bridge_slave_1: entered promiscuous mode [ 37.902325][ T5966] bridge0: port 2(bridge_slave_1) entered blocking state [ 37.904197][ T5966] bridge0: port 2(bridge_slave_1) entered disabled state [ 37.906520][ T5966] bridge_slave_1: entered allmulticast mode [ 37.908534][ T5966] bridge_slave_1: entered promiscuous mode [ 37.910521][ T5975] bridge0: port 2(bridge_slave_1) entered blocking state [ 37.912407][ T5975] bridge0: port 2(bridge_slave_1) entered disabled state [ 37.914259][ T5975] bridge_slave_1: entered allmulticast mode [ 37.917681][ T5975] bridge_slave_1: entered promiscuous mode [ 37.920632][ T5967] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 37.954944][ T5967] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 37.973028][ T5968] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 37.984949][ T5975] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 37.999785][ T5967] team0: Port device team_slave_0 added [ 38.002755][ T5968] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 38.006973][ T5966] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 38.010118][ T5975] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 38.013769][ T5967] team0: Port device team_slave_1 added [ 38.026307][ T5966] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 38.076382][ T5975] team0: Port device team_slave_0 added [ 38.086998][ T5967] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 38.088851][ T5967] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.095702][ T5967] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 38.100582][ T5968] team0: Port device team_slave_0 added [ 38.103354][ T5966] team0: Port device team_slave_0 added [ 38.108513][ T5966] team0: Port device team_slave_1 added [ 38.111403][ T5975] team0: Port device team_slave_1 added [ 38.113238][ T5967] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 38.115046][ T5967] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.121971][ T5967] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 38.125927][ T5968] team0: Port device team_slave_1 added [ 38.167315][ T5966] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 38.169287][ T5966] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.176061][ T5966] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 38.179583][ T5966] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 38.181422][ T5966] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.189280][ T5966] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 38.193291][ T5975] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 38.195165][ T5975] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.201710][ T5975] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 38.212245][ T5968] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 38.214066][ T5968] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.221499][ T5968] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 38.227512][ T5975] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 38.229332][ T5975] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.235911][ T5975] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 38.246160][ T5968] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 38.248021][ T5968] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.254482][ T5968] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 38.271368][ T5967] hsr_slave_0: entered promiscuous mode [ 38.273167][ T5967] hsr_slave_1: entered promiscuous mode [ 38.306420][ T5968] hsr_slave_0: entered promiscuous mode [ 38.308231][ T5968] hsr_slave_1: entered promiscuous mode [ 38.309904][ T5968] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 38.311888][ T5968] Cannot create hsr debugfs directory [ 38.331318][ T5975] hsr_slave_0: entered promiscuous mode [ 38.333149][ T5975] hsr_slave_1: entered promiscuous mode [ 38.334883][ T5975] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 38.337189][ T5975] Cannot create hsr debugfs directory [ 38.346885][ T5966] hsr_slave_0: entered promiscuous mode [ 38.348729][ T5966] hsr_slave_1: entered promiscuous mode [ 38.350445][ T5966] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 38.352358][ T5966] Cannot create hsr debugfs directory [ 38.513384][ T5967] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 38.519358][ T5967] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 38.522623][ T5967] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 38.529255][ T5967] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 38.540865][ T5975] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 38.543646][ T5975] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 38.548552][ T5975] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 38.554740][ T5975] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 38.562822][ T5967] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.564753][ T5967] bridge0: port 2(bridge_slave_1) entered forwarding state [ 38.566906][ T5967] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.568751][ T5967] bridge0: port 1(bridge_slave_0) entered forwarding state [ 38.580645][ T5975] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.582509][ T5975] bridge0: port 2(bridge_slave_1) entered forwarding state [ 38.584446][ T5975] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.586337][ T5975] bridge0: port 1(bridge_slave_0) entered forwarding state [ 38.593441][ T5968] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 38.597516][ T5968] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 38.608292][ T5968] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 38.611189][ T5968] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 38.624741][ T5966] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 38.628889][ T5966] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 38.632942][ T5966] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 38.635742][ T5966] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 38.659556][ T5968] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.661470][ T5968] bridge0: port 2(bridge_slave_1) entered forwarding state [ 38.663387][ T5968] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.665597][ T5968] bridge0: port 1(bridge_slave_0) entered forwarding state [ 38.669190][ T5967] 8021q: adding VLAN 0 to HW filter on device bond0 [ 38.675519][ T5975] 8021q: adding VLAN 0 to HW filter on device bond0 [ 38.677608][ T5966] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.679410][ T5966] bridge0: port 2(bridge_slave_1) entered forwarding state [ 38.681335][ T5966] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.683096][ T5966] bridge0: port 1(bridge_slave_0) entered forwarding state [ 38.689269][ T42] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.691873][ T42] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.694431][ T42] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.698456][ T42] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.700798][ T42] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.702938][ T42] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.705310][ T42] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.707749][ T42] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.732554][ T5975] 8021q: adding VLAN 0 to HW filter on device team0 [ 38.735725][ T5967] 8021q: adding VLAN 0 to HW filter on device team0 [ 38.748929][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.750930][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 38.753463][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.755375][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 38.766263][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.768089][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 38.773486][ T42] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.775407][ T42] bridge0: port 2(bridge_slave_1) entered forwarding state [ 38.784270][ T5968] 8021q: adding VLAN 0 to HW filter on device bond0 [ 38.802137][ T5968] 8021q: adding VLAN 0 to HW filter on device team0 [ 38.809097][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.810975][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 38.818057][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.819932][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 38.832629][ T5966] 8021q: adding VLAN 0 to HW filter on device bond0 [ 38.849896][ T5966] 8021q: adding VLAN 0 to HW filter on device team0 [ 38.853539][ T42] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.855433][ T42] bridge0: port 1(bridge_slave_0) entered forwarding state [ 38.860413][ T97] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.862288][ T97] bridge0: port 2(bridge_slave_1) entered forwarding state [ 38.881593][ T5967] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 38.914001][ T5967] veth0_vlan: entered promiscuous mode [ 38.918417][ T5968] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 38.923660][ T5967] veth1_vlan: entered promiscuous mode [ 38.931439][ T5975] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 38.947014][ T5967] veth0_macvtap: entered promiscuous mode [ 38.954215][ T5968] veth0_vlan: entered promiscuous mode [ 38.957093][ T5967] veth1_macvtap: entered promiscuous mode [ 