last executing test programs: 5.068938865s ago: executing program 1 (id=835): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = creat(&(0x7f00000001c0)='./file0\x00', 0x0) write$uinput_user_dev(r1, &(0x7f0000000400)={'syz0\x00', {0x7, 0x4, 0x6, 0xfffa}, 0x1d, [0x6, 0xc95a, 0xfffffff3, 0x9, 0x80, 0x2, 0x1, 0x7f, 0x6, 0x4d, 0xfffffff2, 0x5f, 0x9, 0x3, 0xffff2d37, 0x1dd0, 0x6, 0x3, 0x0, 0x80000001, 0x4, 0x7, 0x3, 0x3c5b, 0x1, 0x24, 0x3, 0x1, 0x1f461e2c, 0x2, 0xe661, 0x4, 0x7, 0x3, 0x7fff, 0x4c74, 0x8f00, 0x242, 0x3, 0xe, 0x0, 0x71, 0x7, 0x7, 0x3, 0x0, 0x5, 0x3e, 0x8f, 0x6, 0x6, 0x0, 0x5, 0x4, 0x8, 0x0, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x7, 0xffff, 0x12f, 0x8000, 0x10, 0xfffffff3, 0x129432e6, 0xcb, 0xf9, 0x4, 0x2bf, 0x6c9, 0x9, 0xfffffffc, 0x3, 0x0, 0x7, 0x5, 0x2f, 0xe, 0x312, 0x78, 0xea4, 0x0, 0x4, 0x4, 0x8000, 0x9, 0x400, 0x1, 0x6, 0x1, 0xff, 0x5, 0x7ff, 0x5f31, 0x4, 0x0, 0x6, 0x2, 0x9, 0x4, 0x9, 0x8, 0x9, 0x6, 0x5, 0x0, 0x1, 0x8000, 0xffff, 0x2, 0x7f, 0x9, 0x3, 0x3, 0x4, 0x1, 0x7, 0x6, 0x9, 0x48c93690, 0x2, 0x8], [0x7, 0x4, 0x0, 0x64e, 0xfffffffe, 0x7fffffff, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x9, 0x3e7, 0x9, 0x5, 0x2, 0x2, 0x3, 0x8, 0x4, 0x6d01, 0x5, 0x38, 0x3, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0x0, 0xa2, 0x7, 0x53cf697b, 0x5, 0x6, 0x54fe12d2, 0xbf, 0xb, 0x3, 0x0, 0xfffffff9, 0x0, 0x1, 0x5, 0x0, 0x6, 0x0, 0x120000, 0x3, 0x6, 0x9, 0x4, 0x3], [0x9, 0xbb31, 0x3, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0x5, 0xce7, 0x1ff, 0x2, 0x7, 0x5, 0x3, 0x101, 0x10000, 0x6, 0x7fff, 0xffff, 0xa620, 0x2, 0x5, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x6, 0xffffffff, 0x80000000, 0x5, 0x8, 0xc8, 0xee1, 0x3, 0xffff, 0x3, 0x7f, 0x100, 0x9602, 0xa, 0x2, 0x28, 0x6, 0x1, 0x10000, 0x5, 0x8, 0x30b1d693, 0xa1f, 0x8, 0x9, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1c, 0x1, 0x200, 0xffff3441, 0xfff]}, 0x45c) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r0, 0x0, 0x30, 0xe1515f8735398fb, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0xff, 0x45c], 0x0, 0x0, 0x2, 0x1}}, 0x3c) r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r3 = dup(r2) write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c) r4 = socket$inet(0x2, 0x2, 0x0) setsockopt$sock_int(r4, 0x1, 0x2e, &(0x7f0000000180)=0x2e45, 0x4) shutdown(r4, 0x0) recvmmsg(r4, &(0x7f00000066c0), 0xa0d, 0x0, 0x0) syz_io_uring_setup(0x239, 0x0, &(0x7f00000002c0), 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xe) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) unshare(0x22020600) r5 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r5, 0x0, 0x0) r6 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write(r6, &(0x7f0000000340), 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r7 = getpid() process_vm_readv(r7, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a80)={r1, 0xe0, &(0x7f0000000980)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000340)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x3, 0x2, &(0x7f0000000380)=[0x0, 0x0, 0x0], &(0x7f00000003c0)=[0x0, 0x0], 0x0, 0x1b, &(0x7f0000000880)=[{}, {}], 0x10, 0x10, &(0x7f00000008c0), &(0x7f0000000900), 0x8, 0x1d, 0x8, 0x8, &(0x7f0000000940)}}, 0x10) 4.115617143s ago: executing program 1 (id=841): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000140)) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x77, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x19e6}, {0x7, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0x0, 0x0, 0x5}], 0x1}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000001c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x2004cd, 0x1000000000000, 0x100000005], 0x0, 0x205}) ioctl$KVM_RUN(r2, 0xae80, 0x6300) 3.778678952s ago: executing program 0 (id=846): syz_init_net_socket$rose(0xb, 0x5, 0x0) socket(0xb, 0x800, 0x2010f7) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000004700)={'team0\x00', 0x0}) sendmsg$TEAM_CMD_OPTIONS_SET(r3, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f00000047c0)={0x60, r4, 0x405, 0x70bd27, 0x25dfdbfe, {}, [{{0x8, 0x1, r5}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000401}, 0x44084) r6 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r6, 0x8933, &(0x7f0000000000)={'team0\x00', 0x0}) sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x10104}, [@IFLA_IFNAME={0x14, 0x3, 'vlan0\x00'}, @IFLA_MASTER={0x8, 0xa, r7}]}, 0x3c}}, 0x0) sendmsg$TIPC_CMD_ENABLE_BEARER(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)={0x34, r1, 0x1, 0x0, 0x0, {{}, {}, {0x18, 0x17, {0x6, 0x0, @l2={'eth', 0x3a, 'team0\x00'}}}}}, 0x34}}, 0x0) openat2$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file0/../file0\x00', &(0x7f0000000380)={0x0, 0x143, 0xe}, 0xf) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r8 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r9 = dup(r8) write$6lowpan_enable(r9, 0x0, 0x0) openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0) r10 = syz_io_uring_setup(0x3678, &(0x7f0000000080)={0x0, 0x1ffffd, 0x10100, 0x40000000, 0x1d3}, &(0x7f0000000040), &(0x7f0000000100)) r11 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r12 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r12, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) ioctl$TUNSETOFFLOAD(r12, 0x400454c9, 0xba98575a95aeb70d) close(r11) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)) ioctl$SIOCSIFHWADDR(r11, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) ioctl$TUNSETLINK(r12, 0x400454cd, 0x0) io_uring_enter(r10, 0xa3d, 0x0, 0x0, 0x0, 0x0) 3.777653772s ago: executing program 1 (id=847): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = creat(&(0x7f00000001c0)='./file0\x00', 0x0) write$uinput_user_dev(r1, &(0x7f0000000400)={'syz0\x00', {0x7, 0x4, 0x6, 0xfffa}, 0x1d, [0x6, 0xc95a, 0xfffffff3, 0x9, 0x80, 0x2, 0x1, 0x7f, 0x6, 0x4d, 0xfffffff2, 0x5f, 0x9, 0x3, 0xffff2d37, 0x1dd0, 0x6, 0x3, 0x0, 0x80000001, 0x4, 0x7, 0x3, 0x3c5b, 0x1, 0x24, 0x3, 0x1, 0x1f461e2c, 0x2, 0xe661, 0x4, 0x7, 0x3, 0x7fff, 0x4c74, 0x8f00, 0x242, 0x3, 0xe, 0x0, 0x71, 0x7, 0x7, 0x3, 0x0, 0x5, 0x3e, 0x8f, 0x6, 0x6, 0x0, 0x5, 0x4, 0x8, 0x0, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x7, 0xffff, 0x12f, 0x8000, 0x10, 0xfffffff3, 0x129432e6, 0xcb, 0xf9, 0x4, 0x2bf, 0x6c9, 0x9, 0xfffffffc, 0x3, 0x0, 0x7, 0x5, 0x2f, 0xe, 0x312, 0x78, 0xea4, 0x0, 0x4, 0x4, 0x8000, 0x9, 0x400, 0x1, 0x6, 0x1, 0xff, 0x5, 0x7ff, 0x5f31, 0x4, 0x0, 0x6, 0x2, 0x9, 0x4, 0x9, 0x8, 0x9, 0x6, 0x5, 0x0, 0x1, 0x8000, 0xffff, 0x2, 0x7f, 0x9, 0x3, 0x3, 0x4, 0x1, 0x7, 0x6, 0x9, 0x48c93690, 0x2, 0x8], [0x7, 0x4, 0x0, 0x64e, 0xfffffffe, 0x7fffffff, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x9, 0x3e7, 0x9, 0x5, 0x2, 0x2, 0x3, 0x8, 0x4, 0x6d01, 0x5, 0x38, 0x3, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0x0, 0xa2, 0x7, 0x53cf697b, 0x5, 0x6, 0x54fe12d2, 0xbf, 0xb, 0x3, 0x0, 0xfffffff9, 0x0, 0x1, 0x5, 0x0, 0x6, 0x0, 0x120000, 0x3, 0x6, 0x9, 0x4, 0x3], [0x9, 0xbb31, 0x3, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0x5, 0xce7, 0x1ff, 0x2, 0x7, 0x5, 0x3, 0x101, 0x10000, 0x6, 0x7fff, 0xffff, 0xa620, 0x2, 0x5, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x6, 0xffffffff, 0x80000000, 0x5, 0x8, 0xc8, 0xee1, 0x3, 0xffff, 0x3, 0x7f, 0x100, 0x9602, 0xa, 0x2, 0x28, 0x6, 0x1, 0x10000, 0x5, 0x8, 0x30b1d693, 0xa1f, 0x8, 0x9, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1c, 0x1, 0x200, 0xffff3441, 0xfff]}, 0x45c) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r0, 0x0, 0x30, 0xe1515f8735398fb, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0xff, 0x45c], 0x0, 0x0, 0x2, 0x1}}, 