last executing test programs: 5.7427881s ago: executing program 1 (id=335): mkdir(&(0x7f0000000300)='./file0\x00', 0xfffffffffffffffe) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) r1 = syz_open_procfs$userns(0x0, &(0x7f0000000240)) ioctl$NS_GET_OWNER_UID(r1, 0xb704, &(0x7f0000003a40)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000040)={0x2, &(0x7f0000000340)=[{0x20, 0xc, 0x77, 0xfffff038}, {0x6, 0x0, 0x0, 0x2}]}, 0x8) sendmmsg(r2, &(0x7f0000001c00), 0x400000000000159, 0x40840) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) r5 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r5, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000180)={0x2, 0x3, 0x0, 0x3, 0x12, 0x0, 0x70bd2c, 0x25dfdbfb, [@sadb_key={0x3, 0x9, 0x80, 0x0, "1cdc0dca1d9f68846960e56de42944af"}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @loopback, 0x2}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x7, 0xc}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, 0x7}}, @sadb_x_nat_t_type={0x1, 0x14, 0x7}]}, 0x90}, 0x1, 0x7}, 0x0) read$FUSE(r4, &(0x7f0000006180)={0x2020, 0x0, 0x0}, 0x2020) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0d000003005a"], 0x50) write$FUSE_INIT(r4, &(0x7f0000000440)={0x50, 0x0, r6, {0x7, 0x29, 0x0, 0x1004cc80, 0x40, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}}, 0x50) r7 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x300000d, 0x1) write$cgroup_freezer_state(r7, 0x0, 0x20000) 4.913329276s ago: executing program 3 (id=338): r0 = socket$nl_crypto(0x10, 0x3, 0x15) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000580)={{{@in6=@remote, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}, 0x0, @in6=@initdev}}, &(0x7f0000000480)=0xe4) sendmsg$netlink(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000014c0)={0x460, 0x11, 0x1, 0x70bd2c, 0x25dfdbfb, "", [@nested={0x297, 0x8d, 0x0, 0x1, [@typed={0x8, 0xc5, 0x0, 0x0, @fd}, @generic="51c6b68cf4eb24182ec06972d96b20a47257d673c593752c5a1c9016497a0d2aaaff7dd00c7771e3c0d360527a0b81ec9f7ef771712b5159099b33f25cef45ab9b9ef9723f0fc2356b2cdc4016a9dc84050982fa3d5c3baa6ff13ff96f7e539bfecd746d93ffa6a9186682c1500063e22b0d492e3111b0ade0a29e675f9a6d860fd0dabb8264042aa3d1aa75908a1182406a77ced5aad953f8b6841dad52a4069e0156235b6bcea2ab37b0c43574b4f90a3f168dc650368345d7326a6b29160f04aa670dd49b7482724acebea8a3ebcadb93bab7cd11de74d5d039334102882dd7755a4cda78d36d8afbf57095ce262ec6639b7482079b1e4c5e47f2a877587617dcfb30db6828d6323cb34117732c3d853d6148cfb28b30c2755b8b790dc3ad3f74031a83725200f22cf7639de873b7fa6b0929b33a89e296efd977b0c0b3bfe7291b1a99c481a0f77e25e3d8e8fc873ed463253b3ddb87885f47c8aabec1aa3f125ffc3e1bc619773186a53d33efe9f88d1d18539d2ed7", @generic="d5f964d6c88c3572a61ea76677347b03813ff58c9cf41bb74c68d5c34f42dc4d4cff3be23aaf70c80c28f15cc4069d3ff4259b40fac13074e3fb971525156710ead5b54397733a66d245873ff264abcf8a02faccd750572dfd4d556b88e2b1e183feb33c17ad9554d388c955907dbd", @nested={0xa1, 0x110, 0x0, 0x1, [@generic="bbffcdf59004a7e8e0250c985f06b440fce270a36ee351673fbc19f4f32f275842776ba4ed84729f9c3099b63f49ffe963b254711d80ce8b35477bc8c4f9c6004d0da75537ddd92b2493e8989b181261f7e9998847ed0c800bc558eb3456cb05458f65fa6738a32dc7b4f9c983c816a93c8b99a3f5d42942878e61051c37acc96b4786fc25d21c4c1b65abbe593054e7e5b2f774da041932ac844a7238"]}]}, @generic, @generic="b9a6d0348e6ed925d30ee1f78f8b901ba86812918314ce7fb8a42631f20f4abfea806d2be452927415554b0d87afeace4be6d351b8fe64bd1b5aff3b0cd8d69090369e4032424c8479f86c9cf3299f8ca09f9079830748f95196128a701e725c498e02dd1a8786235c6e9176d3e68d56f7752d473c1a03dafe93ca702e24e076068d145e84a5a67f45be2bccc0d636e174c133e253ffae2ef39feb3216d93a9cc833677c5c9a9fd5b18e854fa9cdcb0812cee4284330c77f7158ffb8628c", @typed={0x8, 0x141, 0x0, 0x0, @uid=r1}, @generic="d4d83f1a4700378bab03d68813aa243549b14743f8cf2dcc63f7eaca568732c4e73182c5636ed9d47eb1fce8faa174d22824756c71695f4bee39999425b51415d1f30d76f3761891d5a27eb41077ae07a91e415b3cd82c75e7a713638c5a28359c9f5f02c7eb88cc61d9a6b7c97af90bc1b2856cf05084ec2b23694fa3a8f9a4ff9978290e921497d3abe4052f2adfe4a58fccd12278f90a600a0ea8156a95ba00d940c8ea6d8c02a60f73705e445d12e1232f216a832e9dadbf00414aedd22e48aa329eff839e9b9dd6a05e287f50e15727347209b297ad8841e7a0993ee8a199252af6c510845ffb7ed64ca2749c37"]}, 0x460}, {&(0x7f0000000ac0)={0xc8, 0x1d, 0x20, 0x70bd27, 0x25dfdbfe, "", [@typed={0x4, 0x3}, @nested={0xb4, 0xa2, 0x0, 0x1, [@typed={0x8, 0x106, 0x0, 0x0, @fd}, @typed={0x8, 0xb9, 0x0, 0x0, @uid=r1}, @generic="769d17adc1c0f27ae01f465ddf784e56747a57e7804c28be312f854ae5930fdfed2783afead487f9f45906a46641dceb0107c7579ae6c247cb3f8d2440d5cbe947118092e615804a217024de26810a11ad70e1a38bc2bd5936da674e8581b5ee97d64e6fdb221c4ef573d7808fc6c35fd579d70e0fcaf3c65ffd3d567b94e8e5220a23c2af95a4b24ce47685470ad748de8f53f3053e361e1c39012398d18188"]}]}, 0xc8}, {&(0x7f0000000bc0)={0x70, 0x41, 0x400, 0x70bd2d, 0x25dfdbff, "", [@nested={0x5f, 0x23, 0x0, 0x1, [@nested={0x4, 0xf2}, @typed={0xc, 0xf8, 0x0, 0x0, @u64=0x7f}, @typed={0x8, 0xb7, 0x0, 0x0, @ipv4=@dev={0xac, 0x14, 0x14, 0x31}}, @nested={0x4, 0xe1}, @typed={0x8, 0x136, 0x0, 0x0, @ipv4=@dev={0xac, 0x14, 0x14, 0x2b}}, @typed={0x8, 0x5, 0x0, 0x0, @u32=0x5}, @nested={0x4, 0xc0}, @generic="a06566788df86bc9465f518d8f224c38ab56137f24d9cfc24f28b5ae39b4e6b9c76f1df512657ddb709b3f"]}]}, 0x70}], 0x3, 0x0, 0x0, 0x2000081}, 0x20048040) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x5}, 0x48) bpf$PROG_LOAD(0x2, &(0x7f0000000680)={0x3, 0x3, &(0x7f0000000740)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) sendmsg$inet(r2, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x20040001) r3 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0) syz_usb_control_io$hid(r3, 0x0, 0x0) syz_usb_control_io$hid(r3, &(0x7f0000000180)={0x24, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0x22, 0xf, {[@global=@item_012={0x0, 0x1, 0x5}, @main=@item_012={0x2, 0x0, 0xb, '\x00\x00'}, @main=@item_4={0x3, 0x0, 0x9, "5aa8257f"}, @main=@item_012={0x0, 0x0, 0x9}, @main=@item_4={0x3, 0x0, 0xb, "9e3ce079"}]}}, 0x0}, 0x0) r4 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$TCPDIAG_GETSOCK(r4, 0x0, 0x0) r5 = syz_open_dev$hiddev(&(0x7f0000000140), 0x0, 0x0) r6 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000040260933334000000000010902240001000000000904000001030100000921000000012201000905810308"], 0x0) timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) syz_usb_ep_write(r6, 0x81, 0x41, &(0x7f00000002c0)="b9425b44651dd23241963599000000110000004a16941ff5f4b4f1f0add7fcf2b877fceafffffffffff1ffdf4cd9f5d3969890522c77157d88010000003a5bd553") r7 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r7, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @dev={0xfe, 0x80, '\x00', 0x36}, 0x2}, 0x1c) sendmsg$inet6(r7, &(0x7f0000000480)={&(0x7f0000000040)={0xa, 0x4e20, 0xfffffffc, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x2}, 0x1c, 0x0}, 0x20004804) syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$HIDIOCSREPORT(r5, 0x400c4808, &(0x7f0000000080)={0x2, 0x100, 0x20a6}) 4.803159254s ago: executing program 1 (id=340): openat$vicodec0(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0041, 0x0) write$tun(r0, &(0x7f0000000040)=ANY=[@ANYRESHEX=r0], 0xfdef) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000001c0)=""/5, 0x63}], 0x1, 0xfffffffffffffffe, 0x19}, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@gettaction={0x14, 0x32, 0x801, 0x70bd29, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x880e) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000440)=[@text64={0x40, &(0x7f0000000180)="66baa000ecc744240011000000c7442402b16e0000ff2c2443f466baf80cb8f2c96789ef66bafc0c66ed0f072e0f01c248b820450000000000000f23d00f21f835000000010f23f8c46289900cabb9f9080000b8c93c0000ba000000000f30c4816857a601000000", 0x68}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x500) 4.684588135s ago: executing program 1 (id=341): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000013c0)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000fdfdfff67a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040000010000400404000001f7ff04b7050000670000006a0a00fe00000000850000000b000000b70000000000000095000000000000009cc6b3fcd62c061c6207005d43a4505f80e39c9f3c530cf08e467b592f868ee3b0a435df0a0e8c1bf176db2a6b2feb4b77d3d5707bfd2d84aaa3b1d4e984c46ea7e2b347a36f5662403e1b2be4284322a4908a0d411a9872971c7c56f0979bd10b97163c066d0e196bf02f46c7953ab1abdaf9de9ca3c00cb9bf4e418d07fa22f0610a70f2bdf4000200000000b0c2c125080963f63223b7b80197aa3161f45346b100000000000000000089e399f6609876b588743794298b79dc192dff048fc207c81f28bdd3e26a1a8a0481e9f0da43bb6ca66e2f55a9ff19ffcafe3e64be06000000000000005064caec04a367c23d9fb6a6991ddb737d527d6acb15426406991c3b404984dfa2c6e94bd0339454c13ad3c328a182c15dc760a313e3b3ca5d3393404029e98fa883c71949a34d84030323e3d54fc5b29d27643453ad9211e3550ee5520211d9370175133f260c6882a146880b9387f1beb5418618bc83a3becf9bb5d80efd7da7ba8b913c685fc6700848dc6665d73248c1f74e08ad04ce905faf32706e0000249a028044ede964362cfb2f30a246c3b2f60000fc4deb91da1368b0960b8d69bd99c64893d44f962524429dc058528e7e541c903869d96989b9a986620cb2c95c83f2a082c52764f49e51188f9418b01bcd8ae164acdac95318ec8b2c6feacdcf4b528e5e58219bc54f6ad5679e7f430e6960ed048c46e1dccca05bfa1d67c83795eae2d31968c055d325a9c794ef88b30c2de4a274878b73c05ffa88b7073be648b12bb1fee58958d6a6f31bfe5682159fbde59dad00008a73b40f09cf018cd496b36050d7fd45e3620c28f76749262e33e16429a6da35ceb1a989de81c3f8b8bc348ef2ac3781b847611fcb0a26acafdd6d9a1b17dcb9f7c493d8f8cd344a1d470ca0d6f16ab0293774b5509fb0e7113936d59d5a60dbd84a938476adeebab9ff44f531bb0200000000000000cc1fbc455a64fd449284f71761092a0302000000000000008a05d36fd9b814b4292745418c92d94462d2d8f7e1d24cabe17ad4135d8872935ceac6eb4f046f2acc1b0efb4438abddcabb4e4e72a450aab72b589bec83bbb688e659fb426cb43d0ee993516fd4e867232cde69b6ffad447dcd92e0ef8234ff850ec3948dd1fa7afb77d951fe4abf618121b7894c106beb49a71c62df5544ef221973432ccc7e62b151eb898a01010a7ec5acd0a5dcb2de443880c8a682515d1da9a3048744acb44384d1591df789883c0560495cb0cb32283529926d25e5c7f481112ab8a82247e927fb6f256830dab3671f00500d36a17790bab7d0e89e6c15314f2b963bfc867953476b0505c7d728326d666f39e82cfcf7e7a85df288d75df24c5e4d529c349923f9a4fb882310391dd58b4cbd8def239a227724d39c3e6c40e20e07e68a22888a5c3941b7a765b92bcb37f302487bcbd93ccf3a104021ff34ddf7ffcca1a04eae963e25516a114573779b24a341dfb2e80f1f345c6d96493ffc2a18478b5bf3aab2ea59c51cf0678e1a57d0ea042d911548ff612002ddb2d54d42fbddaf686c4f64d26b42e7d613e42b56887003d27468225b2594a05044baf314113e889468cf13dd92aa0d7744db6b56557a5adad95cb9a69d4de50642b4b9d6d3ba7eb534b00d0fea62f0a61535dfc4da06e7f8695be614c557caed7eb0120516e1351fed7d8ffa31c8f4be364185469cfc5f25c90d71bce745dd2d58a30e0844f12c4cbbdd7a08465e665c2620d78673dfb6d9263ed7def8924cfcd48a8a3534f1a3eac9ee9f18a18106ba3d7c7a62330f5c0e98cb7982dd7bad02c8dba9c13894185bfc4bd2520b6e2043fcb3fc5eb55ecf9e6e363ea2ac40a14a6f00f0ffffa0fdb6487c51ef12c27b30255bc4f8813be88beeb5aa6f6a4151cfb90644e50630ed474df7d1635afcb1ea3f6c47b5acbba2ce5099a9387c7acb9bbd1da497611ceda25049e48ddacccbb58dddaf9a3510d65383829a51e0f41e661fa80ca1eaaa6cf0824305ba4ec80400c50ffe83ccb0e6fef321190c58aca8c7c8c6d26ff5cbc2cadebda8e1219e04f8dacffd33db1a0a2e74c9eb978d80a12d0b5327bfd053000000000000000000be0d02a14708504412fa93d335992b2983c5addc191b4a21c7b340d0536b01958e15315eb5f3f9f4992c18f666359f40295fa73284c4b607669bae75bd68c3e2b770c324a0ab26b6065d7e95a7bd80052db57506ec7cc861bf3998d07484c66630ca8173fea3f06ed1dfc70a8b90418e2dc76137e0f68cb1c8a908aef9f0f85647dba54e05028c33d94d463fb20d2e7547184b8d3611e45dff02144387f342ef9b9bf650e9d049bf65258a7bc094a6965e24611c077e1ca0891362a9d68f3ec7610c0449acf18459500f024f9b75885cd79ba32776e4a511c8a4ad922b00000000000000a9241220dfbf7d02ef507ec6fc7f5d37d835f7bed71283c431b9d8cbd9003972bf1dc6a71bedad8e19efc3edd2a7a7e555d5f3176af69920471e6e5bcb8966c813c132d65e2b99d3015e06b372e1aefaae14ee3fbc6349af362c19b59c214de66912d1a9a98d92dc197a51c29443de62caca334c46d110e50896fe50d0477771d387f40c8ef05750ca651e6e69a237dcf78666d6ab2bda1f853525494e4efdd93be38bb5fc671f8794002d7a951fd336aaf4ed1166cb459df70218c571ba1c40b028234505e5477e268326af8812c2fbb8785a223fce0a0601c2a3b58bea8c6216eadabcabe86ab46e4cd3d58ef7ce8d3c4b0bc5952e81dfc0a490d8568db6f9c51fe703c6864fae0053d2f91f49e977cdc1962dbc28c29471a72199862bc8fc6e211d13d8579cab4fba94b2b613c9b8148d05e0690a4c4ab35aabc45801d2b82081e62b23a01b58b1ffb624f63ad2246796796160cd3682374364edac52f1becb7c6eff50823b75fb2ef516ec4ec1cb20a2535b504502d744f2099674e58f2c117c980cf0d041c8ea5c4f166bab4aa5ed200ef4dcff96f7c9c1ab8c22db0f439b23b04bcd41ffc3a0e01976ca1cf43e12d7d72f3faa4979faabd62e2dc54a980eae4d5e8c6498de331c3aba1144ef1190ea6cda641d9416c4560cab2d819eac7b04c70f141754c3ffd79da363fe8859afee531710caf1b2bf5a51142f4755cbb700c28083525a9093790096cb93417f1216000000000000000000000000000040ceb244e4cae2b65a76d41793aabccd3d0c50486eae6793e1f54814a8ee2779c14ca94759266200229b58c12279817869e831cade7b09ddffffff9d93e2ad25eed43c0b9ee4fd209b5b919a42f676b9d7236fc8dd5040899d0676291407ce9ac8101dd3512f5b3ac8cf8179d1749de324000030d0f942ec4604c28d5c287d1435956784003a53eb5fe535ead8857acf0166dbd9f30a9b9c8a9b9faf1356faf269cded935b07863e4fdad8aab52686c81babd1c08f6700a2fadd413443022ea5c774ffefdd426abed08d437a4db48611fc82a18ab9f54758a1aad86d95cd186ceb55fafa3930090467b8b7bb8adef4de2076dc538bb97502b4b4350e633dc0a53c2fc9a01b"], &(0x7f0000000340)='GPL\x00'}, 0x94) syz_clone(0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x5, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x804) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socket$key(0xf, 0x3, 0x2) sendmsg$nl_xfrm(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)=@newsa={0xec, 0x1a, 0x7, 0x0, 0x2, {{@in6=@dev={0xfe, 0x80, '\x00', 0x1b}, @in=@local, 0x4e22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xee00}, {@in6=@mcast1, 0x0, 0x2b}, @in6=@private0, {0x5a, 0xb400, 0x2, 0xfeffff7f00000001, 0x0, 0x60002}, {0x4, 0x200000, 0x7, 0xfffffffffffffffd}, {0x40000, 0x0, 0xae8}, 0x0, 0x0, 0xa, 0x2, 0x0, 0x70}}, 0xec}}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) rseq(&(0x7f0000000380)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x7, 0x1, 0x0, 0x8}}, 0x20, 0x0, 0x0) connect$unix(r3, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$inet(r5, &(0x7f0000001540), 0x800000000000214, 0x20000001) recvmmsg(r6, &(0x7f0000000ec0)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000440)=""/173, 0xad}], 0x1}, 0x9}, {{&(0x7f00000005c0)=@xdp, 0x80, 0x0, 0x0, &(0x7f0000001580)=""/4096, 0x1000}, 0x5}, {{0x0, 0x0, 0x0}, 0x6}], 0x3, 0x40000000, &(0x7f0000000f80)={0x77359400}) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={r0, 0xe0, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000001680)=[0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, 0x0, 0x0}}, 0x10) mknod$loop(&(0x7f0000000000)='./file0\x00', 0x200, 0x0) removexattr(0x0, &(0x7f0000000240)=@known='user.incfs.metadata\x00') 3.75256008s ago: executing program 1 (id=344): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="b80000001900000400000000fbdbdf2500000000000000000000ffffac1414aa0000000000000000000000000000000000000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000ffffffffffffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000004000500"], 0xb8}, 0x1, 0x0, 0x0, 0x5593ee2f0bddd485}, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x300000a, 0x4031, 0xffffffffffffffff, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) setxattr$incfs_metadata(&(0x7f0000000080)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYRES64=0x0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0xfffffffffffffebf) getxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000000)=@known='user.incfs.metadata\x00', 0x0, 0x50) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a0302000200000000000002000000090002"], 0x80}}, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) r3 = openat$vimc1(0xffffff9c, &(0x7f0000000280), 0x2, 0x0) ioctl$VIDIOC_DBG_G_CHIP_INFO(r3, 0xc0c85666, &(0x7f0000000480)={{0x2, @addr=0xb258}, "24cc37d19bf4374e9decf39cc36224ea0c7b27e291fa5f6620794bcd18a54b22", 0x3}) sendmsg$NFT_BATCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a30000000006c000000160a01000000000000000000010000000900010073797a30000000000900020073797a3000000000400003800800014000000000080002400000fbff2b0003801400010067656e6576653000000000000000000014000100776732000000000000000000c6e49c0f5c000000180a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c000380140001"], 0x110}}, 0x0) remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0) r4 = io_uring_setup(0xf08, &(0x7f0000000780)={0x0, 0xfd27, 0x38c1, 0x4, 0xf0}) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000000)={&(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f000000c000/0x1000)=nil, &(0x7f000001f000/0x1000)=nil, &(0x7f0000015000/0x3000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f000000c000/0x4000)=nil, &(0x7f000001d000/0x3000)=nil, &(0x7f0000012000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0}, 0x68) syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = openat$sw_sync_info(0xffffff9c, &(0x7f0000000300), 0x8000, 0x0) r6 = syz_open_dev$sndctrl(&(0x7f0000000600), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r6, 0xc1105517, 0x0) sendmsg$nl_xfrm(r5, &(0x7f0000000700)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000380)={&(0x7f0000000800)=ANY=[@ANYBLOB="900000001d0000022abd7000ffdbdf255400120061656769733132382d67656e65726963000000000000000000000000000000000000e580576e44b728bcb00000000000000000000000000000000000000000000000000000000000004000000060000000ab2ccb3423fabfd714000d00ff02000000000000000000000000000110000a002cbd70002bbd7000100000", @ANYRES8=r5, @ANYRES64=r6], 0x90}, 0x1, 0x0, 0x0, 0x67a39fed2b2a6b84}, 0x0) io_uring_register$IORING_REGISTER_FILES(r4, 0x20, &(0x7f0000000000)=[r4], 0x1) add_key(&(0x7f0000000000)='big_key\x00', 0x0, &(0x7f00000002c0)="1d", 0xfffff, 0xfffffffffffffffe) 3.463953493s ago: executing program 1 (id=345): r0 = fsopen(&(0x7f0000000000)='cgroup\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000200)='nakeN\xfe\xf0\xbfd\x13\xc9\x8bI\xd8 \xf3\x0e_\xb8\xe4\xfa\xb9x3\xc6z\x8aM\xd7x\xdd\xe1K\x93.+x\x15cH\x10V\x12\xf3x\x052*\x8a\x88\x8f9+\xc6\x96y\xa0\x99\xc0\xf4\v\xd8\xf2\xb5\f\xbf*(\xfc\xc8\x97j\xf2\xf0\xf8\x17w\xa6<\x0f <#\x9fD\x94\xae:v\v8l\xdey37\x8d\xa9T|6\xaf\xfc\x9bG\x917AI\xbf\x0f:\xf5\x03&\x1f\xabM\xf2\xe7X\xfaT\xb3\x95Nb\x7f\x88z\x9d\x15&\xc3\x00', &(0x7f0000000100)='ccnA\xf6gro_p\x00\x82}LS\x1f\xdc\xa73\xa5\x86\xdd\x83}\xbe\xcfgAL\x8f\xc3)d\xd8\xce\xf1|v\xd4\x8a3\x06\xd1\xfc\x8fj\x85b\x02;h\xca`\x8f\xf4\x0f\x857\xb8K`\xf0\x19\x1e\r\xb4\xf1\xd5*\xac\xeb\xf8>\xbd\x19\xb3\x01.\xa1\"$Z\xb8K\xa8\x190\xaeK\xd9\xd5\xccC\xc8\x19-\xb8s|\xae\x88~\v\xc9I\xfb=\x1a\x9b\x9eG\nT\xc18\"\xbe\xfa$c%q\xe57\xaa\xff\x9bP\xf6\x95\\\xffl\a\x8e\t\x14d\x96\x1e\xc0\xfd\x8d\"\x1e\xec\xfe~\xa7Np{\x9e\xe7Q\xab\x90I)\xe2\x8aCHY\xa6w\xf8d?0c\x9cl\t\x11uH\x8d<}\x85r\xfb5\x82\b\xddu\xe0\n\x96\x10\xf8\x7f\x06!$\xa2', 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x80, 0x7fff7ffc}]}) syz_open_dev$sndctrl(&(0x7f0000002b80), 0x1, 0x8000) socket$inet6_mptcp(0xa, 0x1, 0x106) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) timer_create(0x7, &(0x7f00000001c0)={0x0, 0x23, 0x2, @tid=r1}, &(0x7f0000000280)) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) socket$nl_route(0x10, 0x3, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ee}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000002380)={r5, 0x0, 0x2d, 0x0, @val=@netfilter={0xa, 0x4, 0xffffff1f, 0x1}}, 0x20) r6 = socket(0x1d, 0x2, 0x6) ioctl$ifreq_SIOCGIFINDEX_vcan(r6, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) openat$sequencer(0xffffffffffffff9c, &(0x7f00000020c0), 0x0, 0x0) bind$can_j1939(r6, &(0x7f0000000040)={0x1d, r7, 0x8000000000000003}, 0x18) syz_open_dev$tty1(0xc, 0x4, 0x1) socket$inet6_mptcp(0xa, 0x1, 0x106) socket$nl_route(0x10, 0x3, 0x0) 3.154703366s ago: executing program 0 (id=346): bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000100)=@bpf_ext={0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x13137, 0xffffffffffffffff, 0x0, 0x0, &(0x7f00000003c0)}, 0x94) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r0) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETOFFLOAD(r1, 0xc004743e, 0x110e22fff6) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1802"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) ioctl$TUNGETVNETLE(r0, 0x4010744d, &(0x7f0000000180)) 3.004520023s ago: executing program 2 (id=347): syz_emit_ethernet(0x7e, &(0x7f00000010c0)={@broadcast, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x1, 0x0, @private=0xa010102, @local}, @redirect={0x3, 0x0, 0x0, @broadcast=0x1000000, {0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @private=0x8000, @empty, {[@timestamp_addr={0x44, 0xc, 0x0, 0x1, 0x0, [{@remote, 0x4e210000}]}, @timestamp_addr={0x44, 0x34, 0x0, 0x1, 0x0, [{@multicast1}, {}, {@dev={0xac, 0x14, 0x14, 0x3}}, {@private}, {@empty}, {@initdev={0xac, 0x1e, 0x0, 0x0}}]}]}}}}}}}, 0x0) 3.004162403s ago: executing program 0 (id=348): r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r2, &(0x7f00000000c0)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth1_virt_wifi\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0xfffffffffffffe1e, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r3}}, 0x24}}, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x8) r4 = socket(0x2, 0x80805, 0x0) open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x0) setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r4, 0x84, 0xa, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) syz_open_dev$evdev(0x0, 0x40800400, 0x2b6a41) socket$nl_generic(0x10, 0x3, 0x10) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) r6 = syz_open_dev$tty1(0xc, 0x4, 0x2) ioctl$TIOCL_SETSEL(r6, 0x541c, &(0x7f00000000c0)={0x2, {0x2, 0x3bf, 0x3, 0x14a}}) ioctl$TCSETS2(r6, 0x402c542b, &(0x7f0000000080)={0xfffe7527, 0x10000, 0xefc9, 0x7f9, 0xb2, "20ab9809006ea4a7446c180000cd681ec267a0", 0x7, 0x200008}) ioctl$TIOCL_PASTESEL(r6, 0x541c, &(0x7f0000000000)) syz_io_uring_setup(0x64ee, &(0x7f0000000100)={0x0, 0xdf0d, 0x8000, 0x2, 0x21a}, &(0x7f0000000400), &(0x7f00000003c0)) prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffc000/0x4000)=nil, 0xfffffffffffffdd6, &(0x7f00000016c0)='(/\x00`\xa8:\x11\xf9\xe5\xfa\xda\x92\xac\x04F\xa5S\xc9\xbd\x1b\xb5(\xa6\x0f\xc2\x92\x88\xc3!,d\xa8\xeaN\xfb[\x06\xc8\xe1\x84?