last executing test programs: 1m41.894277297s ago: executing program 0 (id=885): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x24, 0x3c, 0x107, 0xfffffffc, 0x0, {0x3, 0x7c}, [@nested={0x4, 0x136}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x8e\n'}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@perf_event={0x4}}, 0x18) r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0) r3 = eventfd(0xc) r4 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r4, 0x560a, &(0x7f0000000100)={0x4, 0x0, 0x4, 0x0, 0x4002}) ioctl$VHOST_SET_LOG_FD(r2, 0x4004af07, &(0x7f0000000240)=r3) ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000040)={0x1, r3}) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74}) ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000c40)) ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0x1) unshare(0x64000600) r5 = getpid() sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4) r6 = openat$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000180)='io.pressure\x00', 0x2, 0x0) write$cgroup_pressure(r6, &(0x7f00000001c0)={'some', 0x20, 0x3, 0x20, 0x5}, 0x2f) sched_setaffinity(r5, 0x8, &(0x7f0000000240)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) fsopen(&(0x7f0000000080)='gfs2\x00', 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000700)=@newlink={0x40, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1004}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @vti={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VTI_LOCAL={0x8, 0x4, @rand_addr=0x64010101}]}}}, @IFLA_MTU={0x8}]}, 0x40}}, 0x0) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000700)={0x5c, 0x2, 0x6, 0x3, 0x0, 0x0, {0x3, 0x0, 0x8}, [@IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x0, 0x0, 0x40}, @IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0x2}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'list:set\x00'}]}, 0x5c}}, 0x0) 1m41.101674341s ago: executing program 0 (id=890): bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x1d, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005100000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000006c00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @lsm=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000021c0)=ANY=[@ANYBLOB="440000000906010200000000000000000700ffff180007800c00018008000140e0000002060004404e220000100008800c000780060005404e2200000500010007000000813460d19339d8d4f3c06a912a987924"], 0x44}, 0x1, 0x0, 0x0, 0x800}, 0x40cc080) r1 = msgget$private(0x0, 0xafb0e20fef6483ff) msgrcv(r1, 0x0, 0x0, 0x3, 0x1000) msgsnd(r1, 0x0, 0x0, 0x0) msgsnd(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="06"], 0x0, 0x800) msgrcv(0x0, &(0x7f0000000880)={0x0, ""/4096}, 0x1008, 0x3, 0x2000) socket$nl_netfilter(0x10, 0x3, 0xc) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000001c0)={{{@in6=@private2, @in=@local}}, {{@in=@loopback}, 0x0, @in=@remote}}, &(0x7f00000000c0)=0xe4) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000100), &(0x7f0000000140)=0xc) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000ac0)=@newtaction={0x30c, 0x30, 0x300, 0x71bd2a, 0x25dfdbff, {}, [{0x2f8, 0x1, [@m_gact={0x230, 0x110, 0x0, 0x0, {{0x9}, {0x4}, {0x201, 0x6, "0f617356f0a663079abe295a350af32575b7576a2846e5b3b3d9b048dc90bac2c3b40552dc14f7774371c98d6e2763d4fda783e36f45e224474cc6a0e6a530d841c87c70bbf3448d6187a58197fa3ffb0b318a51ba59415ac311a355fe1d08f8de9966d8ba89a56bfbc37c6af7d37dcdeb618f98f29bf3b05a23cefbbf51193614c08c162352d9eaad342b2f307dd8babd71ab8a1c4f80bbbbccc8ce4d369a33f9c6fc16198b2cfa20bc906e08c92c0642310e03f00a0ed12baa1df64f1bf0502f23ff4d6a5e05aa81fa19a9b88c32227231211d5d298a3c63d5549b1a72ad3a2c2dbf727e06036e6f15f608bea0e2a8ff93600a6133a9b45faa6924e7b9e8756e78750bdef4103fcd162842f48260e1dbb952cf91a4fdf9ca11cc86255d345cc97e3e5a060faa5892b6b343ae47592ed09d5829b187941331c8c321997cbc0395a6658c85915c1468ea768127b402af42155e96f11ef5f95a4118370c736689c029238b89e6a7a47d06e553b3f1968de8d30df98c713bd5d18d8c5e00aee2d650046089d3fd1abf65c454e7e5f582e3e17fde068a7d8cfdaf8831aca9c839662d70f7a7893073ad4a108e44a105d7ec27a1511d8775f389b68079b9fb5ba0f7bc4755ca4a45642090d553db4715ba07f0f54dd66544b89e6ad25c32d6f63d39e8d5e0034b5d37c947abfec5a54689a66f9355ac9a474b1e8da8ff31a3"}, {0xc}, {0xc, 0x8, {0x1, 0x2}}}}, @m_mpls={0xc4, 0x11, 0x0, 0x0, {{0x9}, {0xc, 0x2, 0x0, 0x1, [@TCA_MPLS_LABEL={0x8, 0x5, 0x8cb6c}]}, {0x8d, 0x6, "88d9d3ab36a0640efed1c86c8343987cdbacd2b0061700f91f1b866af73a932d18cdc7f81d9e91a9e5da9991bd8e1997683afee1a8b9b9c86eeebe71a0cd19510924dec12d4463a58a2b1c90aebc5d2b66c780e3a658282c980bcafd2038edc21272c594cb69bd461bfdeec127e4451c7c4160ab708f14b7e4a4f1eb6cce4a3313b170d05dfec44294"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0x2}}}}]}]}, 0x30c}, 0x1, 0x0, 0x0, 0x4048004}, 0x20040800) r3 = open(&(0x7f0000000280)='.\x00', 0x80000, 0x3) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) write$binfmt_elf64(r4, &(0x7f0000000380)=ANY=[@ANYBLOB="7f454c4600000006010000000000000003003e000000000003000000df00000040000000000000e79701000000000000000000000000380001"], 0x78) close(r4) execveat(r3, &(0x7f0000000180)='./file1\x00', 0x0, 0x0, 0x0) r5 = socket(0x10, 0x803, 0x0) sendto(r5, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r5, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) socket$inet_udplite(0x2, 0x2, 0x88) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$IPVS_CMD_GET_DAEMON(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000640)={0x14, r7, 0x6c04073ee59f7719, 0x0, 0x0, {0x4, 0x0, 0xa6ff}}, 0x14}}, 0x0) mount$tmpfs(0x0, &(0x7f0000000780)='./file1\x00', &(0x7f0000000880), 0x800080, &(0x7f0000002280)=ANY=[@ANYBLOB="67727071756f74615f696e6f64655f686172646c696d69743d252c736d61636b66eed129feffab1704fd36f24a7d405a73726f6f743d657569643c2c7365636c6162656c2c6c617a7974696d652c7375626a5f757365723d666f776e65722c66736d616769633d3078303030303030303030303030303030362c7063723d30303030303030303030303030303030303033322e00"]) sendmsg$IPVS_CMD_NEW_DEST(r5, &(0x7f0000000700)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000006c0)={&(0x7f0000001fc0)={0xe8, r7, 0x10, 0x70bd26, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xd}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x7}, @IPVS_CMD_ATTR_DAEMON={0x78, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'ip6_vti0\x00'}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @empty}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'pim6reg0\x00'}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'veth0_to_batadv\x00'}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x2}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x74}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x5}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x5}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x9}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xc}, @IPVS_CMD_ATTR_DEST={0x3c, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x5}, @IPVS_DEST_ATTR_L_THRESH={0x8}, @IPVS_DEST_ATTR_TUN_TYPE={0x5, 0xd, 0x1}, @IPVS_DEST_ATTR_TUN_TYPE={0x5}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0xf831}, @IPVS_DEST_ATTR_TUN_FLAGS={0x6}, @IPVS_DEST_ATTR_TUN_FLAGS={0x6}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x480000}]}, 0xe8}, 0x1, 0x0, 0x0, 0x4000080}, 0xc000) setreuid(0x0, 0x0) sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[], 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080) 1m40.232479691s ago: executing program 0 (id=895): socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = socket(0x10, 0x803, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x4, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0xc00}}}]}, 0x38}}, 0x0) r4 = socket(0x10, 0x803, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=@newtfilter={0x30, 0x2c, 0xd2b, 0x70bd2b, 0x0, {0x0, 0x0, 0x0, r5, {0xb, 0x3}, {0x0, 0xfff1}, {0x1, 0xfff3}}, [@filter_kind_options=@f_fw={{0x7}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x81}, 0x800) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) io_setup(0x3fe, 0x0) r6 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, 0x0, 0x0) syz_open_dev$mouse(&(0x7f00000000c0), 0x0, 0x2042) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r7 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121) r8 = dup(r7) write$6lowpan_enable(r8, &(0x7f0000000000)='0', 0xfffffd2c) r9 = syz_io_uring_setup(0x38fe, &(0x7f0000000300)={0x0, 0x1fffff, 0x10100}, &(0x7f0000000180)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r10, r11, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r7}) io_uring_enter(r9, 0x2def, 0x4000, 0x0, 0x0, 0x0) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0x2, 0x0, 0x6, 0x8}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0) 1m39.262400991s ago: executing program 0 (id=901): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$afs(0x0, &(0x7f0000002840)='./file0\x00', &(0x7f0000002880), 0x700, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn']) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) openat$dsp(0xffffffffffffff9c, 0x0, 0x802, 0x0) r1 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000000)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x12, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r5 = dup(r4) write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c) syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_SHUTDOWN) io_uring_enter(r1, 0x75fa, 0xe475, 0x0, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mount(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000580)='tracefs\x00', 0x0, 0x0) mkdirat(r5, &(0x7f0000000280)='./file0\x00', 0x161) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000400)='./file0/file0\x00', &(0x7f0000000380)='./file0\x00', 0x0, 0x3125899, 0x0) r6 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r6, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x202) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) getdents(0xffffffffffffffff, 0x0, 0x0) lseek(0xffffffffffffffff, 0x57, 0x1) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1801000020000000000000000000850000006d0000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000000000000000000000000004a4faefaa2ee94ddb8e14f9f2ab7c9722641fdc929bde3c40835144422dd8183a74c"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='tlb_flush\x00', r7}, 0x10) r8 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0) getdents64(r8, &(0x7f0000000380)=""/141, 0x8d) 1m38.704451532s ago: executing program 0 (id=904): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000002c0), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) bind$inet(r1, &(0x7f0000000340)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) r2 = userfaultfd(0x80001) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000140)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19) r3 = socket$xdp(0x2c, 0x3, 0x0) ioctl$UFFDIO_COPY(r2, 0xc028aa05, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000/0x3000)=nil, 0x3000}) close_range(0xffffffffffffffff, r3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000000640)={'filter\x00', 0x7, 0x4, 0x3c8, 0x10c, 0x10c, 0x10c, 0x2e8, 0x2e8, 0x2e8, 0x4, 0x0, {[{{@uncond, 0xbc, 0x10c}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @loopback, @loopback, 0x2}}}, {{@arp={@multicast2, @rand_addr=0x64010101, 0x0, 0xff, 0x10, 0x5, {@mac, {[0x0, 0x7f]}}, {@mac=@dev={'\xaa\xaa\xaa\xaa\xaa', 0x28}, {[0xff, 0xff, 0xff, 0x0, 0xff, 0x7f]}}, 0x100, 0x6, 0x858, 0x2, 0x3, 0x7f, 'gretap0\x00', 'vlan1\x00', {0xff}, {}, 0x0, 0x30}, 0xbc, 0xfc}, @unspec=@ERROR={0x40, 'ERROR\x00', 0x0, "53a145c767671fcf0c243d543b9d83f0863f3aac810f97fea80e1b838805"}}, {{@uncond, 0xbc, 0xe0}, @unspec=@NFQUEUE1={0x24, 'NFQUEUE\x00', 0x1, {0x9, 0x7}}}], {{'\x00', 0xbc, 0xe0}, {0x24}}}}, 0x414) r4 = creat(&(0x7f00000002c0)='./file0\x00', 0x6) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r5, 0x0, 0x30, 0x1, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000004c0)=[0x7], &(0x7f0000000500), 0x0, 0xff8e}}, 0x3c) r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/fib_triestat\x00') read$FUSE(r6, &(0x7f0000004800)={0x2020}, 0x2020) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000280)={'batadv_slave_0\x00', 0x0}) recvmsg(0xffffffffffffffff, &(0x7f0000002140)={&(0x7f0000000e00)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @ipv4={""/10, ""/2, @private}}}}, 0x80, &(0x7f00000003c0)=[{&(0x7f0000001080)=""/4096, 0x1000}, {&(0x7f0000000100)=""/61, 0x3d}, {&(0x7f00000001c0)=""/44, 0x2c}, {&(0x7f0000000e80)=""/138, 0x8a}, {&(0x7f0000000f40)=""/187, 0xbb}], 0x5, &(0x7f0000002080)=""/139, 0x8b}, 0x2000) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000c40)={r5, 0xe0, &(0x7f0000000b40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000500)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x3, 0x2, &(0x7f0000000300)=[0x0, 0x0, 0x0], &(0x7f0000000580)=[0x0, 0x0], 0x0, 0x36, &(0x7f0000000600)=[{}], 0x8, 0x10, &(0x7f0000000a80), &(0x7f0000000ac0), 0x8, 0x2c, 0x8, 0x8, &(0x7f0000000b00)}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0xe, 0x15, &(0x7f0000002180)=ANY=[@ANYBLOB="1800000004000000000000000100000085200000020000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000005f64c0ff0800000018", @ANYRES32=r4, @ANYBLOB="3eadffffffffffffff95e55684ec74870d0bc89626cc47", @ANYRES32=r6, @ANYBLOB="00000000000000003506f8fff0ffffffd32afffff0ffffff185200001000000000000000000000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x68, '\x00', r7, @sk_skb=0x26, r4, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000400)={0x5, 0xe, 0x7, 0xffff}, 0x10, r8, r5, 0x2, &(0x7f0000000c80)=[0x1], &(0x7f0000000cc0)=[{0x5, 0x5, 0xc, 0x4}, {0x0, 0x3, 0x10, 0xa}], 0x10, 0x5, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000380)='cachefiles_ondemand_fd_release\x00', 0xffffffffffffffff, 0x0, 0x100000000000}, 0x18) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_open_dev$sndmidi(&(0x7f0000000180), 0x400, 0x4000) r9 = socket$netlink(0x10, 0x3, 0x0) read(0xffffffffffffffff, &(0x7f0000000080)=""/1, 0x1) write$FUSE_NOTIFY_INVAL_ENTRY(0xffffffffffffffff, &(0x7f0000000dc0)={0x23, 0x3, 0x0, {0x2, 0x2, 0x0, '\']'}}, 0x23) sendmsg$nl_route(r9, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001000)=ANY=[@ANYBLOB="6c00000010001fff010000000000000000060000", @ANYRES32=0x0, @ANYBLOB="81ffffff00000000440012800b00010067656e6576650000340002800500090000000000050009000100000005000a000000000005000300f90000000500040040000000050004000800000008000a00", @ANYBLOB="b5"], 0x6c}}, 0x0) 1m38.201825043s ago: executing program 0 (id=912): socket(0x200000000000011, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x2, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x6e}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x8002, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x16, 0xe, &(0x7f0000001480)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe00000000850000001a000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d55906000000000f0000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd8000000000000080231c61ccd106cb937b450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e1179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9ccd5788029901e5a79d8b9990ace8f74087f25ad50c46088"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000340), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000040000000030a01080000000000000000010040000900030073797a320000000014000480080002400000000008000140000000000900010073797a300000000088000000060a010400000000000000000100000008000b40000000000900010073797a3000000000600004805c0001800b0001007470726f787900"], 0x110}}, 0x40040) r4 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001300)='/proc/consoles\x00', 0x0, 0x0) preadv(r5, &(0x7f0000000000)=[{&(0x7f0000000080)=""/4094, 0xbd}], 0x1, 0x33, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000100)={'wlan0\x00', 0x0}) r7 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$inet6_tcp_TCP_ULP(r7, 0x6, 0x1f, &(0x7f0000000000), 0x4) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000003900000008000300", @ANYRES32=r6], 0x40}}, 0x0) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r8, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000003dc0)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000090000000a20000000000a05140000000000000000010000000900010073797a300000000058000000160a09000900000000000000010000000900010073797a30000000000900020073797a32000000002c00038018000380140001006d616373656330000000000000000000080002400000000008000140000000001400000011"], 0xa0}}, 0x0) sendmsg$NFT_BATCH(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="14000000100001000000dfff000000000100000a14000000020a05ffff00000000000000000000801400000011000100ffffffff00c47a0000000000000a"], 0x3c}, 0x1, 0x1200}, 0x4000000) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_init_net_socket$netrom(0x6, 0x5, 0x0) 1m38.10649377s ago: executing program 32 (id=912): socket(0x200000000000011, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x2, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x6e}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x8002, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x16, 0xe, &(0x7f0000001480)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe00000000850000001a000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d55906000000000f0000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd8000000000000080231c61ccd106cb937b450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e1179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9ccd5788029901e5a79d8b9990ace8f74087f25ad50c46088"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000340), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000040000000030a01080000000000000000010040000900030073797a320000000014000480080002400000000008000140000000000900010073797a300000000088000000060a010400000000000000000100000008000b40000000000900010073797a3000000000600004805c0001800b0001007470726f787900"], 0x110}}, 0x40040) r4 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001300)='/proc/consoles\x00', 0x0, 0x0) preadv(r5, &(0x7f0000000000)=[{&(0x7f0000000080)=""/4094, 0xbd}], 0x1, 0x33, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000100)={'wlan0\x00', 0x0}) r7 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$inet6_tcp_TCP_ULP(r7, 0x6, 0x1f, &(0x7f0000000000), 0x4) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000003900000008000300", @ANYRES32=r6], 0x40}}, 0x0) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r8, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000003dc0)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000090000000a20000000000a05140000000000000000010000000900010073797a300000000058000000160a09000900000000000000010000000900010073797a30000000000900020073797a32000000002c00038018000380140001006d616373656330000000000000000000080002400000000008000140000000001400000011"], 0xa0}}, 0x0) sendmsg$NFT_BATCH(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="14000000100001000000dfff000000000100000a14000000020a05ffff00000000000000000000801400000011000100ffffffff00c47a0000000000000a"], 0x3c}, 0x1, 0x1200}, 0x4000000) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_init_net_socket$netrom(0x6, 0x5, 0x0) 3.828247871s ago: executing program 3 (id=1504): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'macvlan1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000003c0)=@newlink={0x40, 0x10, 0x503, 0x21, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x188c3, 0x43037}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @hsr={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_HSR_SLAVE1={0x8, 0x1, r1}, @IFLA_HSR_SLAVE2={0x8}]}}}]}, 0x40}}, 0x4) 3.828001595s ago: executing program 3 (id=1505): unshare(0x22020600) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) getpeername(0xffffffffffffffff, 0x0, 0x0) 3.731601849s ago: executing program 3 (id=1506): ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000200)={0x0, 0x7}, 0x8) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000000)={0x0, 0xcc}, 0x8) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000040)=ANY=[], 0x1000f) 3.731301376s ago: executing program 3 (id=1507): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e) socket$nl_audit(0x10, 0x3, 0x9) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000140), 0x8) sendto$inet6(0xffffffffffffffff, &(0x7f0000847fff), 0x0, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, '\x00', 0x2a}}, 0x1c) sched_setattr(0x0, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401) set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) 2.990170861s ago: executing program 1 (id=1508): ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0xdc, 0x0, 0x2, 0x0, 0x8}) r0 = openat$cuse(0xffffff9c, &(0x7f00000000c0), 0x2, 0x0) read$FUSE(r0, &(0x7f0000002300)={0x2020}, 0x2020) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_io_uring_submit(0x0, 0x0, 0x0) r4 = openat$vim2m(0xffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$IOMMU_VFIO_IOAS$GET(0xffffffffffffffff, 0x3b88, &(0x7f0000000100)={0xc}) ioctl$vim2m_VIDIOC_TRY_FMT(r4, 0xc0cc5640, &(0x7f0000000540)={0x1, @sdr={0x36314d4e, 0x7}}) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) r5 = socket$nl_route(0x10, 0x3, 0x0) add_key(&(0x7f0000000080)='asymmetric\x00', 0x0, &(0x7f0000000500)="e306644c2f0b801228a9253e", 0xc, 0xfffffffffffffffd) sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="4400000010002104000000080000000000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000001c0012800b00010067726574617000000c00028008000100", @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x44}}, 0x0) syz_open_dev$tty20(0xc, 0x4, 0x1) 2.806581572s ago: executing program 3 (id=1509): r0 = socket$inet6(0xa, 0x800000000000002, 0x0) sendmsg$TIPC_CMD_SHOW_NAME_TABLE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x2c040090) close(r0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000480)=0x400000001, 0x4) setsockopt$inet6_tcp_int(r1, 0x6, 0x22, &(0x7f0000356000)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000340)={0xa, 0x0, 0x0, @loopback}, 0x1c) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="020d00051400000000000000000000000800120000000200c06b6e000000000006000000000000000000000000000000e00000020000000000000000000000000000000000000000000000000000000105000500008000000a0000000000000000000000000000000000000000000001000000000000000005000600ff4700000a"], 0xa0}}, 0x0) sendto$inet6(r1, 0x0, 0x0, 0x2000c000, 0x0, 0x0) 2.721489793s ago: executing program 3 (id=1510): socket$inet6_tcp(0xa, 0x1, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, 0x0, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) r1 = syz_io_uring_setup(0x1330, &(0x7f0000000380)={0x0, 0x263c, 0x2, 0x3, 0x212}, &(0x7f0000000540), &(0x7f0000000580)) io_uring_enter(r1, 0x4d0c, 0x1993, 0x32, 0x0, 0x0) set_mempolicy(0x6005, &(0x7f0000000080)=0xfffffffffffffffd, 0x4) openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0xc440, 0x0) r2 = syz_io_uring_setup(0x7962, &(0x7f0000000080)={0x0, 0x7fd, 0x10100}, &(0x7f0000000240)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x40, 0x0, 0x3, 0x0, 0x0, 0xce, 0x0, 0x1}) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r5, &(0x7f00000001c0)=ANY=[@ANYBLOB='.'], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r5, 0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_MKDIRAT={0x25, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}) io_uring_enter(r2, 0x2d3e, 0x0, 0x0, 0x0, 0x0) ioctl$sock_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f00000002c0)={0x0, @phonet={0x23, 0x4, 0x2, 0x6}, @hci={0x1f, 0x3, 0x2}, @isdn={0x22, 0x0, 0x6, 0x0, 0x5}, 0x80, 0x0, 0x0, 0x0, 0xa, 0x0, 0x8, 0x7ba, 0x5}) syz_usb_connect(0x5, 0x24, &(0x7f0000000440)=ANY=[], &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="230314"]}]}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000600)={'macvtap0\x00'}) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f00000000c0)) ioctl$TUNSETTXFILTER(0xffffffffffffffff, 0x400454d1, &(0x7f0000000240)=ANY=[@ANYBLOB]) 2.241921143s ago: executing program 2 (id=1513): ioctl$KDSKBENT(0xffffffffffffffff, 0x4b47, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380), 0x80042, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xe) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0) ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246) ioctl$PPPIOCSFLAGS1(r1, 0x40047459, &(0x7f00000003c0)=0xc446806) write$binfmt_aout(r1, &(0x7f0000000280)=ANY=[], 0xfce1) 2.24171259s ago: executing program 2 (id=1514): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000080000000d"], 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00'}, 0x10) 2.191860593s ago: executing program 2 (id=1515): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, 0x0, 0x0) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bind$unix(r1, &(0x7f0000000240)=@file={0x1, './file0\x00'}, 0x6e) 2.101435368s ago: executing program 1 (id=1516): openat$tun(0xffffffffffffff9c, 0x0, 0x48241, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) umount2(&(0x7f0000000000)='./file0\x00', 0x4) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r2 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x122c42) ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f0000000440)={r1, 0x2000, {0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x1c, "339f020bbe78b39843d601010000000000080d0ec0c1b4e9b1c4369d03741250ceaac50104000041dd17c18e8438ef2a565ef1e833236500", "a1163939c787a16c1ca43f8539f3d3289737f0374c72a964a0193b3e8772fd29f35239d200", "24431a1e77a68e174f000000000000000010e200"}}) 1.415689143s ago: executing program 4 (id=1518): r0 = io_uring_setup(0xf08, &(0x7f0000000780)={0x0, 0x826e, 0x10000, 0x3, 0x6}) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000000640)=[{0x0}], 0x1) syz_clone3(&(0x7f0000000000)={0x285002400, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x46) io_uring_register$IORING_REGISTER_FILES(r0, 0x1e, &(0x7f0000000000)=[r0], 0x1) 1.350122746s ago: executing program 4 (id=1519): r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000340)=@raw={'raw\x00', 0x8, 0x3, 0x1e8, 0x98, 0x8, 0xfa04, 0x0, 0x6c02, 0x150, 0x194, 0x194, 0x98, 0x194, 0x3, 0x0, {[{{@ip={@empty=0x1e00, @broadcast, 0x0, 0x0, 'sit0\x00', 'ip6_vti0\x00', {}, {}, 0x6, 0x0, 0x4a}, 0x0, 0x70, 0x98, 0x0, {0x0, 0x74020000}}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0xffff}}}, {{@uncond, 0x0, 0x70, 0xb8}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0xffff, 0x0, 0x0, 'snmp\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x248) 1.349886569s ago: executing program 4 (id=1520): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, 0x0, 0x0) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) syz_open_procfs(0x0, &(0x7f00000000c0)='uid_map\x00') socket$inet6(0xa, 0x1, 0x0) r3 = io_uring_setup(0x3f6e, &(0x7f0000000040)) io_uring_register$IORING_REGISTER_FILES2(r3, 0xf, &(0x7f0000000380)={0x60, 0x1, 0x0, 0x0, 0x0}, 0x20) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r3, 0x10, &(0x7f0000001f80)={0x4, 0x0, &(0x7f0000000e00)=[{&(0x7f0000000b00)=""/91, 0x5b}], &(0x7f0000000800)=[0x1], 0x1}, 0x20) 1.349602953s ago: executing program 2 (id=1521): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121) r2 = dup(r1) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) syz_io_uring_setup(0x6d8a, &(0x7f0000000300)={0x0, 0x40ac, 0x10000, 0x2, 0x3f, 0x0, r2}, &(0x7f0000000180), &(0x7f00000001c0)) r3 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) r4 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r4, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, r5, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(r4, 0xc06864ce, &(0x7f0000000440)={r6, 0x0, 0x0, 0x0, 0x0, [0x0]}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0x2, 0xb5}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, &(0x7f0000000080)={r7, 0x0, 0xffffffffffffffff}) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r4, 0xc00c642e, &(0x7f0000000300)={0x0, 0x0, r8}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r4, 0xc00c642d, &(0x7f0000000040)) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file0\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1/file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) rmdir(&(0x7f0000000440)='./file0\x00') 1.291500369s ago: executing program 4 (id=1522): syz_usb_connect(0x0, 0x4bc, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000845dcf0886124620b705010203010902aa04010003f00109047a0008ff04010009050100100000ff0909050a1000020101070905080e0800030180c71004f2a7471c03c0f3f4ca2fea06ed21c2893b526ca2ae4c6320285e61c7047008590b991f436e3dcb5e0a1e180c381883c8206e6823e6d13fb81f0050a160ee9c434d7599cdd5f1ebcb129c56aadf40ff9bd4e08e2e2701d1a2325e6eecf743f153034002ed1ce648aa24f2420f7b00c7b1e15245f9fd34231e7349ca6e3d5d096a7fde77e474be9a5fa5e69845a9474d4c35559576f4b2f6f38feb66df28fe237e3c05936389a7fd1b7f94c6166ae96f05dc295dc87750b5957cba11c6de922bf99efc5f9fb10dd55721f362d7a05dd1802888b38b87c9ee4af756a664452ebf8f33878a667fa70cd73e11f24ab5bc75b40399afd783816f9447829638089e3508af95b7518d3369f3e264ae5e1e37dfba96b24f3c1d8654dfc3bd03c9109a2c01c382233fe4a536bc434780ae1a3a8a450aa1e8b7e48b490fcaf7d95fd259f7fa80a98b86a310f6d183650ffbdf9b83111d568afa3f988d5433f48409ba6c29d1781393b73e2ecf4fe109d9dff94bf88e30b1171af709058802ff0304050dad31acefaed5b641901b1c4d"], 0x0) syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0) syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0) syz_usb_connect$cdc_ncm(0x3, 0x0, 0x0, 0x0) r0 = syz_usb_connect(0x0, 0x34, 0x0, 0x0) syz_usb_connect$hid(0x6, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0xff, 0x17ef, 0x60b5, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0xff, 0x20, 0xff, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x3, 0x1, 0x0, 0x1, {0x9, 0x21, 0x8, 0x2, 0x1, {0x22, 0xf4f}}, {{{0x9, 0x5, 0x81, 0x3, 0x200, 0x3, 0x80, 0x5}}}}}]}}]}}, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_connect$hid(0x2, 0x36, 0x0, 0x0) r1 = syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0) syz_usb_control_io(r1, 0x0, 0x0) syz_usb_connect(0x5, 0x2d, &(0x7f0000000000)={{0x12, 0x1, 0x310, 0x1e, 0xcd, 0x2b, 0x20, 0x1410, 0xa001, 0xec5b, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x2, 0x6, 0x4d, 0x40, 0xf, [{{0x9, 0x4, 0x3, 0x0, 0x0, 0x81, 0x7b, 0xe1, 0x2}}, {{0x9, 0x4, 0xfa, 0x59, 0x0, 0xff, 0x0, 0x40, 0xb}}]}}]}}, 0x0) 1.122293897s ago: executing program 1 (id=1523): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0) ioctl$EVIOCGPROP(r0, 0x40047438, &(0x7f0000000180)=""/246) ioctl$PPPIOCGFLAGS1(r0, 0x8004745a, &(0x7f0000000100)) 1.051880281s ago: executing program 1 (id=1524): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1) sched_setaffinity(0x0, 0x8, &(0x7f0000000380)=0x400000bce) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000034000)=""/102400, 0x19000) r2 = syz_io_uring_setup(0x110, &(0x7f00000000c0)={0x0, 0x10, 0x0, 0x3, 0x80}, &(0x7f0000000180)=0x0, &(0x7f0000000280)=0x0) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000300)=[0xffffffffffffffff], 0x1) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_FILES_UPDATE={0x14, 0x0, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000040), 0x1b}) io_uring_enter(r2, 0x47f6, 0x4f07, 0x0, 0x0, 0x0) openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) 953.660356ms ago: executing program 2 (id=1525): fsopen(&(0x7f0000000000)='sysfs\x00', 0x0) r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mkdir(&(0x7f0000000400)='./file0\x00', 0x0) r4 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB, @ANYRES32=0x0], 0x6c}}, 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='tmpfs\x00', 0x0, &(0x7f00000001c0)='grpquota') r5 = syz_open_dev$sndctrl(&(0x7f0000000300), 0x1, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r5, 0xc2c45512, 0x0) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000380)=@raw={'raw\x00', 0x8, 0x3, 0x2a0, 0x0, 0x11, 0x148, 0x0, 0x10, 0x20c, 0x2a8, 0x2a8, 0x20c, 0x2a8, 0xac, 0x0, {[{{@ip={@multicast2, @multicast2, 0x0, 0x0, 'veth1_vlan\x00', 'sit0\x00'}, 0x10, 0xf4, 0x13c, 0x1c, {}, [@common=@unspec=@helper={{0x44}, {0x0, 'irc-20000\x00'}}, @common=@unspec=@connlimit={{0x40}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@local, 'ip6gre0\x00', {0x2}}}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0xffffffffffffffff, [0x2, 0x0, 0x5, 0x7, 0x6, 0x1], 0x5, 0x3}, {0x3, [0x2, 0x2, 0x3, 0x6, 0x2, 0x3], 0x2, 0x3}}}}], {{'\x00', 0xc8, 0x70, 0x94}, {0x24}}}}, 0x2fc) socket$nl_crypto(0x10, 0x3, 0x15) sendmsg$nl_crypto(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=@get={0xe0, 0x13, 0x0, 0x0, 0x0, {{'streebog512-generic\x00'}}}, 0xe0}}, 0x0) syz_emit_ethernet(0x2a, 0x0, 0x0) socket$unix(0x1, 0x5, 0x0) sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)={0x114, 0x2d, 0x101, 0x0, 0x0, "", [@nested={0x104, 0x0, 0x0, 0x1, [@typed={0xc, 0x11, 0x0, 0x0, @u64=0x8000000000000000}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@loopback={0x100000000000}}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd3f8cd1"]}]}, 0x114}], 0x1}, 0x0) 72.460954ms ago: executing program 4 (id=1526): r0 = socket(0x2a, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000780)=@gettaction={0x14, 0x32, 0x1, 0x70bd2a, 0x25dfdbfc}, 0x14}}, 0x0) getsockname$packet(r0, &(0x7f0000000540)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000}, 0x8000) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000680)=@newtfilter={0x40, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0xfffa, 0xe}, {}, {0x1c, 0xfff9}}, [@filter_kind_options=@f_matchall={{0xd}, {0xc, 0x2, [@TCA_MATCHALL_CLASSID={0x8, 0x1, {0x2}}]}}]}, 0x40}}, 0x24000000) r2 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0) 64.829272ms ago: executing program 2 (id=1527): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000080)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]}) io_submit(0x0, 0x0, 0x0) 363.525µs ago: executing program 4 (id=1528): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = getpid() syz_open_procfs(r3, &(0x7f00000000c0)='uid_map\x00') mremap(&(0x7f00009d1000/0x4000)=nil, 0x4000, 0x4000, 0x3, &(0x7f00002a0000/0x4000)=nil) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x0) 151.165µs ago: executing program 1 (id=1529): syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_num_comp_pkts={{0x13, 0x1}}}, 0x4) 0s ago: executing program 1 (id=1530): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000000c0)={0x5c, r1, 0x1, 0x70bd2d, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME={0x3e, 0x33, @action={{{}, {0x10}, @device_a, @device_a, @initial, {0x0, 0x400}}, @sp_mp_close={0xf, 0x3, {{0x72, 0x6}, {0x75, 0x16, {0x0, 0x7, @val=0x9c, @void, @val="9943b2de8192eb271f5520198f2f23ab"}}}}}}]}, 0x5c}, 0x1, 0x0, 0x0, 0xc0}, 0x0) kernel console output (not intermixed with test programs): Cannot enable quota on remount [ 128.403995][ T7881] input: syz1 as /devices/virtual/input/input51 [ 128.423531][ T7883] netlink: 'syz.3.512': attribute type 4 has an invalid length. [ 128.476212][ T7887] input: syz1 as /devices/virtual/input/input52 [ 129.079056][ T7901] netlink: 12 bytes leftover after parsing attributes in process `syz.2.518'. [ 129.157173][ T40] kauditd_printk_skb: 28 callbacks suppressed [ 129.157185][ T40] audit: type=1326 audit(1746840749.648:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7905 comm="syz.1.521" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f12579 code=0x0 [ 129.293692][ T7912] input: syz1 as /devices/virtual/input/input53 [ 129.350486][ T7914] tmpfs: Cannot enable quota on remount [ 129.379988][ T7916] netlink: 36 bytes leftover after parsing attributes in process `syz.2.520'. [ 129.459735][ T7920] FAULT_INJECTION: forcing a failure. [ 129.459735][ T7920] name failslab, interval 1, probability 0, space 0, times 0 [ 129.463863][ T7920] CPU: 1 UID: 0 PID: 7920 Comm: syz.3.524 Not tainted 6.15.0-rc5-syzkaller-00204-g0e1329d4045c #0 PREEMPT(full) [ 129.463888][ T7920] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 129.463893][ T7920] Call Trace: [ 129.463898][ T7920] [ 129.463902][ T7920] dump_stack_lvl+0x16c/0x1f0 [ 129.463919][ T7920] should_fail_ex+0x512/0x640 [ 129.463932][ T7920] ? fs_reclaim_acquire+0xae/0x150 [ 129.463948][ T7920] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 129.463961][ T7920] should_failslab+0xc2/0x120 [ 129.463974][ T7920] __kmalloc_noprof+0xd2/0x510 [ 129.463988][ T7920] tomoyo_realpath_from_path+0xc2/0x6e0 [ 129.464003][ T7920] ? tomoyo_profile+0x47/0x60 [ 129.464019][ T7920] tomoyo_path_number_perm+0x245/0x580 [ 129.464029][ T7920] ? tomoyo_path_number_perm+0x237/0x580 [ 129.464041][ T7920] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 129.464053][ T7920] ? finish_task_switch.isra.0+0x221/0xc10 [ 129.464078][ T7920] ? find_held_lock+0x2b/0x80 [ 129.464087][ T7920] ? hook_file_ioctl_common+0x145/0x410 [ 129.464098][ T7920] ? __fget_files+0x204/0x3c0 [ 129.464115][ T7920] ? __fget_files+0x20e/0x3c0 [ 129.464131][ T7920] security_file_ioctl_compat+0x9b/0x240 [ 129.464145][ T7920] __ia32_compat_sys_ioctl+0xc3/0x360 [ 129.464160][ T7920] __do_fast_syscall_32+0x73/0x120 [ 129.464180][ T7920] do_fast_syscall_32+0x32/0x80 [ 129.464193][ T7920] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 129.464206][ T7920] RIP: 0023:0xf7fb5579 [ 129.464214][ T7920] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 129.464223][ T7920] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 129.464232][ T7920] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000000007ab [ 129.464238][ T7920] RDX: 0000000080000280 RSI: 0000000000000000 RDI: 0000000000000000 [ 129.464243][ T7920] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 129.464248][ T7920] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 129.464253][ T7920] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 129.464265][ T7920] [ 129.464291][ T7920] ERROR: Out of memory at tomoyo_realpath_from_path. [ 129.510213][ T40] audit: type=1326 audit(1746840749.998:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7919 comm="syz.3.524" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fb5579 code=0x0 [ 129.758188][ T7926] syzkaller0: entered promiscuous mode [ 129.760014][ T7926] syzkaller0: entered allmulticast mode [ 130.020084][ T7928] input: syz1 as /devices/virtual/input/input54 [ 130.069192][ T7932] netlink: 12 bytes leftover after parsing attributes in process `syz.2.529'. [ 130.189003][ T7939] netlink: 'syz.2.531': attribute type 4 has an invalid length. [ 130.240904][ T7940] netlink: 'syz.2.531': attribute type 4 has an invalid length. [ 130.530886][ T7946] input: syz1 as /devices/virtual/input/input55 [ 130.667082][ T40] audit: type=1326 audit(1746840751.158:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7947 comm="syz.1.533" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f12579 code=0x0 [ 131.121624][ T7953] syzkaller1: entered promiscuous mode [ 131.124040][ T7953] syzkaller1: entered allmulticast mode [ 131.342539][ T7971] netlink: 12 bytes leftover after parsing attributes in process `syz.1.539'. [ 131.470723][ T7974] netlink: 36 bytes leftover after parsing attributes in process `syz.3.537'. [ 131.944637][ T7985] input: syz1 as /devices/virtual/input/input56 [ 132.155568][ T7991] netlink: 'syz.3.544': attribute type 4 has an invalid length. [ 132.158334][ T7991] netlink: 'syz.3.544': attribute type 4 has an invalid length. [ 132.313341][ T1415] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.316016][ T1415] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.397297][ T7998] syzkaller0: entered promiscuous mode [ 132.399285][ T7998] syzkaller0: entered allmulticast mode [ 132.560739][ T7999] input: syz1 as /devices/virtual/input/input57 [ 132.761775][ T7999] netlink: 12 bytes leftover after parsing attributes in process `syz.1.546'. [ 133.134631][ T8005] netlink: 36 bytes leftover after parsing attributes in process `syz.2.547'. [ 134.097072][ T8033] netlink: 'syz.2.556': attribute type 4 has an invalid length. [ 134.103143][ T8033] netlink: 'syz.2.556': attribute type 4 has an invalid length. [ 134.110599][ T8033] autofs: Unknown parameter '€' [ 134.134536][ T8031] netlink: 36 bytes leftover after parsing attributes in process `syz.3.551'. [ 134.192683][ T8036] input: syz1 as /devices/virtual/input/input59 [ 134.284085][ T24] usb 5-1: new full-speed USB device number 4 using dummy_hcd [ 134.448207][ T24] usb 5-1: config 1 has an invalid interface number: 5 but max is 2 [ 134.451728][ T24] usb 5-1: config 1 has an invalid descriptor of length 193, skipping remainder of the config [ 134.456650][ T24] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 134.460674][ T24] usb 5-1: config 1 has no interface number 1 [ 134.463447][ T24] usb 5-1: too many endpoints for config 1 interface 5 altsetting 248: 77, using maximum allowed: 30 [ 134.468539][ T24] usb 5-1: config 1 interface 5 altsetting 248 has 0 endpoint descriptors, different from the interface descriptor's value: 77 [ 134.474242][ T24] usb 5-1: config 1 interface 5 has no altsetting 0 [ 134.480691][ T24] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 134.486691][ T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 134.490381][ T24] usb 5-1: Product: syz [ 134.492313][ T24] usb 5-1: Manufacturer: syz [ 134.494439][ T24] usb 5-1: SerialNumber: syz [ 134.713999][ T24] usb 5-1: 0:2 : does not exist [ 134.727543][ T24] usb 5-1: USB disconnect, device number 4 [ 134.751233][ T5944] udevd[5944]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 134.857415][ T8048] tmpfs: Cannot enable quota on remount [ 135.530183][ T8073] netlink: 36 bytes leftover after parsing attributes in process `syz.0.568'. [ 136.055611][ T8080] netlink: 36 bytes leftover after parsing attributes in process `syz.3.570'. [ 136.073518][ T8083] tmpfs: Cannot enable quota on remount [ 136.596064][ T8105] input: syz1 as /devices/virtual/input/input62 [ 136.719707][ T8108] netlink: 36 bytes leftover after parsing attributes in process `syz.2.575'. [ 136.841481][ T8111] tmpfs: Cannot enable quota on remount [ 136.961317][ T8113] tmpfs: Cannot enable quota on remount [ 137.188449][ T8117] input: syz1 as /devices/virtual/input/input63 [ 137.348483][ T8126] netlink: 12 bytes leftover after parsing attributes in process `syz.2.585'. [ 137.383551][ T8123] syzkaller0: entered promiscuous mode [ 137.385624][ T8123] syzkaller0: entered allmulticast mode [ 138.295771][ T8141] tmpfs: Cannot enable quota on remount [ 138.680063][ T8148] input: syz1 as /devices/virtual/input/input64 [ 138.862143][ T8167] netlink: 'syz.3.600': attribute type 4 has an invalid length. [ 138.870766][ T8167] netlink: 'syz.3.600': attribute type 4 has an invalid length. [ 138.879452][ T8167] autofs: Bad value for 'fd' [ 138.933454][ T8170] netlink: 36 bytes leftover after parsing attributes in process `syz.1.593'. [ 139.106516][ T8177] syzkaller0: entered promiscuous mode [ 139.108909][ T8177] syzkaller0: entered allmulticast mode [ 139.631541][ T8181] netlink: 4 bytes leftover after parsing attributes in process `syz.1.603'. [ 140.221225][ T8187] FAULT_INJECTION: forcing a failure. [ 140.221225][ T8187] name failslab, interval 1, probability 0, space 0, times 0 [ 140.225936][ T8187] CPU: 1 UID: 60928 PID: 8187 Comm: syz.0.606 Not tainted 6.15.0-rc5-syzkaller-00204-g0e1329d4045c #0 PREEMPT(full) [ 140.225950][ T8187] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 140.225956][ T8187] Call Trace: [ 140.225959][ T8187] [ 140.225963][ T8187] dump_stack_lvl+0x16c/0x1f0 [ 140.225981][ T8187] should_fail_ex+0x512/0x640 [ 140.225995][ T8187] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 140.226012][ T8185] input: syz1 as /devices/virtual/input/input65 [ 140.226012][ T8187] should_failslab+0xc2/0x120 [ 140.226029][ T8187] __kmalloc_cache_noprof+0x6a/0x3e0 [ 140.226044][ T8187] ? alloc_ucounts+0x13d/0x440 [ 140.226058][ T8187] alloc_ucounts+0x13d/0x440 [ 140.226070][ T8187] ? __pfx_alloc_ucounts+0x10/0x10 [ 140.226080][ T8187] ? rcu_is_watching+0x12/0xc0 [ 140.226089][ T8187] ? kasan_quarantine_put+0x10a/0x240 [ 140.226098][ T8187] ? lockdep_hardirqs_on+0x7c/0x110 [ 140.226113][ T8187] inc_ucount+0x29/0x2f0 [ 140.226123][ T8187] ? putname+0x154/0x1a0 [ 140.226136][ T8187] alloc_mnt_ns+0x8c/0x520 [ 140.226150][ T8187] vfs_open_tree+0x37c/0x910 [ 140.226160][ T8187] ? __pfx_vfs_open_tree+0x10/0x10 [ 140.226170][ T8187] ? __pfx_ksys_write+0x10/0x10 [ 140.226181][ T8187] __ia32_sys_open_tree+0x83/0x150 [ 140.226190][ T8187] ? lockdep_hardirqs_on+0x7c/0x110 [ 140.226202][ T8187] __do_fast_syscall_32+0x73/0x120 [ 140.226217][ T8187] do_fast_syscall_32+0x32/0x80 [ 140.226231][ T8187] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 140.226243][ T8187] RIP: 0023:0xf7ff4579 [ 140.226251][ T8187] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 140.226260][ T8187] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 00000000000001ac [ 140.226269][ T8187] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000080000640 [ 140.226274][ T8187] RDX: 0000000000089901 RSI: 0000000000000000 RDI: 0000000000000000 [ 140.226280][ T8187] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 140.226285][ T8187] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 140.226290][ T8187] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 140.226301][ T8187] [ 140.714675][ T8205] tmpfs: Cannot enable quota on remount [ 140.809770][ T8206] netlink: 36 bytes leftover after parsing attributes in process `syz.0.612'. [ 140.828043][ T8208] netlink: 'syz.2.611': attribute type 4 has an invalid length. [ 140.836178][ T8208] netlink: 'syz.2.611': attribute type 4 has an invalid length. [ 140.841347][ T8208] autofs: Bad value for 'fd' [ 141.088329][ T8219] overlay: ./file0 is not a directory [ 141.327573][ T8226] input: syz1 as /devices/virtual/input/input66 [ 141.463027][ T8234] netlink: 'syz.1.622': attribute type 4 has an invalid length. [ 141.474154][ T8234] netlink: 'syz.1.622': attribute type 4 has an invalid length. [ 141.479657][ T8234] autofs: Unknown parameter '0x0000000000000000' [ 141.515440][ T8236] FAULT_INJECTION: forcing a failure. [ 141.515440][ T8236] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 141.519902][ T8236] CPU: 0 UID: 0 PID: 8236 Comm: syz.3.621 Not tainted 6.15.0-rc5-syzkaller-00204-g0e1329d4045c #0 PREEMPT(full) [ 141.519916][ T8236] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 141.519933][ T8236] Call Trace: [ 141.519937][ T8236] [ 141.519942][ T8236] dump_stack_lvl+0x16c/0x1f0 [ 141.519960][ T8236] should_fail_ex+0x512/0x640 [ 141.519975][ T8236] copy_fpstate_to_sigframe+0x878/0xb10 [ 141.519993][ T8236] ? __pfx_copy_fpstate_to_sigframe+0x10/0x10 [ 141.520006][ T8236] ? posixtimer_deliver_signal+0xed/0x6a0 [ 141.520022][ T8236] ? posixtimer_deliver_signal+0x1af/0x6a0 [ 141.520038][ T8236] get_sigframe+0x4a8/0x9c0 [ 141.520057][ T8236] ? __pfx_get_sigframe+0x10/0x10 [ 141.520071][ T8236] ? _raw_spin_unlock_irq+0x23/0x50 [ 141.520083][ T8236] ? siginfo_layout+0x177/0x290 [ 141.520095][ T8236] ia32_setup_rt_frame+0xe3/0xb30 [ 141.520108][ T8236] ? __pfx_ia32_setup_rt_frame+0x10/0x10 [ 141.520122][ T8236] arch_do_signal_or_restart+0x47b/0x7a0 [ 141.520136][ T8236] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 141.520153][ T8236] ? __pfx_ksys_write+0x10/0x10 [ 141.520165][ T8236] syscall_exit_to_user_mode+0x150/0x2a0 [ 141.520180][ T8236] __do_fast_syscall_32+0x80/0x120 [ 141.520194][ T8236] do_fast_syscall_32+0x32/0x80 [ 141.520208][ T8236] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 141.520220][ T8236] RIP: 0023:0xf7fb5577 [ 141.520228][ T8236] Code: 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 80 5d 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 [ 141.520237][ T8236] RSP: 002b:00000000f50b555c EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 141.520247][ T8236] RAX: 0000000000000151 RBX: 0000000000000005 RCX: 0000000080000a40 [ 141.520252][ T8236] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000 [ 141.520258][ T8236] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 141.520263][ T8236] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 141.520268][ T8236] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 141.520281][ T8236] [ 141.609451][ T8240] netlink: 12 bytes leftover after parsing attributes in process `syz.1.624'. [ 141.831233][ T8246] netlink: 36 bytes leftover after parsing attributes in process `syz.0.623'. [ 142.064267][ T8249] netlink: 8 bytes leftover after parsing attributes in process `syz.2.625'. [ 142.067045][ T8249] netlink: 12 bytes leftover after parsing attributes in process `syz.2.625'. [ 142.069859][ T8249] netlink: 'syz.2.625': attribute type 20 has an invalid length. [ 142.488596][ T8254] input: syz1 as /devices/virtual/input/input67 [ 142.570429][ T8258] tmpfs: Cannot enable quota on remount [ 142.687863][ T8262] netlink: 36 bytes leftover after parsing attributes in process `syz.1.627'. [ 142.897712][ T8268] netlink: 36 bytes leftover after parsing attributes in process `syz.0.631'. [ 143.252339][ T8270] netlink: 'syz.3.632': attribute type 4 has an invalid length. [ 143.260733][ T8270] netlink: 'syz.3.632': attribute type 4 has an invalid length. [ 143.271655][ T8270] autofs: Unknown parameter '0x0000000000000000' [ 143.468287][ T8278] netlink: 'syz.1.635': attribute type 4 has an invalid length. [ 143.476600][ T8278] netlink: 'syz.1.635': attribute type 4 has an invalid length. [ 143.485270][ T8278] autofs: Bad value for 'fd' [ 143.827670][ T8274] netlink: 36 bytes leftover after parsing attributes in process `syz.3.633'. [ 143.829298][ T8282] netlink: 'syz.1.636': attribute type 1 has an invalid length. [ 143.876388][ T8282] bond1: entered promiscuous mode [ 143.878760][ T8282] 8021q: adding VLAN 0 to HW filter on device bond1 [ 143.881241][ T8290] tmpfs: Cannot enable quota on remount [ 143.984874][ T8293] input: syz1 as /devices/virtual/input/input68 [ 144.320504][ T8302] autofs: Unknown parameter '0x0000000000000000' [ 144.442018][ T8305] netlink: 12 bytes leftover after parsing attributes in process `syz.3.642'. [ 144.947558][ T8315] netlink: 36 bytes leftover after parsing attributes in process `syz.2.643'. [ 144.961933][ T8316] netlink: 36 bytes leftover after parsing attributes in process `syz.1.645'. [ 145.267272][ T8324] tmpfs: Cannot enable quota on remount [ 145.295160][ T8322] syzkaller0: entered promiscuous mode [ 145.296954][ T8322] syzkaller0: entered allmulticast mode [ 145.940605][ T8327] netlink: 36 bytes leftover after parsing attributes in process `syz.3.648'. [ 145.981736][ T8335] validate_nla: 2 callbacks suppressed [ 145.981752][ T8335] netlink: 'syz.2.650': attribute type 4 has an invalid length. [ 146.040648][ T8337] netlink: 'syz.2.650': attribute type 4 has an invalid length. [ 146.095480][ T8338] autofs: Unknown parameter '0x0000000000000000' [ 147.170710][ T8347] input: syz1 as /devices/virtual/input/input69 [ 147.298627][ T8355] netlink: 12 bytes leftover after parsing attributes in process `syz.0.655'. [ 147.378365][ T8352] syzkaller0: entered promiscuous mode [ 147.380390][ T8352] syzkaller0: entered allmulticast mode [ 147.462074][ T8358] tmpfs: Cannot enable quota on remount [ 149.222754][ T8383] netlink: 'syz.1.662': attribute type 4 has an invalid length. [ 149.228173][ T8383] netlink: 'syz.1.662': attribute type 4 has an invalid length. [ 149.233252][ T8383] autofs: Unknown parameter '0x0000000000000000' [ 149.303377][ T8388] netlink: 12 bytes leftover after parsing attributes in process `syz.1.664'. [ 149.424075][ T8393] input: syz1 as /devices/virtual/input/input70 [ 149.464104][ T8391] syzkaller0: entered promiscuous mode [ 149.466355][ T8391] syzkaller0: entered allmulticast mode [ 149.523384][ T8393] netlink: 12 bytes leftover after parsing attributes in process `syz.3.661'. [ 149.766233][ T8397] tmpfs: Cannot enable quota on remount [ 150.126625][ T8405] netlink: 12 bytes leftover after parsing attributes in process `syz.2.666'. [ 150.842734][ T8415] input: syz1 as /devices/virtual/input/input72 [ 151.498790][ T8430] netlink: 'syz.0.672': attribute type 4 has an invalid length. [ 151.502133][ T8430] netlink: 'syz.0.672': attribute type 4 has an invalid length. [ 151.509792][ T8430] autofs: Unknown parameter '0x0000000000000000' [ 151.993222][ T8440] tmpfs: Cannot enable quota on remount [ 152.765711][ T1329] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 152.851856][ T8451] netlink: 12 bytes leftover after parsing attributes in process `syz.2.678'. [ 152.867393][ T8442] input: syz1 as /devices/virtual/input/input74 [ 152.923944][ T1329] usb 5-1: Using ep0 maxpacket: 32 [ 152.929415][ T1329] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 152.932999][ T1329] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 152.937081][ T1329] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 152.941595][ T1329] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 152.948231][ T1329] usb 5-1: config 0 descriptor?? [ 153.222319][ T8462] netlink: 'syz.2.681': attribute type 4 has an invalid length. [ 153.229750][ T8462] netlink: 'syz.2.681': attribute type 4 has an invalid length. [ 153.236731][ T8462] autofs: Unknown parameter 'fd0x0000000000000000' [ 153.364066][ T1329] savu 0003:1E7D:2D5A.0003: hiddev0,hidraw1: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.0-1/input0 [ 153.434208][ T8468] netlink: 36 bytes leftover after parsing attributes in process `syz.3.679'. [ 153.845526][ T8467] netlink: 36 bytes leftover after parsing attributes in process `syz.2.682'. [ 154.145516][ T1329] usb 5-1: USB disconnect, device number 5 [ 154.735171][ T8487] netlink: 36 bytes leftover after parsing attributes in process `syz.0.686'. [ 154.736249][ T8489] netlink: 36 bytes leftover after parsing attributes in process `syz.2.687'. [ 155.262964][ T8505] netlink: 12 bytes leftover after parsing attributes in process `syz.1.689'. [ 155.321434][ T8507] input: syz1 as /devices/virtual/input/input75 [ 155.468545][ T8512] syzkaller0: entered promiscuous mode [ 155.470307][ T8512] syzkaller0: entered allmulticast mode [ 156.272989][ T8525] netlink: 88 bytes leftover after parsing attributes in process `syz.0.698'. [ 157.236397][ T8544] netlink: 12 bytes leftover after parsing attributes in process `syz.1.703'. [ 157.468034][ T8548] netlink: 12 bytes leftover after parsing attributes in process `syz.0.702'. [ 157.569447][ T8555] input: syz1 as /devices/virtual/input/input77 [ 158.862335][ T8564] netlink: 36 bytes leftover after parsing attributes in process `syz.3.707'. [ 159.282345][ T8571] tmpfs: Cannot enable quota on remount [ 159.395846][ T8567] netlink: 36 bytes leftover after parsing attributes in process `syz.0.708'. [ 159.397297][ T8573] netlink: 36 bytes leftover after parsing attributes in process `syz.2.709'. [ 159.403166][ T8575] tmpfs: Cannot enable quota on remount [ 159.837896][ T8590] netlink: 36 bytes leftover after parsing attributes in process `syz.3.714'. [ 161.134767][ T8608] netlink: 12 bytes leftover after parsing attributes in process `syz.2.719'. [ 161.412350][ T8621] netlink: 36 bytes leftover after parsing attributes in process `syz.0.722'. [ 161.894577][ T8629] netlink: 36 bytes leftover after parsing attributes in process `syz.1.723'. [ 162.328715][ T8639] FAULT_INJECTION: forcing a failure. [ 162.328715][ T8639] name failslab, interval 1, probability 0, space 0, times 0 [ 162.334126][ T8639] CPU: 1 UID: 0 PID: 8639 Comm: syz.2.725 Not tainted 6.15.0-rc5-syzkaller-00204-g0e1329d4045c #0 PREEMPT(full) [ 162.334163][ T8639] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 162.334173][ T8639] Call Trace: [ 162.334179][ T8639] [ 162.334186][ T8639] dump_stack_lvl+0x16c/0x1f0 [ 162.334214][ T8639] should_fail_ex+0x512/0x640 [ 162.334237][ T8639] ? kmem_cache_alloc_bulk_noprof+0x6d/0xbd0 [ 162.334259][ T8639] should_failslab+0xc2/0x120 [ 162.334278][ T8639] kmem_cache_alloc_bulk_noprof+0x85/0xbd0 [ 162.334300][ T8639] ? trace_kmem_cache_alloc+0x28/0xc0 [ 162.334319][ T8639] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 162.334336][ T8639] ? mas_alloc_nodes+0x18b/0x8b0 [ 162.334358][ T8639] ? mas_alloc_nodes+0x2f1/0x8b0 [ 162.334395][ T8639] mas_alloc_nodes+0x2f1/0x8b0 [ 162.334422][ T8639] mas_node_count_gfp+0x105/0x130 [ 162.334444][ T8639] mas_preallocate+0x53e/0xcd0 [ 162.334473][ T8639] ? __pfx_mas_preallocate+0x10/0x10 [ 162.334506][ T8639] ? anon_vma_name+0x75/0x100 [ 162.334530][ T8639] __split_vma+0x33b/0x1030 [ 162.334551][ T8639] ? __pfx___split_vma+0x10/0x10 [ 162.334587][ T8639] vms_gather_munmap_vmas+0x1c2/0x1310 [ 162.334609][ T8639] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 162.334629][ T8639] ? mas_walk+0x6a6/0x910 [ 162.334658][ T8639] __mmap_region+0x314/0x27c0 [ 162.334678][ T8639] ? __pfx___mmap_region+0x10/0x10 [ 162.334695][ T8639] ? finish_task_switch.isra.0+0x221/0xc10 [ 162.334715][ T8639] ? lock_acquire+0x179/0x350 [ 162.334736][ T8639] ? find_held_lock+0x2b/0x80 [ 162.334757][ T8639] ? process_measurement+0x1e6/0x23e0 [ 162.334812][ T8639] ? __lock_acquire+0xaa4/0x1ba0 [ 162.334838][ T8639] mmap_region+0x1ab/0x3f0 [ 162.334861][ T8639] do_mmap+0xd8e/0x11b0 [ 162.334889][ T8639] ? __pfx_do_mmap+0x10/0x10 [ 162.334912][ T8639] ? __pfx_down_write_killable+0x10/0x10 [ 162.334942][ T8639] vm_mmap_pgoff+0x281/0x450 [ 162.334970][ T8639] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 162.334997][ T8639] ? __fget_files+0x20e/0x3c0 [ 162.335025][ T8639] ksys_mmap_pgoff+0x32c/0x5c0 [ 162.335048][ T8639] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 162.335072][ T8639] __do_fast_syscall_32+0x73/0x120 [ 162.335096][ T8639] do_fast_syscall_32+0x32/0x80 [ 162.335118][ T8639] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 162.335139][ T8639] RIP: 0023:0xf7fc3579 [ 162.335151][ T8639] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 162.335166][ T8639] RSP: 002b:00000000f50a455c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 162.335182][ T8639] RAX: ffffffffffffffda RBX: 0000000080001000 RCX: 0000000000004000 [ 162.335192][ T8639] RDX: 0000000000000004 RSI: 0000000000000011 RDI: 0000000000000007 [ 162.335201][ T8639] RBP: 0000000000100000 R08: 0000000000000000 R09: 0000000000000000 [ 162.335211][ T8639] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 162.335220][ T8639] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 162.335242][ T8639] [ 163.324121][ T8657] input: syz1 as /devices/virtual/input/input78 [ 163.626860][ T8662] syzkaller0: entered promiscuous mode [ 163.633099][ T8662] syzkaller0: entered allmulticast mode [ 164.007181][ T8669] netlink: 36 bytes leftover after parsing attributes in process `syz.1.734'. [ 164.238483][ T8674] netlink: 36 bytes leftover after parsing attributes in process `syz.2.735'. [ 165.614005][ T8690] syzkaller0: entered promiscuous mode [ 165.615917][ T8690] syzkaller0: entered allmulticast mode [ 165.681427][ T8692] netlink: 'syz.2.739': attribute type 4 has an invalid length. [ 165.688265][ T8692] netlink: 'syz.2.739': attribute type 4 has an invalid length. [ 165.697396][ T8692] No control pipe specified [ 165.717288][ T8695] netlink: 8 bytes leftover after parsing attributes in process `syz.1.740'. [ 165.744287][ T8696] binder: 8694:8696 ioctl 4b36 0 returned -22 [ 165.981179][ T8711] netlink: 36 bytes leftover after parsing attributes in process `syz.2.742'. [ 166.220968][ T8716] netlink: 36 bytes leftover after parsing attributes in process `syz.0.743'. [ 167.416099][ T8735] input: syz1 as /devices/virtual/input/input79 [ 167.492416][ T8737] netlink: 36 bytes leftover after parsing attributes in process `syz.2.747'. [ 167.493036][ T8738] netlink: 'syz.3.750': attribute type 4 has an invalid length. [ 167.508903][ T8738] netlink: 'syz.3.750': attribute type 4 has an invalid length. [ 167.516857][ T8738] No control pipe specified [ 167.524163][ T34] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 167.626224][ T8743] netlink: 'syz.3.751': attribute type 4 has an invalid length. [ 167.632935][ T8743] netlink: 'syz.3.751': attribute type 4 has an invalid length. [ 167.674610][ T34] usb 5-1: Using ep0 maxpacket: 32 [ 167.681428][ T34] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 167.686407][ T34] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 167.690428][ T34] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 167.696383][ T34] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 167.707906][ T34] usb 5-1: config 0 descriptor?? [ 168.128210][ T34] savu 0003:1E7D:2D5A.0004: hiddev0,hidraw1: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.0-1/input0 [ 168.436583][ T8755] input: syz1 as /devices/virtual/input/input81 [ 168.784012][ T8762] netlink: 36 bytes leftover after parsing attributes in process `syz.3.755'. [ 169.002788][ T24] usb 5-1: USB disconnect, device number 6 [ 169.075482][ T8766] input: syz1 as /devices/virtual/input/input82 [ 169.198748][ T8773] netlink: 'syz.0.767': attribute type 4 has an invalid length. [ 169.205991][ T8773] netlink: 'syz.0.767': attribute type 4 has an invalid length. [ 169.411331][ T8761] netlink: 36 bytes leftover after parsing attributes in process `syz.1.756'. [ 169.448753][ T8779] input: syz1 as /devices/virtual/input/input83 [ 169.457147][ T8779] netlink: 12 bytes leftover after parsing attributes in process `syz.0.760'. [ 169.499497][ T8778] input: syz1 as /devices/virtual/input/input84 [ 169.652422][ T8778] netlink: 12 bytes leftover after parsing attributes in process `syz.2.759'. [ 170.076351][ T8789] netlink: 'syz.2.763': attribute type 4 has an invalid length. [ 170.085268][ T8789] netlink: 'syz.2.763': attribute type 4 has an invalid length. [ 170.194718][ T5949] Bluetooth: hci3: command 0x0406 tx timeout [ 170.194775][ T5956] Bluetooth: hci2: command 0x0406 tx timeout [ 170.194845][ T5954] Bluetooth: hci1: command 0x0406 tx timeout [ 170.203937][ T5956] Bluetooth: hci0: command 0x0406 tx timeout [ 170.592411][ T8802] input: syz1 as /devices/virtual/input/input85 [ 170.660526][ T8805] FAULT_INJECTION: forcing a failure. [ 170.660526][ T8805] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 170.674550][ T8805] CPU: 0 UID: 0 PID: 8805 Comm: syz.1.769 Not tainted 6.15.0-rc5-syzkaller-00204-g0e1329d4045c #0 PREEMPT(full) [ 170.674575][ T8805] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 170.674585][ T8805] Call Trace: [ 170.674590][ T8805] [ 170.674597][ T8805] dump_stack_lvl+0x16c/0x1f0 [ 170.674633][ T8805] should_fail_ex+0x512/0x640 [ 170.674659][ T8805] _copy_from_user+0x2e/0xd0 [ 170.674684][ T8805] arp_ioctl+0x185/0xcf0 [ 170.674710][ T8805] ? __pfx_arp_ioctl+0x10/0x10 [ 170.674747][ T8805] inet_ioctl+0x362/0x3f0 [ 170.674769][ T8805] ? __pfx_inet_ioctl+0x10/0x10 [ 170.674791][ T8805] ? find_held_lock+0x2b/0x80 [ 170.674815][ T8805] ? ipmr_compat_ioctl+0x338/0x9d0 [ 170.674832][ T8805] ? __pfx_ipmr_compat_ioctl+0x10/0x10 [ 170.674850][ T8805] sock_do_ioctl+0x115/0x280 [ 170.674871][ T8805] ? __pfx_sock_do_ioctl+0x10/0x10 [ 170.674896][ T8805] ? __pfx_compat_raw_ioctl+0x10/0x10 [ 170.674918][ T8805] ? compat_raw_ioctl+0x4b/0x60 [ 170.674942][ T8805] compat_sock_ioctl+0x301/0x730 [ 170.674967][ T8805] ? __pfx_compat_sock_ioctl+0x10/0x10 [ 170.674992][ T8805] ? __fget_files+0x20e/0x3c0 [ 170.675014][ T8805] ? fput+0x10/0xf0 [ 170.675039][ T8805] ? __pfx_compat_sock_ioctl+0x10/0x10 [ 170.675060][ T8805] __ia32_compat_sys_ioctl+0x24c/0x360 [ 170.675085][ T8805] __do_fast_syscall_32+0x73/0x120 [ 170.675109][ T8805] do_fast_syscall_32+0x32/0x80 [ 170.675130][ T8805] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 170.675150][ T8805] RIP: 0023:0xf7f12579 [ 170.675162][ T8805] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 170.675176][ T8805] RSP: 002b:00000000f503655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 170.675191][ T8805] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000008953 [ 170.675200][ T8805] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 170.675209][ T8805] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 170.675218][ T8805] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 170.675227][ T8805] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 170.675247][ T8805] [ 170.904367][ T8807] syzkaller0: entered promiscuous mode [ 170.906334][ T8807] syzkaller0: entered allmulticast mode [ 171.395102][ T8816] validate_nla: 2 callbacks suppressed [ 171.395113][ T8816] netlink: 'syz.0.773': attribute type 4 has an invalid length. [ 171.446858][ T8818] netlink: 'syz.0.773': attribute type 4 has an invalid length. [ 171.502697][ T8819] autofs: Bad value for 'fd' [ 172.840822][ T8836] ======================================================= [ 172.840822][ T8836] WARNING: The mand mount option has been deprecated and [ 172.840822][ T8836] and is ignored by this kernel. Remove the mand [ 172.840822][ T8836] option from the mount to silence this warning. [ 172.840822][ T8836] ======================================================= [ 173.235693][ C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 173.632652][ T8852] netlink: 36 bytes leftover after parsing attributes in process `syz.2.781'. [ 174.003061][ T8855] netlink: 'syz.3.783': attribute type 4 has an invalid length. [ 174.027489][ T8855] autofs: Bad value for 'fd' [ 174.310391][ T8863] syzkaller0: entered promiscuous mode [ 174.312392][ T8863] syzkaller0: entered allmulticast mode [ 175.412913][ T8879] FAULT_INJECTION: forcing a failure. [ 175.412913][ T8879] name failslab, interval 1, probability 0, space 0, times 0 [ 175.417542][ T8879] CPU: 1 UID: 0 PID: 8879 Comm: syz.1.790 Not tainted 6.15.0-rc5-syzkaller-00204-g0e1329d4045c #0 PREEMPT(full) [ 175.417558][ T8879] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 175.417564][ T8879] Call Trace: [ 175.417568][ T8879] [ 175.417584][ T8879] dump_stack_lvl+0x16c/0x1f0 [ 175.417602][ T8879] should_fail_ex+0x512/0x640 [ 175.417617][ T8879] ? fs_reclaim_acquire+0xae/0x150 [ 175.417633][ T8879] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 175.417646][ T8879] should_failslab+0xc2/0x120 [ 175.417658][ T8879] __kmalloc_noprof+0xd2/0x510 [ 175.417673][ T8879] tomoyo_realpath_from_path+0xc2/0x6e0 [ 175.417688][ T8879] ? tomoyo_profile+0x47/0x60 [ 175.417704][ T8879] tomoyo_path_number_perm+0x245/0x580 [ 175.417715][ T8879] ? tomoyo_path_number_perm+0x237/0x580 [ 175.417727][ T8879] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 175.417753][ T8879] ? find_held_lock+0x2b/0x80 [ 175.417762][ T8879] ? hook_file_ioctl_common+0x145/0x410 [ 175.417773][ T8879] ? __fget_files+0x204/0x3c0 [ 175.417790][ T8879] ? __fget_files+0x20e/0x3c0 [ 175.417803][ T8879] ? fput+0x10/0xf0 [ 175.417816][ T8879] security_file_ioctl_compat+0x9b/0x240 [ 175.417830][ T8879] __ia32_compat_sys_ioctl+0xc3/0x360 [ 175.417845][ T8879] __do_fast_syscall_32+0x73/0x120 [ 175.417860][ T8879] do_fast_syscall_32+0x32/0x80 [ 175.417873][ T8879] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 175.417886][ T8879] RIP: 0023:0xf7f12579 [ 175.417894][ T8879] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 175.417904][ T8879] RSP: 002b:00000000f4fdb55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 175.417914][ T8879] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 000000008008743f [ 175.417920][ T8879] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 175.417926][ T8879] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 175.417931][ T8879] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 175.417936][ T8879] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 175.417949][ T8879] [ 175.418002][ T8879] ERROR: Out of memory at tomoyo_realpath_from_path. [ 175.656071][ T8886] tmpfs: Cannot enable quota on remount [ 176.428649][ T8905] netlink: 36 bytes leftover after parsing attributes in process `syz.1.796'. [ 176.665801][ T8909] netlink: 'syz.3.797': attribute type 4 has an invalid length. [ 176.668778][ T8909] netlink: 'syz.3.797': attribute type 4 has an invalid length. [ 176.770213][ T8913] netlink: 12 bytes leftover after parsing attributes in process `syz.3.798'. [ 176.786680][ T8913] netlink: 80 bytes leftover after parsing attributes in process `syz.3.798'. [ 177.110898][ T8919] netlink: 40 bytes leftover after parsing attributes in process `syz.2.800'. [ 177.141837][ T8921] tmpfs: Cannot enable quota on remount [ 177.672088][ T8934] FAULT_INJECTION: forcing a failure. [ 177.672088][ T8934] name failslab, interval 1, probability 0, space 0, times 0 [ 177.684051][ T8934] CPU: 0 UID: 0 PID: 8934 Comm: syz.3.804 Not tainted 6.15.0-rc5-syzkaller-00204-g0e1329d4045c #0 PREEMPT(full) [ 177.684067][ T8934] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 177.684073][ T8934] Call Trace: [ 177.684076][ T8934] [ 177.684080][ T8934] dump_stack_lvl+0x16c/0x1f0 [ 177.684098][ T8934] should_fail_ex+0x512/0x640 [ 177.684111][ T8934] ? __kmalloc_node_noprof+0xc5/0x500 [ 177.684125][ T8934] should_failslab+0xc2/0x120 [ 177.684138][ T8934] __kmalloc_node_noprof+0xd8/0x500 [ 177.684150][ T8934] ? __vmalloc_node_range_noprof+0x3eb/0x1540 [ 177.684167][ T8934] __vmalloc_node_range_noprof+0x3eb/0x1540 [ 177.684182][ T8934] ? find_held_lock+0x2b/0x80 [ 177.684195][ T8934] ? bpf_prog_alloc_no_stats+0x54/0x630 [ 177.684208][ T8934] ? unwind_get_return_address+0x59/0xa0 [ 177.684220][ T8934] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 177.684236][ T8934] ? __pfx_aa_get_newest_label+0x10/0x10 [ 177.684247][ T8934] ? rcu_is_watching+0x12/0xc0 [ 177.684257][ T8934] ? bpf_prog_alloc_no_stats+0x54/0x630 [ 177.684268][ T8934] __vmalloc_noprof+0x6d/0x90 [ 177.684283][ T8934] ? bpf_prog_alloc_no_stats+0x54/0x630 [ 177.684294][ T8934] bpf_prog_alloc_no_stats+0x54/0x630 [ 177.684304][ T8934] ? security_capable+0x7e/0x260 [ 177.684315][ T8934] bpf_prog_alloc+0x3b/0x230 [ 177.684324][ T8934] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 177.684339][ T8934] bpf_prog_load+0x44c/0x2490 [ 177.684354][ T8934] ? __pfx_bpf_prog_load+0x10/0x10 [ 177.684377][ T8934] ? bpf_lsm_bpf+0x9/0x10 [ 177.684388][ T8934] __sys_bpf+0x433c/0x4d80 [ 177.684403][ T8934] ? __pfx___sys_bpf+0x10/0x10 [ 177.684416][ T8934] ? ksys_write+0x190/0x240 [ 177.684427][ T8934] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 177.684448][ T8934] ? fput+0x70/0xf0 [ 177.684459][ T8934] ? ksys_write+0x1b9/0x240 [ 177.684467][ T8934] ? __pfx_ksys_write+0x10/0x10 [ 177.684478][ T8934] __ia32_sys_bpf+0x76/0xe0 [ 177.684494][ T8934] __do_fast_syscall_32+0x73/0x120 [ 177.684509][ T8934] do_fast_syscall_32+0x32/0x80 [ 177.684522][ T8934] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 177.684535][ T8934] RIP: 0023:0xf7fb5579 [ 177.684543][ T8934] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 177.684552][ T8934] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 177.684562][ T8934] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000480 [ 177.684568][ T8934] RDX: 0000000000000094 RSI: 0000000000000000 RDI: 0000000000000000 [ 177.684574][ T8934] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 177.684579][ T8934] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 177.684584][ T8934] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 177.684596][ T8934] [ 177.684601][ T8934] syz.3.804: vmalloc error: size 4096, failed to allocated page array size 8, mode:0x500dc2(GFP_HIGHUSER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 177.781806][ T8934] CPU: 0 UID: 0 PID: 8934 Comm: syz.3.804 Not tainted 6.15.0-rc5-syzkaller-00204-g0e1329d4045c #0 PREEMPT(full) [ 177.781830][ T8934] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 177.781837][ T8934] Call Trace: [ 177.781841][ T8934] [ 177.781845][ T8934] dump_stack_lvl+0x16c/0x1f0 [ 177.781862][ T8934] warn_alloc+0x248/0x3a0 [ 177.781874][ T8934] ? __pfx_warn_alloc+0x10/0x10 [ 177.781884][ T8934] ? dump_stack_lvl+0x185/0x1f0 [ 177.781900][ T8934] ? rcu_is_watching+0x12/0xc0 [ 177.781910][ T8934] ? __kmalloc_node_noprof+0x23b/0x500 [ 177.781924][ T8934] __vmalloc_node_range_noprof+0x1110/0x1540 [ 177.781940][ T8934] ? find_held_lock+0x2b/0x80 [ 177.781953][ T8934] ? bpf_prog_alloc_no_stats+0x54/0x630 [ 177.781966][ T8934] ? unwind_get_return_address+0x59/0xa0 [ 177.781978][ T8934] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 177.781994][ T8934] ? __pfx_aa_get_newest_label+0x10/0x10 [ 177.782005][ T8934] ? rcu_is_watching+0x12/0xc0 [ 177.782014][ T8934] ? bpf_prog_alloc_no_stats+0x54/0x630 [ 177.782025][ T8934] __vmalloc_noprof+0x6d/0x90 [ 177.782040][ T8934] ? bpf_prog_alloc_no_stats+0x54/0x630 [ 177.782051][ T8934] bpf_prog_alloc_no_stats+0x54/0x630 [ 177.782061][ T8934] ? security_capable+0x7e/0x260 [ 177.782072][ T8934] bpf_prog_alloc+0x3b/0x230 [ 177.782081][ T8934] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 177.782096][ T8934] bpf_prog_load+0x44c/0x2490 [ 177.782111][ T8934] ? __pfx_bpf_prog_load+0x10/0x10 [ 177.782135][ T8934] ? bpf_lsm_bpf+0x9/0x10 [ 177.782146][ T8934] __sys_bpf+0x433c/0x4d80 [ 177.782161][ T8934] ? __pfx___sys_bpf+0x10/0x10 [ 177.782175][ T8934] ? ksys_write+0x190/0x240 [ 177.782186][ T8934] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 177.782208][ T8934] ? fput+0x70/0xf0 [ 177.782218][ T8934] ? ksys_write+0x1b9/0x240 [ 177.782226][ T8934] ? __pfx_ksys_write+0x10/0x10 [ 177.782252][ T8934] __ia32_sys_bpf+0x76/0xe0 [ 177.782268][ T8934] __do_fast_syscall_32+0x73/0x120 [ 177.782283][ T8934] do_fast_syscall_32+0x32/0x80 [ 177.782297][ T8934] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 177.782309][ T8934] RIP: 0023:0xf7fb5579 [ 177.782317][ T8934] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 177.782326][ T8934] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 177.782335][ T8934] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000480 [ 177.782341][ T8934] RDX: 0000000000000094 RSI: 0000000000000000 RDI: 0000000000000000 [ 177.782347][ T8934] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 177.782352][ T8934] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 177.782358][ T8934] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 177.782370][ T8934] [ 177.782408][ T8934] Mem-Info: [ 177.871527][ T8934] active_anon:12743 inactive_anon:0 isolated_anon:0 [ 177.871527][ T8934] active_file:13158 inactive_file:39832 isolated_file:0 [ 177.871527][ T8934] unevictable:1768 dirty:440 writeback:0 [ 177.871527][ T8934] slab_reclaimable:10332 slab_unreclaimable:57476 [ 177.871527][ T8934] mapped:32178 shmem:8191 pagetables:833 [ 177.871527][ T8934] sec_pagetables:303 bounce:0 [ 177.871527][ T8934] kernel_misc_reclaimable:0 [ 177.871527][ T8934] free:37677 free_pcp:6132 free_cma:0 [ 177.884873][ T8934] Node 0 active_anon:4032kB inactive_anon:0kB active_file:360kB inactive_file:15468kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:7788kB dirty:136kB writeback:0kB shmem:3800kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9160kB pagetables:724kB sec_pagetables:1100kB all_unreclaimable? yes Balloon:0kB [ 177.894992][ T8934] Node 1 active_anon:46940kB inactive_anon:0kB active_file:52272kB inactive_file:143860kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:120924kB dirty:1624kB writeback:0kB shmem:28964kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:3176kB pagetables:2608kB sec_pagetables:112kB all_unreclaimable? no Balloon:0kB [ 177.905249][ T8934] Node 0 DMA free:3864kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:4kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:48kB local_pcp:24kB free_cma:0kB [ 177.914068][ T8934] lowmem_reserve[]: 0 293 293 293 293 [ 177.915834][ T8934] Node 0 DMA32 free:34272kB boost:14336kB min:27784kB low:31144kB high:34504kB reserved_highatomic:4096KB active_anon:4032kB inactive_anon:0kB active_file:360kB inactive_file:15464kB unevictable:3536kB writepending:136kB present:1032196kB managed:300236kB mlocked:0kB bounce:0kB free_pcp:4316kB local_pcp:4188kB free_cma:0kB [ 177.925679][ T8934] lowmem_reserve[]: 0 0 0 0 0 [ 177.927312][ T8934] Node 1 DMA32 free:112348kB boost:0kB min:47148kB low:58932kB high:70716kB reserved_highatomic:0KB active_anon:46940kB inactive_anon:0kB active_file:52272kB inactive_file:143860kB unevictable:3536kB writepending:1624kB present:1048432kB managed:948284kB mlocked:0kB bounce:0kB free_pcp:20388kB local_pcp:18044kB free_cma:0kB [ 177.936914][ T8934] lowmem_reserve[]: 0 0 0 0 0 [ 177.938567][ T8934] Node 0 DMA: 74*4kB (UM) 28*8kB (U) 23*16kB (UM) 21*32kB (U) 8*64kB (UM) 2*128kB (U) 2*256kB (UM) 0*512kB 1*1024kB (M) 0*2048kB 0*4096kB = 3864kB [ 177.943608][ T8934] Node 0 DMA32: 1122*4kB (UM) 341*8kB (UME) 71*16kB (UME) 282*32kB (UMH) 76*64kB (UMH) 14*128kB (UMH) 8*256kB (UMH) 4*512kB (UH) 4*1024kB (MH) 1*2048kB (M) 0*4096kB = 34272kB [ 177.949357][ T8934] Node 1 DMA32: 126*4kB (UE) 1*8kB (U) 3*16kB (UME) 155*32kB (UE) 73*64kB (UE) 5*128kB (ME) 24*256kB (UME) 28*512kB (ME) 11*1024kB (UME) 6*2048kB (UME) 14*4096kB (UM) = 112208kB [ 177.955513][ T8934] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 177.959087][ T8934] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 177.961947][ T8934] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 177.965409][ T8934] Node 1 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 177.968365][ T8934] 61177 total pagecache pages [ 177.969871][ T8934] 0 pages in swap cache [ 177.971240][ T8934] Free swap = 124996kB [ 177.972582][ T8934] Total swap = 124996kB [ 177.974185][ T8934] 524155 pages RAM [ 177.975769][ T8934] 0 pages HighMem/MovableOnly [ 177.977597][ T8934] 208185 pages reserved [ 177.979062][ T8934] 0 pages cma reserved [ 178.028768][ T8938] netlink: 8 bytes leftover after parsing attributes in process `syz.3.805'. [ 178.048728][ T8938] trusted_key: syz.3.805 sent an empty control message without MSG_MORE. [ 180.176412][ T8972] input: syz1 as /devices/virtual/input/input87 [ 180.185490][ T8972] netlink: 12 bytes leftover after parsing attributes in process `syz.3.814'. [ 180.446482][ T8977] netlink: 12 bytes leftover after parsing attributes in process `syz.0.816'. [ 181.020638][ T8991] netlink: 36 bytes leftover after parsing attributes in process `syz.1.819'. [ 181.468254][ T9000] netlink: 36 bytes leftover after parsing attributes in process `syz.3.821'. [ 182.131210][ T9009] FAULT_INJECTION: forcing a failure. [ 182.131210][ T9009] name failslab, interval 1, probability 0, space 0, times 0 [ 182.137327][ T9009] CPU: 0 UID: 0 PID: 9009 Comm: syz.3.825 Not tainted 6.15.0-rc5-syzkaller-00204-g0e1329d4045c #0 PREEMPT(full) [ 182.137342][ T9009] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 182.137348][ T9009] Call Trace: [ 182.137352][ T9009] [ 182.137356][ T9009] dump_stack_lvl+0x16c/0x1f0 [ 182.137373][ T9009] should_fail_ex+0x512/0x640 [ 182.137387][ T9009] ? __kmalloc_noprof+0xbf/0x510 [ 182.137399][ T9009] ? create_ruleset+0x21/0x140 [ 182.137413][ T9009] should_failslab+0xc2/0x120 [ 182.137426][ T9009] __kmalloc_noprof+0xd2/0x510 [ 182.137438][ T9009] create_ruleset+0x21/0x140 [ 182.137453][ T9009] landlock_merge_ruleset+0xbb/0x870 [ 182.137463][ T9009] ? prepare_creds+0x583/0x7d0 [ 182.137478][ T9009] __do_sys_landlock_restrict_self+0x2a2/0x910 [ 182.137495][ T9009] __do_fast_syscall_32+0x73/0x120 [ 182.137510][ T9009] do_fast_syscall_32+0x32/0x80 [ 182.137523][ T9009] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 182.137535][ T9009] RIP: 0023:0xf7fb5579 [ 182.137543][ T9009] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 182.137552][ T9009] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 00000000000001be [ 182.137562][ T9009] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000 [ 182.137568][ T9009] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 182.137573][ T9009] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 182.137578][ T9009] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 182.137583][ T9009] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 182.137595][ T9009] [ 182.281528][ T9014] netlink: 'syz.0.827': attribute type 1 has an invalid length. [ 182.284455][ T9014] netlink: 4 bytes leftover after parsing attributes in process `syz.0.827'. [ 182.317369][ T9014] netlink: 16 bytes leftover after parsing attributes in process `syz.0.827'. [ 182.320268][ T9014] netlink: 16 bytes leftover after parsing attributes in process `syz.0.827'. [ 182.533870][ T34] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 182.711786][ T9022] netlink: 36 bytes leftover after parsing attributes in process `syz.0.829'. [ 182.916680][ T34] usb 8-1: Using ep0 maxpacket: 8 [ 182.919834][ T34] usb 8-1: config index 0 descriptor too short (expected 5924, got 36) [ 182.922426][ T34] usb 8-1: config 250 has an invalid interface number: 228 but max is -1 [ 182.925166][ T34] usb 8-1: config 250 has 1 interface, different from the descriptor's value: 0 [ 182.928008][ T34] usb 8-1: config 250 has no interface number 0 [ 182.930071][ T34] usb 8-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024 [ 182.934454][ T34] usb 8-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024 [ 182.938480][ T34] usb 8-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 256 [ 182.941683][ T34] usb 8-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17 [ 182.946015][ T34] usb 8-1: config 250 interface 228 has no altsetting 0 [ 182.950278][ T34] usb 8-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07 [ 182.953152][ T34] usb 8-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59 [ 182.956083][ T34] usb 8-1: Product: syz [ 182.957782][ T34] usb 8-1: SerialNumber: syz [ 182.964633][ T34] hub 8-1:250.228: bad descriptor, ignoring hub [ 182.967241][ T34] hub 8-1:250.228: probe with driver hub failed with error -5 [ 183.162986][ T9030] tmpfs: Bad value for 'grpquota_inode_hardlimit' [ 183.167971][ T34] usblp 8-1:250.228: usblp0: USB Bidirectional printer dev 3 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292 [ 183.284982][ T9031] netlink: 36 bytes leftover after parsing attributes in process `syz.2.831'. [ 184.067812][ T9011] usb 8-1: reset high-speed USB device number 3 using dummy_hcd [ 184.455372][ C3] usblp0: nonzero read bulk status received: -71 [ 184.643824][ T9054] usb 8-1: USB disconnect, device number 3 [ 184.735206][ T9059] tmpfs: Bad value for 'mpol' [ 184.751641][ T9060] tmpfs: Bad value for 'grpquota_inode_hardlimit' [ 185.013416][ T9064] RDS: rds_bind could not find a transport for ::ffff:172.20.20.170, load rds_tcp or rds_rdma? [ 185.022522][ T9064] block nbd1: not configured, cannot reconfigure [ 185.291964][ T9068] netlink: 'syz.1.839': attribute type 1 has an invalid length. [ 185.294562][ T9068] netlink: 224 bytes leftover after parsing attributes in process `syz.1.839'. [ 185.320774][ T9068] syz.1.839: attempt to access beyond end of device [ 185.320774][ T9068] nbd1: rw=0, sector=0, nr_sectors = 1 limit=0 [ 185.325703][ T9068] efs: cannot read volume header [ 185.359795][ T9072] tmpfs: Bad value for 'grpquota_inode_hardlimit' [ 185.363134][ T9073] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 185.368830][ T9073] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 185.510967][ T9081] tmpfs: Bad value for 'grpquota_inode_hardlimit' [ 185.654139][ T9085] netlink: 36 bytes leftover after parsing attributes in process `syz.0.842'. [ 186.128556][ T9088] input: syz1 as /devices/virtual/input/input88 [ 186.135307][ T9088] netlink: 12 bytes leftover after parsing attributes in process `syz.2.844'. [ 186.412065][ T9099] netlink: 12 bytes leftover after parsing attributes in process `syz.0.847'. [ 186.441967][ T9033] usblp0: removed [ 187.477658][ T9121] 9pnet_virtio: no channels available for device syz [ 187.514419][ T9122] netlink: 232 bytes leftover after parsing attributes in process `syz.1.849'. [ 187.607215][ T9117] netlink: 40 bytes leftover after parsing attributes in process `syz.0.852'. [ 187.617270][ T9120] input: syz1 as /devices/virtual/input/input89 [ 187.741414][ T40] audit: type=1326 audit(1746841037.222:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9126 comm="syz.3.855" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb5579 code=0x7ffc0000 [ 187.747818][ T9128] netlink: 56 bytes leftover after parsing attributes in process `syz.3.855'. [ 187.751158][ T40] audit: type=1326 audit(1746841037.222:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9126 comm="syz.3.855" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb5579 code=0x7ffc0000 [ 187.763002][ T40] audit: type=1326 audit(1746841037.222:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9126 comm="syz.3.855" exe="/syz-executor" sig=0 arch=40000003 syscall=122 compat=1 ip=0xf7fb5579 code=0x7ffc0000 [ 187.771473][ T40] audit: type=1326 audit(1746841037.222:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9126 comm="syz.3.855" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb5579 code=0x7ffc0000 [ 187.780306][ T40] audit: type=1326 audit(1746841037.222:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9126 comm="syz.3.855" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb5579 code=0x7ffc0000 [ 187.789129][ T40] audit: type=1326 audit(1746841037.222:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9126 comm="syz.3.855" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fb5579 code=0x7ffc0000 [ 187.797962][ T40] audit: type=1326 audit(1746841037.222:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9126 comm="syz.3.855" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb5579 code=0x7ffc0000 [ 187.806789][ T40] audit: type=1326 audit(1746841037.222:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9126 comm="syz.3.855" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb5579 code=0x7ffc0000 [ 187.815597][ T40] audit: type=1326 audit(1746841037.222:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9126 comm="syz.3.855" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf7fb5579 code=0x7ffc0000 [ 187.822805][ T40] audit: type=1326 audit(1746841037.222:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9126 comm="syz.3.855" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf7fb5579 code=0x7ffc0000 [ 188.145403][ T9134] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 188.239013][ T9138] netlink: 36 bytes leftover after parsing attributes in process `syz.3.856'. [ 188.916143][ T9149] netlink: 12 bytes leftover after parsing attributes in process `syz.3.860'. [ 189.081217][ T9153] netlink: 12 bytes leftover after parsing attributes in process `syz.2.861'. [ 189.638491][ T67] Bluetooth: hci1: ACL packet for unknown connection handle 200 [ 189.646416][ T9162] syz.0.864 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 191.062193][ T9193] ptrace attach of "/syz-executor exec"[5942] was attempted by "/syz-executor exec"[9193] [ 191.427118][ T9190] __nla_validate_parse: 3 callbacks suppressed [ 191.427131][ T9190] netlink: 36 bytes leftover after parsing attributes in process `syz.3.872'. [ 191.744258][ T9203] tmpfs: Bad value for 'grpquota_inode_hardlimit' [ 191.763852][ T5984] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 191.784663][ C3] sr 2:0:0:0: [sr0] tag#3 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 191.789026][ C3] sr 2:0:0:0: [sr0] tag#3 CDB: ATA command pass through(12)/Blank a1 36 b6 0b fa d6 [ 191.897906][ T9209] tmpfs: Bad value for 'grpquota_inode_hardlimit' [ 191.925972][ T5984] usb 7-1: Using ep0 maxpacket: 32 [ 191.929950][ T5984] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 191.935549][ T5984] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 191.939914][ T5984] usb 7-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 191.943143][ T5984] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 191.950357][ T5984] usb 7-1: config 0 descriptor?? [ 192.367989][ T5984] savu 0003:1E7D:2D5A.0005: hiddev0,hidraw1: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.2-1/input0 [ 192.487000][ T67] Bluetooth: hci1: ACL packet for unknown connection handle 200 [ 192.647175][ T9223] input: syz1 as /devices/virtual/input/input90 [ 192.654978][ T9223] netlink: 12 bytes leftover after parsing attributes in process `syz.0.881'. [ 192.881232][ T9227] usb 2-1: USB disconnect, device number 2 [ 193.147689][ T9238] netlink: 36 bytes leftover after parsing attributes in process `syz.1.884'. [ 193.164744][ T3552] usb 7-1: USB disconnect, device number 2 [ 193.223711][ T9241] netlink: 'syz.2.886': attribute type 4 has an invalid length. [ 193.237462][ T9241] netlink: 'syz.2.886': attribute type 4 has an invalid length. [ 193.719075][ T1415] ieee802154 phy0 wpan0: encryption failed: -22 [ 193.721608][ T1415] ieee802154 phy1 wpan1: encryption failed: -22 [ 193.868130][ T9256] netlink: 12 bytes leftover after parsing attributes in process `syz.1.889'. [ 194.067185][ T9263] tmpfs: Bad value for 'grpquota_inode_hardlimit' [ 194.161410][ T9268] input: syz1 as /devices/virtual/input/input91 [ 194.166939][ T9268] netlink: 12 bytes leftover after parsing attributes in process `syz.3.892'. [ 194.293846][ T1451] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 194.463981][ T1451] usb 7-1: Using ep0 maxpacket: 32 [ 194.467611][ T1451] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 194.471154][ T1451] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 194.475024][ T1451] usb 7-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 194.478906][ T1451] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 194.485391][ T1451] usb 7-1: config 0 descriptor?? [ 194.905117][ T1451] savu 0003:1E7D:2D5A.0006: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.2-1/input0 [ 195.028575][ T9278] netlink: 36 bytes leftover after parsing attributes in process `syz.1.894'. [ 195.241981][ T67] Bluetooth: hci3: ACL packet for unknown connection handle 200 [ 195.385963][ T9287] netlink: 'syz.3.899': attribute type 4 has an invalid length. [ 195.397136][ T9287] netlink: 'syz.3.899': attribute type 4 has an invalid length. [ 195.789981][ T833] usb 7-1: USB disconnect, device number 3 [ 195.881994][ T9302] overlayfs: overlapping lowerdir path [ 196.856633][ T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 196.931573][ T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 197.007583][ T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 197.073823][ T3552] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 197.082490][ T5955] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 197.087890][ T5955] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 197.091065][ T5955] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 197.095301][ T5955] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 197.099782][ T5955] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 197.102791][ T12] bridge0: port 3(netdevsim0) entered disabled state [ 197.115449][ T12] netdevsim netdevsim0 netdevsim0 (unregistering): left allmulticast mode [ 197.118359][ T12] netdevsim netdevsim0 netdevsim0 (unregistering): left promiscuous mode [ 197.121889][ T12] bridge0: port 3(netdevsim0) entered disabled state [ 197.128894][ T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 197.223828][ T3552] usb 6-1: Using ep0 maxpacket: 32 [ 197.227429][ T3552] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 197.231668][ T3552] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 197.236040][ T3552] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 197.239626][ T3552] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 197.250667][ T3552] usb 6-1: config 0 descriptor?? [ 197.275996][ T12] bridge_slave_1: left allmulticast mode [ 197.278725][ T12] bridge_slave_1: left promiscuous mode [ 197.282371][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 197.290099][ T12] bridge_slave_0: left allmulticast mode [ 197.292508][ T12] bridge_slave_0: left promiscuous mode [ 197.296670][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 197.624382][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 197.630001][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 197.633609][ T12] bond0 (unregistering): Released all slaves [ 197.651287][ T9329] chnl_net:caif_netlink_parms(): no params data found [ 197.673581][ T3552] savu 0003:1E7D:2D5A.0007: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.1-1/input0 [ 197.839226][ T9329] bridge0: port 1(bridge_slave_0) entered blocking state [ 197.841512][ T9329] bridge0: port 1(bridge_slave_0) entered disabled state [ 197.843925][ T9329] bridge_slave_0: entered allmulticast mode [ 197.846759][ T9329] bridge_slave_0: entered promiscuous mode [ 197.850639][ T9329] bridge0: port 2(bridge_slave_1) entered blocking state [ 197.852861][ T9329] bridge0: port 2(bridge_slave_1) entered disabled state [ 197.856555][ T9329] bridge_slave_1: entered allmulticast mode [ 197.859898][ T9329] bridge_slave_1: entered promiscuous mode [ 197.961571][ T9329] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 197.970578][ T9329] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 198.141783][ T9329] team0: Port device team_slave_0 added [ 198.166806][ T9329] team0: Port device team_slave_1 added [ 198.250780][ T9329] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 198.252980][ T9329] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 198.261042][ T9329] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 198.270423][ T9329] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 198.272674][ T9329] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 198.282139][ T9329] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 198.293280][ T12] hsr_slave_0: left promiscuous mode [ 198.295507][ T12] hsr_slave_1: left promiscuous mode [ 198.297481][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 198.299823][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 198.303672][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 198.307049][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 198.326556][ T12] veth1_macvtap: left promiscuous mode [ 198.328532][ T12] veth0_macvtap: left promiscuous mode [ 198.330288][ T12] veth1_vlan: left promiscuous mode [ 198.332075][ T12] veth0_vlan: left promiscuous mode [ 198.446471][ T24] usb 6-1: USB disconnect, device number 4 [ 198.967255][ T12] team0 (unregistering): Port device team_slave_1 removed [ 199.034658][ T9384] netlink: 36 bytes leftover after parsing attributes in process `syz.2.921'. [ 199.039375][ T12] team0 (unregistering): Port device team_slave_0 removed [ 199.157751][ T5955] Bluetooth: hci1: command tx timeout [ 199.571668][ T9368] bridge1: entered promiscuous mode [ 199.626112][ T9329] hsr_slave_0: entered promiscuous mode [ 199.628523][ T9329] hsr_slave_1: entered promiscuous mode [ 199.630602][ T9329] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 199.632918][ T9329] Cannot create hsr debugfs directory [ 199.871019][ T9329] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 199.879437][ T9329] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 199.885651][ T9329] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 199.893978][ T9329] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 199.907017][ T9401] tmpfs: Bad value for 'grpquota_inode_hardlimit' [ 199.953840][ T9329] 8021q: adding VLAN 0 to HW filter on device bond0 [ 199.963316][ T9404] netlink: 36 bytes leftover after parsing attributes in process `syz.2.923'. [ 199.985593][ T9329] 8021q: adding VLAN 0 to HW filter on device team0 [ 200.000021][ T63] bridge0: port 1(bridge_slave_0) entered blocking state [ 200.002354][ T63] bridge0: port 1(bridge_slave_0) entered forwarding state [ 200.015987][ T63] bridge0: port 2(bridge_slave_1) entered blocking state [ 200.018335][ T63] bridge0: port 2(bridge_slave_1) entered forwarding state [ 200.223919][ T9329] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 200.362216][ T9329] veth0_vlan: entered promiscuous mode [ 200.367351][ T9329] veth1_vlan: entered promiscuous mode [ 200.383341][ T9329] veth0_macvtap: entered promiscuous mode [ 200.390728][ T9329] veth1_macvtap: entered promiscuous mode [ 200.399119][ T9329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 200.405023][ T9329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 200.409685][ T9329] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 200.415443][ T9329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 200.418760][ T9329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 200.422597][ T9329] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 200.429402][ T9329] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 200.432209][ T9329] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 200.436100][ T9329] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 200.438935][ T9329] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 200.479113][ T1134] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 200.481576][ T1134] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 200.501303][ T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 200.504516][ T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 200.653488][ T40] kauditd_printk_skb: 43 callbacks suppressed [ 200.653501][ T40] audit: type=1326 audit(1746841050.132:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9437 comm="syz.1.926" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f12579 code=0x7ffc0000 [ 200.665318][ T40] audit: type=1326 audit(1746841050.152:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9437 comm="syz.1.926" exe="/syz-executor" sig=0 arch=40000003 syscall=433 compat=1 ip=0xf7f12579 code=0x7ffc0000 [ 200.671991][ T40] audit: type=1326 audit(1746841050.152:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9437 comm="syz.1.926" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f12579 code=0x7ffc0000 [ 200.679644][ T40] audit: type=1326 audit(1746841050.152:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9437 comm="syz.1.926" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f12579 code=0x7ffc0000 [ 200.689245][ T40] audit: type=1326 audit(1746841050.152:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9437 comm="syz.1.926" exe="/syz-executor" sig=0 arch=40000003 syscall=362 compat=1 ip=0xf7f12579 code=0x7ffc0000 [ 200.695944][ T40] audit: type=1326 audit(1746841050.152:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9437 comm="syz.1.926" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f12579 code=0x7ffc0000 [ 200.702473][ T40] audit: type=1326 audit(1746841050.152:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9437 comm="syz.1.926" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f12579 code=0x7ffc0000 [ 200.705225][ T9436] syzkaller0: entered promiscuous mode [ 200.709174][ T40] audit: type=1326 audit(1746841050.152:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9437 comm="syz.1.926" exe="/syz-executor" sig=0 arch=40000003 syscall=345 compat=1 ip=0xf7f12579 code=0x7ffc0000 [ 200.711001][ T9436] syzkaller0: entered allmulticast mode [ 201.245549][ T5955] Bluetooth: hci1: command tx timeout [ 201.511719][ T40] audit: type=1326 audit(1746841050.992:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9437 comm="syz.1.926" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f12579 code=0x7ffc0000 [ 201.521391][ T40] audit: type=1326 audit(1746841050.992:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9437 comm="syz.1.926" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f12579 code=0x7ffc0000 [ 201.574168][ T5955] Bluetooth: hci0: ACL packet for unknown connection handle 200 [ 201.891195][ T9453] tipc: Started in network mode [ 201.893301][ T9453] tipc: Node identity ac1414aa, cluster identity 4711 [ 201.902681][ T9453] tipc: Enabled bearer , priority 10 [ 202.170772][ T9486] tmpfs: Bad value for 'grpquota_inode_hardlimit' [ 202.217091][ T9488] tmpfs: Bad value for 'grpquota_inode_hardlimit' [ 202.917795][ T9500] netlink: 36 bytes leftover after parsing attributes in process `syz.4.936'. [ 202.964534][ T9503] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 203.045349][ T64] tipc: Node number set to 2886997162 [ 203.225812][ T9513] ptrace attach of "/syz-executor exec"[5948] was attempted by "/syz-executor exec"[9513] [ 203.313936][ T5955] Bluetooth: hci1: command tx timeout [ 203.756354][ T9521] netlink: 36 bytes leftover after parsing attributes in process `syz.3.941'. [ 203.995881][ T9509] input: syz1 as /devices/virtual/input/input93 [ 204.020514][ T9524] netlink: 'syz.2.943': attribute type 4 has an invalid length. [ 204.028713][ T9524] netlink: 'syz.2.943': attribute type 4 has an invalid length. [ 204.518529][ T9540] tmpfs: Bad value for 'grpquota_inode_hardlimit' [ 204.526294][ T9541] tmpfs: Bad value for 'mpol' [ 204.868384][ T9550] netlink: 12 bytes leftover after parsing attributes in process `syz.2.950'. [ 205.259711][ T9559] XFS (sr0): Invalid superblock magic number [ 205.331609][ T9567] netlink: 36 bytes leftover after parsing attributes in process `syz.4.952'. [ 205.340109][ T5955] Bluetooth: hci0: ACL packet for unknown connection handle 200 [ 205.393825][ T5955] Bluetooth: hci1: command tx timeout [ 205.971039][ T5955] Bluetooth: hci2: ACL packet for unknown connection handle 200 [ 206.187770][ T9594] netlink: 'syz.4.962': attribute type 1 has an invalid length. [ 206.459253][ T9601] netlink: 36 bytes leftover after parsing attributes in process `syz.2.964'. [ 206.697372][ T9604] netlink: 4 bytes leftover after parsing attributes in process `syz.3.966'. [ 206.759073][ T9605] hub 6-0:1.0: USB hub found [ 206.761317][ T9605] hub 6-0:1.0: 1 port detected [ 207.140402][ T9615] netlink: 36 bytes leftover after parsing attributes in process `syz.4.967'. [ 207.179484][ T9617] tmpfs: Cannot enable quota on remount [ 208.696017][ T9647] netlink: 36 bytes leftover after parsing attributes in process `syz.3.974'. [ 209.071767][ T9646] netlink: 36 bytes leftover after parsing attributes in process `syz.1.975'. [ 209.294309][ T9661] tmpfs: Bad value for 'grpquota_inode_hardlimit' [ 209.515847][ T5955] Bluetooth: hci0: ACL packet for unknown connection handle 200 [ 210.175426][ T9688] tmpfs: Bad value for 'mpol' [ 210.487809][ T9693] netlink: 4 bytes leftover after parsing attributes in process `syz.1.987'. [ 210.492235][ T9693] netlink: 4 bytes leftover after parsing attributes in process `syz.1.987'. [ 210.575039][ T9697] tmpfs: Bad value for 'mpol' [ 210.578401][ T9697] netlink: 20 bytes leftover after parsing attributes in process `syz.1.988'. [ 210.581972][ T9697] netlink: 24 bytes leftover after parsing attributes in process `syz.1.988'. [ 210.589338][ T9697] 9pnet_fd: Insufficient options for proto=fd [ 210.916154][ T9704] netlink: 36 bytes leftover after parsing attributes in process `syz.3.989'. [ 211.071510][ T9705] netlink: 36 bytes leftover after parsing attributes in process `syz.4.990'. [ 211.804150][ T9721] syzkaller0: entered promiscuous mode [ 211.808471][ T9721] syzkaller0: entered allmulticast mode [ 212.366720][ T40] audit: type=1326 audit(1746841061.842:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9713 comm="syz.1.993" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f12579 code=0x7fc00000 [ 212.560157][ T9743] netlink: 28 bytes leftover after parsing attributes in process `syz.3.997'. [ 212.605325][ T9746] netlink: 'syz.2.1001': attribute type 4 has an invalid length. [ 