38.968819][ T5967] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 38.972102][ T5968] veth1_vlan: entered promiscuous mode [ 38.978026][ T5967] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 38.981245][ T5967] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 38.983622][ T5967] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 38.987220][ T5967] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 38.989504][ T5967] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.004425][ T5975] veth0_vlan: entered promiscuous mode [ 39.010801][ T5966] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 39.019095][ T5968] veth0_macvtap: entered promiscuous mode [ 39.021279][ T5975] veth1_vlan: entered promiscuous mode [ 39.041440][ T5968] veth1_macvtap: entered promiscuous mode [ 39.042700][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 39.045077][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 39.062576][ T1133] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 39.062775][ T5966] veth0_vlan: entered promiscuous mode [ 39.064546][ T1133] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 39.070827][ T5968] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 39.073525][ T5968] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.077707][ T5968] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 39.082372][ T5966] veth1_vlan: entered promiscuous mode [ 39.086784][ T5968] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 39.089289][ T5968] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.092072][ T5968] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 39.093977][ T5975] veth0_macvtap: entered promiscuous mode [ 39.100002][ T5968] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.102104][ T5968] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.104169][ T5968] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.104469][ T5967] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 39.106295][ T5968] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.114891][ T5975] veth1_macvtap: entered promiscuous mode [ 39.132031][ T5966] veth0_macvtap: entered promiscuous mode [ 39.134283][ T5975] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 39.137753][ T5975] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.140074][ T5975] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 39.142547][ T5975] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.146813][ T5975] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 39.154529][ T5966] veth1_macvtap: entered promiscuous mode [ 39.164996][ T5975] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 39.167959][ T5975] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.170465][ T5975] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 39.173128][ T5975] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.176175][ T5975] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 39.182807][ T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 39.184807][ T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 39.185859][ T5975] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.188918][ T5975] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.190991][ T5975] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.193028][ T5975] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.201175][ T5966] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 39.203871][ T5966] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.207226][ T5966] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 39.209841][ T5966] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.212189][ T5966] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 39.214662][ T5966] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.218042][ T5966] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 39.221859][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 39.222111][ T5966] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 39.223792][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 39.226920][ T5966] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.231026][ T5966] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 39.233708][ T5966] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.236599][ T5966] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 39.239093][ T5966] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.242215][ T5966] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 39.254719][ T5966] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.257715][ T5966] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.259879][ T5966] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.262158][ T5966] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.292832][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 39.294826][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 39.308318][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 39.310597][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 39.324190][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 39.326383][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 39.347546][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 39.349869][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 39.438362][ T5980] Bluetooth: unknown link type 8 [ 39.439909][ T5980] Bluetooth: hci3: connection err: -111 [ 39.470148][ T6042] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 39.555827][ T5980] Bluetooth: hci2: command tx timeout [ 39.558600][ T5972] Bluetooth: hci0: command tx timeout [ 39.559029][ T5978] Bluetooth: hci3: command tx timeout [ 39.559042][ T5976] Bluetooth: hci1: command tx timeout [ 39.597432][ T6045] usb usb8: usbfs: process 6045 (syz.3.5) did not claim interface 0 before use [ 40.406310][ T6062] FAULT_INJECTION: forcing a failure. [ 40.406310][ T6062] name failslab, interval 1, probability 0, space 0, times 1 [ 40.410144][ T6062] CPU: 3 UID: 0 PID: 6062 Comm: syz.1.11 Not tainted 6.12.0-syzkaller-10681-g65ae975e97d5 #0 [ 40.412771][ T6062] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 40.415603][ T6062] Call Trace: [ 40.416724][ T6062] [ 40.417622][ T6062] dump_stack_lvl+0x16c/0x1f0 [ 40.418977][ T6062] should_fail_ex+0x497/0x5b0 [ 40.420285][ T6062] ? fs_reclaim_acquire+0xae/0x150 [ 40.421677][ T6062] should_failslab+0xc2/0x120 [ 40.422918][ T6062] __kmalloc_node_noprof+0xd1/0x520 [ 40.424284][ T6062] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 40.425664][ T6062] __kvmalloc_node_noprof+0xad/0x1a0 [ 40.427023][ T6062] alloc_netdev_mqs+0xc9/0x1320 [ 40.428309][ T6062] ? __pfx_ip6gre_tap_setup+0x10/0x10 [ 40.430099][ T6062] rtnl_create_link+0xbed/0xf10 [ 40.431822][ T6062] rtnl_newlink+0x10ba/0x1c10 [ 40.433494][ T6062] ? __pfx_rtnl_newlink+0x10/0x10 [ 40.435191][ T6062] ? __pfx___lock_acquire+0x10/0x10 [ 40.437043][ T6062] ? kmem_cache_free+0x152/0x4c0 [ 40.438390][ T6062] ? aa_get_newest_label+0x376/0x680 [ 40.439821][ T6062] ? find_held_lock+0x2d/0x110 [ 40.441079][ T6062] ? find_held_lock+0x2d/0x110 [ 40.442352][ T6062] ? rtnetlink_rcv_msg+0x93a/0xea0 [ 40.443709][ T6062] ? __pfx_lock_release+0x10/0x10 [ 40.445029][ T6062] ? trace_lock_acquire+0x146/0x1e0 [ 40.446402][ T6062] ? __pfx_rtnl_newlink+0x10/0x10 [ 40.447732][ T6062] rtnetlink_rcv_msg+0x95b/0xea0 [ 40.449034][ T6062] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 40.450477][ T6062] ? __pfx___dev_queue_xmit+0x10/0x10 [ 40.451906][ T6062] netlink_rcv_skb+0x165/0x410 [ 40.453168][ T6062] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 40.454743][ T6062] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 40.456221][ T6062] ? netlink_deliver_tap+0x1ae/0xca0 [ 40.457672][ T6062] netlink_unicast+0x53c/0x7f0 [ 40.459000][ T6062] ? __pfx_netlink_unicast+0x10/0x10 [ 40.460487][ T6062] ? __phys_addr_symbol+0x30/0x80 [ 40.461799][ T6062] ? __check_object_size+0x488/0x710 [ 40.463187][ T6062] netlink_sendmsg+0x8b8/0xd70 [ 40.464590][ T6062] ? __pfx_netlink_sendmsg+0x10/0x10 [ 40.465978][ T6062] ____sys_sendmsg+0x9ae/0xb40 [ 40.467246][ T6062] ? __pfx_____sys_sendmsg+0x10/0x10 [ 40.468634][ T6062] ? get_compat_msghdr+0x11b/0x170 [ 40.469970][ T6062] ___sys_sendmsg+0x135/0x1e0 [ 40.471198][ T6062] ? __pfx____sys_sendmsg+0x10/0x10 [ 40.472568][ T6062] ? __pfx_lock_release+0x10/0x10 [ 40.473933][ T6062] ? trace_lock_acquire+0x146/0x1e0 [ 40.475326][ T6062] ? __fget_files+0x206/0x3a0 [ 40.476566][ T6062] __sys_sendmsg+0x16e/0x220 [ 40.477786][ T6062] ? __pfx___sys_sendmsg+0x10/0x10 [ 40.479120][ T6062] __do_fast_syscall_32+0x73/0x120 [ 40.480467][ T6062] do_fast_syscall_32+0x32/0x80 [ 40.481700][ T6062] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 40.483322][ T6062] RIP: 0023:0xf746e579 [ 40.484383][ T6062] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 40.489237][ T6062] RSP: 002b:00000000f515657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 40.491334][ T6062] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200000c0 [ 40.493337][ T6062] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 40.495353][ T6062] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 40.497434][ T6062] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 40.499482][ T6062] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 