\xc0\x1b\x11\x05\x00\x00\x00\x02^2\xbc\xf4Z>G\xee\xb9K\xa9V\xf3\xef|f\x05\\Yg\x82\xea\xe1%\x94v\xbf\xff\xf7\xa4\x9d{\xd6\xbe\x9c\x93Y\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x02\x99\xe1\xa6\xcc\x19c\xd7`\x17t\x8a.Z\x140F\xb2\x8b\xc9\xdd\x00'/137) io_uring_setup(0x40b8, &(0x7f0000000000)={0x0, 0x4a1f, 0x0, 0x0, 0x385}) setsockopt$inet_buf(r0, 0x0, 0x10, &(0x7f0000000080)="170000000200020000ffbe8c5ee17688a2003c000303000afdff02a257fc5ad90200bb6a880000d6c9db0000db00000200df01800a0000ebfc0607bdff59100ac45761547a681f009cee4a5acba400001fb700674f00c88ebbf9315033bf79ac2dfc061f15003901dee2ffffffffe9000000000000000062068f5ee50ce5af9b1c568302ffff02ff0331dd3bab0840024f0298e9e90539062a80e605007f71174ab498a30b3e5a1b47b63a6323ded2aa084cd36276a3afff", 0xb8) 2.921809201s ago: executing program 2 (id=349): mkdir(&(0x7f0000000300)='./file0\x00', 0xfffffffffffffffe) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) r1 = syz_open_procfs$userns(0x0, &(0x7f0000000240)) ioctl$NS_GET_OWNER_UID(r1, 0xb704, &(0x7f0000003a40)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000040)={0x2, &(0x7f0000000340)=[{0x20, 0xc, 0x77, 0xfffff038}, {0x6, 0x0, 0x0, 0x2}]}, 0x8) sendmmsg(r2, &(0x7f0000001c00), 0x400000000000159, 0x40840) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) r5 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r5, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000180)={0x2, 0x3, 0x0, 0x3, 0x12, 0x0, 0x70bd2c, 0x25dfdbfb, [@sadb_key={0x3, 0x9, 0x80, 0x0, "1cdc0dca1d9f68846960e56de42944af"}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @loopback, 0x2}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x7, 0xc}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, 0x7}}, @sadb_x_nat_t_type={0x1, 0x14, 0x7}]}, 0x90}, 0x1, 0x7}, 0x0) read$FUSE(r4, &(0x7f0000006180)={0x2020, 0x0, 0x0}, 0x2020) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0d000003005a"], 0x50) write$FUSE_INIT(r4, &(0x7f0000000440)={0x50, 0x0, r6, {0x7, 0x29, 0x0, 0x1004cc80, 0x40, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}}, 0x50) r7 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x300000d, 0x1) write$cgroup_freezer_state(r7, 0x0, 0x20000) 2.454423257s ago: executing program 1 (id=350): ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'caif0\x00', 0x0}) open(&(0x7f0000000280)='./file1\x00', 0x200, 0x48) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x3, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="18020000000000000000000001050000850000009b000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000ff4cff80850000007100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', r0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a500850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x11, 0xe, 0x0, &(0x7f00000009c0)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x4004, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0xd40, 0xd2) close(r4) socket$inet_tcp(0x2, 0x1, 0x0) r5 = socket$phonet_pipe(0x23, 0x5, 0x2) mount$9p_fd(0x0, &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0), 0x200000, &(0x7f0000000000)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}}) r6 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0) syz_usb_control_io$hid(r6, 0x0, 0x0) syz_usb_control_io$hid(r6, &(0x7f00000002c0)={0x14, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x22, 0xa, {[@global=@item_012={0x0, 0x1, 0xa}, @global=@item_012={0x1, 0x1, 0x9, "f5"}, @global=@item_012={0x1, 0x1, 0x7, "84"}, @local=@item_4={0x3, 0x2, 0x7, "e9d1fead"}]}}, 0x0}, 0x0) r7 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0) ioctl$HIDIOCGREPORT(r7, 0x400c4807, &(0x7f0000000080)={0x4, 0x0, 0xffff}) 2.354529667s ago: executing program 3 (id=351): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000100)={{0x80a0000, 0x8080000, 0xe, 0x2, 0x8, 0x0, 0xc, 0x2, 0x0, 0x8, 0x9, 0x10}, {0x80a0000, 0x1, 0xc, 0x8, 0x0, 0x0, 0xfe, 0xff, 0x7, 0x7, 0x0, 0xff}, {0x6000, 0x4, 0xc, 0x0, 0x7, 0x4, 0x0, 0x0, 0x3, 0x0, 0x0, 0xfc}, {0x3000, 0xd000, 0x0, 0xfd, 0x4, 0x0, 0xff, 0x0, 0xfe, 0x0, 0x6}, {0x80a0000, 0xeeee0000, 0x9, 0x0, 0x4, 0x4, 0x6, 0xe, 0x0, 0x5e, 0x0, 0x3b}, {0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x2, 0x1, 0x0, 0x2, 0x80}, {0xdddd1000, 0x0, 0xa, 0x6, 0x4f, 0x5, 0x3}, {0x1, 0x80a4000, 0xe, 0x0, 0x1, 0x1, 0x83, 0xa, 0x26, 0x5, 0x2, 0x6}, {0x4000}, {0xdddd1000, 0xff}, 0x1000a, 0x0, 0x0, 0x70, 0xffdfffffbfffbffe, 0xd801, 0x0, [0x0, 0x0, 0xf8]}) 2.163455352s ago: executing program 3 (id=352): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000013c0)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000fdfdfff67a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040000010000400404000001f7ff04b7050000670000006a0a00fe00000000850000000b000000b70000000000000095000000000000009cc6b3fcd62c061c6207005d43a4505f80e39c9f3c530cf08e467b592f868ee3b0a435df0a0e8c1bf176db2a6b2feb4b77d3d5707bfd2d84aaa3b1d4e984c46ea7e2b347a36f5662403e1b2be4284322a4908a0d411a9872971c7c56f0979bd10b97163c066d0e196bf02f46c7953ab1abdaf9de9ca3c00cb9bf4e418d07fa22f0610a70f2bdf4000200000000b0c2c125080963f63223b7b80197aa3161f45346b100000000000000000089e399f6609876b588743794298b79dc192dff048fc207c81f28bdd3e26a1a8a0481e9f0da43bb6ca66e2f55a9ff19ffcafe3e64be06000000000000005064caec04a367c23d9fb6a6991ddb737d527d6acb15426406991c3b404984dfa2c6e94bd0339454c13ad3c328a182c15dc760a313e3b3ca5d3393404029e98fa883c71949a34d84030323e3d54fc5b29d27643453ad9211e3550ee5520211d9370175133f260c6882a146880b9387f1beb5418618bc83a3becf9bb5d80efd7da7ba8b913c685fc6700848dc6665d73248c1f74e08ad04ce905faf32706e0000249a028044ede964362cfb2f30a246c3b2f60000fc4deb91da1368b0960b8d69bd99c64893d44f962524429dc058528e7e541c903869d96989b9a986620cb2c95c83f2a082c52764f49e51188f9418b01bcd8ae164acdac95318ec8b2c6feacdcf4b528e5e58219bc54f6ad5679e7f430e6960ed048c46e1dccca05bfa1d67c83795eae2d31968c055d325a9c794ef88b30c2de4a274878b73c05ffa88b7073be648b12bb1fee58958d6a6f31bfe5682159fbde59dad00008a73b40f09cf018cd496b36050d7fd45e3620c28f76749262e33e16429a6da35ceb1a989de81c3f8b8bc348ef2ac3781b847611fcb0a26acafdd6d9a1b17dcb9f7c493d8f8cd344a1d470ca0d6f16ab0293774b5509fb0e7113936d59d5a60dbd84a938476adeebab9ff44f531bb0200000000000000cc1fbc455a64fd449284f71761092a0302000000000000008a05d36fd9b814b4292745418c92d94462d2d8f7e1d24cabe17ad4135d8872935ceac6eb4f046f2acc1b0efb4438abddcabb4e4e72a450aab72b589bec83bbb688e659fb426cb43d0ee993516fd4e867232cde69b6ffad447dcd92e0ef8234ff850ec3948dd1fa7afb77d951fe4abf618121b7894c106beb49a71c62df5544ef221973432ccc7e62b151eb898a01010a7ec5acd0a5dcb2de443880c8a682515d1da9a3048744acb44384d1591df789883c0560495cb0cb32283529926d25e5c7f481112ab8a82247e927fb6f256830dab3671f00500d36a17790bab7d0e89e6c15314f2b963bfc867953476b0505c7d728326d666f39e82cfcf7e7a85df288d75df24c5e4d529c349923f9a4fb882310391dd58b4cbd8def239a227724d39c3e6c40e20e07e68a22888a5c3941b7a765b92bcb37f302487bcbd93ccf3a104021ff34ddf7ffcca1a04eae963e25516a114573779b24a341dfb2e80f1f345c6d96493ffc2a18478b5bf3aab2ea59c51cf0678e1a57d0ea042d911548ff612002ddb2d54d42fbddaf686c4f64d26b42e7d613e42b56887003d27468225b2594a05044baf314113e889468cf13dd92aa0d7744db6b56557a5adad95cb9a69d4de50642b4b9d6d3ba7eb534b00d0fea62f0a61535dfc4da06e7f8695be614c557caed7eb0120516e1351fed7d8ffa31c8f4be364185469cfc5f25c90d71bce745dd2d58a30e0844f12c4cbbdd7a08465e665c2620d78673dfb6d9263ed7def8924cfcd48a8a3534f1a3eac9ee9f18a18106ba3d7c7a62330f5c0e98cb7982dd7bad02c8dba9c13894185bfc4bd2520b6e2043fcb3fc5eb55ecf9e6e363ea2ac40a14a6f00f0ffffa0fdb6487c51ef12c27b30255bc4f8813be88beeb5aa6f6a4151cfb90644e50630ed474df7d1635afcb1ea3f6c47b5acbba2ce5099a9387c7acb9bbd1da497611ceda25049e48ddacccbb58dddaf9a3510d65383829a51e0f41e661fa80ca1eaaa6cf0824305ba4ec80400c50ffe83ccb0e6fef321190c58aca8c7c8c6d26ff5cbc2cadebda8e1219e04f8dacffd33db1a0a2e74c9eb978d80a12d0b5327bfd053000000000000000000be0d02a14708504412fa93d335992b2983c5addc191b4a21c7b340d0536b01958e15315eb5f3f9f4992c18f666359f40295fa73284c4b607669bae75bd68c3e2b770c324a0ab26b6065d7e95a7bd80052db57506ec7cc861bf3998d07484c66630ca8173fea3f06ed1dfc70a8b90418e2dc76137e0f68cb1c8a908aef9f0f85647dba54e05028c33d94d463fb20d2e7547184b8d3611e45dff02144387f342ef9b9bf650e9d049bf65258a7bc094a6965e24611c077e1ca0891362a9d68f3ec7610c0449acf18459500f024f9b75885cd79ba32776e4a511c8a4ad922b00000000000000a9241220dfbf7d02ef507ec6fc7f5d37d835f7bed71283c431b9d8cbd9003972bf1dc6a71bedad8e19efc3edd2a7a7e555d5f3176af69920471e6e5bcb8966c813c132d65e2b99d3015e06b372e1aefaae14ee3fbc6349af362c19b59c214de66912d1a9a98d92dc197a51c29443de62caca334c46d110e50896fe50d0477771d387f40c8ef05750ca651e6e69a237dcf78666d6ab2bda1f853525494e4efdd93be38bb5fc671f8794002d7a951fd336aaf4ed1166cb459df70218c571ba1c40b028234505e5477e268326af8812c2fbb8785a223fce0a0601c2a3b58bea8c6216eadabcabe86ab46e4cd3d58ef7ce8d3c4b0bc5952e81dfc0a490d8568db6f9c51fe703c6864fae0053d2f91f49e977cdc1962dbc28c29471a72199862bc8fc6e211d13d8579cab4fba94b2b613c9b8148d05e0690a4c4ab35aabc45801d2b82081e62b23a01b58b1ffb624f63ad2246796796160cd3682374364edac52f1becb7c6eff50823b75fb2ef516ec4ec1cb20a2535b504502d744f2099674e58f2c117c980cf0d041c8ea5c4f166bab4aa5ed200ef4dcff96f7c9c1ab8c22db0f439b23b04bcd41ffc3a0e01976ca1cf43e12d7d72f3faa4979faabd62e2dc54a980eae4d5e8c6498de331c3aba1144ef1190ea6cda641d9416c4560cab2d819eac7b04c70f141754c3ffd79da363fe8859afee531710caf1b2bf5a51142f4755cbb700c28083525a9093790096cb93417f1216000000000000000000000000000040ceb244e4cae2b65a76d41793aabccd3d0c50486eae6793e1f54814a8ee2779c14ca94759266200229b58c12279817869e831cade7b09ddffffff9d93e2ad25eed43c0b9ee4fd209b5b919a42f676b9d7236fc8dd5040899d0676291407ce9ac8101dd3512f5b3ac8cf8179d1749de324000030d0f942ec4604c28d5c287d1435956784003a53eb5fe535ead8857acf0166dbd9f30a9b9c8a9b9faf1356faf269cded935b07863e4fdad8aab52686c81babd1c08f6700a2fadd413443022ea5c774ffefdd426abed08d437a4db48611fc82a18ab9f54758a1aad86d95cd186ceb55fafa3930090467b8b7bb8adef4de2076dc538bb97502b4b4350e633dc0a53c2fc9a01bc5cfae0245f1fab843c633446f5f3a43226109b7dafe7815773bd6969f04cbe15236b90000000000000000000000000000000000000000000000000000ff0779b9c005da21073c6d9680d4e547cb727addb2efe11b8b3a706569f1522b57d71bb0beccab7c8fe9e1330b2f501b2ac3cf4eba7ceda6ff8a0c8b18c5e9e2f505e833217557abb257d61af8e8c473a7585436730db75da167481ab8921fe051b250f8d8ef9c8481bb28a137d15040b0181c28dfad7c17b30c452a64c43a117cb948247c33abc765a6ba695c3cea5e32a4d1ae2dcbec2ff4268e03aad15efc6004e6b3d7f0edf8b5d4ae7846a6d43c16c90b7c5dc13ac2ff0439ab693498964cad2bb533bcd240778b7e49145c48efde42b44c01517f1a7c7707b4c4fc0900e7086ec40354504590696282286db9030f0320e2fcba8723939005347b3f744ff1973431000000000000000000000000000000000000003495d69aaf9a1d83e83511a3bf44fe753b8ad83bc34ea4d46b397e000ff267c50122aa5aaf8474ec2e57d960d963900bef84a4b3c7dd01ae4d6b5522aa8a35ae7996e298bcfe3f31a34e3e12c58cf172a4d3677a67b52041ec21ae8003aa1c9969178b1b00"], &(0x7f0000000340)='GPL\x00'}, 0x94) syz_clone(0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x5, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x804) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socket$key(0xf, 0x3, 0x2) sendmsg$nl_xfrm(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)=@newsa={0xec, 0x1a, 0x7, 0x0, 0x2, {{@in6=@dev={0xfe, 0x80, '\x00', 0x1b}, @in=@local, 0x4e22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xee00}, {@in6=@mcast1, 0x0, 0x2b}, @in6=@private0, {0x5a, 0xb400, 0x2, 0xfeffff7f00000001, 0x0, 0x60002}, {0x4, 0x200000, 0x7, 0xfffffffffffffffd}, {0x40000, 0x0, 0xae8}, 0x0, 0x0, 0xa, 0x2, 0x0, 0x70}}, 0xec}}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) rseq(&(0x7f0000000380)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x7, 0x1, 0x0, 0x8}}, 0x20, 0x0, 0x0) connect$unix(r3, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$inet(r5, &(0x7f0000001540), 0x800000000000214, 0x20000001) recvmmsg(r6, &(0x7f0000000ec0)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000440)=""/173, 0xad}], 0x1}, 0x9}, {{&(0x7f00000005c0)=@xdp, 0x80, 0x0, 0x0, &(0x7f0000001580)=""/4096, 0x1000}, 0x5}, {{0x0, 0x0, 0x0}, 0x6}], 0x3, 0x40000000, &(0x7f0000000f80)={0x77359400}) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={r0, 0xe0, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000001680)=[0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, 0x0, 0x0}}, 0x10) mknod$loop(&(0x7f0000000000)='./file0\x00', 0x200, 0x0) removexattr(0x0, &(0x7f0000000240)=@known='user.incfs.metadata\x00') 2.013371149s ago: executing program 2 (id=353): r0 = socket$l2tp6(0xa, 0x2, 0x73) sendmmsg$inet6(r0, &(0x7f0000002c00)=[{{&(0x7f0000000080)={0xa, 0x4e21, 0x8, @dev={0xfe, 0x80, '\x00', 0x17}, 0xc}, 0x1c, 0x0, 0x0, &(0x7f0000000200)=[@rthdrdstopts={{0x14, 0x29, 0x37, {0xc}}}, @flowinfo={{0x10, 0x29, 0xb, 0x5}}], 0x24}}], 0x1, 0x40010) 1.907653131s ago: executing program 2 (id=354): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="2c0000003e00070100000000fcdbdf25047c0000040000001400018006000600800a000008001800e0000001b6d2aa0e198fe8ade0730094b6dc2c55e6f94d87ff77b4d9bf2efea26e178b03f513396f676c3958c9bae78f2f0f372e1604e724c67aa671d6"], 0x2c}}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xffffffffffffff64, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0xffffffffffffffff, 0x803, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x9) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = syz_io_uring_setup(0x5c2, &(0x7f0000000280)={0x0, 0x0, 0x3080, 0x8003, 0x25f}, &(0x7f0000000240)=0x0, &(0x7f0000000200)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4) io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000001e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a64000000060a0b0400000000000000000200000038000480340001800900010068617368000000002400028008000740000000010800044000040000080002400000000e08000640000000070900010073797a30000000000900020073797a320000000014000000110001"], 0x8c}}, 0x0) io_uring_enter(r4, 0x6e2, 0x620, 0x1, 0x0, 0x0) 1.853838853s ago: executing program 0 (id=355): socket$inet6_sctp(0xa, 0x1, 0x84) openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) write$FUSE_CREATE_OPEN(0xffffffffffffffff, &(0x7f0000000180)={0xa0, 0xffffffffffffffda, 0x0, {{0x1, 0x3, 0x8000000000007, 0xaa, 0x3, 0x1, {0x0, 0x180, 0x20fe, 0x5, 0x87, 0xd615, 0x9, 0x7fffffff, 0xfffffffe, 0x8000, 0x0, 0x0, 0x0, 0x3ff, 0x1}}, {0x0, 0x11}}}, 0xa0) r0 = syz_io_uring_setup(0x1a3, &(0x7f0000000240)={0x0, 0xf3ea, 0x80, 0x0, 0x34d}, &(0x7f0000000480)=0x0, &(0x7f00000001c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2e, 0x0, 0x0, 0x4}]}, 0x10) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0xb2752a96f73d6e14, 0x0, 0x0, 0x0, 0x23456}) io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0) (fail_nth: 15) 1.764618934s ago: executing program 0 (id=356): r0 = syz_open_dev$swradio(&(0x7f0000000080), 0x0, 0x2) r1 = dup(r0) timer_create(0x0, &(0x7f0000000080)={0x0, 0x11}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) fdatasync(r1) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$sock_int(r2, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0xfff0) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000380)={0x0, 0xff23, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000440)=0x10) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4) connect$inet(r2, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4) recvmsg$unix(r1, &(0x7f0000000500)={&(0x7f0000000300)=@abs, 0x6e, &(0x7f0000000280)=[{&(0x7f00000003c0)=""/93, 0x5d}, {&(0x7f0000000200)=""/45, 0x2d}], 0x2, &(0x7f0000000480)=[@cred={{0x18}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0xc}}, @cred={{0x18}}], 0x64}, 0x40000122) ioctl$vim2m_VIDIOC_STREAMOFF(0xffffffffffffffff, 0x40045612, &(0x7f0000000180)=0x1) sendmmsg(r2, &(0x7f0000000140)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000005c0)='6', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000100)="e4", 0xffffffffffffffd1}], 0x1, &(0x7f0000000000)=ANY=[@ANYBLOB="0c00000001000008040089064c3919e7626e890000"], 0xc}}], 0x2, 0x4004054) keyctl$describe(0x6, 0x0, 0x0, 0xffffffffffffff87) syz_emit_ethernet(0x7e, &(0x7f00000010c0)={@broadcast, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x1, 0x0, @dev={0xac, 0x14, 0x14, 0x3e}, @local}, @redirect={0x3, 0x0, 0x0, @broadcast=0x1000000, {0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @private=0x8000, @empty, {[@timestamp_addr={0x44, 0xc, 0x0, 0x1, 0x0, [{@remote, 0x4e210000}]}, @timestamp_addr={0x44, 0x34, 0x0, 0x1, 0x0, [{@multicast1}, {}, {@dev={0xac, 0x14, 0x14, 0x3}}, {@private}, {@empty}, {@initdev={0xac, 0x1e, 0x0, 0x0}}]}]}}}}}}}, 0x0) 1.588214986s ago: executing program 0 (id=357): timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) syz_open_dev$sg(0x0, 0x5, 0x484ec1) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @raw_data="dea233684c996156af0d4bd8e3300217e750b8c97b7123d48003e7e1d3be5f710c41a1db6719881876e9bcc6e2f73c67cc6b675eb43188b5b7f9f898868de9a9c5d536d418ba283121a73a5aba55a87d2a2525295f4492bbde02ad8bc8e88779f2de06f38e99172df4d45b6f13c813dee4230c204a93172922b778fef7a1f89ce876bb89d44cd705bbb28db4869dfac20d928950507acd92c02d17f51b0a627539f6e0a0bdb92004bc6252cd35e8cd100962db9a83ad63a4e7e1ca17c1b6aac63fefa9bebe429d00"}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x24004080) syz_open_procfs$pagemap(0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000004c0)='net/rt_acct\x00') connect$pppoe(0xffffffffffffffff, &(0x7f0000000100)={0x18, 0x0, {0x2, @broadcast, 'vxcan1\x00'}}, 0x1e) sendfile(0xffffffffffffffff, r2, 0x0, 0x8) socket$nl_route(0x10, 0x3, 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0) chdir(&(0x7f0000000100)='./file0\x00') r3 = open(&(0x7f0000000040)='./file0\x00', 0x80242, 0x1df2a23c5997fa7b) write$FUSE_CREATE_OPEN(r3, &(0x7f0000000500)={0xa0, 0x0, 0x0, {{0x80000000, 0x3, 0xfffffffffffffffb, 0xfffffffffedfff83, 0x3, 0x1, {0xffffffffffffffff, 0x3ff, 0x20ff, 0x7ff, 0xf7c, 0x800000000000d615, 0x3fb, 0x7fffffff, 0x6, 0x1000, 0x8, 0x0, 0x0, 0x3ff, 0x8ea2}}, {0x0, 0x12}}}, 0xa0) sendfile(r3, r3, &(0x7f0000000080), 0x7f04) openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) mprotect(&(0x7f0000166000/0x2000)=nil, 0x2000, 0x1) timer_settime(r0, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0) r4 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000300), 0x101000, 0x0) fcntl$dupfd(r4, 0x0, 0xffffffffffffffff) r5 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000b00), 0x2800, 0x0) ioctl$FBIOGET_CON2FBMAP(r5, 0x460f, &(0x7f0000000b40)={0x0, 0x1}) 974.05486ms ago: executing program 3 (id=358): r0 = fsopen(&(0x7f0000000000)='cgroup\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000200)='nakeN\xfe\xf0\xbfd\x13\xc9\x8bI\xd8 \xf3\x0e_\xb8\xe4\xfa\xb9x3\xc6z\x8aM\xd7x\xdd\xe1K\x93.+x\x15cH\x10V\x12\xf3x\x052*\x8a\x88\x8f9+\xc6\x96y\xa0\x99\xc0\xf4\v\xd8\xf2\xb5\f\xbf*(\xfc\xc8\x97j\xf2\xf0\xf8\x17w\xa6<\x0f <#\x9fD\x94\xae:v\v8l\xdey37\x8d\xa9T|6\xaf\xfc\x9bG\x917AI\xbf\x0f:\xf5\x03&\x1f\xabM\xf2\xe7X\xfaT\xb3\x95Nb\x7f\x88z\x9d\x15&\xc3\x00', &(0x7f0000000100)='ccnA\xf6gro_p\x00\x82}LS\x1f\xdc\xa73\xa5\x86\xdd\x83}\xbe\xcfgAL\x8f\xc3)d\xd8\xce\xf1|v\xd4\x8a3\x06\xd1\xfc\x8fj\x85b\x02;h\xca`\x8f\xf4\x0f\x857\xb8K`\xf0\x19\x1e\r\xb4\xf1\xd5*\xac\xeb\xf8>\xbd\x19\xb3\x01.\xa1\"$Z\xb8K\xa8\x190\xaeK\xd9\xd5\xccC\xc8\x19-\xb8s|\xae\x88~\v\xc9I\xfb=\x1a\x9b\x9eG\nT\xc18\"\xbe\xfa$c%q\xe57\xaa\xff\x9bP\xf6\x95\\\xffl\a\x8e\t\x14d\x96\x1e\xc0\xfd\x8d\"\x1e\xec\xfe~\xa7Np{\x9e\xe7Q\xab\x90I)\xe2\x8aCHY\xa6w\xf8d?0c\x9cl\t\x11uH\x8d<}\x85r\xfb5\x82\b\xddu\xe0\n\x96\x10\xf8\x7f\x06!