212.659324][ T9751] netlink: 'syz.2.1001': attribute type 4 has an invalid length. [ 212.673604][ T9752] netlink: 'syz.3.997': attribute type 10 has an invalid length. [ 213.715055][ T9763] input: syz1 as /devices/virtual/input/input94 [ 213.726393][ T9752] 8021q: adding VLAN 0 to HW filter on device team0 [ 213.728395][ T9763] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1002'. [ 213.732067][ T9752] bond0: (slave team0): Enslaving as an active interface with an up link [ 214.033314][ T9780] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1003'. [ 214.234611][ T9776] syzkaller0: entered promiscuous mode [ 214.236569][ T9776] syzkaller0: entered allmulticast mode [ 214.652044][ T9803] tmpfs: Bad value for 'grpquota_inode_hardlimit' [ 215.844234][ T9827] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1010'. [ 216.234237][ T9850] tmpfs: Cannot enable quota on remount [ 216.531900][ T9867] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1017'. [ 216.886964][ T9871] XFS (sr0): Invalid superblock magic number [ 217.226999][ T9889] tmpfs: Bad value for 'grpquota_inode_hardlimit' [ 217.297716][ T9895] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1020'. [ 217.540570][ T9899] tmpfs: Bad value for 'mpol' [ 217.981242][ T9908] tmpfs: Cannot enable quota on remount [ 218.063792][ T9913] XFS (sr0): Invalid superblock magic number [ 218.353906][ T1451] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 218.383847][ T64] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 218.503829][ T1451] usb 6-1: Using ep0 maxpacket: 32 [ 218.507234][ T1451] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 218.512550][ T1451] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 218.516215][ T1451] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 218.519183][ T1451] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 218.525409][ T1451] usb 6-1: config 0 descriptor?? [ 218.533856][ T64] usb 7-1: Using ep0 maxpacket: 32 [ 218.538539][ T64] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 218.541963][ T64] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 218.545418][ T64] usb 7-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 218.548319][ T64] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 218.552888][ T64] usb 7-1: config 0 descriptor?? [ 218.942400][ T1451] savu 0003:1E7D:2D5A.0008: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.1-1/input0 [ 219.480079][ T64] usbhid 7-1:0.0: can't add hid device: -71 [ 219.482075][ T64] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 219.501203][ T64] usb 7-1: USB disconnect, device number 4 [ 219.554544][ T9945] tmpfs: Cannot enable quota on remount [ 219.705838][ T1468] usb 6-1: USB disconnect, device number 5 [ 220.006118][ T9962] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1037'. [ 220.485218][ T9963] input: syz1 as /devices/virtual/input/input95 [ 220.657037][ T9967] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1041'. [ 220.674206][ T9963] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1039'. [ 220.834339][ T9971] netlink: 'syz.1.1042': attribute type 4 has an invalid length. [ 220.843377][ T9971] netlink: 'syz.1.1042': attribute type 4 has an invalid length. [ 221.050640][ T9978] tmpfs: Cannot enable quota on remount [ 221.666095][ T5955] Bluetooth: hci2: ACL packet for unknown connection handle 200 [ 222.135256][T10006] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1052'. [ 222.618344][T10021] tmpfs: Bad value for 'grpquota_inode_hardlimit' [ 222.686846][ T5955] Bluetooth: hci2: ACL packet for unknown connection handle 200 [ 223.244245][T10041] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1063'. [ 223.698906][T10052] syzkaller0: entered promiscuous mode [ 223.700769][T10052] syzkaller0: entered allmulticast mode [ 223.802259][T10057] tmpfs: Cannot enable quota on remount [ 223.933399][T10062] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1068'. [ 224.301502][T10070] tmpfs: Bad value for 'mpol' [ 225.426265][T10094] syzkaller0: entered promiscuous mode [ 225.428486][T10094] syzkaller0: entered allmulticast mode [ 226.423212][T10113] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1081'. [ 226.901571][T10119] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1082'. [ 227.593126][T10124] tmpfs: Cannot enable quota on remount [ 227.839975][T10138] tmpfs: Bad value for 'mpol' [ 228.095019][T10144] tmpfs: Bad value for 'mpol' [ 228.438433][T10154] syzkaller0: entered promiscuous mode [ 228.440184][T10154] syzkaller0: entered allmulticast mode [ 228.857074][T10158] tmpfs: Bad value for 'mpol' [ 228.933965][T10164] tmpfs: Cannot enable quota on remount [ 229.113956][T10170] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1092'. [ 230.707829][T10198] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1100'. [ 230.875080][ T5955] Bluetooth: hci2: ACL packet for unknown connection handle 200 [ 230.952321][T10204] input: syz1 as /devices/virtual/input/input96 [ 231.702564][T10215] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1105'. [ 232.822561][T10237] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1111'. [ 233.628729][T10257] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1115'. [ 233.757284][T10262] netlink: 'syz.1.1119': attribute type 4 has an invalid length. [ 233.768982][T10262] netlink: 'syz.1.1119': attribute type 4 has an invalid length. [ 234.768778][T10283] input: syz1 as /devices/virtual/input/input97 [ 234.969170][T10284] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1122'. [ 235.374861][T10291] tmpfs: Bad value for 'mpol' [ 235.461115][T10297] tmpfs: Cannot enable quota on remount [ 235.742144][T10307] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1129'. [ 235.769187][T10308] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1128'. [ 236.207904][T10314] input: syz1 as /devices/virtual/input/input98 [ 236.226309][ T5944] udevd[5944]: setting owner of /dev/input/event3 to uid=0, gid=104 failed: No such file or directory [ 236.777333][T10331] tmpfs: Bad value for 'grpquota_inode_hardlimit' [ 236.854776][T10333] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1134'. [ 237.042612][T10339] tmpfs: Cannot enable quota on remount [ 237.297420][T10344] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1137'. [ 237.612788][ T40] audit: type=1326 audit(1746841087.092:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10350 comm="syz.4.1140" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 237.619853][ T40] audit: type=1326 audit(1746841087.102:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10350 comm="syz.4.1140" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 237.627081][ T40] audit: type=1326 audit(1746841087.112:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10350 comm="syz.4.1140" exe="/syz-executor" sig=0 arch=40000003 syscall=231 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 237.689426][ T40] audit: type=1326 audit(1746841087.112:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10350 comm="syz.4.1140" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 237.699283][ T40] audit: type=1326 audit(1746841087.112:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10350 comm="syz.4.1140" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 237.711329][ T40] audit: type=1326 audit(1746841087.122:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10350 comm="syz.4.1140" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 237.722892][ T40] audit: type=1326 audit(1746841087.122:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10350 comm="syz.4.1140" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 237.732738][T10359] tmpfs: Bad value for 'mpol' [ 237.738403][ T40] audit: type=1326 audit(1746841087.122:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10350 comm="syz.4.1140" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 237.746331][ T40] audit: type=1326 audit(1746841087.122:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10350 comm="syz.4.1140" exe="/syz-executor" sig=0 arch=40000003 syscall=219 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 237.753048][ T40] audit: type=1326 audit(1746841087.122:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10350 comm="syz.4.1140" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 238.315838][T10365] tmpfs: Bad value for 'grpquota_inode_hardlimit' [ 238.477022][T10369] netlink: 'syz.4.1142': attribute type 4 has an invalid length. [ 238.487123][T10369] netlink: 'syz.4.1142': attribute type 4 has an invalid length. [ 238.487291][T10371] RDS: rds_bind could not find a transport for ::ffff:172.20.20.170, load rds_tcp or rds_rdma? [ 238.614972][T10377] tmpfs: Cannot enable quota on remount [ 238.760527][T10383] tmpfs: Bad value for 'grpquota_inode_hardlimit' [ 239.013969][T10385] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1147'. [ 240.016957][T10402] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1152'. [ 240.022024][T10395] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1149'. [ 240.022037][T10396] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1150'. [ 240.858093][T10424] tmpfs: Bad value for 'mpol' [ 240.920093][T10429] tmpfs: Bad value for 'grpquota_inode_hardlimit' [ 241.215019][T10433] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1159'. [ 241.573201][T10437] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1160'. [ 241.648264][T10443] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1164'. [ 242.709551][T10454] input: syz1 as /devices/virtual/input/input99 [ 242.735825][T10454] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1166'. [ 242.823701][ T40] kauditd_printk_skb: 41 callbacks suppressed [ 242.823717][ T40] audit: type=1326 audit(1746841092.302:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10457 comm="syz.3.1167" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb5579 code=0x7ffc0000 [ 242.845834][ T40] audit: type=1326 audit(1746841092.332:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10457 comm="syz.3.1167" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb5579 code=0x7ffc0000 [ 242.853255][ T40] audit: type=1326 audit(1746841092.332:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10457 comm="syz.3.1167" exe="/syz-executor" sig=0 arch=40000003 syscall=231 compat=1 ip=0xf7fb5579 code=0x7ffc0000 [ 242.860601][ T40] audit: type=1326 audit(1746841092.332:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10457 comm="syz.3.1167" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb5579 code=0x7ffc0000 [ 242.869182][ T40] audit: type=1326 audit(1746841092.332:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10457 comm="syz.3.1167" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fb5579 code=0x7ffc0000 [ 242.878154][ T40] audit: type=1326 audit(1746841092.332:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10457 comm="syz.3.1167" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb5579 code=0x7ffc0000 [ 242.885081][ T40] audit: type=1326 audit(1746841092.332:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10457 comm="syz.3.1167" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb5579 code=0x7ffc0000 [ 242.951126][T10463] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1175'. [ 243.094926][ T40] audit: type=1326 audit(1746841092.352:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10457 comm="syz.3.1167" exe="/syz-executor" sig=0 arch=40000003 syscall=219 compat=1 ip=0xf7fb5579 code=0x7ffc0000 [ 243.101825][ T40] audit: type=1326 audit(1746841092.352:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10457 comm="syz.3.1167" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb5579 code=0x7ffc0000 [ 243.108493][ T40] audit: type=1326 audit(1746841092.352:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10457 comm="syz.3.1167" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fb5579 code=0x7ffc0000 [ 243.477286][T10469] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1168'. [ 243.870446][ T5955] Bluetooth: hci0: ACL packet for unknown connection handle 200 [ 244.027549][T10484] tmpfs: Bad value for 'mpol' [ 244.636446][T10496] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1174'. [ 245.164848][T10502] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1177'. [ 245.530955][T10507] tmpfs: Bad value for 'grpquota_inode_hardlimit' [ 245.706828][T10509] input: syz1 as /devices/virtual/input/input100 [ 245.960079][ T5955] Bluetooth: Unexpected start frame (len 16) [ 246.284147][T10525] tmpfs: Cannot enable quota on remount [ 246.859318][T10533] ubi31: attaching mtd0 [ 246.862744][T10533] ubi31: scanning is finished [ 246.864665][T10533] ubi31: empty MTD device detected [ 246.950240][T10533] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB) [ 246.953267][T10533] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 246.957327][T10533] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 246.960059][T10533] ubi31: VID header offset: 64 (aligned 64), data offset: 128 [ 246.962943][T10533] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 246.965598][T10533] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 246.968754][T10533] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 1748049789 [ 246.972669][T10533] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 246.979056][T10535] ubi31: background thread "ubi_bgt31d" started, PID 10535 [ 247.169916][T10542] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1186'. [ 247.385827][ T5955] Bluetooth: hci2: ACL packet for unknown connection handle 200 [ 247.699541][T10559] input: syz1 as /devices/virtual/input/input101 [ 247.720505][T10559] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1191'. [ 247.856668][T10560] input: syz1 as /devices/virtual/input/input102 [ 247.920235][T10562] XFS (sr0): Invalid superblock magic number [ 248.601360][ T5955] Bluetooth: hci2: ACL packet for unknown connection handle 200 [ 248.947654][T10597] input: syz1 as /devices/virtual/input/input103 [ 248.964429][T10597] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1201'. [ 248.973066][T10599] tmpfs: Bad value for 'grpquota_inode_hardlimit' [ 249.611409][T10605] input: syz1 as /devices/virtual/input/input104 [ 249.630654][T10605] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1205'. [ 249.919525][T10618] tmpfs: Bad value for 'grpquota_inode_hardlimit' [ 250.224594][T10620] input: syz1 as /devices/virtual/input/input105 [ 250.965085][T10634] syzkaller0: entered promiscuous mode [ 250.967108][T10634] syzkaller0: entered allmulticast mode [ 251.140168][T10641] tmpfs: Bad value for 'grpquota_inode_hardlimit' [ 251.613965][ T5955] Bluetooth: hci2: ACL packet for unknown connection handle 200 [ 251.888210][T10650] input: syz1 as /devices/virtual/input/input106 [ 251.907901][T10650] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1216'. [ 252.168510][T10661] tmpfs: Bad value for 'grpquota_inode_hardlimit' [ 252.263197][T10662] netlink: 'syz.1.1217': attribute type 10 has an invalid length. [ 252.746095][T10651] mac80211_hwsim hwsim5 wlan1: entered allmulticast mode [ 252.776232][T10662] mac80211_hwsim hwsim5 wlan1: left allmulticast mode [ 252.788616][T10662] 8021q: adding VLAN 0 to HW filter on device bond0 [ 252.811836][T10662] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 252.970539][T10674] input: syz1 as /devices/virtual/input/input107 [ 253.681956][ T5955] Bluetooth: hci2: ACL packet for unknown connection handle 200 [ 254.139823][T10696] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1226'. [ 254.436620][T10697] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1228'. [ 254.935987][ T5955] Bluetooth: hci3: ACL packet for unknown connection handle 200 [ 255.001411][T10716] tmpfs: Bad value for 'mpol' [ 255.156366][ T1415] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.158577][ T1415] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.336269][T10730] tmpfs: Bad value for 'mpol' [ 255.536313][ T5955] Bluetooth: hci2: ACL packet for unknown connection handle 200 [ 255.998356][T10748] tmpfs: Bad value for 'mpol' [ 256.713216][T10757] tmpfs: Cannot enable quota on remount [ 257.960460][T10783] input: syz1 as /devices/virtual/input/input108 [ 258.356351][T10788] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1249'. [ 259.162321][T10804] tmpfs: Bad value for 'mpol' [ 259.317489][T10806] netfs: Couldn't get user pages (rc=-14) [ 259.844063][T10815] XFS (sr0): Invalid superblock magic number [ 260.161447][T10824] input: syz1 as /devices/virtual/input/input109 [ 260.213637][T10817] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1254'. [ 261.007107][T10847] netlink: 'syz.4.1264': attribute type 10 has an invalid length. [ 261.009503][T10847] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1264'. [ 261.031873][T10847] team0: Port device geneve0 added [ 261.098686][T10841] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1260'. [ 261.104188][T10843] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1261'. [ 261.866044][T10874] tmpfs: Bad value for 'mpol' [ 261.872645][T10874] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1274'. [ 261.876297][T10874] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1274'. [ 261.883245][T10874] 9pnet_fd: Insufficient options for proto=fd [ 263.493023][ T40] kauditd_printk_skb: 30 callbacks suppressed [ 263.493035][ T40] audit: type=1804 audit(1746841112.972:233): pid=10900 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1282" name="/newroot/332/bus/bus" dev="overlay" ino=1792 res=1 errno=0 [ 263.494097][T10900] evm: overlay not supported [ 263.505887][T10900] Invalid ELF header len 8 [ 264.353892][T10930] netlink: 308 bytes leftover after parsing attributes in process `syz.4.1291'. [ 265.423225][T10943] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 266.195299][ T5955] Bluetooth: hci3: ACL packet too small [ 266.609109][T10982] sch_tbf: burst 0 is lower than device lo mtu (11337746) ! [ 267.691087][ T1142] Bluetooth: hci4: Frame reassembly failed (-84) [ 267.695017][T11015] Bluetooth: hci4: Frame reassembly failed (-84) [ 267.843936][ T40] audit: type=1326 audit(1746841117.322:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11007 comm="syz.1.1319" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f12579 code=0x7fc00000 [ 267.966078][T11026] nfs4: Unknown parameter 'w4]:"Áë' [ 268.103817][ T24] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 268.263829][ T24] usb 6-1: Using ep0 maxpacket: 8 [ 268.268865][ T24] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 268.271519][ T24] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 268.275143][ T24] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 268.278231][ T24] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 268.281314][ T24] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 268.285464][ T24] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 268.288290][ T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 268.502439][ T24] usb 6-1: usb_control_msg returned -32 [ 268.504486][ T24] usbtmc 6-1:16.0: can't read capabilities [ 268.856180][T11030] usbtmc 6-1:16.0: usb_control_msg returned -32 [ 268.859563][ T34] usb 6-1: USB disconnect, device number 6 [ 269.154974][T11039] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1330'. [ 269.161457][T11039] vlan2: entered allmulticast mode [ 269.163136][T11039] gretap0: entered allmulticast mode [ 269.713872][ T5955] Bluetooth: hci4: Entering manufacturer mode failed (-110) [ 269.713957][ T67] Bluetooth: hci4: command 0xfc11 tx timeout [ 269.995224][ T40] audit: type=1800 audit(1746841119.482:235): pid=11056 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1337" name="/" dev="9p" ino=2 res=0 errno=0 [ 270.093829][ T24] usb 9-1: new high-speed USB device number 2 using dummy_hcd [ 270.255515][ T24] usb 9-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 270.259043][ T24] usb 9-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 270.263091][ T24] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 270.273820][ T24] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 270.283877][ T24] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 270.293518][ T24] usb 9-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 270.303798][ T24] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 270.306918][ T24] usb 9-1: Product: syz [ 270.308575][ T24] usb 9-1: Manufacturer: syz [ 270.315559][ T24] cdc_wdm 9-1:1.0: skipping garbage [ 270.317682][ T24] cdc_wdm 9-1:1.0: skipping garbage [ 270.322044][ T24] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device [ 270.327014][ T24] cdc_wdm 9-1:1.0: Unknown control