0x3c) r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r3 = dup(r2) write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c) r4 = socket$inet(0x2, 0x2, 0x0) setsockopt$sock_int(r4, 0x1, 0x2e, &(0x7f0000000180)=0x2e45, 0x4) shutdown(r4, 0x0) recvmmsg(r4, &(0x7f00000066c0), 0xa0d, 0x0, 0x0) syz_io_uring_setup(0x239, 0x0, &(0x7f00000002c0), 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xe) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) unshare(0x22020600) r5 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r5, 0x0, 0x0) r6 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write(r6, &(0x7f0000000340), 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r7 = getpid() process_vm_readv(r7, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a80)={r1, 0xe0, &(0x7f0000000980)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000340)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x3, 0x2, &(0x7f0000000380)=[0x0, 0x0, 0x0], &(0x7f00000003c0)=[0x0, 0x0], 0x0, 0x1b, &(0x7f0000000880)=[{}, {}], 0x10, 0x10, &(0x7f00000008c0), &(0x7f0000000900), 0x8, 0x1d, 0x8, 0x8, &(0x7f0000000940)}}, 0x10) 2.390176737s ago: executing program 1 (id=858): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1c}, 0x10}, 0x1c) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$802154_dgram(0xffffffffffffffff, &(0x7f0000001d40)={&(0x7f0000000cc0)={0x24, @short={0x2, 0x2, 0xfffe}}, 0x14, &(0x7f0000001d00)={&(0x7f0000000d00)="994320b6165f2cac9011384bf9a5f405690ea3562dddc40a8686fcd68b7e8f792df1491fb469c32112e6f179500bcb1f82c1d62852224121206dd9a836b31196b8e4b3375e1b993917ca6fe3471ccee6927a1c0b948c9f51270df6e0080ae76284432bf10a85c3412b0c5ece6eb980dce50f48bcae9eeb708b4343851a484da80408dcc6a90315b54f1e722c38dda02c521dc0bdc88625e05e6c04e84f8fa2bdd11d29212f131155a106a3453087dde626b490ad25772fa211f19db2b6b6364f7eb4c22266ad5ca1f5935028578833cdaa87220bb4bf5c78fb849d2399ec4e61a406025942beda2fc49c9c0e5c63463ae8bc25cdbb39c3e5c8a306c61199e24dd38947a8ed0c908958ad92a67171e902614579fdbccc4332cdbe377b533f372dd28741e620be48aa891311f69cce93b6dbf56d1be4e4433dc1af5627a9ace505", 0x140}, 0x1, 0x0, 0x0, 0x20040004}, 0x80) r2 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0) write$binfmt_misc(r3, &(0x7f0000000040), 0xe09) ioctl$LOOP_CHANGE_FD(r2, 0x4c06, r3) 1.940668549s ago: executing program 0 (id=852): openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) syz_genetlink_get_family_id$nfc(&(0x7f0000000100), 0xffffffffffffffff) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) ioctl$F2FS_IOC_START_VOLATILE_WRITE(0xffffffffffffffff, 0xf503, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_open_procfs(0x0, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000440)="cb56b6cc04f01f56bb6e284f5fab", 0xe) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x1e8640, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x10, &(0x7f0000000040)=ANY=[@ANYBLOB='\x00', @ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x6, 0x4, 0x3, 0x4}, 0x10, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340), 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x0, &(0x7f0000000640)=0x6) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000740)=0x2) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x0, 0x1) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) 1.542079308s ago: executing program 2 (id=853): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a310000000005000000060b010400000000000000000000000008000b400000000044000480140001800c0001006e6f747261636b00040002802c0001800c0001006269747700000004080002400000000008000140000000000900010073797a3000000000140000001100010000000000000000000000000a00"], 0xe0}}, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00') ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0xc0686611, &(0x7f0000000180)={0x900, 0x0, 0x18, 0x2000, &(0x7f0000ffd000/0x2000)=nil}) (fail_nth: 1) 1.461395819s ago: executing program 1 (id=854): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r1, &(0x7f0000002540)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000001840), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r3, &(0x7f00000019c0)={0x0, 0x0, &(0x7f0000001980)={&(0x7f0000001880)={0x4c, r4, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}, {0x5}}]}, 0x4c}, 0x1, 0x300}, 0x0) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000000)) r5 = syz_init_net_socket$ax25(0x3, 0x2, 0x0) bind$ax25(r5, &(0x7f0000000100)={{0x3, @default, 0x1}, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null]}, 0x48) close(r5) ioctl$VIDIOC_G_FMT(0xffffffffffffffff, 0xc0d05604, &(0x7f0000000040)={0xa}) r6 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r6, 0x11b, 0x4, &(0x7f0000000040)={&(0x7f00000023c0)=""/241, 0x1115000, 0x0, 0x0, 0x2}, 0x1c) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8001, &(0x7f0000000000)=0x6, 0x8, 0x0) r7 = syz_open_procfs(0x0, &(0x7f0000000300)='net/sockstat\x00') mount$9p_virtio(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000002380)=ANY=[@ANYBLOB="7472616e733d76697274696f2c64656275673d307816303030"]) read$FUSE(r7, &(0x7f0000000340)={0x2020}, 0x2020) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c) setsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000340)={0x0, 0xffff, 0x2, 0x0, 0x100003, 0x8001}, 0x14) 1.388360311s ago: executing program 2 (id=855): truncate(&(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x3) 1.388026101s ago: executing program 2 (id=856): mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0) (async) syz_io_uring_setup(0x4b6, &(0x7f0000000180)={0x0, 0x114b, 0xc01, 0x81, 0x3d8}, &(0x7f0000ff0000), 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) (async, rerun: 32) timer_create(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, @thr={&(0x7f0000000380)="6a79dcf398e230c256ac5e4ef830532bf546aebcbcdad535abd0296af17139d2d52bbe831498b4a02ec400438f1d4276138f0f7bab5214216e3ff01f", &(0x7f0000000440)}}, 0x0) (rerun: 32) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1}) (async) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffc000/0x2000)=nil}) (async, rerun: 64) ioctl$KVM_NMI(r3, 0xae9a) (async, rerun: 64) r4 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10) (async) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e20, @local}]}, &(0x7f0000000100)=0x10) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f0000000180)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x989, 0x0, 0x10}, 0x9c) r5 = socket(0x10, 0x3, 0x0) (async, rerun: 32) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) (rerun: 32) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r7, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x4, 0x2, 0x0, 0x0, 0x7, 0x8}, {0x12, 0x3, 0x0, 0x401, 0x8001, 0x400}, 0xa5, 0x4, 0x10000000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}}, 0x44080) (async) syz_io_uring_submit(0x0, 0x0, 0x0) (async) sendmmsg$inet6(r4, &(0x7f0000003f00)=[{{0x0, 0xf, &(0x7f0000000300)=[{&(0x7f0000000140)="a2", 0x1a058}], 0x1}}], 0x1, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x10001, 0x0, 0x0, 0x0, 0x7, 0x2004ca, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x8000], 0x0, 0x300000}) (async) ioctl$KVM_RUN(r3, 0xae80, 0x0) (async) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6d86, 0x10000000, 0x0, 0x0, 0x0, 0x9], 0x0, 0x10000}) (async, rerun: 64) ioctl$KVM_RUN(r3, 0xae80, 0x0) (async, rerun: 64) r8 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) ioctl$SG_SET_COMMAND_Q(r8, 0x2271, &(0x7f0000000000)=0x1) (async) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000500)={&(0x7f0000000200)=ANY=[@ANYBLOB="9feb01001800000000000000adce000010000000020000000000000000000001000000000000001c0000"], 