40.501545][ T6062] [ 40.639080][ T6071] netlink: 8 bytes leftover after parsing attributes in process `syz.2.14'. [ 40.641487][ T6071] netlink: 20 bytes leftover after parsing attributes in process `syz.2.14'. [ 40.718848][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 40.938254][ T6086] usb usb8: usbfs: process 6086 (syz.1.18) did not claim interface 0 before use [ 41.135344][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 41.371165][ T6095] Zero length message leads to an empty skb [ 41.415368][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 41.538426][ T6101] netlink: 8 bytes leftover after parsing attributes in process `syz.0.22'. [ 41.554696][ T6106] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 41.637118][ T5978] Bluetooth: hci3: command tx timeout [ 41.638708][ T5978] Bluetooth: hci2: command tx timeout [ 41.640118][ T5978] Bluetooth: hci0: command tx timeout [ 41.641538][ T5978] Bluetooth: hci1: command tx timeout [ 41.694399][ T6113] process 'syz.2.25' launched './file0' with NULL argv: empty string added [ 41.699430][ T6113] FAULT_INJECTION: forcing a failure. [ 41.699430][ T6113] name failslab, interval 1, probability 0, space 0, times 0 [ 41.702729][ T6113] CPU: 3 UID: 0 PID: 6113 Comm: syz.2.25 Not tainted 6.12.0-syzkaller-10681-g65ae975e97d5 #0 [ 41.705360][ T6113] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 41.708124][ T6113] Call Trace: [ 41.708999][ T6113] [ 41.709773][ T6113] dump_stack_lvl+0x16c/0x1f0 [ 41.711007][ T6113] should_fail_ex+0x497/0x5b0 [ 41.712243][ T6113] ? fs_reclaim_acquire+0xae/0x150 [ 41.713579][ T6113] should_failslab+0xc2/0x120 [ 41.714808][ T6113] __kmalloc_cache_noprof+0x68/0x420 [ 41.716193][ T6113] tomoyo_dump_page+0x594/0x700 [ 41.717468][ T6113] ? __pfx_tomoyo_dump_page+0x10/0x10 [ 41.718869][ T6113] tomoyo_init_log+0xe09/0x1f60 [ 41.720149][ T6113] ? __pfx_tomoyo_init_log+0x10/0x10 [ 41.721522][ T6113] ? tomoyo_profile+0x47/0x60 [ 41.722760][ T6113] ? tomoyo_profile+0x47/0x60 [ 41.723995][ T6113] ? tomoyo_domain_quota_is_ok+0x301/0x5a0 [ 41.725512][ T6113] tomoyo_supervisor+0x30c/0x1180 [ 41.726834][ T6113] ? __pfx_tomoyo_supervisor+0x10/0x10 [ 41.728259][ T6113] ? find_held_lock+0x2d/0x110 [ 41.729731][ T6113] ? down_read+0xc9/0x330 [ 41.731127][ T6113] ? __pfx___up_read+0x10/0x10 [ 41.732420][ T6113] ? tomoyo_check_acl+0x1f7/0x410 [ 41.733726][ T6113] ? tomoyo_check_acl+0x31c/0x410 [ 41.735030][ T6113] tomoyo_env_perm+0x193/0x210 [ 41.736280][ T6113] ? __pfx_tomoyo_env_perm+0x10/0x10 [ 41.737652][ T6113] tomoyo_find_next_domain+0xe6c/0x2070 [ 41.739085][ T6113] ? __pfx_tomoyo_find_next_domain+0x10/0x10 [ 41.740659][ T6113] ? lock_acquire+0x2f/0xb0 [ 41.741837][ T6113] ? tomoyo_bprm_check_security+0x119/0x1d0 [ 41.743383][ T6113] tomoyo_bprm_check_security+0x12e/0x1d0 [ 41.744865][ T6113] ? tomoyo_bprm_check_security+0x119/0x1d0 [ 41.746400][ T6113] security_bprm_check+0x1b9/0x1e0 [ 41.747735][ T6113] bprm_execve+0x642/0x19b0 [ 41.748923][ T6113] ? __pfx_bprm_execve+0x10/0x10 [ 41.750213][ T6113] ? copy_string_kernel+0x1d4/0x210 [ 41.751579][ T6113] do_execveat_common.isra.0+0x4f1/0x630 [ 41.753038][ T6113] __ia32_compat_sys_execve+0x90/0xc0 [ 41.754434][ T6113] __do_fast_syscall_32+0x73/0x120 [ 41.755775][ T6113] do_fast_syscall_32+0x32/0x80 [ 41.757046][ T6113] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 41.758702][ T6113] RIP: 0023:0xf746e579 [ 41.759779][ T6113] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 41.764740][ T6113] RSP: 002b:00000000f515657c EFLAGS: 00000292 ORIG_RAX: 000000000000000b [ 41.766892][ T6113] RAX: ffffffffffffffda RBX: 0000000020000080 RCX: 0000000000000000 [ 41.768948][ T6113] RDX: 0000000020000640 RSI: 0000000000000000 RDI: 0000000000000000 [ 41.771000][ T6113] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 41.773058][ T6113] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 41.775111][ T6113] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 41.777165][ T6113] [ 41.955539][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 42.300924][ T6139] netlink: 28 bytes leftover after parsing attributes in process `syz.3.34'. [ 42.312081][ T6136] usb usb8: usbfs: process 6136 (syz.2.33) did not claim interface 0 before use [ 42.378421][ T6130] can0: slcan on ptm2. [ 42.420894][ T6151] macvlan0: entered allmulticast mode [ 42.422372][ T6151] veth1_vlan: entered allmulticast mode [ 42.662551][ T6161] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 42.918835][ T6178] pimreg: entered allmulticast mode [ 43.067735][ T6129] can0 (unregistered): slcan off ptm2. [ 43.147114][ T6198] usb usb8: usbfs: process 6198 (syz.1.45) did not claim interface 0 before use [ 43.715261][ T5978] Bluetooth: hci1: command tx timeout [ 43.715290][ T5972] Bluetooth: hci0: command tx timeout [ 43.715408][ T5976] Bluetooth: hci2: command tx timeout [ 43.715447][ T5976] Bluetooth: hci3: command tx timeout [ 43.834152][ T6232] usb usb8: usbfs: process 6232 (syz.1.54) did not claim interface 0 before use [ 43.915281][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 43.926475][ T6240] FAULT_INJECTION: forcing a failure. [ 43.926475][ T6240] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 43.930322][ T6240] CPU: 3 UID: 0 PID: 6240 Comm: syz.1.56 Not tainted 6.12.0-syzkaller-10681-g65ae975e97d5 #0 [ 43.932968][ T6240] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 43.935766][ T6240] Call Trace: [ 43.936644][ T6240] [ 43.937422][ T6240] dump_stack_lvl+0x16c/0x1f0 [ 43.938703][ T6240] should_fail_ex+0x497/0x5b0 [ 43.939960][ T6240] _copy_from_user+0x2e/0xd0 [ 43.941179][ T6240] input_event_from_user+0x22d/0x3b0 [ 43.942577][ T6240] ? __pfx_input_event_from_user+0x10/0x10 [ 43.944101][ T6240] ? input_inject_event+0x193/0x370 [ 43.945458][ T6240] evdev_write+0x377/0x750 [ 43.946631][ T6240] ? __pfx_evdev_write+0x10/0x10 [ 43.947944][ T6240] ? bpf_lsm_file_permission+0x9/0x10 [ 43.949434][ T6240] ? security_file_permission+0x71/0x210 [ 43.950893][ T6240] ? __pfx_evdev_write+0x10/0x10 [ 43.952188][ T6240] vfs_write+0x24c/0x1150 [ 43.953324][ T6240] ? __fget_files+0x1fc/0x3a0 [ 43.954556][ T6240] ? __pfx_lock_release+0x10/0x10 [ 43.956016][ T6240] ? __pfx_vfs_write+0x10/0x10 [ 43.957431][ T6240] ? lock_acquire+0x2f/0xb0 [ 43.958668][ T6240] ? __fget_files+0x40/0x3a0 [ 43.960386][ T6240] ? __fget_files+0x206/0x3a0 [ 43.961925][ T6240] ksys_write+0x207/0x250 [ 43.963096][ T6240] ? __pfx_ksys_write+0x10/0x10 [ 43.964384][ T6240] __do_fast_syscall_32+0x73/0x120 [ 43.965725][ T6240] do_fast_syscall_32+0x32/0x80 [ 43.966998][ T6240] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 43.968655][ T6240] RIP: 0023:0xf746e579 [ 43.969727][ T6240] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 43.974727][ T6240] RSP: 002b:00000000f515657c EFLAGS: 00000292 ORIG_RAX: 0000000000000004 [ 43.976913][ T6240] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000040 [ 43.978962][ T6240] RDX: 00000000000012d8 RSI: 0000000000000000 RDI: 0000000000000000 [ 43.981020][ T6240] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 43.983083][ T6240] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 43.985131][ T6240] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 43.987191][ T6240] [ 43.988057][ C3] vkms_vblank_simulate: vblank timer overrun [ 44.158323][ T6247] fuse: Bad value for 'fd' [ 44.167896][ T6254] FAULT_INJECTION: forcing a failure. [ 44.167896][ T6254] name failslab, interval 1, probability 0, space 0, times 0 [ 44.171269][ T6254] CPU: 0 UID: 0 PID: 6254 Comm: syz.3.62 Not tainted 6.12.0-syzkaller-10681-g65ae975e97d5 #0 [ 44.173870][ T6254] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 44.176632][ T6254] Call Trace: [ 44.177507][ T6254] [ 44.178287][ T6254] dump_stack_lvl+0x116/0x1f0 [ 44.179520][ T6254] should_fail_ex+0x497/0x5b0 [ 44.180755][ T6254] should_failslab+0xc2/0x120 [ 44.182001][ T6254] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 44.183400][ T6254] ? __send_signal_locked+0x159/0x11a0 [ 44.184816][ T6254] ? sig_get_ucounts+0x1c0/0x5b0 [ 44.186106][ T6254] __send_signal_locked+0x159/0x11a0 [ 44.187477][ T6254] ? __lock_task_sighand+0x146/0x340 [ 44.188854][ T6254] group_send_sig_info+0x2aa/0x300 [ 44.190182][ T6254] ? __pfx_group_send_sig_info+0x10/0x10 [ 44.191649][ T6254] bpf_send_signal_common+0x415/0x520 [ 44.193049][ T6254] ? __pfx_bpf_send_signal_common+0x10/0x10 [ 44.194589][ T6254] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 44.196047][ T6254] ? trace_lock_acquire+0x146/0x1e0 [ 44.197403][ T6254] ? bpf_trace_run4+0x1d6/0x5a0 [ 44.198674][ T6254] bpf_send_signal_thread+0x1a/0x30 [ 44.200040][ T6254] bpf_prog_7bb747c56a8bcba8+0x1e/0x26 [ 44.201446][ T6254] bpf_trace_run4+0x245/0x5a0 [ 44.202679][ T6254] ? __pfx_bpf_trace_run4+0x10/0x10 [ 44.204037][ T6254] ? trace_lock_acquire+0x146/0x1e0 [ 44.205389][ T6254] ? get_mm_memcg_path.constprop.0+0x12f/0x3d0 [ 44.206981][ T6254] __mmap_lock_do_trace_acquire_returned.part.0+0x20f/0x2d0 [ 44.208859][ T6254] ? __pfx___mmap_lock_do_trace_acquire_returned.part.0+0x10/0x10 [ 44.210872][ T6254] ? down_read_trylock+0x1ed/0x3f0 [ 44.212206][ T6254] ? lock_mm_and_find_vma+0x35/0x6a0 [ 44.213580][ T6254] ? __pfx_down_read_trylock+0x10/0x10 [ 44.214998][ T6254] __mmap_lock_do_trace_acquire_returned+0x33/0x40 [ 44.216689][ T6254] lock_mm_and_find_vma+0xeb/0x6a0 [ 44.218031][ T6254] do_user_addr_fault+0x2b5/0x13f0 [ 44.219384][ T6254] exc_page_fault+0x5c/0xc0 [ 44.220589][ T6254] asm_exc_page_fault+0x26/0x30 [ 44.221876][ T6254] RIP: 0010:_copy_from_iter+0x37f/0x1400 [ 44.223373][ T6254] Code: 4d 85 f6 0f 85 4e ff ff ff e8 5d 4c 01 fd 4c 8b 74 24 18 44 89 fe 4c 89 f7 e8 8d 08 64 fd 0f 01 cb 4c 89 f9 4c 89 f7 48 89 de a4 0f 1f 00 48 89 cb 0f 01 ca 4d 89 fc 49 29 cc e9 1d ff ff ff [ 44.228360][ T6254] RSP: 0018:ffffc9000650f900 EFLAGS: 00050246 [ 44.229946][ T6254] RAX: 0000000000000001 RBX: 0000000020005198 RCX: 0000000000000198 [ 44.232011][ T6254] RDX: 0000000000000000 RSI: 0000000020006000 RDI: ffff88806976de68 [ 44.234073][ T6254] RBP: ffffc9000650fd70 R08: 0000000000000001 R09: ffffed100d2edbff [ 44.236140][ T6254] R10: ffff88806976dfff R11: 0000000000000000 R12: 0000000020006198 [ 44.238199][ T6254] R13: 00007ffffffff000 R14: ffff88806976d000 R15: 0000000000001000 [ 44.240280][ T6254] ? _copy_from_iter+0x159/0x1400 [ 44.241667][ T6254] ? __pfx__copy_from_iter+0x10/0x10 [ 44.243079][ T6254] ? __pfx__copy_from_iter+0x10/0x10 [ 44.244490][ T6254] ? __virt_addr_valid+0x1a4/0x590 [ 44.245838][ T6254] copy_page_from_iter+0xa5/0x120 [ 44.247160][ T6254] skb_copy_datagram_from_iter+0x29b/0x710 [ 44.248706][ T6254] packet_sendmsg+0x21ac/0x5660 [ 44.249985][ T6254] ? __pfx___lock_acquire+0xa/0x10 [ 44.251317][ T6254] ? __pfx___might_resched+0x10/0x10 [ 44.252695][ T6254] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 44.254285][ T6254] ? __pfx_packet_sendmsg+0x10/0x10 [ 44.255647][ T6254] ? aa_label_merge+0xf86/0x11c0 [ 44.256946][ T6254] __sys_sendto+0x488/0x4f0 [ 44.258142][ T6254] ? __pfx___sys_sendto+0x10/0x10 [ 44.259475][ T6254] ? ksys_write+0x1ba/0x250 [ 44.260670][ T6254] ? __pfx_ksys_write+0x10/0x10 [ 44.261937][ T6254] __ia32_sys_sendto+0xdd/0x1b0 [ 44.263224][ T6254] ? lockdep_hardirqs_on+0x7c/0x110 [ 44.264581][ T6254] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 44.266295][ T6254] __do_fast_syscall_32+0x73/0x120 [ 44.267642][ T6254] do_fast_syscall_32+0x32/0x80 [ 44.268914][ T6254] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 44.270555][ T6254] RIP: 0023:0xf7f60579 [ 44.271631][ T6254] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 44.276556][ T6254] RSP: 002b:00000000f50e657c EFLAGS: 00000292 ORIG_RAX: 0000000000000171 [ 44.278688][ T6254] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000180 [ 44.280725][ T6254] RDX: 000000000001001a RSI: 0000000000000000 RDI: 0000000020000140 [ 44.282759][ T6254] RBP: 0000000000000014 R08: 0000000000000000 R09: 0000000000000000 [ 44.284797][ T6254] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 44.286835][ T6254] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 44.288882][ T6254] [ 44.393524][ T6258] usb usb8: usbfs: process 6258 (syz.3.64) did not claim interface 0 before use [ 44.486062][ T6263] syzkaller0: entered promiscuous mode [ 44.487546][ T6263] syzkaller0: entered allmulticast mode [ 44.849854][ T6267] input: syz0 as /devices/virtual/input/input5 [ 44.855670][ T6269] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 44.904069][ T6267] netlink: 24 bytes leftover after parsing attributes in process `syz.0.66'. [ 45.592200][ T6289] FAULT_INJECTION: forcing a failure. [ 45.592200][ T6289] name failslab, interval 1, probability 0, space 0, times 0 [ 45.595869][ T6289] CPU: 3 UID: 0 PID: 6289 Comm: syz.0.74 Not tainted 6.12.0-syzkaller-10681-g65ae975e97d5 #0 [ 45.598356][ T6289] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 45.601103][ T6289] Call Trace: [ 45.601983][ T6289] [ 45.602756][ T6289] dump_stack_lvl+0x16c/0x1f0 [ 45.603993][ T6289] should_fail_ex+0x497/0x5b0 [ 45.605215][ T6289] ? fs_reclaim_acquire+0xae/0x150 [ 45.606518][ T6289] should_failslab+0xc2/0x120 [ 45.607717][ T6289] __kmalloc_node_track_caller_noprof+0xcf/0x520 [ 45.609211][ T6289] ? __request_module+0x2e4/0x6c0 [ 45.610503][ T6289] kstrdup+0x42/0xb0 [ 45.611502][ T6289] __request_module+0x2e4/0x6c0 [ 45.612750][ T6289] ? bprm_execve+0x876/0x19b0 [ 45.613916][ T6289] ? __pfx___request_module+0x10/0x10 [ 45.615222][ T6289] ? find_held_lock+0x2d/0x110 [ 45.616441][ T6289] ? __pfx_lock_release+0x10/0x10 [ 45.617715][ T6289] ? trace_lock_acquire+0x146/0x1e0 [ 45.619012][ T6289] ? _raw_read_unlock+0x28/0x50 [ 45.620237][ T6289] ? lock_acquire+0x2f/0xb0 [ 45.621389][ T6289] ? bprm_execve+0x81e/0x19b0 [ 45.622534][ T6289] bprm_execve+0x876/0x19b0 [ 45.623721][ T6289] ? __pfx_bprm_execve+0x10/0x10 [ 45.624978][ T6289] ? copy_strings.isra.0+0x3c0/0x450 [ 45.626432][ T6289] do_execveat_common.isra.0+0x4f1/0x630 [ 45.627846][ T6289] __ia32_compat_sys_execve+0x90/0xc0 [ 45.629193][ T6289] __do_fast_syscall_32+0x73/0x120 [ 45.630592][ T6289] do_fast_syscall_32+0x32/0x80 [ 45.631910][ T6289] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 45.633522][ T6289] RIP: 0023:0xf73ee579 [ 45.634529][ T6289] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 45.639068][ T6289] RSP: 002b:00000000f50d657c EFLAGS: 00000292 ORIG_RAX: 000000000000000b [ 45.641142][ T6289] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000020000200 [ 45.643094][ T6289] RDX: 00000000200002c0 RSI: 0000000000000000 RDI: 0000000000000000 [ 45.645082][ T6289] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 45.645375][ T1013] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 45.647084][ T6289] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 45.651556][ T6289] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 45.653631][ T6289] [ 45.654532][ C3] vkms_vblank_simulate: vblank timer overrun [ 45.780272][ T6294] random: crng reseeded on system resumption [ 45.795380][ T1013] usb 8-1: Using ep0 maxpacket: 16 [ 45.796724][ T5972] Bluetooth: hci1: command tx timeout [ 45.799618][ T1013] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 45.802332][ T1013] usb 8-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 45.805437][ T5972] Bluetooth: hci3: command 0x0419 tx timeout [ 45.805576][ T5330] Bluetooth: hci2: command tx timeout [ 45.807324][ T5980] Bluetooth: hci0: command tx timeout [ 45.811478][ T1013] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 45.821691][ T1013] usb 8-1: config 0 descriptor?? [ 45.830819][ T1013] input: bcm5974 as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/input/input6 [ 45.834518][ T6297] warning: `syz.2.77' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 45.838496][ T6297] netlink: 28 bytes leftover after parsing attributes in process `syz.2.77'. [ 45.930054][ T6309] syzkaller1: entered promiscuous mode [ 45.931514][ T6309] syzkaller1: entered allmulticast mode [ 46.862472][ T6335] netlink: 4 bytes leftover after parsing attributes in process `syz.0.89'. [ 46.974750][ T6341] Driver unsupported XDP return value 0 on prog (id 14) dev N/A, expect packet loss! [ 47.055171][ T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!! [ 47.085677][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 47.225193][ T1449] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 47.235350][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 47.387483][ T1449] usb 7-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 0 [ 47.398219][ T1449] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 47.400867][ T1449] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 47.403043][ T1449] usb 7-1: Product: syz [ 47.404261][ T1449] usb 7-1: Manufacturer: syz [ 47.405291][ T0] NOHZ tick-stop error: local softirq work is pending, handler #300!!! [ 47.405829][ T1449] usb 7-1: SerialNumber: syz [ 47.414097][ T6341] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 47.415169][ T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!! [ 47.484926][ T6366] FAULT_INJECTION: forcing a failure. [ 47.484926][ T6366] name failslab, interval 1, probability 0, space 0, times 0 [ 47.488758][ T6366] CPU: 3 UID: 0 PID: 6366 Comm: syz.1.97 Not tainted 6.12.0-syzkaller-10681-g65ae975e97d5 #0 [ 47.491446][ T6366] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 47.494306][ T6366] Call Trace: [ 47.495181][ T6366] [ 47.495965][ T6366] dump_stack_lvl+0x16c/0x1f0 [ 47.497217][ T6366] should_fail_ex+0x497/0x5b0 [ 47.498900][ T6366] ? fs_reclaim_acquire+0xae/0x150 [ 47.500282][ T6366] should_failslab+0xc2/0x120 [ 47.501568][ T6366] __kmalloc_cache_node_noprof+0x6f/0x3f0 [ 47.503070][ T6366] ? mark_lock+0xb5/0xc60 [ 47.504262][ T6366] ? __get_vm_area_node+0x101/0x2f0 [ 47.505665][ T6366] __get_vm_area_node+0x101/0x2f0 [ 47.507078][ T6366] ? __pfx_mark_lock+0x10/0x10 [ 47.508355][ T6366] __vmalloc_node_range_noprof+0x26a/0x1530 [ 47.510014][ T6366] ? bpf_prog_alloc_no_stats+0x54/0x630 [ 47.511483][ T6366] ? mark_lock+0xb5/0xc60 [ 47.512645][ T6366] ? bpf_prog_alloc_no_stats+0x54/0x630 [ 47.514103][ T6366] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 47.515839][ T6366] ? __pfx_aa_get_newest_label+0x10/0x10 [ 47.517325][ T6366] ? __pfx___lock_acquire+0x10/0x10 [ 47.518693][ T6366] ? bpf_prog_alloc_no_stats+0x54/0x630 [ 47.520157][ T6366] __vmalloc_noprof+0x6d/0x90 [ 47.521403][ T6366] ? bpf_prog_alloc_no_stats+0x54/0x630 [ 47.522871][ T6366] bpf_prog_alloc_no_stats+0x54/0x630 [ 47.524292][ T6366] ? security_capable+0x7e/0x260 [ 47.525595][ T6366] bpf_prog_alloc+0x3b/0x230 [ 47.526818][ T6366] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 47.528368][ T6366] bpf_prog_load+0x1758/0x2670 [ 47.529627][ T6366] ? __pfx_bpf_prog_load+0x10/0x10 [ 47.530966][ T6366] ? find_held_lock+0x2d/0x110 [ 47.532262][ T6366] ? __might_fault+0x13b/0x190 [ 47.533600][ T6366] ? __might_fault+0xe3/0x190 [ 47.534839][ T6366] __sys_bpf+0x5677/0x57a0 [ 47.536022][ T6366] ? __pfx_lock_release+0x10/0x10 [ 47.537359][ T6366] ? __pfx___sys_bpf+0x10/0x10 [ 47.538622][ T6366] ? vfs_write+0x306/0x1150 [ 47.539845][ T6366] ? __mutex_unlock_slowpath+0x164/0x690 [ 47.541360][ T6366] ? fput+0x67/0x440 [ 47.542410][ T6366] ? ksys_write+0x1ba/0x250 [ 47.543668][ T6366] ? __pfx_ksys_write+0x10/0x10 [ 47.544948][ T6366] __ia32_sys_bpf+0x76/0xe0 [ 47.546175][ T6366] __do_fast_syscall_32+0x73/0x120 [ 47.547509][ T6366] do_fast_syscall_32+0x32/0x80 [ 47.549192][ T6366] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 47.550826][ T6366] RIP: 0023:0xf746e579 [ 47.551916][ T6366] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 47.556891][ T6366] RSP: 002b:00000000f515657c EFLAGS: 00000292 ORIG_RAX: 0000000000000165 [ 47.559079][ T6366] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000440 [ 47.561182][ T6366] RDX: 0000000000000090 RSI: 0000000000000000 RDI: 0000000000000000 [ 47.563283][ T6366] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 47.565347][ T6366] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 47.567386][ T6366] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 47.569450][ T6366] [ 47.570340][ C3] vkms_vblank_simulate: vblank timer overrun [ 47.572371][ T6366] syz.1.97: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 47.576672][ T6366] CPU: 2 UID: 0 PID: 6366 Comm: syz.1.97 Not tainted 6.12.0-syzkaller-10681-g65ae975e97d5 #0 [ 47.579272][ T6366] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 47.582074][ T6366] Call Trace: [ 47.582983][ T6366] [ 47.583780][ T6366] dump_stack_lvl+0x16c/0x1f0 [ 47.585017][ T6366] warn_alloc+0x24d/0x3a0 [ 47.586191][ T6366] ? __pfx_warn_alloc+0x10/0x10 [ 47.587469][ T6366] ? rcu_is_watching+0x12/0xc0 [ 47.588783][ T6366] ? __kmalloc_cache_node_noprof+0x245/0x3f0 [ 47.590360][ T6366] ? __kasan_kmalloc+0x8a/0xb0 [ 47.591660][ T6366] ? __get_vm_area_node+0x1dc/0x2f0 [ 47.593108][ T6366] __vmalloc_node_range_noprof+0xd27/0x1530 [ 47.594692][ T6366] ? mark_lock+0xb5/0xc60 [ 47.595882][ T6366] ? bpf_prog_alloc_no_stats+0x54/0x630 [ 47.597311][ T6366] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 47.598941][ T6366] ? __pfx_aa_get_newest_label+0x10/0x10 [ 47.600457][ T6366] ? __pfx___lock_acquire+0x10/0x10 [ 47.602192][ T6366] ? bpf_prog_alloc_no_stats+0x54/0x630 [ 47.603648][ T6366] __vmalloc_noprof+0x6d/0x90 [ 47.604872][ T6366] ? bpf_prog_alloc_no_stats+0x54/0x630 [ 47.606345][ T6366] bpf_prog_alloc_no_stats+0x54/0x630 [ 47.607748][ T6366] ? security_capable+0x7e/0x260 [ 47.609033][ T6366] bpf_prog_alloc+0x3b/0x230 [ 47.610236][ T6366] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 47.611806][ T6366] bpf_prog_load+0x1758/0x2670 [ 47.613128][ T6366] ? __pfx_bpf_prog_load+0x10/0x10 [ 47.614424][ T6366] ? find_held_lock+0x2d/0x110 [ 47.615680][ T6366] ? __might_fault+0x13b/0x190 [ 47.616965][ T6366] ? __might_fault+0xe3/0x190 [ 47.618186][ T6366] __sys_bpf+0x5677/0x57a0 [ 47.619338][ T6366] ? __pfx_lock_release+0x10/0x10 [ 47.620655][ T6366] ? __pfx___sys_bpf+0x10/0x10 [ 47.621919][ T6366] ? vfs_write+0x306/0x1150 [ 47.623204][ T6366] ? __mutex_unlock_slowpath+0x164/0x690 [ 47.624665][ T6366] ? fput+0x67/0x440 [ 47.625667][ T6366] ? ksys_write+0x1ba/0x250 [ 47.626821][ T6366] ? __pfx_ksys_write+0x10/0x10 [ 47.628127][ T6366] __ia32_sys_bpf+0x76/0xe0 [ 47.629307][ T6366] __do_fast_syscall_32+0x73/0x120 [ 47.630632][ T6366] do_fast_syscall_32+0x32/0x80 [ 47.631937][ T6366] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 47.633586][ T6366] RIP: 0023:0xf746e579 [ 47.634652][ T6366] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 47.639617][ T6366] RSP: 002b:00000000f515657c EFLAGS: 00000292 ORIG_RAX: 0000000000000165 [ 47.641774][ T6366] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000440 [ 47.641862][ T1449] cdc_ether 7-1:1.0: probe with driver cdc_ether failed with error -22 [ 47.643864][ T6366] RDX: 0000000000000090 RSI: 0000000000000000 RDI: 0000000000000000 [ 47.643874][ T6366] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 47.650171][ T6366] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 47.652230][ T6366] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 47.654704][ T6366] [ 47.656406][ T1449] usb 7-1: USB disconnect, device number 2 [ 47.658718][ T6366] Mem-Info: [ 47.659996][ T6366] active_anon:5778 inactive_anon:479 isolated_anon:0 [ 47.659996][ T6366] active_file:9739 inactive_file:35708 isolated_file:0 [ 47.659996][ T6366] unevictable:1768 dirty:1622 writeback:0 [ 47.659996][ T6366] slab_reclaimable:7448 slab_unreclaimable:53738 [ 47.659996][ T6366] mapped:23699 shmem:2475 pagetables:678 [ 47.659996][ T6366] sec_pagetables:296 bounce:0 [ 47.659996][ T6366] kernel_misc_reclaimable:0 [ 47.659996][ T6366] free:65023 free_pcp:978 free_cma:0 [ 47.671781][ T6366] Node 0 active_anon:4208kB inactive_anon:1916kB active_file:580kB inactive_file:8268kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:4052kB dirty:76kB writeback:0kB shmem:5220kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9648kB pagetables:768kB sec_pagetables:1152kB all_unreclaimable? yes [ 47.680204][ T6366] Node 1 active_anon:18904kB inactive_anon:0kB active_file:38376kB inactive_file:134564kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:90920kB dirty:6412kB writeback:0kB shmem:4680kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:6144kB writeback_tmp:0kB kernel_stack:2284kB pagetables:1944kB sec_pagetables:32kB all_unreclaimable? no [ 47.689633][ T6366] Node 0 DMA free:2968kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB active_anon:104kB inactive_anon:44kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:208kB local_pcp:56kB free_cma:0kB [ 47.696891][ T6366] lowmem_reserve[]: 0 270 0 0 0 [ 47.698196][ T6366] Node 0 DMA32 free:17428kB boost:0kB min:13788kB low:17232kB high:20676kB reserved_highatomic:4096KB active_anon:4104kB inactive_anon:1872kB active_file:580kB inactive_file:8268kB unevictable:3536kB writepending:76kB present:1032196kB managed:304012kB mlocked:0kB bounce:0kB free_pcp:1268kB local_pcp:456kB free_cma:0kB [ 47.705989][ T6366] lowmem_reserve[]: 0 0 0 0 0 [ 47.707277][ T6366] Node 1 DMA32 free:239696kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB active_anon:18904kB inactive_anon:0kB active_file:38376kB inactive_file:134564kB unevictable:3536kB writepending:6412kB present:1048432kB managed:948252kB mlocked:0kB bounce:0kB free_pcp:2528kB local_pcp:412kB free_cma:0kB [ 47.715417][ T6366] lowmem_reserve[]: 0 0 0 0 0 [ 47.716703][ T6366] Node 0 DMA: 50*4kB (UM) 54*8kB (UM) 34*16kB (UM) 24*32kB (UM) 8*64kB (UM) 2*128kB (UM) 1*256kB (M) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 2968kB [ 47.720658][ T6366] Node 0 DMA32: 8*4kB (UMH) 13*8kB (UEH) 24*16kB (UH) 107*32kB (UMEH) 54*64kB (UE) 34*128kB (UME) 4*256kB (UM) 3*512kB (UM) 3*1024kB (UM) 0*2048kB 0*4096kB = 17384kB [ 47.725388][ T6366] Node 1 DMA32: 224*4kB (UME) 428*8kB (UME) 369*16kB (UME) 286*32kB (UME) 318*64kB (UME) 84*128kB (UME) 51*256kB (UME) 36*512kB (UME) 31*1024kB (UM) 12*2048kB (UME) 25*4096kB (UM) = 240688kB [ 47.730697][ T6366] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 47.733412][ T6366] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 47.736059][ T6366] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 47.738759][ T6366] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 47.741145][ T6366] 47948 total pagecache pages [ 47.742412][ T6366] 1 pages in swap cache [ 47.743537][ T6366] Free swap = 124736kB [ 47.744865][ T6366] Total swap = 124996kB [ 47.746142][ T6366] 524155 pages RAM [ 47.747194][ T6366] 0 pages HighMem/MovableOnly [ 47.748673][ T6366] 207249 pages reserved [ 47.749863][ T6366] 0 pages cma reserved [ 47.876083][ T5972] Bluetooth: hci3: command 0x0419 tx timeout [ 47.987420][ T6376] ceph: No mds server is up or the cluster is laggy [ 48.099548][ T6376] ceph: No mds server is up or the cluster is laggy [ 48.420862][ T5364] bcm5974 8-1:0.0: could not read from device [ 48.427803][ T1013] usb 8-1: USB disconnect, device number 2 [ 48.427823][ T5364] bcm5974 8-1:0.0: could not read from device [ 48.492608][ T6401] raw_sendmsg: syz.3.105 forgot to set AF_INET. Fix it! [ 48.995268][ T1013] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 49.145178][ T1013] usb 6-1: Using ep0 maxpacket: 32 [ 49.147728][ T1013] usb 6-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64 [ 49.150116][ T1013] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 49.153222][ T1013] usb 6-1: config 0 descriptor?? [ 49.160488][ T1013] as10x_usb: device has been detected [ 49.162145][ T1013] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle) [ 49.169396][ T1013] usb 6-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)... [ 