protocol [ 270.512918][T11070] netlink: 'syz.1.1342': attribute type 4 has an invalid length. [ 270.521864][T11070] netlink: 'syz.1.1342': attribute type 4 has an invalid length. [ 270.574057][ C2] cdc_wdm 9-1:1.0: nonzero urb status received: -71 [ 270.577016][ C2] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes [ 270.579746][ C2] cdc_wdm 9-1:1.0: nonzero urb status received: -71 [ 270.582461][ C2] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes [ 270.584628][ C2] cdc_wdm 9-1:1.0: nonzero urb status received: -71 [ 270.586653][ C2] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes [ 270.588733][ C2] cdc_wdm 9-1:1.0: nonzero urb status received: -71 [ 270.590758][ C2] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes [ 270.592752][ C2] cdc_wdm 9-1:1.0: nonzero urb status received: -71 [ 270.594759][ C2] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes [ 270.596820][ C2] cdc_wdm 9-1:1.0: nonzero urb status received: -71 [ 270.598793][ C2] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes [ 270.600843][ C2] cdc_wdm 9-1:1.0: nonzero urb status received: -71 [ 270.602846][ C2] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes [ 270.604848][ C2] cdc_wdm 9-1:1.0: nonzero urb status received: -71 [ 270.606861][ C2] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes [ 270.608904][ C2] cdc_wdm 9-1:1.0: nonzero urb status received: -71 [ 270.610945][ C2] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes [ 270.612972][ C2] cdc_wdm 9-1:1.0: nonzero urb status received: -71 [ 270.615025][ C2] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes [ 270.623510][ T24] usb 9-1: USB disconnect, device number 2 [ 270.626010][ C2] cdc_wdm 9-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19 [ 271.463931][ T64] usb 9-1: new high-speed USB device number 3 using dummy_hcd [ 271.613804][ T64] usb 9-1: Using ep0 maxpacket: 32 [ 271.617706][ T64] usb 9-1: unable to get BOS descriptor or descriptor too short [ 271.621229][ T64] usb 9-1: config 128 has an invalid interface number: 127 but max is 3 [ 271.623841][ T64] usb 9-1: config 128 has an invalid descriptor of length 0, skipping remainder of the config [ 271.627029][ T64] usb 9-1: config 128 has 1 interface, different from the descriptor's value: 4 [ 271.629776][ T64] usb 9-1: config 128 has no interface number 0 [ 271.631726][ T64] usb 9-1: config 128 interface 127 altsetting 14 endpoint 0x5 has invalid wMaxPacketSize 0 [ 271.634829][ T64] usb 9-1: config 128 interface 127 has no altsetting 0 [ 271.638540][ T64] usb 9-1: New USB device found, idVendor=0582, idProduct=295c, bcdDevice=d4.55 [ 271.641211][ T64] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 271.643694][ T64] usb 9-1: Product: syz [ 271.645020][ T64] usb 9-1: Manufacturer: syz [ 271.646433][ T64] usb 9-1: SerialNumber: syz [ 271.868968][ T64] usb 9-1: USB disconnect, device number 3 [ 271.880897][ T5944] udevd[5944]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb9/9-1/9-1:128.127/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 272.233943][ T1329] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 272.393807][ T1329] usb 7-1: Using ep0 maxpacket: 32 [ 272.397459][ T1329] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 272.400687][ T1329] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 272.403641][ T1329] usb 7-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 272.406520][ T1329] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 272.409931][ T1329] usb 7-1: config 0 descriptor?? [ 272.412898][ T1329] hub 7-1:0.0: USB hub found [ 272.624768][ T1329] hub 7-1:0.0: config failed, can't read hub descriptor (err -22) [ 273.631531][ T1142] Bluetooth: hci4: Frame reassembly failed (-84) [ 274.143842][ T5984] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 274.313911][ T5984] usb 6-1: Using ep0 maxpacket: 32 [ 274.317161][ T5984] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 274.320629][ T5984] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 274.323624][ T5984] usb 6-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 274.327105][ T5984] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 274.333134][ T5984] usb 6-1: config 0 descriptor?? [ 274.336950][ T5984] hub 6-1:0.0: USB hub found [ 274.539614][ T5984] hub 6-1:0.0: 1 port detected [ 275.034424][ T1329] usbhid 7-1:0.0: can't add hid device: -71 [ 275.036370][ T1329] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 275.054917][ T1329] usb 7-1: USB disconnect, device number 5 [ 275.143144][ T5984] hub 6-1:0.0: activate --> -90 [ 275.346280][ T5984] hub 6-1:0.0: hub_ext_port_status failed (err = -71) [ 275.347129][ T1329] usb 6-1: USB disconnect, device number 7 [ 275.635491][ T5955] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 276.644738][ T6055] IPVS: starting estimator thread 0... [ 276.646689][T11148] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 276.754202][T11150] IPVS: using max 44 ests per chain, 105600 per kthread [ 276.797328][T11160] capability: warning: `syz.1.1374' uses 32-bit capabilities (legacy support in use) [ 277.641613][T11192] netlink: 'syz.2.1386': attribute type 10 has an invalid length. [ 277.646236][T11192] veth1_macvtap: left promiscuous mode [ 278.367718][T11209] dvmrp0: entered allmulticast mode [ 278.717748][T11224] sctp: [Deprecated]: syz.3.1399 (pid 11224) Use of struct sctp_assoc_value in delayed_ack socket option. [ 278.717748][T11224] Use struct sctp_sack_info instead [ 279.634545][T11238] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1402'. [ 279.847091][T11245] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1404'. [ 280.361867][ T40] audit: type=1326 audit(1746841129.842:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11255 comm="syz.2.1407" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 280.401929][ T40] audit: type=1326 audit(1746841129.842:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11255 comm="syz.2.1407" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7fc35a7 code=0x7ffc0000 [ 280.411125][ T40] audit: type=1326 audit(1746841129.842:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11255 comm="syz.2.1407" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 280.423245][ T40] audit: type=1326 audit(1746841129.842:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11255 comm="syz.2.1407" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7fc35a7 code=0x7ffc0000 [ 280.440999][ T40] audit: type=1326 audit(1746841129.842:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11255 comm="syz.2.1407" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 280.450139][ T40] audit: type=1326 audit(1746841129.842:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11255 comm="syz.2.1407" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7fc35a7 code=0x7ffc0000 [ 280.461151][ T40] audit: type=1326 audit(1746841129.842:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11255 comm="syz.2.1407" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 280.469335][ T40] audit: type=1326 audit(1746841129.842:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11255 comm="syz.2.1407" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7fc35a7 code=0x7ffc0000 [ 280.478927][ T40] audit: type=1326 audit(1746841129.842:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11255 comm="syz.2.1407" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 280.487132][ T40] audit: type=1326 audit(1746841129.842:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11255 comm="syz.2.1407" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7fc35a7 code=0x7ffc0000 [ 280.667162][T11259] lo speed is unknown, defaulting to 1000 [ 280.669147][T11259] lo speed is unknown, defaulting to 1000 [ 280.672260][T11259] lo speed is unknown, defaulting to 1000 [ 280.676938][T11259] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 280.682923][T11259] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 280.716039][T11259] lo speed is unknown, defaulting to 1000 [ 280.719458][T11259] lo speed is unknown, defaulting to 1000 [ 280.722509][T11259] lo speed is unknown, defaulting to 1000 [ 280.725726][T11259] lo speed is unknown, defaulting to 1000 [ 281.403937][ T6750] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 281.553906][ T6750] usb 6-1: Using ep0 maxpacket: 8 [ 281.557872][ T6750] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 281.561026][ T6750] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 281.565766][ T6750] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 281.570508][ T6750] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 281.575206][ T6750] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 281.583402][ T6750] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 281.586681][ T6750] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 281.591233][ T6750] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 281.596024][ T6750] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 281.600487][ T6750] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 281.606279][ T6750] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 281.609413][ T6750] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 281.614130][ T6750] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 281.618945][ T6750] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 281.623585][ T6750] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 281.631910][ T6750] usb 6-1: string descriptor 0 read error: -22 [ 281.635021][ T6750] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 281.638766][ T6750] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 281.653125][ T6750] adutux 6-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 281.894006][ T34] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 281.969805][ T6109] usb 6-1: USB disconnect, device number 8 [ 282.043959][ T34] usb 7-1: Using ep0 maxpacket: 8 [ 282.049464][ T34] usb 7-1: config index 0 descriptor too short (expected 301, got 45) [ 282.052892][ T34] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 282.059132][ T34] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 282.063156][ T34] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 282.067351][ T34] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 282.072624][ T34] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 282.076545][ T34] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 282.287717][ T34] usb 7-1: usb_control_msg returned -32 [ 282.290346][ T34] usbtmc 7-1:16.0: can't read capabilities [ 282.640584][T11302] usbtmc 7-1:16.0: INITIATE_CLEAR returned 0 [ 282.842507][ T34] usb 7-1: USB disconnect, device number 6 [ 282.885138][T11306] capability: warning: `syz.1.1424' uses deprecated v2 capabilities in a way that may be insecure [ 283.498645][T11317] netdevsim netdevsim2: Direct firmware load for ./file0 failed with error -2 [ 283.501854][T11317] netdevsim netdevsim2: Falling back to sysfs fallback for: ./file0 [ 284.547394][T11323] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 285.449854][T11363] x_tables: ip6_tables: policy.0 match: invalid size 312 (kernel) != (user) 0 [ 285.669416][T11365] Invalid logical block size (768) [ 287.193807][ T6055] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 287.344148][ T6055] usb 6-1: Using ep0 maxpacket: 8 [ 287.350092][ T6055] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 287.352655][ T6055] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 287.356379][ T6055] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 287.359867][ T6055] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 287.363303][ T6055] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 287.367602][ T6055] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 287.370643][ T6055] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 287.403936][ T67] Bluetooth: hci1: command 0x0405 tx timeout [ 287.602587][ T6055] usb 6-1: GET_CAPABILITIES returned 0 [ 287.604540][ T6055] usbtmc 6-1:16.0: can't read capabilities [ 287.688363][T11396] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1456'. [ 287.702933][T11396] 8021q: adding VLAN 0 to HW filter on device bond2 [ 287.717219][T11396] 8021q: adding VLAN 0 to HW filter on device bond2 [ 287.719441][T11396] bond2: (slave vxcan3): The slave device specified does not support setting the MAC address [ 287.723272][T11396] bond2: (slave vxcan3): Error -95 calling set_mac_address [ 287.805300][ T1329] usb 6-1: USB disconnect, device number 9 [ 288.141425][T11411] lo speed is unknown, defaulting to 1000 [ 288.248690][T11417] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1464'. [ 288.251842][T11417] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1464'. [ 288.255229][T11417] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1464'. [ 288.348450][T11421] tmpfs: Bad value for 'mpol' [ 289.638744][T11455] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1480'. [ 289.917734][ T40] kauditd_printk_skb: 392 callbacks suppressed [ 289.917750][ T40] audit: type=1326 audit(1746841139.402:638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11470 comm="syz.2.1485" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 289.928900][ T40] audit: type=1326 audit(1746841139.402:639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11470 comm="syz.2.1485" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 289.937943][ T40] audit: type=1326 audit(1746841139.402:640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11470 comm="syz.2.1485" exe="/syz-executor" sig=0 arch=40000003 syscall=395 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 289.947228][ T40] audit: type=1326 audit(1746841139.402:641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11470 comm="syz.2.1485" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 289.956107][ T40] audit: type=1326 audit(1746841139.402:642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11470 comm="syz.2.1485" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 289.965048][ T40] audit: type=1326 audit(1746841139.402:643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11470 comm="syz.2.1485" exe="/syz-executor" sig=0 arch=40000003 syscall=397 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 289.971874][ T40] audit: type=1326 audit(1746841139.402:644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11470 comm="syz.2.1485" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 289.979255][ T40] audit: type=1326 audit(1746841139.402:645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11470 comm="syz.2.1485" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 289.986545][ T40] audit: type=1326 audit(1746841139.402:646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11470 comm="syz.2.1485" exe="/syz-executor" sig=0 arch=40000003 syscall=398 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 289.995139][ T40] audit: type=1326 audit(1746841139.402:647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11470 comm="syz.2.1485" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 290.217151][T11487] netlink: 404 bytes leftover after parsing attributes in process `syz.3.1493'. [ 290.373896][ T24] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 290.563788][ T24] usb 7-1: Using ep0 maxpacket: 32 [ 290.566819][ T24] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 290.571516][ T24] usb 7-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 290.574407][ T24] usb 7-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 290.576975][ T24] usb 7-1: Product: syz [ 290.578307][ T24] usb 7-1: Manufacturer: syz [ 290.579773][ T24] usb 7-1: SerialNumber: syz [ 290.583992][ T24] usb 7-1: config 0 descriptor?? [ 290.587242][T11483] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 290.857000][ T1329] usb 7-1: USB disconnect, device number 7 [ 290.884021][ T6750] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 291.053885][ T6750] usb 6-1: Using ep0 maxpacket: 8 [ 291.057240][ T6750] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 291.060691][ T6750] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 291.063887][ T6750] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 291.067455][ T6750] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 291.071505][ T6750] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 291.074484][ T6750] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 291.282664][ T6750] usb 6-1: GET_CAPABILITIES returned 0 [ 291.285278][ T1329] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 291.288627][ T6750] usbtmc 6-1:16.0: can't read capabilities [ 291.434448][ T1329] usb 7-1: Using ep0 maxpacket: 32 [ 291.438401][ T1329] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 291.442954][ T1329] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 291.447071][ T1329] usb 7-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 291.450886][ T1329] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 291.456805][ T1329] usb 7-1: config 0 descriptor?? [ 291.496457][ T24] usb 6-1: USB disconnect, device number 10 [ 291.870370][ T1329] savu 0003:1E7D:2D5A.0009: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.2-1/input0 [ 292.274925][T11532] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1508'. [ 292.280982][T11532] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1 [ 292.638506][ T5984] usb 7-1: USB disconnect, device number 8 [ 292.673924][T11497] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 292.988736][T11552] loop6: detected capacity change from 0 to 524287999 [ 292.992395][T11552] Buffer I/O error on dev loop6, logical block 0, async page read [ 292.997094][T11552] Buffer I/O error on dev loop6, logical block 0, async page read [ 293.000348][T11552] Buffer I/O error on dev loop6, logical block 0, async page read [ 293.003278][T11552] Buffer I/O error on dev loop6, logical block 0, async page read [ 293.006410][T11552] Buffer I/O error on dev loop6, logical block 0, async page read [ 293.009066][T11552] Buffer I/O error on dev loop6, logical block 0, async page read [ 293.011976][T11552] Buffer I/O error on dev loop6, logical block 0, async page read [ 293.015616][T11552] Buffer I/O error on dev loop6, logical block 0, async page read [ 293.020394][T11552] ldm_validate_partition_table(): Disk read failed. [ 293.023211][T11552] Buffer I/O error on dev loop6, logical block 0, async page read [ 293.032224][T11552] Buffer I/O error on dev loop6, logical block 0, async page read [ 293.035151][T11552] Dev loop6: unable to read RDB block 0 [ 293.037568][T11552] loop6: unable to read partition table [ 293.039548][T11552] loop_reread_partitions: partition scan of loop6 (3Ÿ ¾x³˜CÖ) failed (rc=-5) [ 293.963972][ T6750] usb 9-1: new high-speed USB device number 4 using dummy_hcd [ 294.124935][ T6750] usb 9-1: Using ep0 maxpacket: 8 [ 294.132026][ T6750] usb 9-1: config 0 has an invalid interface number: 122 but max is 0 [ 294.134984][ T6750] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 294.138412][ T6750] usb 9-1: config 0 has no interface number 0 [ 294.140542][ T6750] usb 9-1: config 0 interface 122 altsetting 0 endpoint 0xA has invalid maxpacket 512, setting to 64 [ 294.144147][ T6750] usb 9-1: config 0 interface 122 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 8 [ 294.147507][ T6750] usb 9-1: config 0 interface 122 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 1023 [ 294.151143][ T6750] usb 9-1: config 0 interface 122 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 8 [ 294.162857][ T6750] usb 9-1: New USB device found, idVendor=1286, idProduct=2046, bcdDevice= 5.b7 [ 294.166074][ T6750] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 294.169020][ T6750] usb 9-1: Product: syz [ 294.170775][ T6750] usb 9-1: Manufacturer: syz [ 294.172599][ T6750] usb 9-1: SerialNumber: syz [ 294.186998][ T6750] usb 9-1: config 0 descriptor?? [ 294.190326][T11566] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 294.192604][T11566] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 294.408483][T11566] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 294.409890][T11578] netlink: 'syz.2.1525': attribute type 11 has an invalid length. [ 294.411249][T11566] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 294.413894][T11578] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1525'. [ 294.445808][ T6750] usb 9-1: NFC: intf ffff888021d65000 id ffffffff8f342620 [ 294.494671][ T6750] nfcmrvl 9-1:0.122: NFC: registered with nci successfully [ 294.520482][ T6750] usb 9-1: USB disconnect, device number 4 [ 294.552308][ T6750] usb 9-1: NFC: intf ffff888021d65000 [ 295.022801][ T40] kauditd_printk_skb: 1 