0x0, 0x2a, 0x0, 0xa, 0x0, 0x0, @void, @value}, 0x20) (async) syz_open_dev$tty1(0xc, 0x4, 0x1) 1.330627317s ago: executing program 3 (id=859): r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x70, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x20001300, 0x20001330], 0x0, 0x0, &(0x7f0000001300)=ANY=[@ANYBLOB="00000000000000512091960000000000000000000000000000000000000000000000000000000000ffffffff000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000f5ff00000000000000000000000000feffffff000000"]}, 0xe0) 1.330376476s ago: executing program 3 (id=860): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = memfd_secret(0x0) fcntl$setlease(r1, 0x400, 0x1) fremovexattr(r1, &(0x7f0000000180)=@known='user.incfs.size\x00') sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="640000000206010800000000000000000000000014000780080012400003000008001140000000000500010006000000050005000a00000005000400000000000900020073797a310000000015000300686173683a69702c706f72742c6e6574"], 0x64}}, 0x0) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2000) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_GETSHIFTSTATE(r3, 0x4b2f, 0x0) read(r2, 0x0, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_LEAVE_MESH(r4, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, 0x0, 0x20, 0x70bd2a, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r5}, @void}}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4084}, 0xc004) 1.330166958s ago: executing program 3 (id=861): r0 = socket$kcm(0x2, 0xa, 0x2) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0xb, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@printk]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) write$tun(0xffffffffffffffff, &(0x7f0000000280)={@val={0x6f01, 0x800}, @void, @mpls={[], @generic="b849b7b54ab478beab2f1431c247ac4b3a4e04f604"}}, 0x19) r4 = socket$inet_dccp(0x2, 0x6, 0x0) setsockopt$IPT_SO_SET_REPLACE(r4, 0x4000000000000, 0x40, &(0x7f0000000480)=@raw={'raw\x00', 0x4001, 0x3, 0x27c, 0x12c, 0x600, 0x148, 0x0, 0x148, 0x1e8, 0x240, 0x240, 0x1e8, 0x240, 0x7fffffe, 0x0, {[{{@ip={@remote, @loopback, 0x0, 0x0, 'ip6gretap0\x00'}, 0x0, 0xcc, 0x12c, 0x0, {}, [@common=@unspec=@time={{0x38}, {0x0, 0x0, 0x0, 0xfffffffe}}, @common=@inet=@socket3={{0x24}}]}, @common=@SET={0x60}}, {{@uncond, 0x0, 0x9c, 0xbc, 0x0, {}, [@common=@ah={{0x2c}}]}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x2d8) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) r5 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$SNDCTL_MIDI_PRETIME(r5, 0xc0046d00, &(0x7f00000000c0)=0x101) r6 = socket$igmp(0x2, 0x3, 0x2) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x70, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x20001300, 0x20001330], 0x0, 0x0, &(0x7f0000001300)=ANY=[@ANYBLOB="00000000000000512091960000000000000000000000000000000000000000000000000000000000ffffffff000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000f5ff00000000000000000000000000feffffff000000"]}, 0xe0) 1.240514715s ago: executing program 2 (id=862): r0 = socket$nl_generic(0x10, 0x3, 0x10) openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_open_dev$usbfs(0x0, 0x77, 0x101301) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121) r2 = dup(r1) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) r3 = syz_io_uring_setup(0x38fe, &(0x7f0000000300)={0x0, 0x1fffff, 0x10100}, &(0x7f0000000180)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r1}) io_uring_enter(r3, 0x2def, 0x4000, 0x0, 0x0, 0x0) bind$inet6(0xffffffffffffffff, 0x0, 0x0) r6 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x1d2) syz_pidfd_open(0x0, 0x0) fcntl$setlease(r6, 0x400, 0x0) truncate(&(0x7f0000000040)='./file0\x00', 0x0) (fail_nth: 18) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="b40a000040000900000000000000000001000000040060809c0a01"], 0xab4}}, 0x0) 1.102120753s ago: executing program 0 (id=863): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000200)={0x1, 0x0, @ioapic={0x80a0000, 0xfffffffd, 0xfffffff9, 0x800, 0x0, [{0x8, 0xa, 0x7, '\x00', 0x4}, {0x2, 0xe4, 0x5, '\x00', 0x7f}, {0x2, 0x40, 0x1, '\x00', 0x17}, {0x4, 0x4, 0x1, '\x00', 0xd}, {0x2, 0x6, 0x6, '\x00', 0xf4}, {0x3, 0x2, 0x5, '\x00', 0x1}, {0x48, 0x2, 0x10}, {0x2, 0x4, 0x6, '\x00', 0x1}, {0x5, 0x5, 0x4, '\x00', 0x8}, {0x5a, 0x7f, 0x8, '\x00', 0x5}, {0x1, 0x4, 0x6, '\x00', 0x9}, {0x80, 0x5, 0xa6}, {0x2e, 0x7, 0xbd, '\x00', 0x8}, {0x2, 0xa2, 0x7, '\x00', 0x79}, {0x5, 0x0, 0xf8, '\x00', 0x5}, {0x3, 0x7, 0x6, '\x00', 0x2}, {0x5, 0x5, 0x0, '\x00', 0x2}, {0x8, 0x6, 0x0, '\x00', 0x3}, {0x2, 0x1, 0x6, '\x00', 0x8}, {0xf, 0x37, 0xfe, '\x00', 0x5}, {0x2, 0xd, 0x87, '\x00', 0x6}, {0x80, 0x40, 0xac, '\x00', 0xcd}, {0x57, 0xfc, 0xf9, '\x00', 0x6}, {0xf8, 0x7, 0x7, '\x00', 0x10}]}}) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) io_uring_enter(0xffffffffffffffff, 0x2def, 0x4000, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), 0xffffffffffffffff) r2 = socket$inet6(0xa, 0x1, 0x84) add_key(&(0x7f0000000000)='pkcs7_test\x00', 0x0, &(0x7f00000021c0)="305c0607e182087051667557c7d7982b8f57fb20a3adc9e3baa292ce8f0a861e6417acfc8648ad1b86400393d502b0cd490635d54cdf5bd0461690982b236949ab5e000000808ce41d86b9b949004fd8fe45b91e8fe7ec7c49750a1b0ade", 0x5e, 0xfffffffffffffffe) r3 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r3, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f00000007c0)=ANY=[@ANYBLOB="020f00001500000000000000000000000800120000000100000000000000000006000000000000000000000000000000e00000020000000000000000000000002001000000000000000000000000000205000600000000000a00000000000000fe8000000000000000000000000000bb0000000000000000010018000000000005000500000000000a00000000000000ff02000000000000000000000000000100000000000000"], 0xa8}}, 0x0) msgctl$IPC_RMID(0x0, 0x0) bind$inet6(r2, &(0x7f0000ed3fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) connect$inet(r4, &(0x7f00000000c0)={0x2, 0x0, @empty}, 0x10) socket$inet_icmp_raw(0x2, 0x3, 0x1) syz_emit_ethernet(0x3e, &(0x7f0000000080)=ANY=[@ANYBLOB="0380c200468aaccb0aed2c69dee13f1b0000a4bbbbbbbbbb0800450000300000000000019078ac1e0001ac1414aa030090781200183f250000000000000000"], 0x0) setsockopt$sock_linger(r2, 0x1, 0xd, &(0x7f0000000040)={0x1, 0xffffffff}, 0x8) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', 0x0}) sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="480000001400090500000000fddbdf25022000cb", @ANYRES32=r7, @ANYBLOB], 0x48}}, 0x0) sendmsg$nl_route(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[], 0x70}}, 0x0) sendto$inet6(r2, &(0x7f0000000100)="bc", 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) close(r2) r8 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r8, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r8, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4) syz_genetlink_get_family_id$nl80211(&(0x7f0000000680), 0xffffffffffffffff) 530.558405ms ago: executing program 1 (id=864): rmdir(&(0x7f0000000000)='./file0\x00') syz_usb_connect(0x2, 0x34, &(0x7f0000000040)={{0x12, 0x1, 0x310, 0xbe, 0x58, 0x6, 0x10, 0xbb4, 0xa17, 0x2fd1, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x22, 0x1, 0xfe, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x6f, 0x0, 0x1, 0xc6, 0xdb, 0x57, 0x0, [], [{{0x9, 0x5, 0x0, 0x8, 0x3ff, 0xfa, 0x0, 0x0, [@generic={0x7, 0x5, "d77b5d2898"}]}}]}}]}}]}}, 0x0) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000980), 0x0, 0x0) ioctl$FBIOBLANK(r0, 0x4611, 0x80000) 412.573414ms ago: executing program 3 (id=865): truncate(&(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x3) 319.9149ms