$\xa2', 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x80, 0x7fff7ffc}]}) syz_open_dev$sndctrl(&(0x7f0000002b80), 0x1, 0x8000) socket$inet6_mptcp(0xa, 0x1, 0x106) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) timer_create(0x7, &(0x7f00000001c0)={0x0, 0x23, 0x2, @tid=r1}, &(0x7f0000000280)) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) socket$nl_route(0x10, 0x3, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ee}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000002380)={r5, 0x0, 0x2d, 0x0, @val=@netfilter={0xa, 0x4, 0xffffff1f, 0x1}}, 0x20) r6 = socket(0x1d, 0x2, 0x6) ioctl$ifreq_SIOCGIFINDEX_vcan(r6, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) openat$sequencer(0xffffffffffffff9c, &(0x7f00000020c0), 0x0, 0x0) bind$can_j1939(r6, &(0x7f0000000040)={0x1d, r7, 0x8000000000000003}, 0x18) syz_open_dev$tty1(0xc, 0x4, 0x1) socket$inet6_mptcp(0xa, 0x1, 0x106) socket$nl_route(0x10, 0x3, 0x0) 414.205472ms ago: executing program 0 (id=359): r0 = socket$nl_crypto(0x10, 0x3, 0x15) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000580)={{{@in6=@remote, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}, 0x0, @in6=@initdev}}, &(0x7f0000000480)=0xe4) sendmsg$netlink(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000014c0)={0x460, 0x11, 0x1, 0x70bd2c, 0x25dfdbfb, "", [@nested={0x297, 0x8d, 0x0, 0x1, [@typed={0x8, 0xc5, 0x0, 0x0, @fd}, @generic="51c6b68cf4eb24182ec06972d96b20a47257d673c593752c5a1c9016497a0d2aaaff7dd00c7771e3c0d360527a0b81ec9f7ef771712b5159099b33f25cef45ab9b9ef9723f0fc2356b2cdc4016a9dc84050982fa3d5c3baa6ff13ff96f7e539bfecd746d93ffa6a9186682c1500063e22b0d492e3111b0ade0a29e675f9a6d860fd0dabb8264042aa3d1aa75908a1182406a77ced5aad953f8b6841dad52a4069e0156235b6bcea2ab37b0c43574b4f90a3f168dc650368345d7326a6b29160f04aa670dd49b7482724acebea8a3ebcadb93bab7cd11de74d5d039334102882dd7755a4cda78d36d8afbf57095ce262ec6639b7482079b1e4c5e47f2a877587617dcfb30db6828d6323cb34117732c3d853d6148cfb28b30c2755b8b790dc3ad3f74031a83725200f22cf7639de873b7fa6b0929b33a89e296efd977b0c0b3bfe7291b1a99c481a0f77e25e3d8e8fc873ed463253b3ddb87885f47c8aabec1aa3f125ffc3e1bc619773186a53d33efe9f88d1d18539d2ed7", @generic="d5f964d6c88c3572a61ea76677347b03813ff58c9cf41bb74c68d5c34f42dc4d4cff3be23aaf70c80c28f15cc4069d3ff4259b40fac13074e3fb971525156710ead5b54397733a66d245873ff264abcf8a02faccd750572dfd4d556b88e2b1e183feb33c17ad9554d388c955907dbd", @nested={0xa1, 0x110, 0x0, 0x1, [@generic="bbffcdf59004a7e8e0250c985f06b440fce270a36ee351673fbc19f4f32f275842776ba4ed84729f9c3099b63f49ffe963b254711d80ce8b35477bc8c4f9c6004d0da75537ddd92b2493e8989b181261f7e9998847ed0c800bc558eb3456cb05458f65fa6738a32dc7b4f9c983c816a93c8b99a3f5d42942878e61051c37acc96b4786fc25d21c4c1b65abbe593054e7e5b2f774da041932ac844a7238"]}]}, @generic, @generic="b9a6d0348e6ed925d30ee1f78f8b901ba86812918314ce7fb8a42631f20f4abfea806d2be452927415554b0d87afeace4be6d351b8fe64bd1b5aff3b0cd8d69090369e4032424c8479f86c9cf3299f8ca09f9079830748f95196128a701e725c498e02dd1a8786235c6e9176d3e68d56f7752d473c1a03dafe93ca702e24e076068d145e84a5a67f45be2bccc0d636e174c133e253ffae2ef39feb3216d93a9cc833677c5c9a9fd5b18e854fa9cdcb0812cee4284330c77f7158ffb8628c", @typed={0x8, 0x141, 0x0, 0x0, @uid=r1}, @generic="d4d83f1a4700378bab03d68813aa243549b14743f8cf2dcc63f7eaca568732c4e73182c5636ed9d47eb1fce8faa174d22824756c71695f4bee39999425b51415d1f30d76f3761891d5a27eb41077ae07a91e415b3cd82c75e7a713638c5a28359c9f5f02c7eb88cc61d9a6b7c97af90bc1b2856cf05084ec2b23694fa3a8f9a4ff9978290e921497d3abe4052f2adfe4a58fccd12278f90a600a0ea8156a95ba00d940c8ea6d8c02a60f73705e445d12e1232f216a832e9dadbf00414aedd22e48aa329eff839e9b9dd6a05e287f50e15727347209b297ad8841e7a0993ee8a199252af6c510845ffb7ed64ca2749c37"]}, 0x460}, {&(0x7f0000000ac0)={0xc8, 0x1d, 0x20, 0x70bd27, 0x25dfdbfe, "", [@typed={0x4, 0x3}, @nested={0xb4, 0xa2, 0x0, 0x1, [@typed={0x8, 0x106, 0x0, 0x0, @fd}, @typed={0x8, 0xb9, 0x0, 0x0, @uid=r1}, @generic="769d17adc1c0f27ae01f465ddf784e56747a57e7804c28be312f854ae5930fdfed2783afead487f9f45906a46641dceb0107c7579ae6c247cb3f8d2440d5cbe947118092e615804a217024de26810a11ad70e1a38bc2bd5936da674e8581b5ee97d64e6fdb221c4ef573d7808fc6c35fd579d70e0fcaf3c65ffd3d567b94e8e5220a23c2af95a4b24ce47685470ad748de8f53f3053e361e1c39012398d18188"]}]}, 0xc8}, {&(0x7f0000000bc0)={0x70, 0x41, 0x400, 0x70bd2d, 0x25dfdbff, "", [@nested={0x5f, 0x23, 0x0, 0x1, [@nested={0x4, 0xf2}, @typed={0xc, 0xf8, 0x0, 0x0, @u64=0x7f}, @typed={0x8, 0xb7, 0x0, 0x0, @ipv4=@dev={0xac, 0x14, 0x14, 0x31}}, @nested={0x4, 0xe1}, @typed={0x8, 0x136, 0x0, 0x0, @ipv4=@dev={0xac, 0x14, 0x14, 0x2b}}, @typed={0x8, 0x5, 0x0, 0x0, @u32=0x5}, @nested={0x4, 0xc0}, @generic="a06566788df86bc9465f518d8f224c38ab56137f24d9cfc24f28b5ae39b4e6b9c76f1df512657ddb709b3f"]}]}, 0x70}], 0x3, 0x0, 0x0, 0x2000081}, 0x20048040) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x5}, 0x48) bpf$PROG_LOAD(0x2, &(0x7f0000000680)={0x3, 0x3, &(0x7f0000000740)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) sendmsg$inet(r2, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x20040001) r3 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0) syz_usb_control_io$hid(r3, 0x0, 0x0) syz_usb_control_io$hid(r3, &(0x7f0000000180)={0x24, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0x22, 0xf, {[@global=@item_012={0x0, 0x1, 0x5}, @main=@item_012={0x2, 0x0, 0xb, '\x00\x00'}, @main=@item_4={0x3, 0x0, 0x9, "5aa8257f"}, @main=@item_012={0x0, 0x0, 0x9}, @main=@item_4={0x3, 0x0, 0xb, "9e3ce079"}]}}, 0x0}, 0x0) r4 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$TCPDIAG_GETSOCK(r4, 0x0, 0x0) r5 = syz_open_dev$hiddev(&(0x7f0000000140), 0x0, 0x0) r6 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000040260933334000000000010902240001000000000904000001030100000921000000012201000905810308"], 0x0) timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) syz_usb_ep_write(r6, 0x81, 0x41, &(0x7f00000002c0)="b9425b44651dd23241963599000000110000004a16941ff5f4b4f1f0add7fcf2b877fceafffffffffff1ffdf4cd9f5d3969890522c77157d88010000003a5bd553") r7 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r7, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @dev={0xfe, 0x80, '\x00', 0x36}, 0x2}, 0x1c) sendmsg$inet6(r7, &(0x7f0000000480)={&(0x7f0000000040)={0xa, 0x4e20, 0xfffffffc, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x2}, 0x1c, 0x0}, 0x20004804) syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$HIDIOCSREPORT(r5, 0x400c4808, &(0x7f0000000080)={0x2, 0x100, 0x20a6}) 284.310548ms ago: executing program 2 (id=360): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r2 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_int(r2, 0x1, 0x29, &(0x7f00000000c0)=0x2, 0x4) r3 = getpgid(0x0) kcmp(r3, 0x0, 0x300, 0xffffffffffffffff, 0xffffffffffffffff) chdir(0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x141842, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_user\x00', 0x275a, 0x0) copy_file_range(r5, &(0x7f00000001c0)=0xffffffffffffff7f, r4, 0x0, 0x81, 0x10000000000000) setfsgid(0x0) r6 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r6, 0x29, 0x20, &(0x7f0000000180)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x800, 0x0, 0x3, 0x1, 0x40}, 0x20) sendmsg(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000240)}], 0x1, &(0x7f0000000400)=[{0x50, 0x103, 0x4, "88db3892d7e396215acba98ef2f2d847178b185624c1e54cd29113680348348c343da1757be1b1a23a041aedff46a344b494f3891047a856afeaa6d586de0179a074dfff"}], 0x50}, 0x8040) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000280)={&(0x7f0000000600)={0x14, r1, 0x1, 0x70bd28, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0xc000}, 0x20000080) r7 = add_key$user(&(0x7f0000000380), &(0x7f0000000000), &(0x7f00000003c0)='X', 0x1, 0xfffffffffffffffe) r8 = add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000100)={r7, r8, r8}, 0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={'streebog512-generic\x00'}}) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r6, 0x29, 0x20, &(0x7f00000000c0)={@local, 0x0, 0x0, 0x1, 0x1}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r6, 0x29, 0x20, &(0x7f000009df00)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x800, 0x2, 0x1, 0x4, 0x0, 0x1}, 0x20) r9 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000140), 0x80482, 0x0) epoll_create(0x7) r10 = socket$nl_sock_diag(0x10, 0x3, 0x4) setsockopt$netlink_NETLINK_TX_RING(r10, 0x10e, 0x7, &(0x7f0000000200)={0x8, 0x1ff, 0x45e, 0xffffffff}, 0x10) write$vga_arbiter(r9, &(0x7f0000000040)=@other={'lock', ' ', 'io+mem'}, 0xc) write$vga_arbiter(r9, &(0x7f0000000080)=@other={'decodes', ' ', 'none'}, 0xd) sendmsg$TIPC_NL_BEARER_ENABLE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000000006000000030000004c0001800d0001007564703a73797a300000000038000400140001000a000000640101010000000000000000200002000a00000000000000ff01000000000000000000000000000100000000"], 0x60}}, 0xe0) 164.278175ms ago: executing program 2 (id=361): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, 0x0, 0x0) sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_usbip_server_init(0x6) ptrace$ARCH_SHSTK_UNLOCK(0x1e, 0x0, 0x0, 0x5004) r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r3 = dup(r2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000a, 0x13, r3, 0x2000) r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r5 = dup(r4) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17) write$binfmt_aout(r5, 0x0, 0xffffffdb) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) (fail_nth: 1) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) 252.956µs ago: executing program 3 (id=362): sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000002c00)=[{{&(0x7f0000000080)={0xa, 0x4e21, 0x8, @dev={0xfe, 0x80, '\x00', 0x17}, 0xc}, 0x1c, 0x0, 0x0, &(0x7f0000000200)=[@rthdrdstopts={{0x14, 0x29, 0x37, {0xc}}}, @flowinfo={{0x10, 0x29, 0xb, 0x5}}], 0x24}}], 0x1, 0x40010) 0s ago: executing program 3 (id=363): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, 0x0, 0x0) sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_usbip_server_init(0x6) ptrace$ARCH_SHSTK_UNLOCK(0x1e, 0x0, 0x0, 0x5004) r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r3 = dup(r2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000a, 0x13, r3, 0x2000) r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r5 = dup(r4) r6 = syz_clone(0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0) r7 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r7) syz_usb_connect(0x3, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb000000010902"], 0x0) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x800000, 0x0) syz_open_procfs(r6, &(0x7f00000001c0)='numa_maps\x00') madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17) write$binfmt_aout(r5, 0x0, 0xffffffdb) madvise(&(0x7f0000761000/0x3000)=nil, 0x3000, 0x0) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:6486' (ED25519) to the list of known hosts. [ 47.691575][ T5889] cgroup: Unknown subsys name 'net' [ 47.797764][ T5889] cgroup: Unknown subsys name 'cpuset' [ 47.803368][ T5889] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 48.867006][ T5889] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 53.481517][ T63] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 53.486029][ T63] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 53.486822][ T5982] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 53.490361][ T63] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 53.493179][ T5982] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 53.495801][ T63] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 53.497825][ T5982] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 53.500133][ T63] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 53.501942][ T5987] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 53.503330][ T5990] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 53.503819][ T5990] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 53.511417][ T5987] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 53.513199][ T5990] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 53.517501][ T5987] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 53.519177][ T5990] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 53.523121][ T5990] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 53.523723][ T5987] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 53.526544][ T5990] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 53.541677][ T63] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 53.545395][ T63] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 53.838690][ T5975] chnl_net:caif_netlink_parms(): no params data found [ 53.925914][ T5984] chnl_net:caif_netlink_parms(): no params data found [ 54.034927][ T5988] chnl_net:caif_netlink_parms(): no params data found [ 54.067204][ T5975] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.070850][ T5975] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.073270][ T5975] bridge_slave_0: entered allmulticast mode [ 54.076976][ T5975] bridge_slave_0: entered promiscuous mode [ 54.123419][ T5975] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.128016][ T5975] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.130838][ T5975] bridge_slave_1: entered allmulticast mode [ 54.134231][ T5975] bridge_slave_1: entered promiscuous mode [ 54.203752][ T5977] chnl_net:caif_netlink_parms(): no params data found [ 54.285739][ T5975] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 54.289804][ T5984] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.292897][ T5984] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.296782][ T5984] bridge_slave_0: entered allmulticast mode [ 54.300410][ T5984] bridge_slave_0: entered promiscuous mode [ 54.319796][ T5975] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 54.352031][ T5984] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.354732][ T5984] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.357169][ T5984] bridge_slave_1: entered allmulticast mode [ 54.360092][ T5984] bridge_slave_1: entered promiscuous mode [ 54.516401][ T5988] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.518741][ T5988] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.521029][ T5988] bridge_slave_0: entered allmulticast mode [ 54.523720][ T5988] bridge_slave_0: entered promiscuous mode [ 54.527885][ T5975] team0: Port device team_slave_0 added [ 54.560713][ T5975] team0: Port device team_slave_1 added [ 54.563065][ T5988] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.565746][ T5988] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.568775][ T5988] bridge_slave_1: entered allmulticast mode [ 54.573309][ T5988] bridge_slave_1: entered promiscuous mode [ 54.579458][ T5984] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 54.629300][ T5984] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 54.665504][ T5977] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.668995][ T5977] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.672077][ T5977] bridge_slave_0: entered allmulticast mode [ 54.678421][ T5977] bridge_slave_0: entered promiscuous mode [ 54.725746][ T5988] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 54.729159][ T5977] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.731633][ T5977] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.734227][ T5977] bridge_slave_1: entered allmulticast mode [ 54.738110][ T5977] bridge_slave_1: entered promiscuous mode [ 54.742153][ T5975] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 54.745222][ T5975] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 54.753883][ T5975] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 54.792744][ T5988] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 54.820994][ T5975] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 54.823768][ T5975] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 54.834199][ T5975] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 54.840147][ T5984] team0: Port device team_slave_0 added [ 54.877847][ T5977] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 54.882277][ T5984] team0: Port device team_slave_1 added [ 54.906016][ T5988] team0: Port device team_slave_0 added [ 54.910743][ T5977] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 54.968800][ T5988] team0: Port device team_slave_1 added [ 54.989396][ T5984] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 54.991565][ T5984] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.000380][ T5984] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 55.074567][ T5984] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 55.076829][ T5984] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.085845][ T5984] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 55.093283][ T5975] hsr_slave_0: entered promiscuous mode [ 55.097232][ T5975] hsr_slave_1: entered promiscuous mode [ 55.116067][ T5977] team0: Port device team_slave_0 added [ 55.125189][ T5988] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 55.128084][ T5988] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.140497][ T5988] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 55.171486][ T5977] team0: Port device team_slave_1 added [ 55.174317][ T5988] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 55.176844][ T5988] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.185306][ T5988] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 55.281511][ T5977] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 55.285623][ T5977] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.295673][ T5977] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 55.327656][ T5984] hsr_slave_0: entered promiscuous mode [ 55.330942][ T5984] hsr_slave_1: entered promiscuous mode [ 55.334376][ T5984] debugfs: 'hsr0' already exists in 'hsr' [ 55.336744][ T5984] Cannot create hsr debugfs directory [ 55.341682][ T5977] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 55.344238][ T5977] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.353361][ T5977] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 55.443502][ T5988] hsr_slave_0: entered promiscuous mode [ 55.446706][ T5988] hsr_slave_1: entered promiscuous mode [ 55.448870][ T5988] debugfs: 'hsr0' already exists in 'hsr' [ 55.450598][ T5988] Cannot create hsr debugfs directory [ 55.550452][ T5977] hsr_slave_0: entered promiscuous mode [ 55.552698][ T5977] hsr_slave_1: entered promiscuous mode [ 55.555773][ T5977] debugfs: 'hsr0' already exists in 'hsr' [ 55.557475][ T5977] Cannot create hsr debugfs directory [ 55.585362][ T5978] Bluetooth: hci0: command tx timeout [ 55.594120][ T5978] Bluetooth: hci1: command tx timeout [ 55.594300][ T63] Bluetooth: hci2: command tx timeout [ 55.594324][ T5990] Bluetooth: hci3: command tx timeout [ 55.887398][ T5975] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 55.896544][ T5975] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 55.907551][ T5975] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 55.914944][ T5975] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 55.944504][ T5984] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 55.963357][ T5984] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 55.968457][ T5984] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 55.975962][ T5984] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 56.020881][ T5988] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 56.031800][ T5988] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 56.039230][ T5988] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 56.048194][ T5988] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 56.130236][ T5977] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 56.143430][ T5977] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 56.155838][ T5977] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 56.161031][ T5977] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 56.213783][ T5975] 8021q: adding VLAN 0 to HW filter on device bond0 [ 56.245804][ T5984] 8021q: adding VLAN 0 to HW filter on device bond0 [ 56.267511][ T5975] 8021q: adding VLAN 0 to HW filter on device team0 [ 56.306383][ T1144] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.309586][ T1144] bridge0: port 1(bridge_slave_0) entered forwarding state [ 56.316854][ T5984] 8021q: adding VLAN 0 to HW filter on device team0 [ 56.330629][ T1144] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.333787][ T1144] bridge0: port 1(bridge_slave_0) entered forwarding state [ 56.347679][ T1144] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.351492][ T1144] bridge0: port 2(bridge_slave_1) entered forwarding state [ 56.359824][ T1144] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.362755][ T1144] bridge0: port 2(bridge_slave_1) entered forwarding state [ 56.372464][ T5988] 8021q: adding VLAN 0 to HW filter on device bond0 [ 56.404219][ T5988] 8021q: adding VLAN 0 to HW filter on device team0 [ 56.421385][ T1144] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.424730][ T1144] bridge0: port 1(bridge_slave_0) entered forwarding state [ 56.445833][ T199] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.448221][ T199] bridge0: port 2(bridge_slave_1) entered forwarding state [ 56.477008][ T5977] 8021q: adding VLAN 0 to HW filter on device bond0 [ 56.526358][ T5977] 8021q: adding VLAN 0 to HW filter on device team0 [ 56.541693][ T1145] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.544765][ T1145] bridge0: port 1(bridge_slave_0) entered forwarding state [ 56.564652][ T199] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.567036][ T199] bridge0: port 2(bridge_slave_1) entered forwarding state [ 56.659573][ T5984] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 56.689016][ T5984] veth0_vlan: entered promiscuous mode [ 56.701649][ T5984] veth1_vlan: entered promiscuous mode [ 56.738892][ T5975] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 56.748907][ T5984] veth0_macvtap: entered promiscuous mode [ 56.757367][ T5984] veth1_macvtap: entered promiscuous mode [ 56.778467][ T5984] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 56.793609][ T5984] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 56.806128][ T46] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.813665][ T46] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.817799][ T46] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.828250][ T46] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.850373][ T5988] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 56.866832][ T5975] veth0_vlan: entered promiscuous mode [ 56.892056][ T5975] veth1_vlan: entered promiscuous mode [ 56.909816][ T5977] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 56.933020][ T199] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 56.940844][ T199] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 56.968124][ T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 56.972516][ T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 56.973017][ T5988] veth0_vlan: entered promiscuous mode [ 56.998514][ T5975] veth0_macvtap: entered promiscuous mode [ 57.003022][ T5988] veth1_vlan: entered promiscuous mode [ 57.015309][ T5984] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 57.017335][ T5975] veth1_macvtap: entered promiscuous mode [ 57.024988][ T5977] veth0_vlan: entered promiscuous mode [ 57.038363][ T5977] veth1_vlan: entered promiscuous mode [ 57.050911][ T5975] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 57.066079][ T5975] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 57.080082][ T1144] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.080170][ T1144] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.080205][ T1144] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.080237][ T1144] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.082490][ T5988] veth0_macvtap: entered promiscuous mode [ 57.087806][ T5988] veth1_macvtap: entered promiscuous mode [ 57.101968][ T5977] veth0_macvtap: entered promiscuous mode [ 57.115512][ T5977] veth1_macvtap: entered promiscuous mode [ 57.120840][ T5988] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 57.129470][ T5988] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 57.179757][ T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 57.183534][ T1150] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.185186][ T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 57.188565][ T1150] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.225078][ T5977] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 57.237335][ T1150] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.253691][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 57.260901][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 57.262409][ T1150] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.281089][ T5977] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 57.294134][ T1145] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.300976][ T1145] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.306486][ T1145] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.326487][ T1145] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.377703][ T1150] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 57.381059][ T1150] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 57.394216][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 57.404243][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 57.506593][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 57.514301][ T1144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 57.517757][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 57.519393][ T1144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 57.574755][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 57.586145][ T1144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 57.589744][ T1144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 57.614279][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 57.654291][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 57.666244][ T63] Bluetooth: hci2: command tx timeout [ 57.667575][ T5978] Bluetooth: hci1: command tx timeout [ 57.671455][ T5978] Bluetooth: hci0: command tx timeout [ 57.675048][ T5990] Bluetooth: hci3: command tx timeout [ 57.947081][ T6081] bridge_slave_0: left allmulticast mode [ 57.947105][ T6081] bridge_slave_0: left promiscuous mode [ 57.947814][ T6081] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.986826][ T6088] netlink: 'syz.1.2': attribute type 10 has an invalid length. [ 58.338634][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 58.378986][ T6081] bridge_slave_1: left allmulticast mode [ 58.380938][ T6081] bridge_slave_1: left promiscuous mode [ 58.382965][ T6081] bridge0: port 2(bridge_slave_1) entered disabled state [ 58.464764][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 58.508892][ T6081] bond0: (slave bond_slave_0): Releasing backup interface [ 58.601498][ T6081] bond0: (slave bond_slave_1): Releasing backup interface [ 58.635622][ T6081] team0: Port device team_slave_0 removed [ 58.672178][ T6081] team0: Port device team_slave_1 removed [ 58.676447][ T6081] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 58.681031][ T6081] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 58.720473][ T6081] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 58.724785][ T6081] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 58.761100][ T6085] team0: Mode changed to "loadbalance" [ 58.786817][ T6088] 8021q: adding VLAN 0 to HW filter on device bond0 [ 58.791852][ T6088] team0: Port device bond0 added [ 58.795956][ T6087] lo speed is unknown, defaulting to 1000 [ 58.817072][ T6087] lo speed is unknown, defaulting to 1000 [ 58.821615][ T6087] lo speed is unknown, defaulting to 1000 [ 58.840692][ T6087] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 58.860722][ T6087] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 58.908464][ T6087] lo speed is unknown, defaulting to 1000 [ 58.912652][ T6087] lo speed is unknown, defaulting to 1000 [ 58.922255][ T6087] lo speed is unknown, defaulting to 1000 [ 58.924962][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 58.943864][ T6087] lo speed is unknown, defaulting to 1000 [ 59.274290][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 59.464294][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 59.563307][ T6101] sg_write: data in/out 75715714/4299 bytes for SCSI command 0x19-- guessing data in; [ 59.563307][ T6101] program syz.3.8 not setting count and/or reply_len properly [ 59.744613][ T5990] Bluetooth: hci1: command tx timeout [ 59.747152][ T5978] Bluetooth: hci2: command tx timeout [ 59.754285][ T5978] Bluetooth: hci0: command tx timeout [ 59.756804][ T5978] Bluetooth: hci3: command tx timeout [ 60.027240][ T6104] syz_tun: entered allmulticast mode [ 60.045965][ T6106] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5) [ 60.048659][ T6106] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 60.055665][ T6106] vhci_hcd vhci_hcd.0: Device attached [ 60.091875][ T6103] syz_tun: left allmulticast mode [ 60.094194][ T40] audit: type=1800 audit(1759117975.241:2): pid=6106 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.7" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 60.439564][ T6117] netlink: 4 bytes leftover after parsing attributes in process `syz.1.12'. [ 60.662350][ T6128] Zero length message leads to an empty skb [ 60.723899][ T5714] usb 42-1: SetAddress Request (2) to port 0 [ 60.734114][ T5714] usb 42-1: new SuperSpeed USB device number 2 using vhci_hcd [ 60.753624][ T6132] befs: (nbd1): No write support. Marking filesystem read-only [ 60.757912][ T6107] vhci_hcd: connection reset by peer [ 60.761533][ T1150] vhci_hcd: stop threads [ 60.766565][ T6132] befs: (nbd1): unable to read superblock [ 60.786208][ T1150] vhci_hcd: release socket [ 60.797267][ T1150] vhci_hcd: disconnect device [ 61.824861][ T5990] Bluetooth: hci3: command tx timeout [ 61.827196][ T5990] Bluetooth: hci0: command tx timeout [ 61.829084][ T5990] Bluetooth: hci2: command tx timeout [ 61.831175][ T5990] Bluetooth: hci1: command tx timeout [ 63.358291][ T6142] syz.2.14 (6142): drop_caches: 2 [ 65.049997][ T6182] netlink: 40 bytes leftover after parsing attributes in process `syz.0.22'. [ 65.052781][ T6182] netlink: 45 bytes leftover after parsing attributes in process `syz.0.22'. [ 65.055968][ T6182] netlink: 45 bytes leftover after parsing attributes in process `syz.0.22'. [ 65.094538][ T6172] syz.3.21 (6172): drop_caches: 2 [ 65.097025][ T6172] syz.3.21 (6172): drop_caches: 2 [ 65.401378][ T6195] input: syz1 as /devices/virtual/input/input5 [ 65.510359][ T6196] misc userio: Invalid payload size [ 65.517245][ T6196] misc userio: No port type given on /dev/userio [ 65.811706][ T40] audit: type=1800 audit(1759117980.951:3): pid=6199 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.20" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0 [ 65.820664][ T6198] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5) [ 65.822967][ T6198] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 65.826094][ T6198] vhci_hcd vhci_hcd.0: Device attached [ 65.829832][ T5714] usb 42-1: device descriptor read/8, error -110 [ 66.015945][ T6200] vhci_hcd: connection closed [ 66.024934][ T1150] vhci_hcd: stop threads [ 66.028085][ T1150] vhci_hcd: release socket [ 66.030186][ T1150] vhci_hcd: disconnect device [ 66.290300][ T5714] usb usb42-port1: attempt power cycle [ 66.841046][ T6215] syz.3.26 (6215): drop_caches: 2 [ 66.867985][ T6215] syz.3.26 (6215): drop_caches: 2 [ 67.538155][ T5714] usb usb42-port1: unable to enumerate USB device [ 67.731728][ T6226] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem [ 67.737641][ T6226] tipc: Started in network mode [ 67.740463][ T6226] tipc: Node identity , cluster identity 4711 [ 67.746849][ T6226] tipc: Failed to set node id, please configure manually [ 67.750702][ T6226] tipc: Enabling of bearer rejected, failed to enable media [ 67.790606][ T6227] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5) [ 67.793379][ T6227] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 67.799338][ T6227] vhci_hcd vhci_hcd.0: Device attached [ 67.868139][ T40] audit: type=1800 audit(1759117983.021:4): pid=6227 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.27" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0 [ 68.064337][ T5714] usb 40-1: SetAddress Request (3) to port 0 [ 68.069774][ T5714] usb 40-1: new SuperSpeed USB device number 3 using vhci_hcd [ 68.329111][ T6231] netlink: 8 bytes leftover after parsing attributes in process `syz.3.29'. [ 68.830092][ T6246] netlink: 'syz.0.32': attribute type 4 has an invalid length. [ 68.860386][ T6246] netlink: 'syz.0.32': attribute type 4 has an invalid length. [ 69.028657][ T6228] vhci_hcd: connection reset by peer [ 69.031362][ T80] vhci_hcd: stop threads [ 69.033466][ T80] vhci_hcd: release socket [ 69.038298][ T80] vhci_hcd: disconnect device [ 69.098579][ T6250] syz.0.33 (6250): drop_caches: 2 [ 69.101573][ T6250] syz.0.33 (6250): drop_caches: 2 [ 69.446036][ T40] audit: type=1326 audit(1759117984.591:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6251 comm="syz.3.34" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000 [ 69.453267][ T40] audit: type=1326 audit(1759117984.601:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6251 comm="syz.3.34" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000 [ 69.466203][ T40] audit: type=1326 audit(1759117984.601:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6251 comm="syz.3.34" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf704e579 code=0x7ffc0000 [ 69.565530][ T40] audit: type=1326 audit(1759117984.721:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6251 comm="syz.3.34" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000 [ 69.576537][ T40] audit: type=1326 audit(1759117984.721:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6251 comm="syz.3.34" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000 [ 69.594756][ T40] audit: type=1326 audit(1759117984.751:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6251 comm="syz.3.34" exe="/syz-executor" sig=0 arch=40000003 syscall=277 compat=1 ip=0xf704e579 code=0x7ffc0000 [ 69.604627][ T40] audit: type=1326 audit(1759117984.751:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6251 comm="syz.3.34" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000 [ 69.612202][ T40] audit: type=1326 audit(1759117984.751:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6251 comm="syz.3.34" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000 [ 69.939806][ T6263] Malformed UNC in devname [ 69.939806][ T6263] [ 69.942083][ T6263] CIFS: VFS: Malformed UNC in devname [ 70.256779][ T6267] syz.3.36 (6267): drop_caches: 2 [ 70.261327][ T6267] syz.3.36 (6267): drop_caches: 2 [ 70.794189][ T6269] capability: warning: `syz.0.37' uses deprecated v2 capabilities in a way that may be insecure [ 71.679959][ T6282] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem [ 71.685231][ T6282] tipc: Started in network mode [ 71.687171][ T6282] tipc: Node identity , cluster identity 4711 [ 71.689302][ T6282] tipc: Failed to set node id, please configure manually [ 71.692327][ T6282] tipc: Enabling of bearer rejected, failed to enable media [ 72.815961][ T40] kauditd_printk_skb: 17 callbacks suppressed [ 72.815973][ T40] audit: type=1326 audit(1759117987.971:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6305 comm="syz.3.44" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000 [ 72.837528][ T40] audit: type=1326 audit(1759117987.981:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6305 comm="syz.3.44" exe="/syz-executor" sig=0 arch=40000003 syscall=293 compat=1 ip=0xf704e579 code=0x7ffc0000 [ 72.847148][ T40] audit: type=1326 audit(1759117987.981:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6305 comm="syz.3.44" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000 [ 72.876471][ T40] audit: type=1326 audit(1759117987.981:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6305 comm="syz.3.44" exe="/syz-executor" sig=0 arch=40000003 syscall=425 compat=1 ip=0xf704e579 code=0x7ffc0000 [ 72.884619][ T40] audit: type=1326 audit(1759117987.991:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6305 comm="syz.3.44" exe="/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf704e579 code=0x7ffc0000 [ 72.903124][ T40] audit: type=1326 audit(1759117988.011:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6305 comm="syz.3.44" exe="/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf704e579 code=0x7ffc0000 [ 72.910906][ T40] audit: type=1326 audit(1759117988.011:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6305 comm="syz.3.44" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000 [ 72.919799][ T40] audit: type=1326 audit(1759117988.011:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6305 comm="syz.3.44" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000 [ 72.926195][ T40] audit: type=1326 audit(1759117988.011:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6305 comm="syz.3.44" exe="/syz-executor" sig=0 arch=40000003 syscall=11 compat=1 ip=0xf704e579 code=0x7ffc0000 [ 72.934770][ T40] audit: type=1326 audit(1759117988.011:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6305 comm="syz.3.44" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000 [ 72.937327][ T6309] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in; [ 72.937327][ T6309] program syz.3.44 not setting count and/or reply_len properly [ 73.003666][ T6308] netlink: 72 bytes leftover after parsing attributes in process `syz.3.44'. [ 73.344708][ T5714] usb 40-1: device descriptor read/8, error -110 [ 73.762478][ T5714] usb usb40-port1: attempt power cycle [ 73.956050][ T6314] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem [ 73.962330][ T6314] tipc: Started in network mode [ 73.966710][ T6314] tipc: Node identity , cluster identity 4711 [ 73.969993][ T6314] tipc: Failed to set node id, please configure manually [ 73.973292][ T6314] tipc: Enabling of bearer rejected, failed to enable media [ 74.400268][ T5714] usb usb40-port1: unable to enumerate USB device [ 74.471805][ T9] IPVS: starting estimator thread 0... [ 74.486259][ T6325] input: syz1 as /devices/virtual/input/input6 [ 74.574157][ T6326] IPVS: using max 40 ests per chain, 96000 per kthread [ 75.407189][ T6345] Bluetooth: MGMT ver 1.23 [ 76.150999][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 76.153900][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 77.344242][ T6357] netlink: 892 bytes leftover after parsing attributes in process `syz.0.57'. [ 77.594059][ T6040] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 77.683571][ T6361] ======================================================= [ 77.683571][ T6361] WARNING: The mand mount option has been deprecated and [ 77.683571][ T6361] and is ignored by this kernel. Remove the mand [ 77.683571][ T6361] option from the mount to silence this warning. [ 77.683571][ T6361] ======================================================= [ 77.730963][ T6361] netlink: 'syz.1.59': attribute type 1 has an invalid length. [ 77.737195][ T6361] netlink: 224 bytes leftover after parsing attributes in process `syz.1.59'. [ 77.775329][ T6040] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 77.779534][ T6040] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 77.785693][ T6040] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 77.793015][ T6040] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 77.801629][ T6040] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 77.826076][ T6040] usb 5-1: config 0 descriptor?? [ 77.961217][ T6363] loop6: detected capacity change from 0 to 524287999 [ 77.971972][ T6363] netlink: 24 bytes leftover after parsing attributes in process `syz.3.58'. [ 78.320189][ T6040] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 78.565767][ T6357] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 78.571245][ T6357] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 79.672050][ T6382] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem [ 79.708768][ T6384] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 79.744345][ T141] usb 5-1: reset high-speed USB device number 2 using dummy_hcd [ 80.014779][ T6387] netlink: 16 bytes leftover after parsing attributes in process `syz.0.65'. [ 80.076357][ T6384] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 80.421252][ T6398] syz.0.67 (6398): drop_caches: 2 [ 80.459100][ T6398] syz.0.67 (6398): drop_caches: 2 [ 80.546808][ T6040] usb 5-1: USB disconnect, device number 2 [ 81.208312][ T6409] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem [ 81.211935][ T6409] tipc: Started in network mode [ 81.213550][ T6409] tipc: Node identity , cluster identity 4711 [ 81.217636][ T6409] tipc: Failed to set node id, please configure manually [ 81.220014][ T6409] tipc: Enabling of bearer rejected, failed to enable media [ 81.631347][ T6418] netlink: 8 bytes leftover after parsing attributes in process `syz.2.71'. [ 81.652869][ T6418] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 81.678283][ T5714] lo speed is unknown, defaulting to 1000 [ 81.751194][ T6421] process 'syz.0.73' launched '/dev/fd/9' with NULL argv: empty string added [ 81.830670][ T6424] syz.3.74 (6424): drop_caches: 2 [ 81.832852][ T6424] syz.3.74 (6424): drop_caches: 2 [ 82.694018][ T6431] netlink: 'syz.2.75': attribute type 10 has an invalid length. [ 82.708070][ T6431] batman_adv: batadv0: Adding interface: team0 [ 82.711032][ T6431] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 82.722049][ T6431] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 82.740718][ T6431] netlink: 'syz.2.75': attribute type 10 has an invalid length. [ 82.746339][ T6431] netlink: 2 bytes leftover after parsing attributes in process `syz.2.75'. [ 82.749469][ T6431] team0: entered promiscuous mode [ 82.751119][ T6431] team_slave_0: entered promiscuous mode [ 82.753009][ T6431] team_slave_1: entered promiscuous mode [ 82.834523][ T6431] 8021q: adding VLAN 0 to HW filter on device team0 [ 82.839254][ T6431] batman_adv: batadv0: Interface activated: team0 [ 82.842585][ T6431] batman_adv: batadv0: Interface deactivated: team0 [ 82.848817][ T6431] batman_adv: batadv0: Removing interface: team0 [ 82.864481][ T6431] bridge0: port 3(team0) entered blocking state [ 82.867009][ T6431] bridge0: port 3(team0) entered disabled state [ 82.881786][ T6431] team0: entered allmulticast mode [ 82.883688][ T6431] team_slave_0: entered allmulticast mode [ 82.885784][ T6431] team_slave_1: entered allmulticast mode [ 82.889700][ T6431] bridge0: port 3(team0) entered blocking state [ 82.892020][ T6431] bridge0: port 3(team0) entered forwarding state [ 82.927654][ T6441] kernel read not supported for file /eth0 (pid: 6441 comm: syz.3.79) [ 82.932468][ T40] kauditd_printk_skb: 16 callbacks suppressed [ 82.932483][ T40] audit: type=1800 audit(1759117998.081:56): pid=6441 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.79" name="eth0" dev="mqueue" ino=10348 res=0 errno=0 [ 83.049175][ T6445] syz.0.78 (6445): drop_caches: 2 [ 83.051332][ T6445] syz.0.78 (6445): drop_caches: 2 [ 83.965052][ T6454] netlink: 8 bytes leftover after parsing attributes in process `syz.3.82'. [ 83.970161][ T6454] netlink: 12 bytes leftover after parsing attributes in process `syz.3.82'. [ 84.060784][ T5714] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 84.226692][ T5714] usb 5-1: config 0 has no interfaces? [ 84.230111][ T5714] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 84.233090][ T5714] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 84.236659][ T5714] usb 5-1: Product: syz [ 84.238277][ T5714] usb 5-1: Manufacturer: syz [ 84.239857][ T5714] usb 5-1: SerialNumber: syz [ 84.244192][ T5714] usb 5-1: config 0 descriptor?? [ 85.730170][ T6477] netlink: 'syz.2.87': attribute type 16 has an invalid length. [ 85.733677][ T6477] netlink: 'syz.2.87': attribute type 17 has an invalid length. [ 85.777526][ T6477] bridge0: port 3(team0) entered disabled state [ 85.779977][ T6477] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.783410][ T6477] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.784249][ T6481] IPv6: NLM_F_REPLACE set, but no existing node found! [ 85.850378][ T6477] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 85.858349][ T6477] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 85.937771][ T1150] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 85.937833][ T9] lo speed is unknown, defaulting to 1000 [ 85.942641][ T1150] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 85.943534][ T9] syz2: Port: 1 Link DOWN [ 85.949480][ T1178] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 85.952528][ T1178] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 86.388491][ T844] cfg80211: failed to load regulatory.db [ 86.807110][ T844] usb 5-1: USB disconnect, device number 3 [ 87.100793][ T6509] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 87.113673][ T6509] batadv_slave_0: entered promiscuous mode [ 88.100944][ T6530] netlink: 8 bytes leftover after parsing attributes in process `syz.1.102'. [ 88.103909][ T6530] netlink: 'syz.1.102': attribute type 5 has an invalid length. [ 88.106779][ T6530] netlink: 20 bytes leftover after parsing attributes in process `syz.1.102'. [ 88.114748][ T6530] geneve2: entered promiscuous mode [ 88.116426][ T6530] geneve2: entered allmulticast mode [ 88.119226][ T1150] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0 [ 88.129823][ T1150] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0 [ 88.132451][ T40] audit: type=1326 audit(1759118003.281:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6527 comm="syz.1.102" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf70ce579 code=0x0 [ 88.132962][ T1150] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0 [ 88.143186][ T1150] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0 [ 88.331006][ T6537] nbd: must specify a device to reconfigure [ 88.501679][ T6544] bridge_slave_0: left allmulticast mode [ 88.505741][ T6544] bridge_slave_0: left promiscuous mode [ 88.508214][ T6544] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.518745][ T6544] bridge_slave_1: left allmulticast mode [ 88.520712][ T6544] bridge_slave_1: left promiscuous mode [ 88.522703][ T6544] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.530978][ T6544] bond0: (slave bond_slave_0): Releasing backup interface [ 88.537286][ T6544] bond0: (slave bond_slave_1): Releasing backup interface [ 88.544012][ T24] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 88.547570][ T6544] team0: Port device team_slave_0 removed [ 88.549071][ T6547] netlink: 156 bytes leftover after parsing attributes in process `syz.3.103'. [ 88.553483][ T6547] netlink: 156 bytes leftover after parsing attributes in process `syz.3.103'. [ 88.557397][ T6544] team0: Port device team_slave_1 removed [ 88.558029][ T6544] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 88.562080][ T6544] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 88.566512][ T6544] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 88.569629][ T6544] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 88.684149][ T9] usb 5-1: new full-speed USB device number 4 using dummy_hcd [ 88.705352][ T24] usb 7-1: Using ep0 maxpacket: 8 [ 88.708552][ T24] usb 7-1: config 0 has an invalid interface number: 55 but max is 0 [ 88.711245][ T24] usb 7-1: config 0 has no interface number 0 [ 88.713735][ T24] usb 7-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 88.717388][ T24] usb 7-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 88.721442][ T24] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 88.726380][ T24] usb 7-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 88.730775][ T24] usb 7-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 88.734521][ T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 88.739784][ T24] usb 7-1: config 0 descriptor?? [ 88.751253][ T24] ldusb 7-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 88.867804][ T9] usb 5-1: not running at top speed; connect to a high speed hub [ 88.872579][ T9] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 72, setting to 64 [ 88.884301][ T9] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 1024, setting to 64 [ 88.891889][ T9] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 88.904139][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 88.907290][ T9] usb 5-1: Product: ၳאָ㨩㼍憥仆뺌ᲆ릩巠埼ğ凗氊㤹셢缋諴མℙ﯀䆖ࠩᏚ兑늚䮗㈖쌶솷᝽椿✜ﵑ؏顐䲡ᪿ殰ᝁ觱⥧ꡠꎋ寋图甅嗎叮ﰊ鈶ா㈸롥ύႜ瞧ꖮꉼ꿹ዽ侹▼溫Ṽ䧡馤憝ፓꙦ詻顙ꢊ臇≷㗃爒㒗Я㣑ꃝꓩ樌࣢ᩬ쵺踰ᇧ³鴇 [ 88.934173][ T9] usb 5-1: Manufacturer: 靼၁≹ꑜ륖䳾齄뗌倜넚髐瘈侑륾핥ࢌㆫ㩇埾箟括ꡧ춏ஃ萆쐙짛⎬撻鍗ᛁ躊⍅횾咖樂쟄羹敔ジቖ䰴㨋ṍझડ혅菃ჩo꾠灈囁幍᩼ᛂ紂㉙鴚鴁࣯Ꮥ䆥ꭔ拟莸灘ꢐ⋽㴣మ웆洁촜틐ꪵ꾄ՠꜣ憂휵้洃꒻쑠∕蔔姩橫盤櫠 [ 88.954465][ T9] usb 5-1: SerialNumber: ਗ਼檠㊖﮴螻⡚㐡鯋⎓텡証鵏圝愖蕽皎ꆓ䂺ᩩꤞ鼗⻎롣줄䛭䖑䚥龝㬊ۧ럔煉ᗄꔀ궢琰撔♓荋ፈ♂ꃹ鰀䶜勅鹸䷭섂鸆ꮟҿ죊답䞬ꗖᒱᇯ៎ଡ涀퓗꿭쯚댔骈珞뤣ퟅ [ 88.957806][ T6535] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 88.966885][ T6546] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 89.060535][ T6550] netlink: 12 bytes leftover after parsing attributes in process `syz.1.108'. [ 89.092430][ T6534] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 89.096393][ T844] usb 7-1: USB disconnect, device number 2 [ 89.096495][ C2] ldusb 7-1:0.55: usb_submit_urb failed (-19) [ 89.101147][ T844] ldusb 7-1:0.55: LD USB Device #0 now disconnected [ 89.172056][ T6546] syz.0.107 uses obsolete (PF_INET,SOCK_PACKET) [ 89.183774][ T842] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 89.234938][ T842] hid-generic 0000:0000:0000.0003: hidraw1: HID v0.00 Device [syz1] on syz0 [ 89.274767][ T9] cdc_ncm 5-1:1.0: bind() failure [ 89.281718][ T9] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found [ 89.284200][ T9] cdc_ncm 5-1:1.1: bind() failure [ 89.285367][ T6561] fido_id[6561]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 89.288762][ T9] usb 5-1: USB disconnect, device number 4 [ 90.228278][ T6595] input: syz1 as /devices/virtual/input/input7 [ 90.274111][ T6595] netlink: 4 bytes leftover after parsing attributes in process `syz.0.121'. [ 90.349407][ T6597] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 90.353465][ T6597] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0 [ 90.381567][ T6598] ubi0: attaching mtd0 [ 90.384405][ T6598] ubi0: scanning is finished [ 90.386060][ T6598] ubi0: empty MTD device detected [ 90.478922][ T6597] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 90.482542][ T6597] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0 [ 90.491421][ T6600] netlink: 8 bytes leftover after parsing attributes in process `syz.0.123'. [ 90.508387][ T6598] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 90.510795][ T6598] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 90.513096][ T6598] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 90.515798][ T6598] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 90.518143][ T6598] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 90.520528][ T6598] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 90.523355][ T6598] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 1598534238 [ 90.527108][ T6598] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 90.530993][ T6602] ubi0: background thread "ubi_bgt0d" started, PID 6602 [ 90.569847][ T6597] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 90.573300][ T6597] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0 [ 90.626694][ T6597] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 90.629941][ T6597] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0 [ 90.841209][ T80] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 256 - 0 [ 90.844627][ T80] netdevsim netdevsim1 eth0: set [1, 1] type 2 family 0 port 6081 - 0 [ 90.865077][ T80] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 256 - 0 [ 90.868198][ T80] netdevsim netdevsim1 eth1: set [1, 1] type 2 family 0 port 6081 - 0 [ 90.877694][ T80] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 256 - 0 [ 90.881587][ T80] netdevsim netdevsim1 eth2: set [1, 1] type 2 family 0 port 6081 - 0 [ 90.893104][ T80] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 256 - 0 [ 90.896297][ T80] netdevsim netdevsim1 eth3: set [1, 1] type 2 family 0 port 6081 - 0 [ 90.946718][ T6609] netlink: 32 bytes leftover after parsing attributes in process `syz.0.124'. [ 90.956801][ T6609] netlink: 16 bytes leftover after parsing attributes in process `syz.0.124'. [ 91.122971][ T6608] team0: left allmulticast mode [ 91.131436][ T6608] team_slave_0: left allmulticast mode [ 91.142285][ T6608] team_slave_1: left allmulticast mode [ 91.152742][ T6608] bridge0: port 3(team0) entered disabled state [ 91.172967][ T6608] bridge_slave_0: left allmulticast mode [ 91.180639][ T6608] bridge_slave_0: left promiscuous mode [ 91.186542][ T6608] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.293554][ T6608] bridge_slave_1: left allmulticast mode [ 91.296429][ T6608] bridge_slave_1: left promiscuous mode [ 91.298353][ T6608] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.303665][ T6608] bond0: (slave bond_slave_0): Releasing backup interface [ 91.314020][ T6608] bond0: (slave bond_slave_1): Releasing backup interface [ 91.317984][ T6608] team_slave_0: left promiscuous mode [ 91.323438][ T6608] team0: Port device team_slave_0 removed [ 91.326270][ T6608] team_slave_1: left promiscuous mode [ 91.328999][ T6608] team0: Port device team_slave_1 removed [ 91.331223][ T6608] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 91.334800][ T6608] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 91.503998][ T6619] syzkaller1: entered promiscuous mode [ 91.505850][ T6619] syzkaller1: entered allmulticast mode [ 91.735003][ T6622] netlink: 8 bytes leftover after parsing attributes in process `syz.1.126'. [ 91.743284][ T6622] batadv1: entered allmulticast mode [ 91.855983][ T6629] input: syz1 as /devices/virtual/input/input9 [ 91.939681][ T6624] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 92.357976][ T6646] FAULT_INJECTION: forcing a failure. [ 92.357976][ T6646] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 92.362821][ T6646] CPU: 0 UID: 0 PID: 6646 Comm: syz.2.137 Not tainted syzkaller #0 PREEMPT(full) [ 92.362837][ T6646] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 92.362844][ T6646] Call Trace: [ 92.362849][ T6646] [ 92.362853][ T6646] dump_stack_lvl+0x16c/0x1f0 [ 92.362876][ T6646] should_fail_ex+0x512/0x640 [ 92.362897][ T6646] _copy_to_user+0x32/0xd0 [ 92.362910][ T6646] copy_to_sockptr_offset.constprop.0+0x153/0x1a0 [ 92.362924][ T6646] ? __pfx_copy_to_sockptr_offset.constprop.0+0x10/0x10 [ 92.362936][ T6646] ? sockopt_release_sock+0x52/0x60 [ 92.362955][ T6646] ? __local_bh_enable_ip+0xa4/0x120 [ 92.362971][ T6646] do_tcp_getsockopt+0xc70/0x25d0 [ 92.362985][ T6646] ? __lock_acquire+0x62e/0x1ce0 [ 92.363001][ T6646] ? __pfx_do_tcp_getsockopt+0x10/0x10 [ 92.363021][ T6646] ? __lock_acquire+0xb97/0x1ce0 [ 92.363037][ T6646] ? aa_label_sk_perm+0x195/0x600 [ 92.363051][ T6646] ? _kstrtoull+0x145/0x200 [ 92.363065][ T6646] ? __pfx__kstrtoull+0x10/0x10 [ 92.363080][ T6646] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 92.363097][ T6646] ? __lock_acquire+0x62e/0x1ce0 [ 92.363118][ T6646] ? __pfx___might_resched+0x10/0x10 [ 92.363129][ T6646] ? get_pid_task+0xfc/0x250 [ 92.363146][ T6646] ? aa_sk_perm+0x2f4/0xb10 [ 92.363162][ T6646] ? __lock_acquire+0x62e/0x1ce0 [ 92.363179][ T6646] tcp_getsockopt+0xdf/0x100 [ 92.363194][ T6646] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 92.363206][ T6646] do_sock_getsockopt+0x34a/0x440 [ 92.363218][ T6646] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 92.363229][ T6646] ? __fget_files+0x204/0x3c0 [ 92.363248][ T6646] __sys_getsockopt+0x123/0x1b0 [ 92.363267][ T6646] __ia32_sys_getsockopt+0xbc/0x160 [ 92.363282][ T6646] ? lockdep_hardirqs_on+0x7c/0x110 [ 92.363298][ T6646] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 92.363316][ T6646] __do_fast_syscall_32+0x7c/0x300 [ 92.363327][ T6646] do_fast_syscall_32+0x32/0x80 [ 92.363341][ T6646] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 92.363360][ T6646] RIP: 0023:0xf701e579 [ 92.363373][ T6646] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 92.363388][ T6646] RSP: 002b:00000000f540e55c EFLAGS: 00000296 ORIG_RAX: 000000000000016d [ 92.363404][ T6646] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000006 [ 92.363414][ T6646] RDX: 0000000000000023 RSI: 0000000080000140 RDI: 0000000080000080 [ 92.363424][ T6646] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 92.363431][ T6646] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 92.363437][ T6646] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 92.363449][ T6646] [ 92.834153][ T6095] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 92.994341][ T6095] usb 8-1: Using ep0 maxpacket: 8 [ 93.004717][ T6095] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 93.009464][ T6095] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 93.012782][ T6095] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10 [ 93.017049][ T6095] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024 [ 93.021267][ T6095] usb 8-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 93.024921][ T6095] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 93.057912][ T6095] hub 8-1:1.0: bad descriptor, ignoring hub [ 93.060367][ T6095] hub 8-1:1.0: probe with driver hub failed with error -5 [ 93.064905][ T6095] cdc_wdm 8-1:1.0: skipping garbage [ 93.066799][ T6095] cdc_wdm 8-1:1.0: skipping garbage [ 93.081883][ T6095] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device [ 93.084829][ T6095] cdc_wdm 8-1:1.0: Unknown control protocol [ 93.216505][ T6649] orangefs_mount: mount request failed with -4 [ 93.467521][ T6680] bridge2: entered promiscuous mode [ 93.556302][ T6678] block nbd0: shutting down sockets [ 93.558489][ T24] usb 8-1: USB disconnect, device number 2 [ 93.646359][ T6686] __nla_validate_parse: 2 callbacks suppressed [ 93.646372][ T6686] netlink: 896 bytes leftover after parsing attributes in process `syz.2.149'. [ 93.894056][ T6040] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 94.066841][ T6040] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 94.070391][ T6040] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 94.074409][ T6040] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 94.079594][ T6040] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 94.080073][ T6688] netlink: 'syz.3.150': attribute type 12 has an invalid length. [ 94.082582][ T6040] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 94.088840][ T6040] usb 7-1: config 0 descriptor?? [ 94.128308][ T6691] syz_tun: entered allmulticast mode [ 94.172235][ T6693] FAULT_INJECTION: forcing a failure. [ 94.172235][ T6693] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 94.179615][ T6693] CPU: 3 UID: 0 PID: 6693 Comm: syz.3.152 Not tainted syzkaller #0 PREEMPT(full) [ 94.179644][ T6693] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 94.179654][ T6693] Call Trace: [ 94.179661][ T6693] [ 94.179672][ T6693] dump_stack_lvl+0x16c/0x1f0 [ 94.179779][ T6693] should_fail_ex+0x512/0x640 [ 94.179814][ T6693] _copy_from_user+0x2e/0xd0 [ 94.179839][ T6693] kstrtouint_from_user+0xd6/0x1d0 [ 94.179864][ T6693] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 94.179887][ T6693] ? __lock_acquire+0xb97/0x1ce0 [ 94.179922][ T6693] proc_fail_nth_write+0x83/0x220 [ 94.179947][ T6693] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 94.179972][ T6693] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 94.179990][ T6693] vfs_write+0x2a0/0x11d0 [ 94.180018][ T6693] ? __pfx_vfs_write+0x10/0x10 [ 94.180038][ T6693] ? find_held_lock+0x2b/0x80 [ 94.180060][ T6693] ? __fget_files+0x20e/0x3c0 [ 94.180086][ T6693] ksys_write+0x12a/0x250 [ 94.180107][ T6693] ? __pfx_ksys_write+0x10/0x10 [ 94.180129][ T6693] ? rcu_is_watching+0x12/0xc0 [ 94.180150][ T6693] __do_fast_syscall_32+0x7c/0x300 [ 94.180168][ T6693] do_fast_syscall_32+0x32/0x80 [ 94.180183][ T6693] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 94.180204][ T6693] RIP: 0023:0xf704e579 [ 94.180220][ T6693] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 94.180235][ T6693] RSP: 002b:00000000f543e590 EFLAGS: 00000293 ORIG_RAX: 0000000000000004 [ 94.180254][ T6693] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f543e620 [ 94.180264][ T6693] RDX: 0000000000000001 RSI: 00000000f73e5ff4 RDI: 0000000000000000 [ 94.180273][ T6693] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 94.180282][ T6693] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 94.180292][ T6693] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 94.180315][ T6693] [ 94.354138][ T40] audit: type=1804 audit(1759118009.501:58): pid=6697 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.154" name="/newroot/43/file0" dev="tmpfs" ino=247 res=1 errno=0 [ 94.589948][ T6707] netlink: 'syz.3.156': attribute type 16 has an invalid length. [ 94.647692][ T6706] netlink: 256 bytes leftover after parsing attributes in process `syz.0.157'. [ 94.657757][ T6706] unsupported nlmsg_type 40 [ 94.705776][ T6686] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 94.709047][ T6686] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 94.772859][ T6710] zonefs (nullb0) ERROR: Not a zoned block device [ 94.776235][ T6711] netlink: 20 bytes leftover after parsing attributes in process `syz.1.158'. [ 95.246837][ T6040] usbhid 7-1:0.0: can't add hid device: -71 [ 95.248873][ T6040] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 95.260673][ T6040] usb 7-1: USB disconnect, device number 3 [ 95.443297][ T6732] netlink: 4 bytes leftover after parsing attributes in process `syz.2.165'. [ 95.504363][ T6734] FAULT_INJECTION: forcing a failure. [ 95.504363][ T6734] name failslab, interval 1, probability 0, space 0, times 0 [ 95.508391][ T6734] CPU: 1 UID: 0 PID: 6734 Comm: syz.3.166 Not tainted syzkaller #0 PREEMPT(full) [ 95.508407][ T6734] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 95.508413][ T6734] Call Trace: [ 95.508418][ T6734] [ 95.508423][ T6734] dump_stack_lvl+0x16c/0x1f0 [ 95.508446][ T6734] should_fail_ex+0x512/0x640 [ 95.508467][ T6734] should_failslab+0xc2/0x120 [ 95.508483][ T6734] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 95.508497][ T6734] ? dst_alloc+0x99/0x1a0 [ 95.508513][ T6734] dst_alloc+0x99/0x1a0 [ 95.508529][ T6734] rt_dst_alloc+0x35/0x3a0 [ 95.508546][ T6734] ip_route_output_key_hash_rcu+0x87a/0x28e0 [ 95.508565][ T6734] ip_route_output_key_hash+0x137/0x2e0 [ 95.508579][ T6734] ? __pfx_ip_route_output_key_hash+0x10/0x10 [ 95.508597][ T6734] ? find_held_lock+0x2b/0x80 [ 95.508610][ T6734] ip_route_output_flow+0x27/0x150 [ 95.508625][ T6734] udp_sendmsg+0x1af9/0x2870 [ 95.508638][ T6734] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 95.508657][ T6734] ? __pfx_udp_sendmsg+0x10/0x10 [ 95.508671][ T6734] ? __kernel_text_address+0xd/0x40 [ 95.508685][ T6734] ? find_held_lock+0x2b/0x80 [ 95.508710][ T6734] ? rcu_is_watching+0x12/0xc0 [ 95.508721][ T6734] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 95.508737][ T6734] ? lockdep_hardirqs_on+0x7c/0x110 [ 95.508758][ T6734] ? iovec_from_user+0x108/0x140 [ 95.508769][ T6734] ? kasan_save_stack+0x42/0x60 [ 95.508781][ T6734] ? kasan_save_stack+0x33/0x60 [ 95.508795][ T6734] udpv6_sendmsg+0x128f/0x2d20 [ 95.508807][ T6734] ? aa_label_sk_perm+0x195/0x600 [ 95.508822][ T6734] ? __ia32_compat_sys_sendmmsg+0x9d/0x100 [ 95.508839][ T6734] ? __do_fast_syscall_32+0x7c/0x300 [ 95.508849][ T6734] ? do_fast_syscall_32+0x32/0x80 [ 95.508859][ T6734] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 95.508880][ T6734] ? __pfx_udpv6_sendmsg+0x10/0x10 [ 95.508915][ T6734] ? __pfx_udpv6_sendmsg+0x10/0x10 [ 95.508928][ T6734] ? inet6_sendmsg+0x105/0x140 [ 95.508942][ T6734] inet6_sendmsg+0x105/0x140 [ 95.508955][ T6734] ____sys_sendmsg+0x705/0xc70 [ 95.508969][ T6734] ? __pfx_btrfs_calc_zone_unusable+0x10/0x10 [ 95.508986][ T6734] ? __pfx_____sys_sendmsg+0x10/0x10 [ 95.508998][ T6734] ? get_compat_msghdr+0x11a/0x170 [ 95.509017][ T6734] ? __pfx__kstrtoull+0x10/0x10 [ 95.509037][ T6734] ___sys_sendmsg+0x134/0x1d0 [ 95.509056][ T6734] ? __pfx____sys_sendmsg+0x10/0x10 [ 95.509093][ T6734] __sys_sendmmsg+0x2f9/0x420 [ 95.509113][ T6734] ? __pfx___sys_sendmmsg+0x10/0x10 [ 95.509136][ T6734] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 95.509161][ T6734] ? fput+0x9b/0xd0 [ 95.509199][ T6734] ? ksys_write+0x1ac/0x250 [ 95.509213][ T6734] ? __pfx_ksys_write+0x10/0x10 [ 95.509229][ T6734] __ia32_compat_sys_sendmmsg+0x9d/0x100 [ 95.509247][ T6734] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 95.509267][ T6734] __do_fast_syscall_32+0x7c/0x300 [ 95.509279][ T6734] do_fast_syscall_32+0x32/0x80 [ 