49.181186][ T1013] as10x_usb: error during firmware upload part1 [ 49.183026][ T1013] Registered device nBox DVB-T Dongle [ 49.358656][ T6008] usb 6-1: USB disconnect, device number 2 [ 49.368309][ T6008] Unregistered device nBox DVB-T Dongle [ 49.368879][ T6008] as10x_usb: device has been disconnected [ 49.534494][ T6429] wireguard0: entered promiscuous mode [ 49.536443][ T6429] wireguard0: entered allmulticast mode [ 49.549845][ T6432] usb usb8: usbfs: process 6432 (syz.2.115) did not claim interface 0 before use [ 49.745364][ T6458] netlink: 8 bytes leftover after parsing attributes in process `syz.3.118'. [ 49.807198][ T6008] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 49.847176][ T6472] FAULT_INJECTION: forcing a failure. [ 49.847176][ T6472] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 49.850750][ T6472] CPU: 3 UID: 0 PID: 6472 Comm: syz.3.121 Not tainted 6.12.0-syzkaller-10681-g65ae975e97d5 #0 [ 49.853370][ T6472] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 49.856147][ T6472] Call Trace: [ 49.857025][ T6472] [ 49.857801][ T6472] dump_stack_lvl+0x16c/0x1f0 [ 49.859037][ T6472] should_fail_ex+0x497/0x5b0 [ 49.860281][ T6472] _copy_from_user+0x2e/0xd0 [ 49.861492][ T6472] do_tcp_setsockopt+0x1c5f/0x2820 [ 49.862842][ T6472] ? __pfx_do_tcp_setsockopt+0x10/0x10 [ 49.864283][ T6472] ? aa_sk_perm+0x2f5/0xb20 [ 49.865460][ T6472] ? ksys_write+0x191/0x250 [ 49.866628][ T6472] ? __pfx_aa_sk_perm+0x10/0x10 [ 49.867853][ T6472] tcp_setsockopt+0xe2/0x100 [ 49.869005][ T6472] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 49.870486][ T6472] do_sock_setsockopt+0x222/0x480 [ 49.871780][ T6472] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 49.873191][ T6472] ? lock_acquire+0x2f/0xb0 [ 49.874366][ T6472] __sys_setsockopt+0x1a0/0x230 [ 49.875613][ T6472] __ia32_sys_setsockopt+0xbc/0x160 [ 49.876923][ T6472] ? lockdep_hardirqs_on+0x7c/0x110 [ 49.878245][ T6472] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 49.879890][ T6472] __do_fast_syscall_32+0x73/0x120 [ 49.881181][ T6472] do_fast_syscall_32+0x32/0x80 [ 49.882435][ T6472] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 49.884022][ T6472] RIP: 0023:0xf7f60579 [ 49.885054][ T6472] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 49.889937][ T6472] RSP: 002b:00000000f50e657c EFLAGS: 00000292 ORIG_RAX: 000000000000016e [ 49.892029][ T6472] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000006 [ 49.893969][ T6472] RDX: 0000000000000016 RSI: 0000000020000000 RDI: 0000000020000149 [ 49.895959][ T6472] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 49.897949][ T6472] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 49.899919][ T6472] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 49.901883][ T6472] [ 49.902744][ C3] vkms_vblank_simulate: vblank timer overrun [ 50.000607][ T6008] usb 6-1: too many configurations: 13, using maximum allowed: 8 [ 50.003627][ T6008] usb 6-1: config 0 has no interfaces? [ 50.005935][ T6008] usb 6-1: config 0 has no interfaces? [ 50.008137][ T6008] usb 6-1: config 0 has no interfaces? [ 50.010994][ T6008] usb 6-1: config 0 has no interfaces? [ 50.014464][ T6008] usb 6-1: config 0 has no interfaces? [ 50.018533][ T6008] usb 6-1: config 0 has no interfaces? [ 50.020748][ T6008] usb 6-1: config 0 has no interfaces? [ 50.022950][ T6008] usb 6-1: config 0 has no interfaces? [ 50.026316][ T6008] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 50.029229][ T6008] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 50.031360][ T6008] usb 6-1: Product: syz [ 50.032519][ T6008] usb 6-1: Manufacturer: syz [ 50.033777][ T6008] usb 6-1: SerialNumber: syz [ 50.037503][ T6008] usb 6-1: config 0 descriptor?? [ 50.249226][ T6033] usb 6-1: USB disconnect, device number 3 [ 50.608442][ T6488] usb usb8: usbfs: process 6488 (syz.2.124) did not claim interface 0 before use [ 50.885290][ T6008] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 51.235197][ T6008] usb 6-1: Using ep0 maxpacket: 32 [ 51.237834][ T6008] usb 6-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64 [ 51.240299][ T6008] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 51.244244][ T6008] usb 6-1: config 0 descriptor?? [ 51.249262][ T6008] as10x_usb: device has been detected [ 51.250856][ T6008] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle) [ 51.260581][ T6008] usb 6-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)... [ 51.265234][ T6008] as10x_usb: error during firmware upload part1 [ 51.267347][ T6008] Registered device nBox DVB-T Dongle [ 51.380904][ T6504] syzkaller0: entered promiscuous mode [ 51.383813][ T6504] syzkaller0: entered allmulticast mode [ 51.515817][ T6515] usb usb8: usbfs: process 6515 (syz.0.133) did not claim interface 0 before use [ 51.650075][ T6415] Cannot find set identified by id 0 to match [ 51.656426][ T6008] usb 6-1: USB disconnect, device number 4 [ 51.664551][ T6008] Unregistered device nBox DVB-T Dongle [ 51.664961][ T6008] as10x_usb: device has been disconnected [ 51.741338][ T6522] FAULT_INJECTION: forcing a failure. [ 51.741338][ T6522] name failslab, interval 1, probability 0, space 0, times 0 [ 51.744719][ T6522] CPU: 0 UID: 0 PID: 6522 Comm: syz.3.135 Not tainted 6.12.0-syzkaller-10681-g65ae975e97d5 #0 [ 51.747325][ T6522] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 51.750103][ T6522] Call Trace: [ 51.750978][ T6522] [ 51.751764][ T6522] dump_stack_lvl+0x16c/0x1f0 [ 51.752990][ T6522] should_fail_ex+0x497/0x5b0 [ 51.754218][ T6522] ? fs_reclaim_acquire+0xae/0x150 [ 51.755537][ T6522] should_failslab+0xc2/0x120 [ 51.756772][ T6522] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 51.758355][ T6522] ? __kernfs_new_node+0xd3/0x890 [ 51.760026][ T6522] __kernfs_new_node+0xd3/0x890 [ 51.761410][ T6522] ? __pfx___kernfs_new_node+0x10/0x10 [ 51.762865][ T6522] ? __pfx_lock_release+0x10/0x10 [ 51.764179][ T6522] ? kernfs_add_one+0x39d/0x520 [ 51.765441][ T6522] ? up_write+0x1b2/0x520 [ 51.766532][ T6522] kernfs_new_node+0x186/0x240 [ 51.767760][ T6522] __kernfs_create_file+0x53/0x350 [ 51.769065][ T6522] sysfs_add_file_mode_ns+0x1ff/0x3b0 [ 51.770470][ T6522] internal_create_group+0x565/0xe50 [ 51.771845][ T6522] ? __pfx_internal_create_group+0x10/0x10 [ 51.773346][ T6522] ? kernfs_create_link+0x1bd/0x240 [ 51.774692][ T6522] internal_create_groups+0x9d/0x150 [ 51.776057][ T6522] device_add+0x6d3/0x1a70 [ 51.777213][ T6522] ? __pfx_device_add+0x10/0x10 [ 51.778506][ T6522] ? __init_waitqueue_head+0xca/0x150 [ 51.779906][ T6522] netdev_register_kobject+0x187/0x3f0 [ 51.781353][ T6522] register_netdevice+0x1473/0x1e20 [ 51.782723][ T6522] ? __pfx_register_netdevice+0x10/0x10 [ 51.784176][ T6522] slip_open+0xb7e/0x1140 [ 51.785296][ T6522] ? __pfx_slip_open+0x10/0x10 [ 51.786527][ T6522] ? down_write+0x14e/0x200 [ 51.787745][ T6522] ? __pfx_slip_open+0x10/0x10 [ 51.788979][ T6522] tty_ldisc_open+0x9c/0x120 [ 51.790175][ T6522] tty_set_ldisc+0x318/0x720 [ 51.791373][ T6522] tty_ioctl+0xc22/0x1640 [ 51.792503][ T6522] ? __pfx_tty_ioctl+0x10/0x10 [ 51.793742][ T6522] ? __pfx_lock_release+0x10/0x10 [ 51.795036][ T6522] ? trace_lock_acquire+0x146/0x1e0 [ 51.796397][ T6522] ? __fget_files+0x206/0x3a0 [ 51.797609][ T6522] tty_compat_ioctl+0x24a/0x4d0 [ 51.798862][ T6522] ? __pfx_tty_compat_ioctl+0x10/0x10 [ 51.800251][ T6522] __do_compat_sys_ioctl+0x1cb/0x2c0 [ 51.801645][ T6522] __do_fast_syscall_32+0x73/0x120 [ 51.803010][ T6522] do_fast_syscall_32+0x32/0x80 [ 51.804278][ T6522] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 51.805903][ T6522] RIP: 0023:0xf7f60579 [ 51.806957][ T6522] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 51.811895][ T6522] RSP: 002b:00000000f50e657c EFLAGS: 00000292 ORIG_RAX: 0000000000000036 [ 51.814020][ T6522] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000005423 [ 51.816041][ T6522] RDX: 0000000020000040 RSI: 0000000000000000 RDI: 0000000000000000 [ 51.818059][ T6522] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 51.820466][ T6522] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 51.822529][ T6522] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 51.824593][ T6522] [ 51.905206][ T6033] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 52.106122][ T6033] usb 5-1: Using ep0 maxpacket: 32 [ 52.164263][ T6033] usb 5-1: config index 0 descriptor too short (expected 156, got 27) [ 52.194463][ T6033] usb 5-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 52.210466][ T6033] usb 5-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 52.216464][ T6033] usb 5-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 52.249176][ T6033] usb 5-1: config 0 interface 0 has no altsetting 0 [ 52.299929][ T6033] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 52.302313][ T6033] usb 5-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 52.304483][ T6033] usb 5-1: Product: syz [ 52.374548][ T6033] usb 5-1: Manufacturer: syz [ 52.376026][ T6033] usb 5-1: SerialNumber: syz [ 52.416983][ T6033] usb 5-1: config 0 descriptor?? [ 52.485201][ T63] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 52.490997][ T6033] ldusb 5-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 52.494671][ T6033] ldusb 