ago: executing program 2 (id=866): syz_open_dev$tty1(0xc, 0x4, 0x1) openat$autofs(0xffffff9c, &(0x7f0000000140), 0x301543, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) socket$netlink(0x10, 0x3, 0xc) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan1\x00'}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f00000000c0)=[{0x30, 0x0, 0x0, 0x3ee5}, {0x6, 0x0, 0x0, 0x4}]}, 0x8) sendmmsg$unix(r2, &(0x7f0000002a00)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000100)="83b540a9", 0xb583}], 0x1}}], 0x300, 0x0) sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x44}, 0x81) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000740)=ANY=[@ANYBLOB="14000000000000000000000a1c000000160acfc600000000000000000500000a080007400000000228000000030a000000000000000000000000000008000540000000000900030073797a30000000007c000000060a000000000000000000000000000008000b4000000000540004802c0001800a0001006c696d69740000001c0002800c00014000000000000000020c0006400000000000000000240001800b0001006c6f6f6b7570000014000280080003400000000108000329000000060900010073797a3000000000140000001100010000000000000000007900000a0000000000000000"], 0xe8}}, 0x0) sendmsg$NFT_BATCH(r4, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000d40000000000000000000000000a20000000000a03000000000000000000010000000900010073797a3000000000bc000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000009000038008000240000000007c00038014000100626f6e64300000000000000000000000140001006970766c616e31000000000000000000140001006970766c616e300000000000000000001400010073697430000000000000fbffffffffffffff0100776c616e300000000000000000000000140001006772653000000000000000000000040008000140000000005c000000180a01010000000000000000010000000900020073797a30000000000900010073797a30"], 0x4b0}}, 0x0) r5 = dup(r0) write$binfmt_misc(r5, 0x0, 0x0) write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c) r6 = socket$inet6(0xa, 0x806, 0x0) bind$inet6(r6, &(0x7f0000000100)={0xa, 0x4e23}, 0x1c) listen(r6, 0x3) r7 = socket$inet_dccp(0x2, 0x6, 0x0) connect$inet(r7, &(0x7f0000772000)={0x2, 0x4e23}, 0x10) r8 = accept4(r6, 0x0, 0x0, 0x0) recvmmsg(r7, &(0x7f0000007940), 0x55, 0x0, 0x0) sendmmsg(r8, &(0x7f0000001500), 0x588, 0x0) munlockall() r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0) write$binfmt_script(r9, &(0x7f0000000200)={'#! ', './file0', [], 0xa, "848caeaa8ec56befcc9549fa7394735df8901f11973d1a2e48b88e799f458e8faac2c5"}, 0x2e) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r9, 0x0) 319.572596ms ago: executing program 3 (id=867): socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_CMD_ENABLE_BEARER(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000000c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000000100000000000000014100906c"], 0x34}}, 0x0) sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x30, r0, 0x147, 0x0, 0x0, {{}, {}, {0x14, 0x19, {0x6, 0x81, 0x5, 0x1}}}}, 0x30}, 0x1, 0x0, 0x0, 0xc044}, 0x0) socket$netlink(0x10, 0x3, 0x10) r3 = socket$netlink(0x10, 0x3, 0x15) sendmsg$DEVLINK_CMD_SB_PORT_POOL_SET(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="04010000100053"], 0x104}}, 0x0) 207.111554ms ago: executing program 3 (id=868): ioperm(0x0, 0x20, 0x10001) r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = syz_io_uring_setup(0x112, &(0x7f0000000a00)={0x0, 0x0, 0x400}, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000000c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x2, 0x0, 0x5, 0x0, 0x0}) io_uring_enter(r1, 0x47f6, 0x0, 0x0, 0x0, 0x0) preadv2(r0, &(0x7f0000000040)=[{&(0x7f0000000300)=""/97, 0x4}], 0x1, 0x0, 0x0, 0x0) 156.755996ms ago: executing program 0 (id=869): r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x70, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x20001300, 0x20001330], 0x0, 0x0, &(0x7f0000001300)=ANY=[@ANYBLOB="00000000000000512091960000000000000000000000000000000000000000000000000000000000ffffffff000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000f5ff00000000000000000000000000feffffff000000"]}, 0xe0) 116.70159ms ago: executing program 0 (id=870): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)={0xa8, r1, 0x5, 0x0, 0xffffffff, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x61, 0xe, {{{}, {}, @device_b, @device_b}, 0xc00, @default, 0x0, @val={0x0, 0x6, @default_ap_ssid}, @val, @val={0x3, 0x1}, @void, @void, @val={0x5, 0x3}, @val={0x25, 0x3, {0x1, 0x40, 0x4}}, @val={0x2a, 0x1}, @val={0x3c, 0x4, {0x0, 0x81, 0x34, 0xf6}}, @void, @val={0x72, 0x6}, @val={0x71, 0x7}, @val={0x76, 0x6, {0x0, 0x0, 0x0, 0xd1}}}}, @NL80211_ATTR_FTM_RESPONDER={0x10, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_ENABLED={0x4}, @NL80211_FTM_RESP_ATTR_LCI={0x5, 0x2, ','}]}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x971}], @NL80211_ATTR_BEACON_INTERVAL={0x8, 0xc, @random=0x66}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0xa8}, 0x1, 0x0, 0x0, 0x10}, 0x40) 50.083487ms ago: executing program 0 (id=871): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x11, 0xb, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x100, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r1}, 0x18) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = socket$nl_sock_diag(0x10, 0x3, 0x4) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r2, {0x8}}, './file0\x00'}) bind$bt_hci(r5, &(0x7f00000002c0)={0x1f, 0x4}, 0x6) sendmsg$SOCK_DIAG_BY_FAMILY(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="6801000014000100000000000000000011"], 0x168}, 0x1, 0x0, 0x0, 0x40000}, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000009feffff720a00fef8ffffff71a400fe0000000071101000000000001d300200000000004704000001ed030407000000c00000001d440000000000006b0a00fe0000000072030000000a0000e500f9ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616276fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a26048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdec86f9b1eb93d491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f806694d461b76a58d88cf0f520310a1e80dc18cde9ad662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a090f3b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/diskstats\x00', 0x0, 0x0) read$char_usb(r6, &(0x7f0000001840)=""/4090, 0xffa) preadv(r6, &(0x7f0000000180)=[{&(0x7f0000000600)=""/170, 0xaa}], 0x1, 0xffeffffe, 0x0) read$char_usb(r6, &(0x7f0000000400)=""/48, 0xffffffffffffff4c) ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f0000000000)={0x7fffffffffffffff, 0x10000, 0x0, r6, 0x12}) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r7, &(0x7f0000000040)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r7, 0x0) socket$inet6(0xa, 0x2, 0x3a) r8 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0) getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, 0x0, &(0x7f0000000740)=0xfffffffffffffede) r9 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r10 = dup(r9) write$6lowpan_enable(r10, &(0x7f0000000000)='0', 0xfffffd2c) timer_create(0x0, 0x0, 0x0) bind$vsock_stream(0xffffffffffffffff, 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r8, 0x402c5342, 0x0) r11 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000000)={'macvlan0\x00'}) socket$nl_route(0x10, 0x3, 0x0) 0s ago: executing program 2 (id=872): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = creat(&(0x7f00000001c0)='./file0\x00', 0x0) write$uinput_user_dev(r1, &(0x7f0000000400)={'syz0\x00', {0x7, 0x4, 0x6, 0xfffa}, 0x1d, [0x6, 0xc95a, 0xfffffff3, 0x9, 0x80, 0x2, 0x1, 0x7f, 0x6, 0x4d, 0xfffffff2, 0x5f, 0x9, 0x3, 0xffff2d37, 0x1dd0, 0x6, 0x3, 0x0, 0x80000001, 0x4, 0x7, 0x3, 0x3c5b, 0x1, 0x24, 0x3, 0x1, 0x1f461e2c, 