95.509290][ T6734] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 95.509304][ T6734] RIP: 0023:0xf704e579 [ 95.509314][ T6734] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 95.509326][ T6734] RSP: 002b:00000000f543e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000159 [ 95.509337][ T6734] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080003cc0 [ 95.509345][ T6734] RDX: 0000000000000172 RSI: 0000000004000000 RDI: 0000000000000000 [ 95.509352][ T6734] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 95.509358][ T6734] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 95.509365][ T6734] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 95.509379][ T6734] [ 95.889291][ T6739] tipc: Started in network mode [ 95.891194][ T6739] tipc: Node identity 92f2333bfd35, cluster identity 4711 [ 95.893855][ T6739] tipc: Enabled bearer , priority 0 [ 95.897216][ T6739] syzkaller0: entered promiscuous mode [ 95.899009][ T6739] syzkaller0: entered allmulticast mode [ 95.911851][ T6739] tipc: Resetting bearer [ 95.928638][ T6741] tipc: Resetting bearer [ 95.938439][ T6741] tipc: Disabling bearer [ 96.230802][ T6748] lo speed is unknown, defaulting to 1000 [ 96.569131][ T6748] fuse: Bad value for 'fd' [ 96.860218][ T6762] netlink: 896 bytes leftover after parsing attributes in process `syz.0.173'. [ 97.134125][ T141] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 97.305651][ T141] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 97.309747][ T141] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 97.313381][ T141] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 97.317954][ T141] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 97.320937][ T141] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 97.326417][ T141] usb 5-1: config 0 descriptor?? [ 97.936560][ T6762] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 97.939548][ T6762] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 97.987902][ T5990] Bluetooth: hci3: command 0x0405 tx timeout [ 98.112233][ T141] usbhid 5-1:0.0: can't add hid device: -71 [ 98.114389][ T141] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 98.123137][ T141] usb 5-1: USB disconnect, device number 5 [ 98.392171][ T6789] netlink: 12 bytes leftover after parsing attributes in process `syz.1.179'. [ 98.608065][ T6796] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem [ 98.612068][ T6796] tipc: Enabling of bearer rejected, failed to enable media [ 99.164016][ T24] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 99.346425][ T24] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 99.349335][ T24] usb 7-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 99.352866][ T24] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 99.356079][ T24] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 99.359961][ T24] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 99.366887][ T24] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 99.369583][ T6814] netlink: 896 bytes leftover after parsing attributes in process `syz.3.188'. [ 99.371364][ T24] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 99.379650][ T24] usb 7-1: Product: syz [ 99.380979][ T24] usb 7-1: Manufacturer: syz [ 99.388931][ T24] cdc_wdm 7-1:1.0: skipping garbage [ 99.390733][ T24] cdc_wdm 7-1:1.0: skipping garbage [ 99.393571][ T24] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device [ 99.395810][ T24] cdc_wdm 7-1:1.0: Unknown control protocol [ 99.450205][ T6816] netlink: 24 bytes leftover after parsing attributes in process `syz.0.187'. [ 99.460114][ T24] IPVS: starting estimator thread 0... [ 99.544068][ T6817] IPVS: using max 41 ests per chain, 98400 per kthread [ 99.635211][ T9] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 99.679879][ T6822] netlink: 24 bytes leftover after parsing attributes in process `syz.1.189'. [ 99.686360][ T24] IPVS: starting estimator thread 0... [ 99.774314][ T6823] IPVS: using max 41 ests per chain, 98400 per kthread [ 99.806090][ T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 99.810552][ T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 99.815274][ T9] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 99.820979][ T9] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 99.826002][ T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 99.830476][ T9] usb 8-1: config 0 descriptor?? [ 100.006499][ T6824] netlink: 4 bytes leftover after parsing attributes in process `syz.2.186'. [ 100.014154][ T6824] netlink: 'syz.2.186': attribute type 1 has an invalid length. [ 100.032659][ T6824] 8021q: adding VLAN 0 to HW filter on device bond1 [ 100.047075][ T6824] bond1: (slave geneve2): making interface the new active one [ 100.051287][ T6824] bond1: (slave geneve2): Enslaving as an active interface with an up link [ 100.059310][ T13] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.062858][ T13] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.067429][ T13] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.071255][ T13] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.270384][ T6040] usb 7-1: USB disconnect, device number 4 [ 100.446177][ T6814] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 100.456193][ T6814] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 100.520963][ T9] usbhid 8-1:0.0: can't add hid device: -71 [ 100.524872][ T9] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 100.533414][ T9] usb 8-1: USB disconnect, device number 3 [ 100.713522][ T6842] netlink: 24 bytes leftover after parsing attributes in process `syz.1.194'. [ 101.178133][ T6857] netlink: 24 bytes leftover after parsing attributes in process `syz.3.199'. [ 101.182917][ T6040] IPVS: starting estimator thread 0... [ 101.324056][ T6858] IPVS: using max 41 ests per chain, 98400 per kthread [ 101.538266][ T6865] netlink: 896 bytes leftover after parsing attributes in process `syz.1.201'. [ 101.797873][ T6095] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 101.945549][ T6874] input: syz1 as /devices/virtual/input/input10 [ 101.983415][ T6095] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 101.988056][ T6095] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 101.992246][ T6095] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 102.000144][ T6095] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 102.003295][ T6095] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 102.008784][ T6095] usb 6-1: config 0 descriptor?? [ 102.234210][ T24] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 102.417495][ T24] usb 8-1: config 0 has no interfaces? [ 102.424514][ T24] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 102.429231][ T24] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 102.432415][ T24] usb 8-1: Product: syz [ 102.439639][ T24] usb 8-1: Manufacturer: syz [ 102.441943][ T24] usb 8-1: SerialNumber: syz [ 102.446909][ T24] usb 8-1: config 0 descriptor?? [ 102.619290][ T6865] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 102.622891][ T6865] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 102.689687][ T6095] usbhid 6-1:0.0: can't add hid device: -71 [ 102.691758][ T6095] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 102.695783][ T6095] usb 6-1: USB disconnect, device number 2 [ 103.122581][ T6061] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 103.136512][ T6892] netlink: 24 bytes leftover after parsing attributes in process `syz.2.210'. [ 103.276561][ T6061] usb 5-1: config 0 has no interfaces? [ 103.280439][ T6061] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 103.284225][ T6061] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 103.287201][ T6061] usb 5-1: Product: syz [ 103.288674][ T6061] usb 5-1: Manufacturer: syz [ 103.290500][ T6061] usb 5-1: SerialNumber: syz [ 103.295118][ T6061] usb 5-1: config 0 descriptor?? [ 104.018876][ T6903] netlink: 4 bytes leftover after parsing attributes in process `syz.2.212'. [ 104.022189][ T6903] netlink: 12 bytes leftover after parsing attributes in process `syz.2.212'. [ 104.774014][ T6908] warning: `syz.1.214' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 104.923144][ T6910] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem [ 104.927290][ T6910] tipc: Enabling of bearer rejected, failed to enable media [ 105.067786][ T6061] usb 8-1: USB disconnect, device number 4 [ 105.532324][ T6923] netlink: 12 bytes leftover after parsing attributes in process `syz.2.220'. [ 105.641893][ T844] usb 5-1: USB disconnect, device number 6 [ 106.610680][ T6943] tipc: Enabling of bearer rejected, failed to enable media [ 106.834061][ T6040] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 106.884867][ T6956] netlink: 8 bytes leftover after parsing attributes in process `syz.3.228'. [ 106.986988][ T6040] usb 7-1: config 0 has no interfaces? [ 106.991560][ T6040] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 106.996258][ T6040] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 107.000515][ T6040] usb 7-1: Product: syz [ 107.002053][ T6040] usb 7-1: Manufacturer: syz [ 107.013894][ T6040] usb 7-1: SerialNumber: syz [ 107.022736][ T6040] usb 7-1: config 0 descriptor?? [ 109.226453][ T6999] netlink: 4 bytes leftover after parsing attributes in process `syz.1.237'. [ 109.344358][ T6998] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 109.378104][ T6998] lo speed is unknown, defaulting to 1000 [ 109.605906][ T844] usb 7-1: USB disconnect, device number 5 [ 111.324833][ T7035] netlink: 12 bytes leftover after parsing attributes in process `syz.0.242'. [ 112.210230][ T7047] netlink: 16 bytes leftover after parsing attributes in process `syz.1.245'. [ 112.222733][ T7047] netlink: 'syz.1.245': attribute type 1 has an invalid length. [ 112.494138][ T6061] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 112.643641][ T7059] netlink: 'syz.2.249': attribute type 4 has an invalid length. [ 112.646425][ T7059] netlink: 152 bytes leftover after parsing attributes in process `syz.2.249'. [ 112.649502][ T7059] A link change request failed with some changes committed already. Interface hsr_slave_1 may have been left with an inconsistent configuration, please check. [ 112.657211][ T6061] usb 8-1: config 0 has no interfaces? [ 112.662166][ T6061] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 112.666728][ T6061] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 112.670106][ T6061] usb 8-1: Product: syz [ 112.672495][ T6061] usb 8-1: Manufacturer: syz [ 112.674829][ T6061] usb 8-1: SerialNumber: syz [ 112.679988][ T6061] usb 8-1: config 0 descriptor?? [ 112.691535][ T7062] netlink: 896 bytes leftover after parsing attributes in process `syz.2.250'. [ 112.934102][ T6040] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 113.085801][ T6040] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 113.089412][ T6040] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 113.092889][ T6040] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 113.098803][ T6040] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 113.102775][ T6040] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 113.109368][ T6040] usb 7-1: config 0 descriptor?? [ 113.373085][ T7069] xt_l2tp: missing protocol rule (udp|l2tpip) [ 113.724195][ T7062] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 113.727697][ T7062] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 113.815337][ T6040] usbhid 7-1:0.0: can't add hid device: -71 [ 113.819070][ T6040] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 113.824985][ T6040] usb 7-1: USB disconnect, device number 6 [ 114.758972][ T7093] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 114.761516][ T7093] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 114.765621][ T7093] netlink: 14 bytes leftover after parsing attributes in process `syz.1.258'. [ 114.769642][ T7093] hsr_slave_0: left promiscuous mode [ 114.772850][ T7093] hsr_slave_1: left promiscuous mode [ 115.028919][ T7105] netlink: 4 bytes leftover after parsing attributes in process `syz.1.262'. [ 115.090854][ T7108] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem [ 115.098263][ T7108] tipc: Enabling of bearer rejected, failed to enable media [ 115.522139][ T6061] usb 8-1: USB disconnect, device number 5 [ 115.581497][ T7120] netlink: 4 bytes leftover after parsing attributes in process `syz.1.264'. [ 115.623648][ T7120] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in; [ 115.623648][ T7120] program syz.1.264 not setting count and/or reply_len properly [ 115.675524][ T7120] netlink: 36 bytes leftover after parsing attributes in process `syz.1.264'. [ 116.577910][ T7136] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem [ 116.582658][ T7136] tipc: Started in network mode [ 116.584965][ T7136] tipc: Node identity , cluster identity 4711 [ 116.587435][ T7136] tipc: Failed to set node id, please configure manually [ 116.590319][ T7136] tipc: Enabling of bearer rejected, failed to enable media [ 117.026229][ T40] audit: type=1326 audit(1759118032.181:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7140 comm="syz.0.274" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f62579 code=0x7ffc0000 [ 117.035841][ T40] audit: type=1326 audit(1759118032.181:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7140 comm="syz.0.274" exe="/syz-executor" sig=0 arch=40000003 syscall=47 compat=1 ip=0xf7f62579 code=0x7ffc0000 [ 117.043878][ T40] audit: type=1326 audit(1759118032.181:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7140 comm="syz.0.274" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f62579 code=0x7ffc0000 [ 117.053316][ T40] audit: type=1326 audit(1759118032.181:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7140 comm="syz.0.274" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f62579 code=0x7ffc0000 [ 117.060698][ T40] audit: type=1326 audit(1759118032.181:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7140 comm="syz.0.274" exe="/syz-executor" sig=0 arch=40000003 syscall=361 compat=1 ip=0xf7f62579 code=0x7ffc0000 [ 117.084785][ T40] audit: type=1326 audit(1759118032.181:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7140 comm="syz.0.274" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f62579 code=0x7ffc0000 [ 117.093725][ T40] audit: type=1326 audit(1759118032.181:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7140 comm="syz.0.274" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf7f62579 code=0x7ffc0000 [ 117.102773][ T40] audit: type=1326 audit(1759118032.181:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7140 comm="syz.0.274" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf7f62579 code=0x7ffc0000 [ 117.112356][ T40] audit: type=1326 audit(1759118032.181:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7140 comm="syz.0.274" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf7f62579 code=0x7ffc0000 [ 117.119800][ T40] audit: type=1326 audit(1759118032.181:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7140 comm="syz.0.274" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf7f62579 code=0x7ffc0000 [ 117.440068][ T7158] syz.0.277 (7158): drop_caches: 2 [ 117.450331][ T7158] syz.0.277 (7158): drop_caches: 2 [ 117.526258][ T7159] syz.1.278 (7159): drop_caches: 2 [ 117.532608][ T7159] syz.1.278 (7159): drop_caches: 2 [ 118.038442][ T7161] netlink: 'syz.3.279': attribute type 11 has an invalid length. [ 118.251910][ T7169] mmap: syz.0.281 (7169) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 118.318002][ T7171] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem [ 118.322136][ T7171] tipc: Enabling of bearer rejected, failed to enable media [ 118.795011][ T7163] syz.2.280: page allocation failure: order:1, mode:0xcc1(GFP_KERNEL|GFP_DMA), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 118.799502][ T7163] CPU: 0 UID: 0 PID: 7163 Comm: syz.2.280 Not tainted syzkaller #0 PREEMPT(full) [ 118.799519][ T7163] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 118.799525][ T7163] Call Trace: [ 118.799530][ T7163] [ 118.799535][ T7163] dump_stack_lvl+0x16c/0x1f0 [ 118.799558][ T7163] warn_alloc+0x248/0x3a0 [ 118.799575][ T7163] ? __pfx_warn_alloc+0x10/0x10 [ 118.799588][ T7163] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 118.799629][ T7163] __alloc_frozen_pages_noprof+0xea2/0x23f0 [ 118.799651][ T7163] ? mark_held_locks+0x49/0x80 [ 118.799668][ T7163] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 118.799682][ T7163] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 118.799707][ T7163] ? kasan_save_stack+0x42/0x60 [ 118.799724][ T7163] ? kasan_save_stack+0x33/0x60 [ 118.799743][ T7163] ? kasan_save_track+0x14/0x30 [ 118.799765][ T7163] ? __kasan_kmalloc+0xaa/0xb0 [ 118.799781][ T7163] ? __kmalloc_noprof+0x223/0x510 [ 118.799801][ T7163] ? do_fast_syscall_32+0x32/0x80 [ 118.799811][ T7163] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 118.799829][ T7163] __alloc_pages_noprof+0xb/0x1b0 [ 118.799894][ T7163] __dma_direct_alloc_pages.constprop.0+0x624/0x990 [ 118.799918][ T7163] ? __pfx___dma_direct_alloc_pages.constprop.0+0x10/0x10 [ 118.799934][ T7163] ? dma_alloc_from_dev_coherent+0x2e4/0x570 [ 118.799952][ T7163] dma_direct_alloc+0x8f/0x580 [ 118.799967][ T7163] dma_alloc_attrs+0x185/0x2b0 [ 118.799979][ T7163] ? __pfx_dma_alloc_attrs+0x10/0x10 [ 118.799991][ T7163] ? __kmalloc_noprof+0x242/0x510 [ 118.800004][ T7163] ? dma_direct_supported+0xca/0x220 [ 118.800020][ T7163] comedi_isadma_alloc+0x3de/0x6e0 [ 118.800039][ T7163] ? __pfx_comedi_isadma_alloc+0x10/0x10 [ 118.800053][ T7163] ? request_threaded_irq+0x2c8/0x3e0 [ 118.800071][ T7163] pcl812_attach+0xca8/0x2110 [ 118.800092][ T7163] comedi_device_attach+0x3b0/0x900 [ 118.800115][ T7163] do_devconfig_ioctl+0x1b1/0x710 [ 118.800127][ T7163] ? __mutex_lock+0x1c5/0x1060 [ 118.800139][ T7163] ? __pfx_do_devconfig_ioctl+0x10/0x10 [ 118.800159][ T7163] ? kasan_save_stack+0x42/0x60 [ 118.800175][ T7163] ? kasan_save_stack+0x33/0x60 [ 118.800187][ T7163] ? kasan_save_track+0x14/0x30 [ 118.800199][ T7163] ? kasan_save_free_info+0x3b/0x60 [ 118.800209][ T7163] ? __kasan_slab_free+0x60/0x70 [ 118.800222][ T7163] ? kfree+0x2b4/0x4d0 [ 118.800231][ T7163] ? tomoyo_path_number_perm+0x470/0x580 [ 118.800250][ T7163] comedi_unlocked_ioctl+0x165d/0x2f00 [ 118.800270][ T7163] ? __pfx_comedi_unlocked_ioctl+0x10/0x10 [ 118.800295][ T7163] ? kasan_quarantine_put+0x10a/0x240 [ 118.800308][ T7163] ? lockdep_hardirqs_on+0x7c/0x110 [ 118.800329][ T7163] ? find_held_lock+0x2b/0x80 [ 118.800342][ T7163] ? tomoyo_path_number_perm+0x295/0x580 [ 118.800359][ T7163] ? tomoyo_path_number_perm+0x18d/0x580 [ 118.800374][ T7163] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 118.800391][ T7163] comedi_compat_ioctl+0x1d0/0x990 [ 118.800406][ T7163] ? __pfx_comedi_compat_ioctl+0x10/0x10 [ 118.800422][ T7163] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 118.800441][ T7163] ? do_vfs_ioctl+0x128/0x14f0 [ 118.800460][ T7163] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 118.800483][ T7163] ? find_held_lock+0x2b/0x80 [ 118.800494][ T7163] ? hook_file_ioctl_common+0x145/0x410 [ 118.800513][ T7163] ? __fget_files+0x20e/0x3c0 [ 118.800524][ T7163] ? __ia32_compat_sys_openat+0x160/0x210 [ 118.800539][ T7163] ? __pfx_comedi_compat_ioctl+0x10/0x10 [ 118.800555][ T7163] __ia32_compat_sys_ioctl+0x242/0x370 [ 118.800581][ T7163] __do_fast_syscall_32+0x7c/0x300 [ 118.800593][ T7163] do_fast_syscall_32+0x32/0x80 [ 118.800604][ T7163] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 118.800619][ T7163] RIP: 0023:0xf701e579 [ 118.800629][ T7163] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 118.800639][ T7163] RSP: 002b:00000000f540e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 118.800650][ T7163] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000040946400 [ 118.800658][ T7163] RDX: 00000000800000c0 RSI: 0000000000000000 RDI: 0000000000000000 [ 118.800664][ T7163] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 118.800670][ T7163] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 118.800677][ T7163] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 118.800691][ T7163] [ 118.800729][ T7163] Mem-Info: [ 118.949167][ T7163] active_anon:12494 inactive_anon:792 isolated_anon:0 [ 118.949167][ T7163] active_file:7075 inactive_file:47767 isolated_file:0 [ 118.949167][ T7163] unevictable:1768 dirty:577 writeback:0 [ 118.949167][ T7163] slab_reclaimable:6009 slab_unreclaimable:52831 [ 118.949167][ T7163] mapped:30931 shmem:8132 pagetables:1212 [ 118.949167][ T7163] sec_pagetables:302 bounce:0 [ 118.949167][ T7163] kernel_misc_reclaimable:0 [ 118.949167][ T7163] free:35022 free_pcp:120 free_cma:0 [ 118.968037][ T7163] Node 0 active_anon:0kB inactive_anon:3104kB active_file:0kB inactive_file:16800kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:8792kB dirty:8kB writeback:0kB shmem:3664kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8176kB pagetables:1212kB sec_pagetables:1152kB all_unreclaimable? yes Balloon:0kB [ 118.979073][ T7163] Node 0 DMA free:2448kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:480kB local_pcp:152kB free_cma:0kB [ 118.988435][ T7163] lowmem_reserve[]: 0 288 288 288 288 [ 118.990503][ T7163] Node 0 DMA: 46*4kB (U) 3*8kB (U) 6*16kB (U) 7*32kB (UM) 2*64kB (UM) 0*128kB 1*256kB (M) 1*512kB (M) 1*1024kB (M) 0*2048kB 0*4096kB = 2448kB [ 118.995229][ T7163] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 118.998174][ T7163] Node 0 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 119.002195][ T7163] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 119.005616][ T7163] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 119.008813][ T7163] 60170 total pagecache pages [ 119.049648][ T7163] 0 pages in swap cache [ 119.051137][ T7163] Free swap = 124996kB [ 119.052518][ T7163] Total swap = 124996kB [ 119.071596][ T7163] 524155 pages RAM [ 119.072931][ T7163] 0 pages HighMem/MovableOnly [ 119.075029][ T7163] 209492 pages reserved [ 119.076693][ T7163] 0 pages cma reserved [ 119.079275][ T7163] comedi comedi3: Buffer allocation failed [ 119.504228][ T6040] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 119.676325][ T6040] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 119.680693][ T6040] usb 8-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 119.694177][ T6040] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 119.706392][ T6040] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 119.709727][ T6040] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 119.727162][ T6040] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 119.730668][ T6040] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 119.733733][ T6040] usb 8-1: Product: syz [ 119.756467][ T6040] usb 8-1: Manufacturer: syz [ 119.781126][ T6040] cdc_wdm 8-1:1.0: skipping garbage [ 119.782985][ T6040] cdc_wdm 8-1:1.0: skipping garbage [ 119.795432][ T6040] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device [ 119.798138][ T6040] cdc_wdm 8-1:1.0: Unknown control protocol [ 119.981927][ T7198] syz.1.289 (7198): drop_caches: 2 [ 119.991191][ T7198] syz.1.289 (7198): drop_caches: 2 [ 120.222050][ T7204] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem [ 120.227946][ T7204] tipc: Started in network mode [ 120.230698][ T7204] tipc: Node identity , cluster identity 4711 [ 120.232738][ T7204] tipc: Failed to set node id, please configure manually [ 120.235573][ T7204] tipc: Enabling of bearer rejected, failed to enable media [ 120.626191][ T843] usb 8-1: USB disconnect, device number 6 [ 121.198676][ T7229] netlink: 896 bytes leftover after parsing attributes in process `syz.2.298'. [ 121.454660][ T843] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 121.647840][ T843] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 121.651928][ T843] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 121.655895][ T843] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 121.665312][ T843] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 121.669213][ T843] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 121.713197][ T843] usb 7-1: config 0 descriptor?? [ 121.975135][ T7237] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem [ 121.980431][ T7237] tipc: Started in network mode [ 121.983476][ T7237] tipc: Node identity , cluster identity 4711 [ 121.986296][ T7237] tipc: Failed to set node id, please configure manually [ 121.988854][ T7237] tipc: Enabling of bearer rejected, failed to enable media [ 122.350709][ T7229] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 122.353717][ T7229] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 122.385644][ T5714] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 122.476858][ T843] usbhid 7-1:0.0: can't add hid device: -71 [ 122.479099][ T843] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 122.484060][ T24] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 122.486791][ T843] usb 7-1: USB disconnect, device number 7 [ 122.545630][ T5714] usb 5-1: config 0 has no interfaces? [ 122.549433][ T5714] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 122.552436][ T5714] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 122.555420][ T5714] usb 5-1: Product: syz [ 122.557198][ T5714] usb 5-1: Manufacturer: syz [ 122.558810][ T5714] usb 5-1: SerialNumber: syz [ 122.562030][ T5714] usb 5-1: config 0 descriptor?? [ 122.635560][ T24] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 48, changing to 9 [ 122.639695][ T24] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8200, setting to 1024 [ 122.645425][ T24] usb 8-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 122.648996][ T24] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 122.656984][ T24] usb 8-1: config 0 descriptor?? [ 122.863115][ T24] usbhid 8-1:0.0: can't add hid device: -71 [ 122.867928][ T24] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 122.874475][ T24] usb 8-1: USB disconnect, device number 7 [ 123.414245][ T24] usb 8-1: new high-speed USB device number 8 using dummy_hcd [ 123.564090][ T24] usb 8-1: Using ep0 maxpacket: 32 [ 123.569866][ T24] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 48, changing to 9 [ 123.574591][ T24] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8200, setting to 1024 [ 123.578533][ T24] usb 8-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40 [ 123.582322][ T24] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 123.586888][ T24] usb 8-1: config 0 descriptor?? [ 123.590726][ T24] ldusb 8-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 123.598387][ T24] ldusb 8-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 123.992570][ T7246] ldusb 8-1:0.0: Read buffer overflow, 925 bytes dropped [ 124.240866][ T7272] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem [ 124.252981][ T7272] tipc: Started in network mode [ 124.257884][ T7272] tipc: Node identity , cluster identity 4711 [ 124.261445][ T7272] tipc: Failed to set node id, please configure manually [ 124.264720][ T7272] tipc: Enabling of bearer rejected, failed to enable media [ 124.720489][ T24] usb 8-1: USB disconnect, device number 8 [ 124.788093][ T24] ldusb 8-1:0.0: LD USB Device #0 now disconnected [ 125.733476][ T7285] netlink: 896 bytes leftover after parsing attributes in process `syz.0.314'. [ 125.899539][ T6061] usb 5-1: USB disconnect, device number 7 [ 126.431118][ T7297] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 126.524078][ T6061] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 126.560351][ T7302] netlink: 4 bytes leftover after parsing attributes in process `syz.3.319'. [ 126.666805][ T7305] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem [ 126.671808][ T7305] tipc: Started in network mode [ 126.674335][ T7305] tipc: Node identity , cluster identity 4711 [ 126.677555][ T7305] tipc: Failed to set node id, please configure manually [ 126.679746][ T7305] tipc: Enabling of bearer rejected, failed to enable media [ 127.006462][ T6061] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 127.010903][ T6061] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 127.032217][ T6061] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 127.054664][ T6061] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 127.059923][ T6061] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 127.086590][ T6061] usb 5-1: config 0 descriptor?? [ 127.329081][ T7316] "syz.2.323" (7316) uses obsolete ecb(arc4) skcipher [ 127.719525][ T7285] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 127.723783][ T7285] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 128.545470][ T7343] syz.1.327 (7343): drop_caches: 2 [ 128.548626][ T7343] syz.1.327 (7343): drop_caches: 2 [ 128.614652][ T6061] usbhid 5-1:0.0: can't add hid device: -71 [ 128.622361][ T6061] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 128.679475][ T6061] usb 5-1: USB disconnect, device number 8 [ 129.446865][ T7356] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer. [ 129.629917][ T7355] lo speed is unknown, defaulting to 1000 [ 129.704789][ T7362] PF_CAN: dropped non conform CAN FD skbuff: dev type 65534, len 64993 [ 130.034133][ T842] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 130.184147][ T842] usb 5-1: Using ep0 maxpacket: 32 [ 130.187853][ T842] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 130.191246][ T842] usb 5-1: config 1 has no interface number 1 [ 130.193183][ T842] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 130.199008][ T842] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 130.201908][ T842] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 130.204584][ T842] usb 5-1: Product: syz [ 130.206070][ T842] usb 5-1: Manufacturer: syz [ 130.207679][ T842] usb 5-1: SerialNumber: syz [ 130.428650][ T7368] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 130.435098][ T7368] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 130.458487][ T842] usb 5-1: 2:1: invalid format type 0x1001 is detected, processed as PCM [ 130.461622][ T842] usb 5-1: 2:1 : sample bitwidth 249 in over sample bytes 3 [ 130.464756][ T842] usb 5-1: 2:1 : invalid UAC_FORMAT_TYPE desc [ 130.482393][ T842] usb 5-1: USB disconnect, device number 9 [ 130.515884][ T6557] udevd[6557]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 130.559980][ T7374] netlink: 896 bytes leftover after parsing attributes in process `syz.3.338'. [ 130.802897][ T7381] syz.2.339 (7381): drop_caches: 2 [ 130.804231][ T6057] usb 8-1: new high-speed USB device number 9 using dummy_hcd [ 130.809884][ T7381] syz.2.339 (7381): drop_caches: 2 [ 131.046352][ T6057] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 131.052423][ T6057] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 131.058389][ T6057] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 131.073586][ T6057] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 131.078983][ T6057] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 131.235212][ T6057] usb 8-1: config 0 descriptor?? [ 131.699794][ T6057] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 131.976094][ T7374] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 131.980687][ T7374] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 132.506772][ T7410] netlink: 4 bytes leftover after parsing attributes in process `syz.0.348'. [ 133.394110][ T9] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 133.666802][ T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 48, changing to 9 [ 133.671673][ T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8240, setting to 1024 [ 133.704435][ T9] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 133.720343][ T9] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 133.723228][ T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 133.733810][ T9] usb 6-1: config 0 descriptor?? [ 133.752595][ T40] kauditd_printk_skb: 31 callbacks suppressed [ 133.752606][ T40] audit: type=1326 audit(1759118048.901:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7434 comm="syz.0.356" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f62598 code=0x7ffc0000 [ 133.772896][ T40] audit: type=1326 audit(1759118048.901:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7434 comm="syz.0.356" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f62598 code=0x7ffc0000 [ 133.784259][ T40] audit: type=1326 audit(1759118048.901:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7434 comm="syz.0.356" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f62598 code=0x7ffc0000 [ 133.793234][ T40] audit: type=1326 audit(1759118048.901:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7434 comm="syz.0.356" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f62598 code=0x7ffc0000 [ 133.800746][ T40] audit: type=1326 audit(1759118048.901:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7434 comm="syz.0.356" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f62579 code=0x7ffc0000 [ 133.808471][ T40] audit: type=1326 audit(1759118048.901:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7434 comm="syz.0.356" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f62579 code=0x7ffc0000 [ 133.816691][ T40] audit: type=1326 audit(1759118048.921:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7434 comm="syz.0.356" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f62598 code=0x7ffc0000 [ 133.825263][ T40] audit: type=1326 audit(1759118048.921:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7434 comm="syz.0.356" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f62598 code=0x7ffc0000 [ 133.832059][ T40] audit: type=1326 audit(1759118048.921:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7434 comm="syz.0.356" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f62598 code=0x7ffc0000 [ 133.839794][ T40] audit: type=1326 audit(1759118048.921:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7434 comm="syz.0.356" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f62579 code=0x7ffc0000 [ 133.904094][ T6057] usb 8-1: USB disconnect, device number 9 [ 135.133428][ T7449] netlink: 896 bytes leftover after parsing attributes in process `syz.0.359'. [ 135.234818][ T7452] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem [ 135.240001][ T7452] tipc: Started in network mode [ 135.241688][ T7452] tipc: Node identity , cluster identity 4711 [ 135.243802][ T7452] tipc: Failed to set node id, please configure manually [ 135.246374][ T7452] tipc: Enabling of bearer rejected, failed to enable media [ 135.404204][ T141] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 135.494112][ T7455] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5) [ 135.496305][ T7455] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 135.499144][ T7455] vhci_hcd vhci_hcd.0: Device attached [ 135.577859][ T141] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 135.581369][ T141] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 135.584883][ T141] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 135.588951][ T141] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 135.591964][ T141] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 135.605142][ T141] usb 5-1: config 0 descriptor?? [ 135.643650][ T7462] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5) [ 135.645921][ T7462] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 135.649813][ T7462] vhci_hcd vhci_hcd.0: Device attached [ 135.688425][ T7465] FAULT_INJECTION: forcing a failure. [ 135.688425][ T7465] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 135.689327][ T7465] [ 135.689333][ T7465] ====================================================== [ 135.689337][ T7465] WARNING: possible circular locking dependency detected [ 135.689342][ T7465] syzkaller #0 Not tainted [ 135.689347][ T7465] ------------------------------------------------------ [ 135.689350][ T7465] syz.2.361/7465 is trying to acquire lock: [ 135.689356][ T7465] ffffffff8e4ceb40 (console_owner){-.-.}-{0:0}, at: console_lock_spinning_enable+0x9f/0xd0 [ 135.689383][ T7465] [ 135.689383][ T7465] but task is already holding lock: [ 135.689386][ T7465] ffff88802b23a458 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130 [ 135.689407][ T7465] [ 135.689407][ T7465] which lock already depends on the new lock. [ 135.689407][ T7465] [ 135.689410][ T7465] [ 135.689410][ T7465] the existing dependency chain (in reverse order) is: [ 135.689414][ T7465] [ 135.689414][ T7465] -> #4 (&rq->__lock){-.-.}-{2:2}: [ 135.689426][ T7465] _raw_spin_lock_nested+0x31/0x40 [ 135.689441][ T7465] raw_spin_rq_lock_nested+0x29/0x130 [ 135.689450][ T7465] task_rq_lock+0xcf/0x490 [ 135.689459][ T7465] cgroup_move_task+0x81/0x2a0 [ 135.689470][ T7465] css_set_move_task+0x288/0x5f0 [ 135.689493][ T7465] cgroup_post_fork+0x201/0x9e0 [ 135.689502][ T7465] copy_process+0x5cfa/0x7690 [ 135.689515][ T7465] kernel_clone+0xfc/0x930 [ 135.689527][ T7465] user_mode_thread+0xc7/0x110 [ 135.689539][ T7465] rest_init+0x23/0x2b0 [ 135.689550][ T7465] start_kernel+0x3ee/0x4d0 [ 135.689563][ T7465] x86_64_start_reservations+0x18/0x30 [ 135.689576][ T7465] x86_64_start_kernel+0x130/0x190 [ 135.689589][ T7465] common_startup_64+0x13e/0x148 [ 135.689600][ T7465] [ 135.689600][ T7465] -> #3 (&p->pi_lock){-.-.}-{2:2}: [ 135.689613][ T7465] _raw_spin_lock_irqsave+0x3a/0x60 [ 135.689626][ T7465] try_to_wake_up+0xb7/0x1870 [ 135.689635][ T7465] __wake_up_common+0x132/0x1f0 [ 135.689648][ T7465] __wake_up+0x31/0x60 [ 135.689658][ T7465] tty_port_default_wakeup+0x2a/0x40 [ 135.689668][ T7465] serial8250_tx_chars+0x68e/0x860 [ 135.689678][ T7465] serial8250_handle_irq+0x761/0xcb0 [ 135.689688][ T7465] serial8250_default_handle_irq+0x9a/0x250 [ 135.689699][ T7465] serial8250_interrupt+0xf5/0x1b0 [ 135.689710][ T7465] __handle_irq_event_percpu+0x229/0x7d0 [ 135.689720][ T7465] handle_irq_event+0xab/0x1e0 [ 135.689729][ T7465] handle_edge_irq+0x3ca/0x9e0 [ 135.689737][ T7465] __common_interrupt+0xcd/0x2f0 [ 135.689751][ T7465] common_interrupt+0xba/0xe0 [ 135.689762][ T7465] asm_common_interrupt+0x26/0x40 [ 135.689772][ T7465] pv_native_safe_halt+0xf/0x20 [ 135.689786][ T7465] default_idle+0x13/0x20 [ 135.689795][ T7465] default_idle_call+0x6d/0xb0 [ 135.689805][ T7465] do_idle+0x391/0x510 [ 135.689814][ T7465] cpu_startup_entry+0x4f/0x60 [ 135.689823][ T7465] start_secondary+0x21d/0x2b0 [ 135.689837][ T7465] common_startup_64+0x13e/0x148 [ 135.689847][ T7465] [ 135.689847][ T7465] -> #2 (&tty->write_wait){-...}-{3:3}: [ 135.689860][ T7465] _raw_spin_lock_irqsave+0x3a/0x60 [ 135.689873][ T7465] __wake_up+0x1c/0x60 [ 135.689883][ T7465] tty_port_default_wakeup+0x2a/0x40 [ 135.689892][ T7465] serial8250_tx_chars+0x68e/0x860 [ 135.689901][ T7465] __start_tx+0x3df/0x490 [ 135.689910][ T7465] serial8250_start_tx+0x368/0x530 [ 135.689919][ T7465] __uart_start+0x292/0x500 [ 135.689932][ T7465] uart_write+0x218/0xb30 [ 135.689946][ T7465] n_tty_write+0x41f/0x11e0 [ 135.689956][ T7465] file_tty_write.constprop.0+0x504/0x9b0 [ 135.689972][ T7465] redirected_tty_write+0xd4/0x150 [ 135.689986][ T7465] vfs_write+0x7d0/0x11d0 [ 135.689998][ T7465] ksys_write+0x12a/0x250 [ 135.690009][ T7465] do_syscall_64+0xcd/0x4c0 [ 135.690017][ T7465] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 135.690027][ T7465] [ 135.690027][ T7465] -> #1 (&port_lock_key){-.-.}-{3:3}: [ 135.690039][ T7465] _raw_spin_lock_irqsave+0x3a/0x60 [ 135.690052][ T7465] serial8250_console_write+0x181/0x1890 [ 135.690063][ T7465] console_flush_all+0x801/0xc60 [ 135.690072][ T7465] console_unlock+0xd8/0x210 [ 135.690080][ T7465] vprintk_emit+0x418/0x6d0 [ 135.690089][ T7465] _printk+0xc7/0x100 [ 135.690102][ T7465] register_console+0xc2d/0x11b0 [ 135.690112][ T7465] univ8250_console_init+0x5f/0x90 [ 135.690126][ T7465] console_init+0x14f/0x680 [ 135.690139][ T7465] start_kernel+0x29f/0x4d0 [ 135.690151][ T7465] x86_64_start_reservations+0x18/0x30 [ 135.690164][ T7465] x86_64_start_kernel+0x130/0x190 [ 135.690177][ T7465] common_startup_64+0x13e/0x148 [ 135.690187][ T7465] [ 135.690187][ T7465] -> #0 (console_owner){-.-.}-{0:0}: [ 135.690199][ T7465] __lock_acquire+0x12a6/0x1ce0 [ 135.690212][ T7465] lock_acquire+0x179/0x350 [ 135.690224][ T7465] console_lock_spinning_enable+0xb0/0xd0 [ 135.690235][ T7465] console_flush_all+0x7aa/0xc60 [ 135.690244][ T7465] console_unlock+0xd8/0x210 [ 135.690252][ T7465] vprintk_emit+0x418/0x6d0 [ 135.690261][ T7465] _printk+0xc7/0x100 [ 135.690273][ T7465] should_fail_ex+0x4e7/0x640 [ 135.690289][ T7465] strncpy_from_user+0x3b/0x2e0 [ 135.690303][ T7465] strncpy_from_user_nofault+0x7f/0x180 [ 135.690318][ T7465] bpf_probe_read_compat_str+0xe8/0x180 [ 135.690332][ T7465] bpf_prog_9c0d99ba282d6bf1+0x49/0x4f [ 135.690340][ T7465] bpf_trace_run4+0x252/0x5b0 [ 135.690353][ T7465] __bpf_trace_sched_switch+0x145/0x190 [ 135.690363][ T7465] __schedule+0x183b/0x5de0 [ 135.690376][ T7465] preempt_schedule_irq+0x51/0x90 [ 135.690390][ T7465] irqentry_exit+0x36/0x90 [ 135.690405][ T7465] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 135.690415][ T7465] lock_acquire+0x62/0x350 [ 135.690428][ T7465] unwind_next_frame+0xd1/0x20a0 [ 135.690438][ T7465] arch_stack_walk+0x94/0x100 [ 135.690448][ T7465] stack_trace_save+0x8e/0xc0 [ 135.690459][ T7465] kasan_save_stack+0x33/0x60 [ 135.690471][ T7465] kasan_save_track+0x14/0x30 [ 135.690485][ T7465] kasan_save_free_info+0x3b/0x60 [ 135.690494][ T7465] __kasan_slab_free+0x60/0x70 [ 135.690506][ T7465] kmem_cache_free+0x2d1/0x4d0 [ 135.690517][ T7465] free_buffer_head+0x4e/0x110 [ 135.690528][ T7465] try_to_free_buffers+0x1c4/0x2d0 [ 135.690540][ T7465] filemap_release_folio+0x219/0x280 [ 135.690549][ T7465] shrink_folio_list+0x28a9/0x4880 [ 135.690559][ T7465] reclaim_folio_list+0xda/0x5d0 [ 135.690568][ T7465] reclaim_pages+0x47b/0x650 [ 135.690578][ T7465] madvise_cold_or_pageout_pte_range+0x1546/0x2120 [ 135.690593][ T7465] walk_pgd_range+0xc05/0x1f50 [ 135.690605][ T7465] __walk_page_range+0x163/0x820 [ 135.690617][ T7465] walk_page_range_vma+0x2c7/0xa20 [ 135.690629][ T7465] madvise_pageout+0x257/0x540 [ 135.690642][ T7465] madvise_vma_behavior+0xb22/0x2d60 [ 135.690656][ T7465] madvise_walk_vmas+0x31f/0x9c0 [ 135.690670][ T7465] madvise_do_behavior+0x1e2/0x530 [ 135.690684][ T7465] do_madvise+0x176/0x240 [ 135.690698][ T7465] __ia32_sys_madvise+0xa7/0x110 [ 135.690712][ T7465] __do_fast_syscall_32+0x7c/0x300 [ 135.690720][ T7465] do_fast_syscall_32+0x32/0x80 [ 135.690729][ T7465] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 135.690741][ T7465] [ 135.690741][ T7465] other info that might help us debug this: [ 135.690741][ T7465] [ 135.690744][ T7465] Chain exists of: [ 135.690744][ T7465] console_owner --> &p->pi_lock --> &rq->__lock [ 135.690744][ T7465] [ 135.690758][ T7465] Possible unsafe locking scenario: [ 135.690758][ T7465] [ 135.690760][ T7465] CPU0 CPU1 [ 135.690763][ T7465] ---- ---- [ 135.690765][ T7465] lock(&rq->__lock); [ 135.690771][ T7465] lock(&p->pi_lock); [ 135.690778][ T7465] lock(&rq->__lock); [ 135.690784][ T7465] lock(console_owner); [ 135.690790][ T7465] [ 135.690790][ T7465] *** DEADLOCK *** [ 135.690790][ T7465] [ 135.690792][ T7465] 6 locks held by syz.2.361/7465: [ 135.690798][ T7465] #0: ffff88804aefa220 (&mm->mmap_lock){++++}-{4:4}, at: madvise_lock+0x17b/0x230 [ 135.690824][ T7465] #1: ffffffff8e5c1520 (rcu_read_lock){....