5-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 52.622400][ T6520] capability: warning: `syz.0.134' uses 32-bit capabilities (legacy support in use) [ 52.665199][ T63] usb 6-1: Using ep0 maxpacket: 16 [ 52.669104][ T63] usb 6-1: config 8 has an invalid interface number: 195 but max is 2 [ 52.671313][ T63] usb 6-1: config 8 contains an unexpected descriptor of type 0x1, skipping [ 52.673648][ T63] usb 6-1: config 8 contains an unexpected descriptor of type 0x2, skipping [ 52.676397][ T63] usb 6-1: config 8 has an invalid interface number: 205 but max is 2 [ 52.678495][ T63] usb 6-1: config 8 contains an unexpected descriptor of type 0x2, skipping [ 52.680742][ T63] usb 6-1: config 8 has an invalid descriptor of length 1, skipping remainder of the config [ 52.683285][ T63] usb 6-1: config 8 has 2 interfaces, different from the descriptor's value: 3 [ 52.686002][ T63] usb 6-1: config 8 has no interface number 0 [ 52.687635][ T63] usb 6-1: config 8 has no interface number 1 [ 52.689275][ T63] usb 6-1: config 8 interface 195 altsetting 20 has a duplicate endpoint with address 0x9, skipping [ 52.692425][ T63] usb 6-1: config 8 interface 195 altsetting 20 has an invalid descriptor for endpoint zero, skipping [ 52.695642][ T63] usb 6-1: config 8 interface 195 altsetting 20 has an invalid descriptor for endpoint zero, skipping [ 52.698539][ T63] usb 6-1: config 8 interface 195 altsetting 20 endpoint 0xC has invalid maxpacket 1951, setting to 64 [ 52.701422][ T63] usb 6-1: config 8 interface 195 altsetting 20 has an invalid descriptor for endpoint zero, skipping [ 52.704261][ T63] usb 6-1: config 8 interface 195 altsetting 20 endpoint 0x5 has invalid maxpacket 512, setting to 64 [ 52.707506][ T63] usb 6-1: config 8 interface 195 altsetting 20 has an invalid descriptor for endpoint zero, skipping [ 52.710474][ T63] usb 6-1: config 8 interface 195 altsetting 20 endpoint 0xD has an invalid bInterval 127, changing to 7 [ 52.713396][ T63] usb 6-1: config 8 interface 195 altsetting 20 has an invalid descriptor for endpoint zero, skipping [ 52.716325][ T63] usb 6-1: config 8 interface 205 altsetting 2 has 0 endpoint descriptors, different from the interface descriptor's value: 8 [ 52.719703][ T63] usb 6-1: config 8 interface 195 has no altsetting 0 [ 52.721518][ T63] usb 6-1: config 8 interface 205 has no altsetting 0 [ 52.724821][ T63] usb 6-1: New USB device found, idVendor=0424, idProduct=cf19, bcdDevice=b5.24 [ 52.727268][ T63] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 52.729372][ T63] usb 6-1: Product: syz [ 52.730505][ T63] usb 6-1: Manufacturer: syz [ 52.731815][ T63] usb 6-1: SerialNumber: syz [ 52.970393][ T63] usb 6-1: USB disconnect, device number 5 [ 52.979158][ T63] ================================================================== [ 52.981298][ T63] BUG: KASAN: slab-use-after-free in hdm_disconnect+0x227/0x250 [ 52.983281][ T63] Read of size 8 at addr ffff888028f65898 by task kworker/2:1/63 [ 52.986266][ T63] [ 52.987125][ T63] CPU: 2 UID: 0 PID: 63 Comm: kworker/2:1 Not tainted 6.12.0-syzkaller-10681-g65ae975e97d5 #0 [ 52.989771][ T63] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 52.992710][ T63] Workqueue: usb_hub_wq hub_event [ 52.994091][ T63] Call Trace: [ 52.994966][ T63] [ 52.995838][ T63] dump_stack_lvl+0x116/0x1f0 [ 52.997155][ T63] print_report+0xc3/0x620 [ 52.998327][ T63] ? __virt_addr_valid+0x5e/0x590 [ 52.999663][ T63] ? __phys_addr+0xc6/0x150 [ 53.000859][ T63] kasan_report+0xd9/0x110 [ 53.002067][ T63] ? hdm_disconnect+0x227/0x250 [ 53.003458][ T63] ? hdm_disconnect+0x227/0x250 [ 53.004844][ T63] hdm_disconnect+0x227/0x250 [ 53.006087][ T63] usb_unbind_interface+0x1e8/0x970 [ 53.007441][ T63] ? kernfs_find_ns+0x2e0/0x3f0 [ 53.008746][ T63] ? __pfx_usb_unbind_interface+0x10/0x10 [ 53.010237][ T63] device_remove+0x122/0x170 [ 53.011626][ T63] device_release_driver_internal+0x44a/0x610 [ 53.013290][ T63] bus_remove_device+0x22f/0x420 [ 53.014644][ T63] device_del+0x396/0x9f0 [ 53.015878][ T63] ? __pfx_device_del+0x10/0x10 [ 53.017278][ T63] ? kobject_put+0x210/0x5a0 [ 53.018480][ T63] usb_disable_device+0x36c/0x7f0 [ 53.019906][ T63] usb_disconnect+0x2e1/0x920 [ 53.021249][ T63] hub_event+0x1da5/0x4e10 [ 53.022459][ T63] ? lock_acquire+0x2f/0xb0 [ 53.023680][ T63] ? debug_object_deactivate+0x13b/0x370 [ 53.025109][ T63] ? __pfx_hub_event+0x10/0x10 [ 53.026359][ T63] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 53.027832][ T63] ? rcu_is_watching+0x12/0xc0 [ 53.029074][ T63] ? trace_lock_acquire+0x146/0x1e0 [ 53.030417][ T63] ? process_one_work+0x8bb/0x1b30 [ 53.031769][ T63] ? lock_acquire+0x2f/0xb0 [ 53.032959][ T63] ? process_one_work+0x8bb/0x1b30 [ 53.034304][ T63] process_one_work+0x958/0x1b30 [ 53.035452][ T6543] usb usb8: usbfs: process 6543 (syz.2.142) did not claim interface 0 before use [ 53.035615][ T63] ? __pfx_hub_event+0x10/0x10 [ 53.039247][ T63] ? __pfx_process_one_work+0x10/0x10 [ 53.040672][ T63] ? rcu_is_watching+0x12/0xc0 [ 53.041950][ T63] ? assign_work+0x1a0/0x250 [ 53.043171][ T63] worker_thread+0x6c8/0xf00 [ 53.044410][ T63] ? __pfx_worker_thread+0x10/0x10 [ 53.045750][ T63] kthread+0x2c1/0x3a0 [ 53.046829][ T63] ? _raw_spin_unlock_irq+0x23/0x50 [ 53.048214][ T63] ? __pfx_kthread+0x10/0x10 [ 53.049427][ T63] ret_from_fork+0x45/0x80 [ 53.050616][ T63] ? __pfx_kthread+0x10/0x10 [ 53.051866][ T63] ret_from_fork_asm+0x1a/0x30 [ 53.053133][ T63] [ 53.053950][ T63] [ 53.054584][ T63] Allocated by task 63: [ 53.055691][ T63] kasan_save_stack+0x33/0x60 [ 53.056916][ T63] kasan_save_track+0x14/0x30 [ 53.058145][ T63] __kasan_kmalloc+0xaa/0xb0 [ 53.059352][ T63] hdm_probe+0xb3/0x1860 [ 53.060481][ T63] usb_probe_interface+0x309/0x9d0 [ 53.061809][ T63] really_probe+0x23e/0xa90 [ 53.063008][ T63] __driver_probe_device+0x1de/0x440 [ 53.064420][ T63] driver_probe_device+0x4c/0x1b0 [ 53.065735][ T63] __device_attach_driver+0x1df/0x310 [ 53.067141][ T63] bus_for_each_drv+0x157/0x1e0 [ 53.068445][ T63] __device_attach+0x1e8/0x4b0 [ 53.069704][ T63] bus_probe_device+0x17f/0x1c0 [ 53.070984][ T63] device_add+0x114b/0x1a70 [ 53.072212][ T63] usb_set_configuration+0x10ea/0x1ca0 [ 53.073655][ T63] usb_generic_driver_probe+0xb1/0x110 [ 53.075089][ T63] usb_probe_device+0xec/0x3e0 [ 53.076367][ T63] really_probe+0x23e/0xa90 [ 53.077552][ T63] __driver_probe_device+0x1de/0x440 [ 53.078923][ T63] driver_probe_device+0x4c/0x1b0 [ 53.080276][ T63] __device_attach_driver+0x1df/0x310 [ 53.081668][ T63] bus_for_each_drv+0x157/0x1e0 [ 53.082956][ T63] __device_attach+0x1e8/0x4b0 [ 53.084233][ T63] bus_probe_device+0x17f/0x1c0 [ 53.085513][ T63] device_add+0x114b/0x1a70 [ 53.086698][ T63] usb_new_device+0xd2c/0x1960 [ 53.087972][ T63] hub_event+0x2d9a/0x4e10 [ 53.089149][ T63] process_one_work+0x958/0x1b30 [ 53.090451][ T63] worker_thread+0x6c8/0xf00 [ 53.091694][ T63] kthread+0x2c1/0x3a0 [ 53.092770][ T63] ret_from_fork+0x45/0x80 [ 53.093939][ T63] ret_from_fork_asm+0x1a/0x30 [ 53.095190][ T63] [ 53.095853][ T63] Freed by task 63: [ 53.096867][ T63] kasan_save_stack+0x33/0x60 [ 53.098105][ T63] kasan_save_track+0x14/0x30 [ 53.099345][ T63] kasan_save_free_info+0x3b/0x60 [ 53.100688][ T63] __kasan_slab_free+0x51/0x70 [ 53.101957][ T63] kfree+0x14f/0x4b0 [ 53.102988][ T63] device_release+0xa1/0x240 [ 53.104234][ T63] kobject_put+0x1e4/0x5a0 [ 53.105408][ T63] device_unregister+0x2f/0xc0 [ 53.106656][ T63] hdm_disconnect+0x10b/0x250 [ 53.107897][ T63] usb_unbind_interface+0x1e8/0x970 [ 53.109246][ T63] device_remove+0x122/0x170 [ 53.110453][ T63] device_release_driver_internal+0x44a/0x610 [ 53.112045][ T63] bus_remove_device+0x22f/0x420 [ 53.113369][ T63] device_del+0x396/0x9f0 [ 53.114498][ T63] usb_disable_device+0x36c/0x7f0 [ 53.115828][ T63] usb_disconnect+0x2e1/0x920 [ 53.117057][ T63] hub_event+0x1da5/0x4e10 [ 53.118225][ T63] process_one_work+0x958/0x1b30 [ 53.119508][ T63] worker_thread+0x6c8/0xf00 [ 53.120737][ T63] kthread+0x2c1/0x3a0 [ 53.121797][ T63] ret_from_fork+0x45/0x80 [ 53.122972][ T63] ret_from_fork_asm+0x1a/0x30 [ 53.124250][ T63] [ 53.124871][ T63] The buggy address belongs to the object at ffff888028f64000 [ 53.124871][ T63] which belongs to the cache kmalloc-8k of size 8192 [ 53.128367][ T63] The buggy address is located 6296 bytes inside of [ 53.128367][ T63] freed 8192-byte region [ffff888028f64000, ffff888028f66000) [ 53.131928][ T63] [ 53.132561][ T63] The buggy address belongs to the physical page: [ 53.134234][ T63] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x28f60 [ 53.136510][ T63] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 53.138685][ T63] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 53.140740][ T63] page_type: f5(slab) [ 53.141783][ T63] raw: 00fff00000000040 ffff88801ac43180 0000000000000000 dead000000000001 [ 53.144007][ T63] raw: 0000000000000000 0000000080020002 00000001f5000000 0000000000000000 [ 53.146210][ T63] head: 00fff00000000040 ffff88801ac43180 0000000000000000 dead000000000001 [ 53.148361][ T63] head: 0000000000000000 0000000080020002 00000001f5000000 0000000000000000 [ 53.150588][ T63] head: 00fff00000000003 ffffea0000a3d801 ffffffffffffffff 0000000000000000 [ 53.152843][ T63] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 53.155074][ T63] page dumped