0x2, 0xe661, 0x4, 0x7, 0x3, 0x7fff, 0x4c74, 0x8f00, 0x242, 0x3, 0xe, 0x0, 0x71, 0x7, 0x7, 0x3, 0x0, 0x5, 0x3e, 0x8f, 0x6, 0x6, 0x0, 0x5, 0x4, 0x8, 0x0, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x7, 0xffff, 0x12f, 0x8000, 0x10, 0xfffffff3, 0x129432e6, 0xcb, 0xf9, 0x4, 0x2bf, 0x6c9, 0x9, 0xfffffffc, 0x3, 0x0, 0x7, 0x5, 0x2f, 0xe, 0x312, 0x78, 0xea4, 0x0, 0x4, 0x4, 0x8000, 0x9, 0x400, 0x1, 0x6, 0x1, 0xff, 0x5, 0x7ff, 0x5f31, 0x4, 0x0, 0x6, 0x2, 0x9, 0x4, 0x9, 0x8, 0x9, 0x6, 0x5, 0x0, 0x1, 0x8000, 0xffff, 0x2, 0x7f, 0x9, 0x3, 0x3, 0x4, 0x1, 0x7, 0x6, 0x9, 0x48c93690, 0x2, 0x8], [0x7, 0x4, 0x0, 0x64e, 0xfffffffe, 0x7fffffff, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x9, 0x3e7, 0x9, 0x5, 0x2, 0x2, 0x3, 0x8, 0x4, 0x6d01, 0x5, 0x38, 0x3, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0x0, 0xa2, 0x7, 0x53cf697b, 0x5, 0x6, 0x54fe12d2, 0xbf, 0xb, 0x3, 0x0, 0xfffffff9, 0x0, 0x1, 0x5, 0x0, 0x6, 0x0, 0x120000, 0x3, 0x6, 0x9, 0x4, 0x3], [0x9, 0xbb31, 0x3, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0x5, 0xce7, 0x1ff, 0x2, 0x7, 0x5, 0x3, 0x101, 0x10000, 0x6, 0x7fff, 0xffff, 0xa620, 0x2, 0x5, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x6, 0xffffffff, 0x80000000, 0x5, 0x8, 0xc8, 0xee1, 0x3, 0xffff, 0x3, 0x7f, 0x100, 0x9602, 0xa, 0x2, 0x28, 0x6, 0x1, 0x10000, 0x5, 0x8, 0x30b1d693, 0xa1f, 0x8, 0x9, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1c, 0x1, 0x200, 0xffff3441, 0xfff]}, 0x45c) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r0, 0x0, 0x30, 0xe1515f8735398fb, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0xff, 0x45c], 0x0, 0x0, 0x2, 0x1}}, 0x3c) r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r3 = dup(r2) write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c) r4 = socket$inet(0x2, 0x2, 0x0) setsockopt$sock_int(r4, 0x1, 0x2e, &(0x7f0000000180)=0x2e45, 0x4) shutdown(r4, 0x0) recvmmsg(r4, &(0x7f00000066c0), 0xa0d, 0x0, 0x0) syz_io_uring_setup(0x239, 0x0, &(0x7f00000002c0), 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xe) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) unshare(0x22020600) r5 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r5, 0x0, 0x0) r6 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write(r6, &(0x7f0000000340), 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) process_vm_readv(0x0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a80)={r1, 0xe0, &(0x7f0000000980)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000340)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x3, 0x2, &(0x7f0000000380)=[0x0, 0x0, 0x0], &(0x7f00000003c0)=[0x0, 0x0], 0x0, 0x1b, &(0x7f0000000880)=[{}, {}], 0x10, 0x10, &(0x7f00000008c0), &(0x7f0000000900), 0x8, 0x1d, 0x8, 0x8, &(0x7f0000000940)}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x3, 0x4, &(0x7f0000000100)=@raw=[@exit, @generic={0xcb, 0x9, 0x9, 0xfffb, 0x878}, @map_idx={0x18, 0xb}], &(0x7f0000000240)='GPL\x00', 0x7fffffff, 0x1000, &(0x7f0000001300)=""/4096, 0x40f00, 0x20, '\x00', 0x0, @fallback=0x33, r1, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000280)={0x2, 0x7, 0x4, 0x7a}, 0x10, r7, r1, 0x1, &(0x7f0000000ac0)=[r3], &(0x7f0000000b00)=[{0x1, 0x4, 0x2, 0x8}], 0x10, 0x7, @void, @value}, 0x94) kernel console output (not intermixed with test programs): 22] tipc: Resetting bearer [ 94.164838][ T7026] team0: Unable to change to the same mode the team is in [ 94.168298][ T7027] tipc: Enabling of bearer rejected, already enabled [ 94.185361][ T7040] syzkaller0: entered promiscuous mode [ 94.186908][ T7040] syzkaller0: entered allmulticast mode [ 94.195833][ T1142] syzkaller0: tun_net_xmit 48 [ 95.027381][ T25] vhci_hcd: vhci_device speed not set [ 95.556937][ T6004] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 95.663957][ T7084] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117 [ 95.666489][ T7084] PKCS7: Only support pkcs7_signedData type [ 95.678039][ T7084] __nla_validate_parse: 5 callbacks suppressed [ 95.678049][ T7084] netlink: 40 bytes leftover after parsing attributes in process `syz.1.249'. [ 95.683722][ T7084] netlink: 40 bytes leftover after parsing attributes in process `syz.1.249'. [ 95.964094][ T5977] Bluetooth: hci1: Malformed HCI Event [ 96.041675][ T7098] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117 [ 96.043470][ T7098] PKCS7: Only support pkcs7_signedData type [ 96.050403][ T7098] netlink: 40 bytes leftover after parsing attributes in process `syz.1.251'. [ 96.054154][ T7098] netlink: 40 bytes leftover after parsing attributes in process `syz.1.251'. [ 96.301267][ T7102] tipc: Resetting bearer [ 96.340028][ T7102] team0: Unable to change to the same mode the team is in [ 96.342769][ T7102] tipc: Enabling of bearer rejected, already enabled [ 96.493098][ T7104] syzkaller0: entered promiscuous mode [ 96.494715][ T7104] syzkaller0: entered allmulticast mode [ 96.499087][ T97] syzkaller0: tun_net_xmit 48 [ 96.525669][ T7104] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 96.527339][ T7104] syzkaller0: Linktype set failed because interface is up [ 103.425646][ T7127] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 104.006231][ T7141] netlink: 4 bytes leftover after parsing attributes in process `syz.2.262'. [ 104.083076][ T5977] Bluetooth: hci1: Malformed LE Event: 0x0b [ 104.198074][ T7146] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117 [ 104.200021][ T7146] PKCS7: Only support pkcs7_signedData type [ 104.218691][ T7146] netlink: 40 bytes leftover after parsing attributes in process `syz.2.264'. [ 104.222531][ T7146] netlink: 40 bytes leftover after parsing attributes in process `syz.2.264'. [ 104.530884][ T7157] team0: entered promiscuous mode [ 104.624575][ T7164] netlink: 4 bytes leftover after parsing attributes in process `syz.1.269'. [ 104.688542][ T7166] team0: left promiscuous mode [ 104.772930][ T7169] netlink: 4 bytes leftover after parsing attributes in process `syz.1.271'. [ 104.777321][ T7169] netlink: 164 bytes leftover after parsing attributes in process `syz.1.271'. [ 104.780400][ T7169] netlink: 168 bytes leftover after parsing attributes in process `syz.1.271'. [ 104.833563][ T7173] tipc: Resetting bearer [ 104.847274][ T7173] team0: Unable to change to the same mode the team is in [ 104.849875][ T7173] tipc: Enabling of bearer rejected, already enabled [ 104.957878][ T7174] syzkaller0: entered promiscuous mode [ 104.959500][ T7174] syzkaller0: entered allmulticast mode [ 104.963140][ T12] syzkaller0: tun_net_xmit 48 [ 104.979587][ T7174] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 104.981558][ T7174] syzkaller0: Linktype set failed because interface is up [ 105.597021][ T5977] Bluetooth: hci0: command 0x1407 tx timeout [ 105.606046][ T7184] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117 [ 105.610014][ T7184] PKCS7: Only support pkcs7_signedData type [ 105.618803][ T7184] netlink: 40 bytes leftover after parsing attributes in process `syz.3.276'. [ 105.670411][ T7185] netlink: 40 bytes leftover after parsing attributes in process `syz.3.276'. [ 106.506506][ T7206] capability: warning: `syz.2.283' uses deprecated v2 capabilities in a way that may be insecure [ 107.158169][ T7217] nbd3: detected capacity change from 0 to 20 [ 107.166307][ T7221] block nbd3: Send control failed (result -89) [ 107.180697][ T7221] block nbd3: Request send failed, requeueing [ 107.216198][ T5977] block nbd3: Receive control failed (result -32) [ 107.217359][ T51] block nbd3: Dead connection, failed to find a fallback [ 107.220676][ T51] block nbd3: shutting down sockets [ 107.222268][ T51] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 