}-{1:3}, at: unwind_next_frame+0xbd/0x20a0 [ 135.690847][ T7465] #2: ffff88802b23a458 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130 [ 135.690869][ T7465] #3: ffffffff8e5c1520 (rcu_read_lock){....}-{1:3}, at: bpf_trace_run4+0x1d5/0x5b0 [ 135.690895][ T7465] #4: ffffffff8e5aef80 (console_lock){+.+.}-{0:0}, at: _printk+0xc7/0x100 [ 135.690922][ T7465] #5: ffffffff8e5aeff0 (console_srcu){....}-{0:0}, at: console_flush_all+0x158/0xc60 [ 135.690944][ T7465] [ 135.690944][ T7465] stack backtrace: [ 135.690949][ T7465] CPU: 1 UID: 0 PID: 7465 Comm: syz.2.361 Not tainted syzkaller #0 PREEMPT(full) [ 135.690962][ T7465] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 135.690969][ T7465] Call Trace: [ 135.690973][ T7465] [ 135.690977][ T7465] dump_stack_lvl+0x116/0x1f0 [ 135.690994][ T7465] print_circular_bug+0x275/0x350 [ 135.691008][ T7465] check_noncircular+0x14c/0x170 [ 135.691023][ T7465] __lock_acquire+0x12a6/0x1ce0 [ 135.691040][ T7465] lock_acquire+0x179/0x350 [ 135.691053][ T7465] ? console_lock_spinning_enable+0x9f/0xd0 [ 135.691064][ T7465] ? console_lock_spinning_enable+0x88/0xd0 [ 135.691075][ T7465] console_lock_spinning_enable+0xb0/0xd0 [ 135.691084][ T7465] ? console_lock_spinning_enable+0x9f/0xd0 [ 135.691097][ T7465] console_flush_all+0x7aa/0xc60 [ 135.691108][ T7465] ? __pfx_console_flush_all+0x10/0x10 [ 135.691121][ T7465] ? is_printk_cpu_sync_owner+0x32/0x40 [ 135.691134][ T7465] console_unlock+0xd8/0x210 [ 135.691143][ T7465] ? __pfx_console_unlock+0x10/0x10 [ 135.691153][ T7465] ? do_raw_spin_unlock+0xc0/0x230 [ 135.691169][ T7465] ? _printk+0xc7/0x100 [ 135.691183][ T7465] ? __down_trylock_console_sem+0xb0/0x140 [ 135.691199][ T7465] vprintk_emit+0x418/0x6d0 [ 135.691210][ T7465] ? __pfx_vprintk_emit+0x10/0x10 [ 135.691223][ T7465] _printk+0xc7/0x100 [ 135.691238][ T7465] ? __pfx__printk+0x10/0x10 [ 135.691252][ T7465] ? __pfx____ratelimit+0x10/0x10 [ 135.691267][ T7465] ? __lock_acquire+0x62e/0x1ce0 [ 135.691282][ T7465] should_fail_ex+0x4e7/0x640 [ 135.691299][ T7465] strncpy_from_user+0x3b/0x2e0 [ 135.691315][ T7465] strncpy_from_user_nofault+0x7f/0x180 [ 135.691329][ T7465] bpf_probe_read_compat_str+0xe8/0x180 [ 135.691345][ T7465] bpf_prog_9c0d99ba282d6bf1+0x49/0x4f [ 135.691353][ T7465] bpf_trace_run4+0x252/0x5b0 [ 135.691368][ T7465] ? __pfx_bpf_trace_run4+0x10/0x10 [ 135.691385][ T7465] ? kvm_sched_clock_read+0x11/0x20 [ 135.691399][ T7465] ? sched_clock+0x38/0x60 [ 135.691414][ T7465] __bpf_trace_sched_switch+0x145/0x190 [ 135.691423][ T7465] ? __pfx___bpf_trace_sched_switch+0x10/0x10 [ 135.691434][ T7465] ? __schedule+0x1861/0x5de0 [ 135.691449][ T7465] ? psi_task_switch+0x457/0xb10 [ 135.691461][ T7465] __schedule+0x183b/0x5de0 [ 135.691479][ T7465] ? __pfx___schedule+0x10/0x10 [ 135.691497][ T7465] ? lockdep_hardirqs_on+0x7c/0x110 [ 135.691516][ T7465] preempt_schedule_irq+0x51/0x90 [ 135.691531][ T7465] irqentry_exit+0x36/0x90 [ 135.691546][ T7465] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 135.691558][ T7465] RIP: 0010:lock_acquire+0x62/0x350 [ 135.691572][ T7465] Code: 0f 3f 12 83 f8 07 0f 87 bc 02 00 00 89 c0 48 0f a3 05 42 4d 14 0f 0f 82 74 02 00 00 8b 35 da 7e 14 0f 85 f6 0f 85 8d 00 00 00 <48> 8b 44 24 30 65 48 2b 05 99 0f 3f 12 0f 85 c7 02 00 00 48 83 c4 [ 135.691583][ T7465] RSP: 0018:ffffc90006bae7f0 EFLAGS: 00000206 [ 135.691591][ T7465] RAX: 0000000000000046 RBX: ffffffff8e5c1520 RCX: 000000009857470f [ 135.691598][ T7465] RDX: 0000000000000000 RSI: ffffffff8de2a35d RDI: ffffffff8c163780 [ 135.691605][ T7465] RBP: 0000000000000002 R08: 221910f6eea81161 R09: 0000000000000000 [ 135.691611][ T7465] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000 [ 135.691618][ T7465] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 135.691628][ T7465] ? unwind_next_frame+0x3f4/0x20a0 [ 135.691639][ T7465] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 135.691651][ T7465] unwind_next_frame+0xd1/0x20a0 [ 135.691662][ T7465] ? unwind_next_frame+0xbd/0x20a0 [ 135.691672][ T7465] ? shrink_folio_list+0x28a9/0x4880 [ 135.691682][ T7465] ? unwind_get_return_address+0x4e/0xa0 [ 135.691693][ T7465] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 135.691706][ T7465] arch_stack_walk+0x94/0x100 [ 135.691718][ T7465] ? shrink_folio_list+0x28a9/0x4880 [ 135.691729][ T7465] stack_trace_save+0x8e/0xc0 [ 135.691740][ T7465] ? __pfx_stack_trace_save+0x10/0x10 [ 135.691752][ T7465] ? __lock_acquire+0xb97/0x1ce0 [ 135.691767][ T7465] kasan_save_stack+0x33/0x60 [ 135.691778][ T7465] ? kasan_save_stack+0x33/0x60 [ 135.691790][ T7465] ? kasan_save_track+0x14/0x30 [ 135.691801][ T7465] ? kasan_save_free_info+0x3b/0x60 [ 135.691810][ T7465] ? __kasan_slab_free+0x60/0x70 [ 135.691823][ T7465] ? kmem_cache_free+0x2d1/0x4d0 [ 135.691834][ T7465] ? free_buffer_head+0x4e/0x110 [ 135.691845][ T7465] ? try_to_free_buffers+0x1c4/0x2d0 [ 135.691857][ T7465] ? filemap_release_folio+0x219/0x280 [ 135.691871][ T7465] ? shrink_folio_list+0x28a9/0x4880 [ 135.691896][ T7465] kasan_save_track+0x14/0x30 [ 135.691913][ T7465] kasan_save_free_info+0x3b/0x60 [ 135.691925][ T7465] __kasan_slab_free+0x60/0x70 [ 135.691943][ T7465] kmem_cache_free+0x2d1/0x4d0 [ 135.691963][ T7465] ? free_buffer_head+0x4e/0x110 [ 135.691982][ T7465] free_buffer_head+0x4e/0x110 [ 135.691996][ T7465] try_to_free_buffers+0x1c4/0x2d0 [ 135.692009][ T7465] ? __pfx_try_to_free_buffers+0x10/0x10 [ 135.692024][ T7465] filemap_release_folio+0x219/0x280 [ 135.692034][ T7465] shrink_folio_list+0x28a9/0x4880 [ 135.692046][ T7465] ? __pfx_shrink_folio_list+0x10/0x10 [ 135.692059][ T7465] ? mark_held_locks+0x49/0x80 [ 135.692073][ T7465] ? lockdep_hardirqs_on+0x7c/0x110 [ 135.692089][ T7465] ? on_each_cpu_cond_mask+0x40/0x90 [ 135.692106][ T7465] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 135.692118][ T7465] reclaim_folio_list+0xda/0x5d0 [ 135.692129][ T7465] ? __pfx_css_rstat_updated+0x10/0x10 [ 135.692140][ T7465] ? __pfx_reclaim_folio_list+0x10/0x10 [ 135.692153][ T7465] ? lru_gen_update_size+0x543/0xe10 [ 135.692165][ T7465] ? lru_gen_del_folio+0x32b/0x540 [ 135.692175][ T7465] reclaim_pages+0x47b/0x650 [ 135.692186][ T7465] ? __pfx_reclaim_pages+0x10/0x10 [ 135.692197][ T7465] ? find_held_lock+0x2b/0x80 [ 135.692207][ T7465] ? madvise_cold_or_pageout_pte_range+0x749/0x2120 [ 135.692224][ T7465] madvise_cold_or_pageout_pte_range+0x1546/0x2120 [ 135.692245][ T7465] ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10 [ 135.692262][ T7465] ? css_rstat_updated+0x1c2/0x510 [ 135.692273][ T7465] ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10 [ 135.692290][ T7465] walk_pgd_range+0xc05/0x1f50 [ 135.692307][ T7465] ? __pfx_walk_pgd_range+0x10/0x10 [ 135.692321][ T7465] __walk_page_range+0x163/0x820 [ 135.692335][ T7465] ? __lock_acquire+0xb97/0x1ce0 [ 135.692350][ T7465] walk_page_range_vma+0x2c7/0xa20 [ 135.692364][ T7465] ? __pfx_walk_page_range_vma+0x10/0x10 [ 135.692378][ T7465] ? find_held_lock+0x2b/0x80 [ 135.692390][ T7465] madvise_pageout+0x257/0x540 [ 135.692404][ T7465] ? __pfx_madvise_pageout+0x10/0x10 [ 135.692423][ T7465] madvise_vma_behavior+0xb22/0x2d60 [ 135.692439][ T7465] ? mas_prev_setup.constprop.0+0xb6/0x9d0 [ 135.692455][ T7465] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 135.692471][ T7465] ? __pfx_mas_prev+0x10/0x10 [ 135.692494][ T7465] ? find_vma_prev+0xda/0x160 [ 135.692510][ T7465] ? __pfx_find_vma_prev+0x10/0x10 [ 135.692528][ T7465] ? __lock_acquire+0x62e/0x1ce0 [ 135.692542][ T7465] madvise_walk_vmas+0x31f/0x9c0 [ 135.692558][ T7465] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 135.692575][ T7465] madvise_do_behavior+0x1e2/0x530 [ 135.692591][ T7465] ? __pfx_madvise_do_behavior+0x10/0x10 [ 135.692607][ T7465] ? down_read+0x13d/0x480 [ 135.692620][ T7465] do_madvise+0x176/0x240 [ 135.692634][ T7465] ? __pfx_do_madvise+0x10/0x10 [ 135.692649][ T7465] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 135.692667][ T7465] ? __pfx_native_flush_tlb_one_user+0x10/0x10 [ 135.692684][ T7465] ? __fget_files+0x20e/0x3c0 [ 135.692698][ T7465] ? __pfx_flush_tlb_func+0x10/0x10 [ 135.692712][ T7465] ? rcu_is_watching+0x12/0xc0 [ 135.692724][ T7465] __ia32_sys_madvise+0xa7/0x110 [ 135.692739][ T7465] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 135.692757][ T7465] __do_fast_syscall_32+0x7c/0x300 [ 135.692767][ T7465] do_fast_syscall_32+0x32/0x80 [ 135.692777][ T7465] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 135.692790][ T7465] RIP: 0023:0xf701e579 [ 135.692821][ T7465] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 135.692831][ T7465] RSP: 002b:00000000f53cc55c EFLAGS: 00000296 ORIG_RAX: 00000000000000db [ 135.692841][ T7465] RAX: ffffffffffffffda RBX: 0000000080000000 RCX: 0000000000600000 [ 135.692848][ T7465] RDX: 0000000000000015 RSI: 0000000000000000 RDI: 0000000000000000 [ 135.692854][ T7465] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 135.692860][ T7465] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 135.692866][ T7465] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 135.692875][ T7465] [ 136.300348][ T7465] CPU: 1 UID: 0 PID: 7465 Comm: syz.2.361 Not tainted syzkaller #0 PREEMPT(full) [ 136.300373][ T7465] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 136.300383][ T7465] Call Trace: [ 136.300392][ T7465] [ 136.300398][ T7465] dump_stack_lvl+0x116/0x1f0 [ 136.300421][ T7465] should_fail_ex+0x512/0x640 [ 136.300441][ T7465] strncpy_from_user+0x3b/0x2e0 [ 136.300457][ T7465] strncpy_from_user_nofault+0x7f/0x180 [ 136.300474][ T7465] bpf_probe_read_compat_str+0xe8/0x180 [ 136.300491][ T7465] bpf_prog_9c0d99ba282d6bf1+0x49/0x4f [ 136.300500][ T7465] bpf_trace_run4+0x252/0x5b0 [ 136.300516][ T7465] ? __pfx_bpf_trace_run4+0x10/0x10 [ 136.300533][ T7465] ? kvm_sched_clock_read+0x11/0x20 [ 136.300548][ T7465] ? sched_clock+0x38/0x60 [ 136.300564][ T7465] __bpf_trace_sched_switch+0x145/0x190 [ 136.300575][ T7465] ? __pfx___bpf_trace_sched_switch+0x10/0x10 [ 136.300586][ T7465] ? __schedule+0x1861/0x5de0 [ 136.300601][ T7465] ? psi_task_switch+0x457/0xb10 [ 136.300615][ T7465] __schedule+0x183b/0x5de0 [ 136.300633][ T7465] ? __pfx___schedule+0x10/0x10 [ 136.300647][ T7465] ? lockdep_hardirqs_on+0x7c/0x110 [ 136.300665][ T7465] preempt_schedule_irq+0x51/0x90 [ 136.300681][ T7465] irqentry_exit+0x36/0x90 [ 136.300696][ T7465] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 136.300709][ T7465] RIP: 0010:lock_acquire+0x62/0x350 [ 136.300724][ T7465] Code: 0f 3f 12 83 f8 07 0f 87 bc 02 00 00 89 c0 48 0f a3 05 42 4d 14 0f 0f 82 74 02 00 00 8b 35 da 7e 14 0f 85 f6 0f 85 8d 00 00 00 <48> 8b 44 24 30 65 48 2b 05 99 0f 3f 12 0f 85 c7 02 00 00 48 83 c4 [ 136.300734][ T7465] RSP: 0018:ffffc90006bae7f0 EFLAGS: 00000206 [ 136.300744][ T7465] RAX: 0000000000000046 RBX: ffffffff8e5c1520 RCX: 000000009857470f [ 136.300751][ T7465] RDX: 0000000000000000 RSI: ffffffff8de2a35d RDI: ffffffff8c163780 [ 136.300757][ T7465] RBP: 0000000000000002 R08: 221910f6eea81161 R09: 0000000000000000 [ 136.300764][ T7465] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000 [ 136.300770][ T7465] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 136.300780][ T7465] ? unwind_next_frame+0x3f4/0x20a0 [ 136.300817][ T7465] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 136.300836][ T7465] unwind_next_frame+0xd1/0x20a0 [ 136.300847][ T7465] ? unwind_next_frame+0xbd/0x20a0 [ 136.300857][ T7465] ? shrink_folio_list+0x28a9/0x4880 [ 136.300869][ T7465] ? unwind_get_return_address+0x4e/0xa0 [ 136.300880][ T7465] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 136.300892][ T7465] arch_stack_walk+0x94/0x100 [ 136.300905][ T7465] ? shrink_folio_list+0x28a9/0x4880 [ 136.300916][ T7465] stack_trace_save+0x8e/0xc0 [ 136.300928][ T7465] ? __pfx_stack_trace_save+0x10/0x10 [ 136.300940][ T7465] ? __lock_acquire+0xb97/0x1ce0 [ 136.300954][ T7465] kasan_save_stack+0x33/0x60 [ 136.300967][ T7465] ? kasan_save_stack+0x33/0x60 [ 136.300979][ T7465] ? kasan_save_track+0x14/0x30 [ 136.300990][ T7465] ? kasan_save_free_info+0x3b/0x60 [ 136.301000][ T7465] ? __kasan_slab_free+0x60/0x70 [ 136.301012][ T7465] ? kmem_cache_free+0x2d1/0x4d0 [ 136.301024][ T7465] ? free_buffer_head+0x4e/0x110 [ 136.301036][ T7465] ? try_to_free_buffers+0x1c4/0x2d0 [ 136.301048][ T7465] ? filemap_release_folio+0x219/0x280 [ 136.301058][ T7465] ? shrink_folio_list+0x28a9/0x4880 [ 136.301076][ T7465] kasan_save_track+0x14/0x30 [ 136.301088][ T7465] kasan_save_free_info+0x3b/0x60 [ 136.301098][ T7465] __kasan_slab_free+0x60/0x70 [ 136.301111][ T7465] kmem_cache_free+0x2d1/0x4d0 [ 136.301123][ T7465] ? free_buffer_head+0x4e/0x110 [ 136.301135][ T7465] free_buffer_head+0x4e/0x110 [ 136.301147][ T7465] try_to_free_buffers+0x1c4/0x2d0 [ 136.301165][ T7465] ? __pfx_try_to_free_buffers+0x10/0x10 [ 136.301180][ T7465] filemap_release_folio+0x219/0x280 [ 136.301191][ T7465] shrink_folio_list+0x28a9/0x4880 [ 136.301203][ T7465] ? __pfx_shrink_folio_list+0x10/0x10 [ 136.301216][ T7465] ? mark_held_locks+0x49/0x80 [ 136.301230][ T7465] ? lockdep_hardirqs_on+0x7c/0x110 [ 136.301246][ T7465] ? on_each_cpu_cond_mask+0x40/0x90 [ 136.301263][ T7465] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 136.301275][ T7465] reclaim_folio_list+0xda/0x5d0 [ 136.301285][ T7465] ? __pfx_css_rstat_updated+0x10/0x10 [ 136.301298][ T7465] ? __pfx_reclaim_folio_list+0x10/0x10 [ 136.301310][ T7465] ? lru_gen_update_size+0x543/0xe10 [ 136.301322][ T7465] ? lru_gen_del_folio+0x32b/0x540 [ 136.301332][ T7465] reclaim_pages+0x47b/0x650 [ 136.301344][ T7465] ? __pfx_reclaim_pages+0x10/0x10 [ 136.301355][ T7465] ? find_held_lock+0x2b/0x80 [ 136.301365][ T7465] ? madvise_cold_or_pageout_pte_range+0x749/0x2120 [ 136.301383][ T7465] madvise_cold_or_pageout_pte_range+0x1546/0x2120 [ 136.301403][ T7465] ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10 [ 136.301422][ T7465] ? css_rstat_updated+0x1c2/0x510 [ 136.301432][ T7465] ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10 [ 136.301449][ T7465] walk_pgd_range+0xc05/0x1f50 [ 136.301467][ T7465] ? __pfx_walk_pgd_range+0x10/0x10 [ 136.301481][ T7465] __walk_page_range+0x163/0x820 [ 136.301495][ T7465] ? __lock_acquire+0xb97/0x1ce0 [ 136.301510][ T7465] walk_page_range_vma+0x2c7/0xa20 [ 136.301524][ T7465] ? __pfx_walk_page_range_vma+0x10/0x10 [ 136.301538][ T7465] ? find_held_lock+0x2b/0x80 [ 136.301550][ T7465] madvise_pageout+0x257/0x540 [ 136.301565][ T7465] ? __pfx_madvise_pageout+0x10/0x10 [ 136.301584][ T7465] madvise_vma_behavior+0xb22/0x2d60 [ 136.301600][ T7465] ? mas_prev_setup.constprop.0+0xb6/0x9d0 [ 136.301616][ T7465] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 136.301632][ T7465] ? __pfx_mas_prev+0x10/0x10 [ 136.301649][ T7465] ? find_vma_prev+0xda/0x160 [ 136.301665][ T7465] ? __pfx_find_vma_prev+0x10/0x10 [ 136.301682][ T7465] ? __lock_acquire+0x62e/0x1ce0 [ 136.301697][ T7465] madvise_walk_vmas+0x31f/0x9c0 [ 136.301713][ T7465] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 136.301730][ T7465] madvise_do_behavior+0x1e2/0x530 [ 136.301746][ T7465] ? __pfx_madvise_do_behavior+0x10/0x10 [ 136.301762][ T7465] ? down_read+0x13d/0x480 [ 136.301775][ T7465] do_madvise+0x176/0x240 [ 136.301789][ T7465] ? __pfx_do_madvise+0x10/0x10 [ 136.301804][ T7465] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 136.301822][ T7465] ? __pfx_native_flush_tlb_one_user+0x10/0x10 [ 136.301840][ T7465] ? __fget_files+0x20e/0x3c0 [ 136.301854][ T7465] ? __pfx_flush_tlb_func+0x10/0x10 [ 136.301874][ T7465] ? rcu_is_watching+0x12/0xc0 [ 136.301891][ T7465] __ia32_sys_madvise+0xa7/0x110 [ 136.301914][ T7465] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 136.301939][ T7465] __do_fast_syscall_32+0x7c/0x300 [ 136.301955][ T7465] do_fast_syscall_32+0x32/0x80 [ 136.301970][ T7465] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 136.301991][ T7465] RIP: 0023:0xf701e579 [ 136.302005][ T7465] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 136.302021][ T7465] RSP: 002b:00000000f53cc55c EFLAGS: 00000296 ORIG_RAX: 00000000000000db [ 136.302037][ T7465] RAX: ffffffffffffffda RBX: 0000000080000000 RCX: 0000000000600000 [ 136.302047][ T7465] RDX: 0000000000000015 RSI: 0000000000000000 RDI: 0000000000000000 [ 136.302057][ T7465] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 136.302068][ T7465] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 136.302078][ T7465] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 136.302094][ T7465] [ 136.354262][ T60] usb 42-1: SetAddress Request (6) to port 0 [ 136.409174][ T9] usbhid 6-1:0.0: can't add hid device: -71 [ 136.423794][ T60] usb 42-1: new SuperSpeed USB device number 6 using vhci_hcd [ 136.424407][ T9] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 136.431908][ T7460] vhci_hcd: connection closed [ 136.435148][ T9] usb 6-1: USB disconnect, device number 3 [ 136.437618][ T46] vhci_hcd: stop threads [ 136.439561][ T842] usb 44-1: SetAddress Request (2) to port 0 [ 136.440836][ T46] vhci_hcd: release socket [ 136.443462][ T842] usb 44-1: new SuperSpeed USB device number 2 using vhci_hcd [ 136.450736][ T46] vhci_hcd: disconnect device [ 136.510042][ T141] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 136.684126][ T24] usb 8-1: new high-speed USB device number 10 using dummy_hcd [ 136.765499][ T7449] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 136.768966][ T7449] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 136.845317][ T24] usb 8-1: config 0 has no interfaces? [ 136.847176][ T24] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 136.850549][ T24] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 136.854703][ T24] usb 8-1: config 0 descriptor?? [ 137.245925][ T6095] usb 8-1: USB disconnect, device number 10 [ 137.250101][ T7463] vhci_hcd: connection reset by peer [ 137.252957][ T1178] vhci_hcd: stop threads [ 137.254566][ T1178] vhci_hcd: release socket [ 137.256081][ T1178] vhci_hcd: disconnect device [ 137.585123][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.594596][ T24] usb 5-1: USB disconnect, device number 10 [ 141.504131][ T60] usb 42-1: device descriptor read/8, error -110 [ 141.504180][ T842] usb 44-1: device descriptor read/8, error -110 [ 141.895035][ T842] usb usb44-port1: attempt power cycle [ 141.904474][ T60] usb usb42-port1: attempt power cycle [ 142.454439][ T842] usb usb44-port1: unable to enumerate USB device [ 142.474803][ T60] usb usb42-port1: unable to enumerate USB device VM DIAGNOSIS: 03:54:11 Registers: info registers vcpu 0 CPU#0 RAX=0000000080010005 RBX=0000000000000003 RCX=ffffffff816a0ca6 RDX=ffff888022ba2440 RSI=ffffffff816a3cfc RDI=0000000000000000 RBP=ffff88802b23a440 RSP=ffffc90000007b68 R8 =0000000000000000 R9 =0000000000000003 R10=0000000000000003 R11=0000000000000000 R12=0000000000000003 R13=0000000000000003 R14=ffff88802b23b380 R15=ffffed1005647488 RIP=ffffffff816a3cfd RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff8880974b9000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000800e6018 CR3=0000000050502000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=000000000000002d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8561ebe5 RDI=ffffffff9b103780 RBP=ffffffff9b103740 RSP=ffffc90006bade00 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d R12=0000000000000000 R13=000000000000002d R14=ffffffff9b103740 R15=ffffffff8561eb80 RIP=ffffffff8561ec0f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff8880975b9000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f53cbfac CR3=000000004efa8000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=ffff88802b23a440 RCX=ffffffff8b949896 RDX=ffffed1005647489 RSI=0000000000000004 RDI=ffff88802b23a440 RBP=0000000000000003 RSP=ffffc90006b7f9b0 R8 =0000000000000000 R9 =ffffed1005647488 R10=ffff88802b23a443 R11=0000000000000001 R12=ffffed1005647488 R13=0000000000000000 R14=ffff88802b43b380 R15=0000000000000002 RIP=ffffffff82207dc0 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff8880976b9000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000000a50000 CR3=0000000050502000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=000000536d3fe878 RBX=ffff88802b523a00 RCX=00000000000006e0 RDX=0000000000000053 RSI=ffff88802b523a00 RDI=00000000002566cb RBP=00000000002566cb RSP=ffffc900005e8ec8 R8 =0000000000000005 R9 =000000000000003f R10=0000000000000019 R11=ffffc900005e8ff8 R12=0000000000000000 R13=0000000000000000 R14=0000000000000019 R15=ffff88802b527c80 RIP=ffffffff81680db5 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff8880977b9000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000000a50000 CR3=000000004efa8000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000