callbacks suppressed [ 295.022812][ T40] audit: type=1326 audit(1746841144.502:649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11587 comm="syz.2.1527" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 295.035511][ T40] audit: type=1326 audit(1746841144.502:650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11587 comm="syz.2.1527" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7fc35a7 code=0x7ffc0000 [ 295.042081][ T40] audit: type=1326 audit(1746841144.502:651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11587 comm="syz.2.1527" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 295.049278][ T40] audit: type=1326 audit(1746841144.502:652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11587 comm="syz.2.1527" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7fc35a7 code=0x7ffc0000 [ 295.057062][ T40] audit: type=1326 audit(1746841144.502:653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11587 comm="syz.2.1527" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 295.064112][ T40] audit: type=1326 audit(1746841144.502:654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11587 comm="syz.2.1527" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7fc35a7 code=0x7ffc0000 [ 295.070680][ T40] audit: type=1326 audit(1746841144.502:655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11587 comm="syz.2.1527" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 295.083789][ T40] audit: type=1326 audit(1746841144.502:656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11587 comm="syz.2.1527" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7fc35a7 code=0x7ffc0000 Connection to localhost closed by remote host. [ 295.095936][ T40] audit: type=1326 audit(1746841144.502:657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11587 comm="syz.2.1527" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 295.105431][ T40] audit: type=1326 audit(1746841144.502:658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11587 comm="syz.2.1527" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7fc35a7 code=0x7ffc0000 [ 295.462640][ T1134] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 295.568315][ T1134] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 295.633437][ T1134] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 295.713027][ T1134] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 295.780546][ T1134] bridge_slave_1: left allmulticast mode [ 295.782738][ T1134] bridge_slave_1: left promiscuous mode [ 295.784821][ T1134] bridge0: port 2(bridge_slave_1) entered disabled state [ 295.788215][ T1134] bridge_slave_0: left allmulticast mode [ 295.789997][ T1134] bridge_slave_0: left promiscuous mode [ 295.791861][ T1134] bridge0: port 1(bridge_slave_0) entered disabled state [ 296.181710][ T1134] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 296.186487][ T1134] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 296.189966][ T1134] bond0 (unregistering): Released all slaves [ 296.196550][ T1134] bond1 (unregistering): Released all slaves [ 296.202613][ T1134] bond2 (unregistering): Released all slaves [ 296.643010][ T1134] hsr_slave_0: left promiscuous mode [ 296.645193][ T1134] hsr_slave_1: left promiscuous mode [ 296.647180][ T1134] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 296.649512][ T1134] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 296.652059][ T1134] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 296.654935][ T1134] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 296.672438][ T1134] veth0_macvtap: left promiscuous mode [ 296.674509][ T1134] veth1_vlan: left promiscuous mode [ 296.676249][ T1134] veth0_vlan: left promiscuous mode [ 297.248046][ T1134] team0 (unregistering): Port device team_slave_1 removed [ 297.320964][ T1134] team0 (unregistering): Port device team_slave_0 removed [ 297.761086][ T5984] lo speed is unknown, defaulting to 1000 [ 297.763267][ T5984] syz2: Port: 1 Link DOWN [ 298.122173][ T1134] IPVS: stop unused estimator thread 0... [ 298.202326][ T1134] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 298.317617][ T1134] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 298.374750][ T1134] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 298.436485][ T1134] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 298.522278][ T1134] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 298.615655][ T1134] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 298.677914][ T1134] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 298.770526][ T1134] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 298.858542][ T1134] bridge_slave_1: left allmulticast mode [ 298.860413][ T1134] bridge_slave_1: left promiscuous mode [ 298.862306][ T1134] bridge0: port 2(bridge_slave_1) entered disabled state [ 298.868846][ T1134] bridge_slave_0: left allmulticast mode [ 298.870696][ T1134] bridge_slave_0: left promiscuous mode [ 298.872518][ T1134] bridge0: port 1(bridge_slave_0) entered disabled state [ 299.054687][ T1134] dvmrp0 (unregistering): left allmulticast mode [ 299.080314][ T1134] team0: Port device geneve0 removed [ 299.299922][ T1134] bond0 (unregistering): (slave team0): Releasing backup interface [ 299.303518][ T1134] bond0 (unregistering): Released all slaves [ 299.365173][ T1134] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 299.369442][ T1134] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 299.373078][ T1134] bond0 (unregistering): Released all slaves [ 299.379120][ T1134] bond1 (unregistering): Released all slaves [ 299.442933][ T1134] bond2 (unregistering): Released all slaves [ 300.911067][ T1134] tipc: Disabling bearer [ 300.919315][ T1134] tipc: Left network mode [ 301.416880][ T1134] hsr_slave_0: left promiscuous mode [ 301.418962][ T1134] hsr_slave_1: left promiscuous mode [ 301.422888][ T1134] hsr_slave_0: left promiscuous mode [ 301.425148][ T1134] hsr_slave_1: left promiscuous mode [ 301.427134][ T1134] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 301.429445][ T1134] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 301.432001][ T1134] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 301.434402][ T1134] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 301.464424][ T1134] veth1_macvtap: left promiscuous mode [ 301.466245][ T1134] veth0_macvtap: left promiscuous mode [ 301.468031][ T1134] veth1_vlan: left promiscuous mode [ 301.470825][ T1134] veth0_vlan: left promiscuous mode [ 301.472968][ T1134] veth1_macvtap: left promiscuous mode [ 301.474827][ T1134] veth0_macvtap: left promiscuous mode [ 301.476631][ T1134] veth1_vlan: left promiscuous mode [ 301.478341][ T1134] veth0_vlan: left promiscuous mode [ 303.085165][ T1134] team0 (unregistering): Port device team_slave_1 removed [ 303.147732][ T1134] team0 (unregistering): Port device team_slave_0 removed [ 303.956793][ T1134] BUG: unable to handle page fault for address: ffffffffffffff78 [ 303.959241][ T1134] #PF: supervisor read access in kernel mode [ 303.961173][ T1134] #PF: error_code(0x0000) - not-present page [ 303.965517][ T1134] PGD e184067 P4D e184067 PUD e186067 PMD 0 [ 303.968057][ T1134] Oops: Oops: 0000 [#1] SMP KASAN NOPTI [ 303.970270][ T1134] CPU: 1 UID: 0 PID: 1134 Comm: kworker/u32:6 Not tainted 6.15.0-rc5-syzkaller-00204-g0e1329d4045c #0 PREEMPT(full) [ 303.975251][ T1134] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 303.979673][ T1134] Workqueue: netns cleanup_net [ 303.981666][ T1134] RIP: 0010:flush_workqueue_prep_pwqs+0x16a/0x510 [ 303.984359][ T1134] Code: 00 00 00 48 8d 98 78 ff ff ff 48 39 04 24 0f 84 61 01 00 00 e8 47 bd 38 00 48 89 d8 48 c1 e8 03 80 3c 28 00 0f 85 f9 02 00 00 <4c> 8b 3b 4d 39 ef 74 3c e8 29 bd 38 00 4d 85 ed 0f 84 81 01 00 00 [ 303.992277][ T1134] RSP: 0018:ffffc90006daf640 EFLAGS: 00010246 [ 303.994850][ T1134] RAX: 1fffffffffffffef RBX: ffffffffffffff78 RCX: ffff88802593b000 [ 303.998160][ T1134] RDX: ffff88801fec2440 RSI: ffffffff8181df99 RDI: ffff88802593b0b8 [ 304.001474][ T1134] RBP: dffffc0000000000 R08: 0000000000000001 R09: ffffed1004b27617 [ 304.004796][ T1134] R10: ffff88802593b0bb R11: 0000000000000000 R12: 0000000000000001 [ 304.008122][ T1134] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 304.011286][ T1134] FS: 0000000000000000(0000) GS:ffff8880978ec000(0000) knlGS:0000000000000000 [ 304.014933][ T1134] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 304.017695][ T1134] CR2: ffffffffffffff78 CR3: 000000000e180000 CR4: 0000000000352ef0 [ 304.020956][ T1134] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 304.024207][ T1134] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 304.027530][ T1134] Call Trace: [ 304.028962][ T1134] [ 304.030244][ T1134] __flush_workqueue+0x50c/0x1230 [ 304.032372][ T1134] ? find_held_lock+0x2b/0x80 [ 304.034373][ T1134] ? __pfx___flush_workqueue+0x10/0x10 [ 304.036682][ T1134] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 304.039201][ T1134] drain_workqueue+0x199/0x3d0 [ 304.040854][ T1134] destroy_workqueue+0xc2/0xaa0 [ 304.042460][ T1134] wg_destruct+0x1f1/0x3d0 [ 304.043871][ T1134] ? __pfx_wg_destruct+0x10/0x10 [ 304.045431][ T1134] netdev_run_todo+0x78c/0x1320 [ 304.046955][ T1134] ? __pfx_netdev_run_todo+0x10/0x10 [ 304.048600][ T1134] ? unregister_netdevice_queue+0x22e/0x3f0 [ 304.050452][ T1134] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 304.052877][ T1134] ? batadv_meshif_destroy_vlan+0xdf/0x160 [ 304.055347][ T1134] default_device_exit_batch+0x858/0xaf0 [ 304.057742][ T1134] ? __pfx_default_device_exit_batch+0x10/0x10 [ 304.060336][ T1134] ? __pfx_rdma_dev_exit_net+0x10/0x10 [ 304.062649][ T1134] ? __pfx___might_resched+0x10/0x10 [ 304.064541][ T1134] ? __pfx_cfg802154_pernet_exit+0x10/0x10 [ 304.066389][ T1134] ? __pfx_default_device_exit_batch+0x10/0x10 [ 304.068303][ T1134] ops_exit_list+0x128/0x180 [ 304.069771][ T1134] cleanup_net+0x5c1/0xb30 [ 304.071249][ T1134] ? __pfx_cleanup_net+0x10/0x10 [ 304.072876][ T1134] ? rcu_is_watching+0x12/0xc0 [ 304.074407][ T1134] process_one_work+0x9cc/0x1b70 [ 304.076045][ T1134] ? __pfx_cleanup_net+0x10/0x10 [ 304.077631][ T1134] ? __pfx_process_one_work+0x10/0x10 [ 304.079312][ T1134] ? assign_work+0x1a0/0x250 [ 304.080774][ T1134] worker_thread+0x6c8/0xf10 [ 304.082327][ T1134] ? __pfx_worker_thread+0x10/0x10 [ 304.083941][ T1134] kthread+0x3c2/0x780 [ 304.085241][ T1134] ? __pfx_kthread+0x10/0x10 [ 304.086736][ T1134] ? __pfx_kthread+0x10/0x10 [ 304.088184][ T1134] ? __pfx_kthread+0x10/0x10 [ 304.089650][ T1134] ? __pfx_kthread+0x10/0x10 [ 304.091134][ T1134] ? rcu_is_watching+0x12/0xc0 [ 304.092737][ T1134] ? __pfx_kthread+0x10/0x10 [ 304.094281][ T1134] ret_from_fork+0x45/0x80 [ 304.095728][ T1134] ? __pfx_kthread+0x10/0x10 [ 304.097245][ T1134] ret_from_fork_asm+0x1a/0x30 [ 304.098838][ T1134] [ 304.099862][ T1134] Modules linked in: [ 304.101301][ T1134] CR2: ffffffffffffff78 [ 304.102749][ T1134] ---[ end trace 0000000000000000 ]--- [ 304.104479][ T1134] RIP: 0010:flush_workqueue_prep_pwqs+0x16a/0x510 [ 304.106576][ T1134] Code: 00 00 00 48 8d 98 78 ff ff ff 48 39 04 24 0f 84 61 01 00 00 e8 47 bd 38 00 48 89 d8 48 c1 e8 03 80 3c 28 00 0f 85 f9 02 00 00 <4c> 8b 3b 4d 39 ef 74 3c e8 29 bd 38 00 4d 85 ed 0f 84 81 01 00 00 [ 304.113434][ T1134] RSP: 0018:ffffc90006daf640 EFLAGS: 00010246 [ 304.116001][ T1134] RAX: 1fffffffffffffef RBX: ffffffffffffff78 RCX: ffff88802593b000 [ 304.119319][ T1134] RDX: ffff88801fec2440 RSI: ffffffff8181df99 RDI: ffff88802593b0b8 [ 304.122496][ T1134] RBP: dffffc0000000000 R08: 0000000000000001 R09: ffffed1004b27617 [ 304.125239][ T1134] R10: ffff88802593b0bb R11: 0000000000000000 R12: 0000000000000001 [ 304.127715][ T1134] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 304.130171][ T1134] FS: 0000000000000000(0000) GS:ffff8880978ec000(0000) knlGS:0000000000000000 [ 304.132943][ T1134] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 304.135000][ T1134] CR2: ffffffffffffff78 CR3: 000000000e180000 CR4: 0000000000352ef0 [ 304.137495][ T1134] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 304.139952][ T1134] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 304.142898][ T1134] Kernel panic - not syncing: Fatal exception [ 304.145411][ T1134] Kernel Offset: disabled [ 304.146800][ T1134] Rebooting in 86400 seconds.. VM DIAGNOSIS: 01:35:24 Registers: info registers vcpu 0 CPU#0 RAX=00000000006af474 RBX=0000000000000000 RCX=ffffffff8b6943e9 RDX=ffffed10056465be RSI=ffffffff8bf46c20 RDI=ffffffff81912251 RBP=fffffbfff1c12ee8 RSP=ffffffff8e007e10 R8 =0000000000000000 R9 =ffffed10056465bd R10=ffff88802b232deb R11=0000000000000000 R12=0000000000000000 R13=ffffffff8e097740 R14=ffffffff90850e10 R15=0000000000000000 RIP=ffffffff8b692c7f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880977ec000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000002f31fffc CR3=000000000e180000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000a60ce07b 00000000cec3662e ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 3f208552c0d65f66 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 85083efa2642c5d0 cfe52718587cf933 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000004dc0 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 b5aa554d1aa2966b a9ea7da549f3242f ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007495de36c9c0 7b2e3127b5e3d63b ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 cc81be825937fe70 3000000008000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 1ca1d6b876000000 9a13969e5e000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 09b647dcb5ed3394 6c7d9320bdf8a80e ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 8f14fe7213abe036 534040de491b7a5b ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff854c18f5 RDI=ffffffff9addfbc0 RBP=ffffffff9addfb80 RSP=ffffc90006daeed0 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=727265203a465023 R12=0000000000000000 R13=0000000000000020 R14=ffffffff9addfb80 R15=ffffffff854c1890 RIP=ffffffff854c191f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880978ec000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=ffffffffffffff78 CR3=000000000e180000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a44ec37ad056f6a6 3aa72bd31b34608e ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 02aee6292c0b1f59 dde8ec6ad0e74322 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 094671c626a71ae3 6051e8ccf9e7cd77 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 3bb79f9285b73e57 7e6ae33163166b07 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000004f80 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6fb07abde8000000 00000182b912af7f ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f45c41ffaa000000 0a00000092000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 e28783ccb9067fbe fb84b18bfbf07c53 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000013bb918e510 52000000d0dce200 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 b9dd776bee0a59fb 9df6e19c576d4b79 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f284f42cf4887f64 ea1a44b8a0fbf6ef ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=00000000005063cd RBX=0000000000000002 RCX=ffffffff8b6943e9 RDX=0000000000000000 RSI=ffffffff8dbdb839 RDI=ffffffff8bf46ca0 RBP=ffffed1003b55910 RSP=ffffc9000047fdf8 R8 =0000000000000001 R9 =ffffed10056865bd R10=ffff88802b432deb R11=0000000000000000 R12=0000000000000002 R13=ffff88801daac880 R14=ffffffff90850e10 R15=0000000000000000 RIP=ffffffff8b692c7f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880979ec000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f5045cc0 CR3=000000000e180000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000fc00feff Opmask01=0000000000000000 Opmask02=00000000017f0037 Opmask03=0000000020400004 Opmask04=00000000ffffdfff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 b9dd776bee0a59fb 9df6e19c576d4b79 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f284f42cf4887f64 ea1a44b8a0fbf6ef ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6ddcc6e90d89bdc4 f2360ca39ba14e54 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 c33181a1b8bfd5dc 165eb929729de753 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000004f40 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000003f3207a85b6 0059196fc802c025 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 756489d0465a48b1 0000b8b46d3448f5 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f88472a12bf7a6aa 60e3033abc000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 82000000807c70d9 b8aace5cbc000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 d9ba7874b3a07704 b42f9337af41247c ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 fe420bb05dc34ebe b560d627222fec37 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 312d392f39627375 2f342e6463685f79 6d6d75642f6d726f 6674616c702f7365 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0a565c560a000a56 50470a565c560a00 0a484051565c5647 50560a565c560a00 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7361647c2a737369 63637c2a65686361 63627c2a6476787c 2a64767c2a64737c ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6523377c2185f63d 0000563609b2b57e 0000000000000231 0000003077617264 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 322e392d3533712d 63707276703a2939 3030322c39484349 2b35335128435064 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7261646e6174536e 703a554d45516e76 733a302e3072623a 343130322f31302f ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343064623a312b32 316f70627e322d33 2e36312e312d6e61 696265642d332e36 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 313032302c394631 302c324331302c38 4231302c46413130 2c454131302c4341 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=00000000003d26a4 RBX=0000000000000003 RCX=ffffffff8b6943e9 RDX=ffffed10056a65be RSI=ffffffff8bf46c20 RDI=ffffffff81912251 RBP=ffffed1003b58000 RSP=ffffc9000048fdf8 R8 =0000000000000000 R9 =ffffed10056a65bd R10=ffff88802b532deb R11=0000000000000000 R12=0000000000000003 R13=ffff88801dac0000 R14=ffffffff90850e10 R15=0000000000000000 RIP=ffffffff8b692c7f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff888097aec000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000000c2ef6ea CR3=000000000e180000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000080000010 Opmask01=0000000000021d1f Opmask02=00000000ffff1fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000007000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 e55292708dfbb45f 03090fb4117ec504 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4b17c1a1ff09ea88 2bf1c307047464db ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 86fbe29bd0833689 fab1a589bf618dc9 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 9171d46f89d55cf8 afed159d967e5a4e ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000004ec0 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 22000000b6827323 3300000002000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 870a305e000001c2 b683f53a0000006c ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 81c3fa00423406f6 0000b66b5e1e749a ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0e000000ea000000 b683458cb66ad89f ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0c9c14d44528dcbc 6b8bf61cf1606a4e ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 242ccb8b29fc8292 bd619db86041abc5 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f72726520636269 6c67206c61746146 000000706d74752f 6e75722f7261762f ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 640065676175676e 616c5f626400656c 7075745f62640062 6f6c625f62640065 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4800494b4d594b42 4d405f4e48004940 5c59585f4e48004e 43404e5f4e480049 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 68637461772e6575 6575716b726f7720 35353d6873657268 745f676f64686374 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6e2e65726f632e74 656e2e6c74637379 73203034313d6873 657268745f676f64 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 656c6f736e6f6320 6164732f7665642f 3d746f6f7220313d 6e7261775f6e6f5f ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 63696e6170203233 3d78616d5f736462 6e2032333d706f6f 6c5f78616d203233 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7265747369676572 6e755f7665647465 6e2e65726f632e74 656e2e6c74637379 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2e2bdf3228df3822 282b2e2fdf37342d 280b0412bfc92435 283232282c31242f ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 24bf242d282b232c 22ee222e312feebf 222e312feebf2435 283232282c31242f ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000