107.225335][ T51] Buffer I/O error on dev nbd3, logical block 0, async page read [ 107.229788][ T7221] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 107.232249][ T7221] Buffer I/O error on dev nbd3, logical block 0, async page read [ 107.234480][ T7221] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 107.307593][ T7221] Buffer I/O error on dev nbd3, logical block 0, async page read [ 107.309797][ T7221] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 107.312145][ T7221] Buffer I/O error on dev nbd3, logical block 0, async page read [ 107.337104][ T7221] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 107.340150][ T7221] Buffer I/O error on dev nbd3, logical block 0, async page read [ 107.342242][ T7221] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 107.344518][ T7221] Buffer I/O error on dev nbd3, logical block 0, async page read [ 107.347551][ T7221] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 107.349931][ T7221] Buffer I/O error on dev nbd3, logical block 0, async page read [ 107.351999][ T7221] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 107.354345][ T7221] Buffer I/O error on dev nbd3, logical block 0, async page read [ 107.356992][ T7221] ldm_validate_partition_table(): Disk read failed. [ 107.361427][ T7221] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 107.365079][ T7221] Buffer I/O error on dev nbd3, logical block 0, async page read [ 107.367496][ T7221] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 107.377733][ T7221] Buffer I/O error on dev nbd3, logical block 0, async page read [ 107.380753][ T7221] Dev nbd3: unable to read RDB block 0 [ 107.382924][ T7221] nbd3: unable to read partition table [ 107.389618][ T7221] nbd3: partition table beyond EOD, truncated [ 107.393188][ T7221] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256 [ 107.401933][ T7221] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=9, location=9 [ 107.406970][ T7221] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=8, location=8 [ 107.412924][ T7221] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=7, location=7 [ 107.415593][ T7221] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512 [ 107.419922][ T7221] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256 [ 107.422464][ T7221] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=4, location=4 [ 107.437739][ T7221] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=3, location=3 [ 107.440241][ T7221] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=2, location=2 [ 107.442647][ T7221] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512 [ 107.445303][ T7221] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256 [ 107.448108][ T7221] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=1, location=1 [ 107.451173][ T7221] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=0, location=0 [ 107.453602][ T7221] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512 [ 107.463294][ T7221] UDF-fs: warning (device nbd3): udf_fill_super: No partition found (1) [ 107.508432][ T7116] ldm_validate_partition_table(): Disk read failed. [ 107.510503][ T7116] Dev nbd3: unable to read RDB block 0 [ 107.512081][ T7116] nbd3: unable to read partition table [ 107.513740][ T7116] nbd3: partition table beyond EOD, truncated [ 107.537475][ T7228] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117 [ 107.539189][ T7228] PKCS7: Only support pkcs7_signedData type [ 107.541201][ T7230] macsec1: entered allmulticast mode [ 107.547740][ T7228] netlink: 40 bytes leftover after parsing attributes in process `syz.2.287'. [ 107.655881][ T7232] tipc: Resetting bearer [ 107.658358][ T7116] ldm_validate_partition_table(): Disk read failed. [ 107.660256][ T7116] Dev nbd3: unable to read RDB block 0 [ 107.661720][ T7116] nbd3: unable to read partition table [ 107.663732][ T7116] nbd3: partition table beyond EOD, truncated [ 107.679468][ T7232] team0: Unable to change to the same mode the team is in [ 107.683196][ T7232] tipc: Enabling of bearer rejected, already enabled [ 107.849489][ T7233] syzkaller0: entered promiscuous mode [ 107.851193][ T7233] syzkaller0: entered allmulticast mode [ 107.855071][ T12] syzkaller0: tun_net_xmit 48 [ 107.871503][ T7233] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 107.873336][ T7233] syzkaller0: Linktype set failed because interface is up [ 109.510514][ T7262] syzkaller0: entered promiscuous mode [ 109.512529][ T7262] syzkaller0: entered allmulticast mode [ 109.662218][ T7279] __nla_validate_parse: 1 callbacks suppressed [ 109.662229][ T7279] netlink: 4 bytes leftover after parsing attributes in process `syz.2.300'. [ 109.675015][ T7279] netlink: 4 bytes leftover after parsing attributes in process `syz.2.300'. [ 109.700621][ T7280] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117 [ 109.703242][ T7280] PKCS7: Only support pkcs7_signedData type [ 109.717426][ T7280] netlink: 40 bytes leftover after parsing attributes in process `syz.1.301'. [ 109.770219][ T7283] netlink: 40 bytes leftover after parsing attributes in process `syz.1.301'. [ 111.793824][ T7304] tipc: Resetting bearer [ 111.801742][ T7305] team0: Unable to change to the same mode the team is in [ 111.809112][ T7304] tipc: Enabling of bearer rejected, already enabled [ 111.829921][ T7307] syz.2.308 uses obsolete (PF_INET,SOCK_PACKET) [ 111.835205][ T7307] netlink: 'syz.2.308': attribute type 1 has an invalid length. [ 111.840126][ T7307] netlink: 'syz.2.308': attribute type 2 has an invalid length. [ 111.904804][ T7305] syzkaller0: entered promiscuous mode [ 111.906265][ T7305] syzkaller0: entered allmulticast mode [ 111.909406][ T1142] syzkaller0: tun_net_xmit 48 [ 111.920315][ T7305] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 111.922770][ T7305] syzkaller0: Linktype set failed because interface is up [ 112.097416][ T7322] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117 [ 112.099186][ T7322] PKCS7: Only support pkcs7_signedData type [ 112.106344][ T7322] netlink: 40 bytes leftover after parsing attributes in process `syz.0.312'. [ 112.158797][ T7323] netlink: 40 bytes leftover after parsing attributes in process `syz.0.312'. [ 113.126254][ T7336] FAULT_INJECTION: forcing a failure. [ 113.126254][ T7336] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 113.129672][ T7336] CPU: 1 UID: 0 PID: 7336 Comm: syz.1.317 Not tainted 6.12.0-syzkaller-10681-g65ae975e97d5 #0 [ 113.132266][ T7336] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 113.134942][ T7336] Call Trace: [ 113.135793][ T7336] [ 113.136554][ T7336] dump_stack_lvl+0x16c/0x1f0 [ 113.137804][ T7336] should_fail_ex+0x497/0x5b0 [ 113.138969][ T7336] _copy_to_user+0x32/0xd0 [ 113.140090][ T7336] __dev_ethtool+0x2f21/0x5ab0 [ 113.141299][ T7336] ? __pfx_lock_release+0x10/0x10 [ 113.142590][ T7336] ? trace_lock_acquire+0x146/0x1e0 [ 113.143865][ T7336] ? __pfx___dev_ethtool+0x10/0x10 [ 113.145150][ T7336] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 113.146724][ T7336] ? hlock_class+0x4e/0x130 [ 113.147884][ T7336] ? __lock_acquire+0x15a9/0x3c40 [ 113.149173][ T7336] ? __pfx___lock_acquire+0x10/0x10 [ 113.150523][ T7336] ? __pfx_stack_trace_save+0x10/0x10 [ 113.151870][ T7336] ? hlock_class+0x4e/0x130 [ 113.153056][ T7336] ? stack_depot_save_flags+0x28/0x900 [ 113.154547][ T7336] ? lock_acquire.part.0+0x11b/0x380 [ 113.155881][ T7336] ? __mutex_trylock_common+0xea/0x250 [ 113.157238][ T7336] ? __pfx___mutex_trylock_common+0x10/0x10 [ 113.158815][ T7336] ? dev_ethtool+0x167/0x330 [ 113.160312][ T7336] ? rcu_is_watching+0x12/0xc0 [ 