because: kasan: bad access detected [ 53.156754][ T63] page_owner tracks the page as allocated [ 53.158230][ T63] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd28c0(GFP_NOWAIT|__GFP_IO|__GFP_FS|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5679, tgid 5679 (dhcpcd), ts 20788506195, free_ts 20785327751 [ 53.163529][ T63] post_alloc_hook+0x2d1/0x350 [ 53.164813][ T63] get_page_from_freelist+0xfce/0x2f80 [ 53.166232][ T63] __alloc_pages_noprof+0x223/0x25a0 [ 53.167621][ T63] alloc_pages_mpol_noprof+0x2c9/0x610 [ 53.169021][ T63] new_slab+0x2c9/0x410 [ 53.170100][ T63] ___slab_alloc+0xd1d/0x16e0 [ 53.171317][ T63] __slab_alloc.constprop.0+0x56/0xb0 [ 53.172726][ T63] __kmalloc_node_track_caller_noprof+0x2ee/0x520 [ 53.174381][ T63] kmalloc_reserve+0xef/0x2c0 [ 53.175626][ T63] __alloc_skb+0x164/0x380 [ 53.176781][ T63] netlink_dump+0x2c1/0xd00 [ 53.177961][ T63] netlink_recvmsg+0xa0d/0xf30 [ 53.179201][ T63] sock_recvmsg+0x1f6/0x250 [ 53.180405][ T63] ____sys_recvmsg+0x219/0x6b0 [ 53.181649][ T63] ___sys_recvmsg+0x115/0x1a0 [ 53.182887][ T63] __sys_recvmsg+0x16b/0x220 [ 53.184110][ T63] page last free pid 5775 tgid 5775 stack trace: [ 53.185726][ T63] free_unref_page+0x661/0x1080 [ 53.187001][ T63] __put_partials+0x14c/0x170 [ 53.188242][ T63] qlist_free_all+0x4e/0x120 [ 53.189443][ T63] kasan_quarantine_reduce+0x195/0x1e0 [ 53.190855][ T63] __kasan_slab_alloc+0x69/0x90 [ 53.192141][ T63] kmem_cache_alloc_noprof+0x1c8/0x3b0 [ 53.193544][ T63] getname_flags.part.0+0x4c/0x550 [ 53.194865][ T63] getname+0x8d/0xe0 [ 53.195906][ T63] do_sys_openat2+0x104/0x1e0 [ 53.197131][ T63] __x64_sys_openat+0x175/0x210 [ 53.198391][ T63] do_syscall_64+0xcd/0x250 [ 53.199592][ T63] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 53.201116][ T63] [ 53.201736][ T63] Memory state around the buggy address: [ 53.203188][ T63] ffff888028f65780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 53.205260][ T63] ffff888028f65800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 53.207317][ T63] >ffff888028f65880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 53.209382][ T63] ^ [ 53.210632][ T63] ffff888028f65900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 53.212716][ T63] ffff888028f65980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 53.214770][ T63] ================================================================== [ 53.225344][ T63] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 53.227167][ T63] CPU: 2 UID: 0 PID: 63 Comm: kworker/2:1 Not tainted 6.12.0-syzkaller-10681-g65ae975e97d5 #0 [ 53.229698][ T63] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 53.232371][ T63] Workqueue: usb_hub_wq hub_event [ 53.233624][ T63] Call Trace: [ 53.234471][ T63] [ 53.235199][ T63] dump_stack_lvl+0x3d/0x1f0 [ 53.236400][ T63] panic+0x71d/0x800 [ 53.237363][ T63] ? __pfx_panic+0x10/0x10 [ 53.238524][ T63] ? irqentry_exit+0x3b/0x90 [ 53.239751][ T63] ? lockdep_hardirqs_on+0x7c/0x110 [ 53.241098][ T63] ? preempt_schedule_thunk+0x1a/0x30 [ 53.242501][ T63] ? preempt_schedule_common+0x44/0xc0 [ 53.243937][ T63] ? check_panic_on_warn+0x1f/0xb0 [ 53.245277][ T63] check_panic_on_warn+0xab/0xb0 [ 53.246565][ T63] end_report+0x117/0x180 [ 53.247729][ T63] kasan_report+0xe9/0x110 [ 53.248910][ T63] ? hdm_disconnect+0x227/0x250 [ 53.250186][ T63] ? hdm_disconnect+0x227/0x250 [ 53.251477][ T63] hdm_disconnect+0x227/0x250 [ 53.252741][ T63] usb_unbind_interface+0x1e8/0x970 [ 53.254103][ T63] ? kernfs_find_ns+0x2e0/0x3f0 [ 53.255330][ T63] ? __pfx_usb_unbind_interface+0x10/0x10 [ 53.256758][ T63] device_remove+0x122/0x170 [ 53.257969][ T63] device_release_driver_internal+0x44a/0x610 [ 53.259573][ T63] bus_remove_device+0x22f/0x420 [ 53.260801][ T63] device_del+0x396/0x9f0 [ 53.261880][ T63] ? __pfx_device_del+0x10/0x10 [ 53.263178][ T63] ? kobject_put+0x210/0x5a0 [ 53.264410][ T63] usb_disable_device+0x36c/0x7f0 [ 53.265732][ T63] usb_disconnect+0x2e1/0x920 [ 53.266965][ T63] hub_event+0x1da5/0x4e10 [ 53.268164][ T63] ? lock_acquire+0x2f/0xb0 [ 53.269356][ T63] ? debug_object_deactivate+0x13b/0x370 [ 53.270822][ T63] ? __pfx_hub_event+0x10/0x10 [ 53.272099][ T63] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 53.273563][ T63] ? rcu_is_watching+0x12/0xc0 [ 53.274818][ T63] ? trace_lock_acquire+0x146/0x1e0 [ 53.276205][ T63] ? process_one_work+0x8bb/0x1b30 [ 53.277540][ T63] ? lock_acquire+0x2f/0xb0 [ 53.278731][ T63] ? process_one_work+0x8bb/0x1b30 [ 53.280101][ T63] process_one_work+0x958/0x1b30 [ 53.281397][ T63] ? __pfx_hub_event+0x10/0x10 [ 53.282680][ T63] ? __pfx_process_one_work+0x10/0x10 [ 53.284105][ T63] ? rcu_is_watching+0x12/0xc0 [ 53.285347][ T63] ? assign_work+0x1a0/0x250 [ 53.286537][ T63] worker_thread+0x6c8/0xf00 [ 53.287766][ T63] ? __pfx_worker_thread+0x10/0x10 [ 53.289073][ T63] kthread+0x2c1/0x3a0 [ 53.290115][ T63] ? _raw_spin_unlock_irq+0x23/0x50 [ 53.291471][ T63] ? __pfx_kthread+0x10/0x10 [ 53.292661][ T63] ret_from_fork+0x45/0x80 [ 53.293831][ T63] ? __pfx_kthread+0x10/0x10 [ 53.295040][ T63] ret_from_fork_asm+0x1a/0x30 [ 53.296315][ T63] [ 53.297695][ T63] Kernel Offset: disabled [ 53.298826][ T63] Rebooting in 86400 seconds.. VM DIAGNOSIS: 07:40:36 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000001 RBX=1ffff9200063eeba RCX=ffffffff81fc6858 RDX=0000000000000001 RSI=0000000000000000 RDI=0000000000000005 RBP=0000000000059d01 RSP=ffffc900031f75c8 R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000003 R12=0000000000000001 R13=0000000000000008 R14=0000000000000001 R15=ffffc900031f7a98 RIP=ffffffff818e0193 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b400000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000000000000 CR3=000000004d146000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000021000000000 0000000600000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000000 RBX=0000000000000094 RCX=1ffff9200008ffc6 RDX=1ffff110039ddbdb RSI=fffff5200008ffa1 RDI=ffff88801ceeded8 RBP=ffff88801ceec880 RSP=ffffc9000047fec8 R8 =0000000000000000 R9 =0000000000000001 R10=ffffffff903e40d7 R11=0000000000000000 R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff8164e3af RFL=00000296 [--S-AP-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b500000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000000000000 CR3=000000006b0c4000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000004c00000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000032 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8509f205 RDI=ffffffff9a8a2280 RBP=ffffffff9a8a2240 RSP=ffffc900007e71b0 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=20666f2064616552 R12=0000000000000000 R13=0000000000000032 R14=ffffffff8509f1a0 R15=0000000000000000 RIP=ffffffff8509f22f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000000c353e06 CR3=000000002866c000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000fec0c000 Opmask01=0000000000000000 Opmask02=000000000000ffdf Opmask03=0000000000000000 Opmask04=00000000ffffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4b5f5455504e495f 4449006b636f6c62 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffc0730dc0 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff00000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00ff000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffff00 ffffff00000000ff ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 8eff17c148b2750c 737326cc82cb51ff ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 73737373737373e2 737373435c021e73 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 312d362f36627375 2f312e6463685f79 6d6d75642f6d726f 6674616c702f7365 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f6f742079617272 6120656c75722079 7261726f706d6574 002a3f005b3f2a00 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4a4a51055c445757 440540495057055c 5744574a55484051 000f1a005b1a0f00 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 383a312d362f312d 362f366273752f31 2e6463685f796d6d 75642f6d726f6674 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000041 000055baaa11d910 00003539312e383a 312d362f3539312e ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7b27697a787c7a30 23333a3a38263342 4943213f395b2249 5a6e786b6e646b7e ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3a263b383a3a263a 383a3a26493b3a3a 26483b3a3a264b3b 3a0a00307f617930 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692054524f50202c 2064696c61696d20 0070253a20252054 524f504d49005452 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692020520050202c 2025204f504d4900 0061253a20252000 2527204d49005452 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000001210 RBX=000000212dcd6b24 RCX=0000000000000003 RDX=0000002100000000 RSI=ffffffff8bd16860 RDI=ffffffff8bd168a0 RBP=000000212dcd5914 RSP=ffffc900005dfb40 R8 =0000000000000001 R9 =ffffed100fde8ce0 R10=ffff88807ef46707 R11=0000000000000002 R12=0000000000000003 R13=00000000000032c9 R14=ffffffff9a621640 R15=00000000000061f5 RIP=ffffffff8b145c80 RFL=00000297 [--S-APC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000000c4452ce CR3=000000002563e000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000012000000000 0000000300000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000