113.161922][ T7336] ? trace_contention_end+0xea/0x140 [ 113.163289][ T7336] ? __mutex_lock+0x1cc/0xa60 [ 113.164473][ T7336] ? dev_ethtool+0x167/0x330 [ 113.165675][ T7336] ? __pfx___mutex_lock+0x10/0x10 [ 113.167000][ T7336] dev_ethtool+0x17c/0x330 [ 113.168245][ T7336] ? __pfx_dev_ethtool+0x10/0x10 [ 113.169524][ T7336] ? netdev_name_node_lookup_rcu+0xf0/0x140 [ 113.171094][ T7336] dev_ioctl+0x2a2/0x10c0 [ 113.172233][ T7336] compat_sock_ioctl+0x44c/0x7e0 [ 113.173578][ T7336] ? __pfx_compat_sock_ioctl+0x10/0x10 [ 113.175010][ T7336] ? __fget_files+0x206/0x3a0 [ 113.176249][ T7336] ? __pfx_compat_sock_ioctl+0x10/0x10 [ 113.177602][ T7336] __do_compat_sys_ioctl+0x1cb/0x2c0 [ 113.178910][ T7336] __do_fast_syscall_32+0x73/0x120 [ 113.180227][ T7336] do_fast_syscall_32+0x32/0x80 [ 113.181460][ T7336] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 113.183051][ T7336] RIP: 0023:0xf748e579 [ 113.184101][ T7336] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 113.189296][ T7336] RSP: 002b:00000000f517657c EFLAGS: 00000292 ORIG_RAX: 0000000000000036 [ 113.191671][ T7336] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000008946 [ 113.193669][ T7336] RDX: 00000000200002c0 RSI: 0000000000000000 RDI: 0000000000000000 [ 113.195674][ T7336] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 113.197666][ T7336] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 113.199881][ T7336] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 113.201944][ T7336] [ 113.212967][ T7337] block device autoloading is deprecated and will be removed. [ 113.358282][ T1329] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 113.597591][ T7355] netlink: 4 bytes leftover after parsing attributes in process `syz.1.321'. [ 113.676127][ T7355] unsupported nlmsg_type 40 [ 113.719403][ T1329] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 113.722540][ T1329] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 113.725158][ T1329] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 113.727668][ T1329] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 113.734786][ T7334] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 113.739946][ T1329] usb 8-1: Quirk or no altset; falling back to MIDI 1.0 [ 113.941609][ T1329] usb 8-1: USB disconnect, device number 4 [ 114.160644][ T7349] orangefs_mount: mount request failed with -4 [ 114.252021][ T7370] tipc: Resetting bearer [ 114.264776][ T7370] team0: Unable to change to the same mode the team is in [ 114.267324][ T7370] tipc: Enabling of bearer rejected, already enabled [ 114.295196][ T7371] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117 [ 114.297037][ T7371] PKCS7: Only support pkcs7_signedData type [ 114.309530][ T7371] netlink: 40 bytes leftover after parsing attributes in process `syz.2.325'. [ 114.313883][ T7371] netlink: 40 bytes leftover after parsing attributes in process `syz.2.325'. [ 114.354938][ T7372] syzkaller0: entered promiscuous mode [ 114.356371][ T7372] syzkaller0: entered allmulticast mode [ 114.362169][ T7372] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 114.363679][ T7372] syzkaller0: Linktype set failed because interface is up [ 114.365662][ T74] syzkaller0: tun_net_xmit 48 [ 114.506576][ T832] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 114.656556][ T832] usb 5-1: Using ep0 maxpacket: 8 [ 114.661812][ T832] usb 5-1: config 1 has an invalid descriptor of length 102, skipping remainder of the config [ 114.683586][ T832] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 114.685935][ T832] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10 [ 114.688844][ T832] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024 [ 114.691718][ T832] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 114.694048][ T832] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 114.719220][ T7375] program syz.3.328 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 114.723781][ T832] hub 5-1:1.0: bad descriptor, ignoring hub [ 114.725320][ T832] hub 5-1:1.0: probe with driver hub failed with error -5 [ 114.727678][ T832] cdc_wdm 5-1:1.0: skipping garbage [ 114.729031][ T832] cdc_wdm 5-1:1.0: skipping garbage [ 114.732480][ T832] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device [ 114.733995][ T832] cdc_wdm 5-1:1.0: Unknown control protocol [ 115.853741][ T7395] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 116.746061][ T7433] team0: Port device vlan0 removed [ 116.747739][ T39] kauditd_printk_skb: 41 callbacks suppressed [ 116.747747][ T39] audit: type=1326 audit(1732857357.375:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7428 comm="syz.1.342" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7fc00000 [ 116.754974][ T74] tipc: Resetting bearer [ 116.757227][ T7433] team0: Mode changed to "broadcast" [ 116.760480][ T7433] tipc: Enabling of bearer rejected, already enabled [ 116.902602][ T7437] netlink: 4 bytes leftover after parsing attributes in process `syz.2.341'. [ 116.921132][ T7434] syzkaller0: entered promiscuous mode [ 116.926564][ T7434] syzkaller0: entered allmulticast mode [ 116.930462][ T7438] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 116.932029][ T7438] syzkaller0: Linktype set failed because interface is up [ 116.934610][ T12] syzkaller0: tun_net_xmit 48 [ 117.457439][ T39] audit: type=1326 audit(1732857358.075:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7428 comm="syz.1.342" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7fc00000 [ 117.566278][ T7441] fuse: Bad value for 'group_id' [ 117.567814][ T7441] fuse: Bad value for 'group_id' [ 117.569498][ T7441] dlm: non-version read from control device 8224 [ 118.288641][ T832] usb 5-1: USB disconnect, device number 2 [ 118.298426][ T7367] cdc_wdm 5-1:1.0: Error autopm - -16 [ 118.485698][ T7465] block device autoloading is deprecated and will be removed. [ 118.559549][ T7462] md: superblock version 402653184 not known [ 118.561299][ T7462] md: couldn't set array info. -22 [ 119.525641][ T7499] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 119.527779][ T7499] IPv6: NLM_F_CREATE should be set when creating new route [ 119.529729][ T7499] IPv6: NLM_F_CREATE should be set when creating new route [ 119.548514][ T7499] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 119.549163][ T7500] netlink: 4 bytes leftover after parsing attributes in process `syz.2.360'. [ 119.887390][ T7512] netlink: 4 bytes leftover after parsing attributes in process `syz.0.363'. [ 119.955780][ T7514] FAULT_INJECTION: forcing a failure. [ 119.955780][ T7514] name failslab, interval 1, probability 0, space 0, times 0 [ 119.960618][ T7514] CPU: 1 UID: 0 PID: 7514 Comm: syz.3.366 Not tainted 6.12.0-syzkaller-10681-g65ae975e97d5 #0 [ 119.963326][ T7514] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 119.966136][ T7514] Call Trace: [ 119.967032][ T7514] [ 119.967816][ T7514] dump_stack_lvl+0x16c/0x1f0 [ 119.969078][ T7514] should_fail_ex+0x497/0x5b0 [ 119.970321][ T7514] should_failslab+0xc2/0x120 [ 119.971585][ T7514] __kmalloc_cache_noprof+0x68/0x420 [ 119.972990][ T7514] sctp_add_bind_addr+0x9d/0x3e0 [ 119.974307][ T7514] sctp_copy_local_addr_list+0x39e/0x5a0 [ 119.975790][ T7514] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 119.977445][ T7514] ? sctp_auth_asoc_copy_shkeys+0x2a7/0x360 [ 119.979029][ T7514] ? sctp_bind_addr_copy+0xe0/0x530 [ 119.980418][ T7514] sctp_bind_addr_copy+0xe0/0x530 [ 119.981764][ T7514] sctp_connect_new_asoc+0x1d8/0x790 [ 119.983181][ T7514] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 119.984718][ T7514] ? lock_acquire+0x2f/0xb0 [ 119.985935][ T7514] ? sctp_endpoint_lookup_assoc+0xac/0x2a0 [ 119.987492][ T7514] __sctp_connect+0x3f5/0xc60 [ 119.988731][ T7514] ? __might_fault+0x13b/0x190 [ 119.990040][ T7514] ? trace_lock_acquire+0x146/0x1e0 [ 119.991462][ T7514] ? __pfx___sctp_connect+0x10/0x10 [ 119.992848][ T7514] ? lock_acquire+0x2f/0xb0 [ 119.994048][ T7514] ? __might_fault+0xe3/0x190 [ 119.995293][ T7514] ? __might_fault+0xe3/0x190 [ 119.996564][ T7514] __sctp_setsockopt_connectx+0xfc/0x170 [ 119.998062][ T7514] sctp_getsockopt+0x2e9f/0x7ae0 [ 119.999569][ T7514] ? hlock_class+0x4e/0x130 [ 120.000805][ T7514] ? mark_lock+0xb5/0xc60 [ 120.001950][ T7514] ? aa_label_sk_perm+0x19d/0x5a0 [ 120.003284][ T7514] ? __pfx_sctp_getsockopt+0x10/0x10 [ 120.004694][ T7514] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 120.006122][ T7514] ? find_held_lock+0x2d/0x110 [ 120.007401][ T7514] ? __pfx___might_resched+0x10/0x10 [ 120.008805][ T7514] ? aa_sk_perm+0x2f5/0xb20 [ 120.010002][ T7514] ? ksys_write+0x191/0x250 [ 120.011228][ T7514] ? __pfx_aa_sk_perm+0x10/0x10 [ 120.012512][ T7514] ? find_held_lock+0x2d/0x110 [ 120.013779][ T7514] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 120.015329][ T7514] ? do_sock_getsockopt+0x3fe/0x870 [ 120.016684][ T7514] do_sock_getsockopt+0x3fe/0x870 [ 120.018010][ T7514] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 120.019448][ T7514] ? lock_acquire+0x2f/0xb0 [ 120.020637][ T7514] ? __fget_files+0x40/0x3a0 [ 120.021854][ T7514] ? __fget_files+0x206/0x3a0 [ 120.023100][ T7514] __sys_getsockopt+0x12f/0x260 [ 120.024388][ T7514] __ia32_sys_getsockopt+0xbc/0x160 [ 120.025743][ T7514] ? lockdep_hardirqs_on+0x7c/0x110 [ 120.027079][ T7514] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 120.028809][ T7514] __do_fast_syscall_32+0x73/0x120 [ 120.030155][ T7514] do_fast_syscall_32+0x32/0x80 [ 120.031444][ T7514] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 120.033102][ T7514] RIP: 0023:0xf73de579 [ 120.034183][ T7514] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 120.039122][ T7514] RSP: 002b:00000000f50a557c EFLAGS: 00000292 ORIG_RAX: 000000000000016d [ 120.041283][ T7514] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000084 [ 120.043329][ T7514] RDX: 000000000000006f RSI: 00000000200000c0 RDI: 0000000020000100 [ 120.045376][ T7514] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 120.047405][ T7514] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 120.049441][ T7514] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 120.051489][ T7514] [ 120.188149][ T7503] orangefs_mount: mount request failed with -4 [ 120.313739][ C3] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 120.318472][ T7524] FAULT_INJECTION: forcing a failure. [ 120.318472][ T7524] name failslab, interval 1, probability 0, space 0, times 0 [ 120.321768][ T7524] CPU: 0 UID: 0 PID: 7524 Comm: syz.2.369 Not tainted 6.12.0-syzkaller-10681-g65ae975e97d5 #0 [ 120.324438][ T7524] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 120.327257][ T7524] Call Trace: [ 120.328142][ T7524] [ 120.328942][ T7524] dump_stack_lvl+0x16c/0x1f0 [ 120.330180][ T7524] should_fail_ex+0x497/0x5b0 [ 120.331456][ T7524] ? fs_reclaim_acquire+0xae/0x150 [ 120.332812][ T7524] should_failslab+0xc2/0x120 [ 120.334246][ T7524] __kmalloc_node_track_caller_noprof+0xcf/0x520 [ 120.336312][ T7524] ? kstrdup_const+0x63/0x80 [ 120.337549][ T7524] kstrdup+0x42/0xb0 [ 120.338594][ T7524] kstrdup_const+0x63/0x80 [ 120.339773][ T7524] __kernfs_new_node+0x9c/0x890 [ 120.341079][ T7524] ? hlock_class+0x4e/0x130 [ 120.342281][ T7524] ? __pfx___kernfs_new_node+0x10/0x10 [ 120.343710][ T7524] ? map_id_range_down+0x2bb/0x3a0 [ 120.345078][ T7524] ? __pfx_map_id_range_down+0x10/0x10 [ 120.346505][ T7524] ? __pfx___lock_acquire+0x10/0x10 [ 120.348015][ T7524] kernfs_new_node+0x186/0x240 [ 120.349312][ T7524] ? net_ns_get_ownership+0xf8/0x1b0 [ 120.350698][ T7524] kernfs_create_dir_ns+0x4c/0x150 [ 120.352054][ T7524] sysfs_create_dir_ns+0x13b/0x2b0 [ 120.353390][ T7524] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 120.354841][ T7524] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 120.356238][ T7524] ? kobject_add_internal+0x12d/0x990 [ 120.357658][ T7524] ? net_namespace+0x12/0x50 [ 120.358868][ T7524] ? device_namespace+0x76/0xa0 [ 120.360139][ T7524] kobject_add_internal+0x2c8/0x990 [ 120.361506][ T7524] kobject_add+0x16f/0x240 [ 120.362665][ T7524] ? __pfx_kobject_add+0x10/0x10 [ 120.363957][ T7524] ? lock_acquire+0x2f/0xb0 [ 120.365160][ T7524] ? get_device_parent+0x11f/0x4e0 [ 120.366499][ T7524] ? kobject_put+0xab/0x5a0 [ 120.367649][ T7524] ? device_add+0xc02/0x1a70 [ 120.368862][ T7524] device_add+0x289/0x1a70 [ 120.370026][ T7524] ? __pfx_dev_set_name+0x10/0x10 [ 120.371348][ T7524] ? __pfx_device_add+0x10/0x10 [ 120.372622][ T7524] ? __init_waitqueue_head+0xca/0x150 [ 120.374011][ T7524] netdev_register_kobject+0x187/0x3f0 [ 120.375603][ T7524] register_netdevice+0x1473/0x1e20 [ 120.376965][ T7524] ? __pfx_register_netdevice+0x10/0x10 [ 120.378399][ T7524] ? __pfx_macsec_handle_frame+0x10/0x10 [ 120.379855][ T7524] macsec_newlink+0x4ba/0x1c10 [ 120.381104][ T7524] ? __pfx_macsec_newlink+0x10/0x10 [ 120.382456][ T7524] ? rcu_is_watching+0x12/0xc0 [ 120.383704][ T7524] ? trace_kmalloc+0x2d/0xd0 [ 120.384939][ T7524] ? __kmalloc_node_noprof+0x23d/0x520 [ 120.386337][ T7524] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 120.387767][ T7524] ? read_word_at_a_time+0xe/0x20 [ 120.389082][ T7524] ? validate_linkmsg+0x57d/0xb60 [ 120.390401][ T7524] ? sized_strscpy+0xae/0x290 [ 120.391637][ T7524] ? __pfx_validate_linkmsg+0x10/0x10 [ 120.393049][ T7524] ? alloc_netdev_mqs+0xfa0/0x1320 [ 120.394399][ T7524] ? rtnl_create_link+0xa2e/0xf10 [ 120.395716][ T7524] rtnl_newlink+0x11ad/0x1c10 [ 120.396953][ T7524] ? __pfx_macsec_newlink+0x10/0x10 [ 120.398310][ T7524] ? __pfx_rtnl_newlink+0x10/0x10 [ 120.399631][ T7524] ? __pfx___lock_acquire+0x10/0x10 [ 120.400984][ T7524] ? kmem_cache_free+0x152/0x4c0 [ 120.402480][ T7524] ? aa_get_newest_label+0x376/0x680 [ 120.403935][ T7524] ? find_held_lock+0x2d/0x110 [ 120.405212][ T7524] ? find_held_lock+0x2d/0x110 [ 120.406485][ T7524] ? rtnetlink_rcv_msg+0x93a/0xea0 [ 120.407841][ T7524] ? __pfx_lock_release+0x10/0x10 [ 120.409172][ T7524] ? trace_lock_acquire+0x146/0x1e0 [ 120.410554][ T7524] ? __pfx_rtnl_newlink+0x10/0x10 [ 120.411906][ T7524] rtnetlink_rcv_msg+0x95b/0xea0 [ 120.413224][ T7524] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 120.414656][ T7524] ? __pfx___dev_queue_xmit+0x10/0x10 [ 120.416063][ T7524] netlink_rcv_skb+0x165/0x410 [ 120.417340][ T7524] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 120.418784][ T7524] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 120.420163][ T7524] ? netlink_deliver_tap+0x1ae/0xca0 [ 120.421571][ T7524] netlink_unicast+0x53c/0x7f0 [ 120.422828][ T7524] ? __pfx_netlink_unicast+0x10/0x10 [ 120.424225][ T7524] ? __phys_addr_symbol+0x30/0x80 [ 120.425550][ T7524] ? __check_object_size+0x488/0x710 [ 120.426933][ T7524] netlink_sendmsg+0x8b8/0xd70 [ 120.428196][ T7524] ? __pfx_netlink_sendmsg+0x10/0x10 [ 120.429600][ T7524] ____sys_sendmsg+0x9ae/0xb40 [ 120.430850][ T7524] ? __pfx_____sys_sendmsg+0x10/0x10 [ 120.432238][ T7524] ? get_compat_msghdr+0x11b/0x170 [ 120.433591][ T7524] ___sys_sendmsg+0x135/0x1e0 [ 120.434829][ T7524] ? __pfx____sys_sendmsg+0x10/0x10 [ 120.436189][ T7524] ? __pfx_lock_release+0x10/0x10 [ 120.437513][ T7524] ? trace_lock_acquire+0x146/0x1e0 [ 120.438871][ T7524] ? __fget_files+0x206/0x3a0 [ 120.440111][ T7524] __sys_sendmsg+0x16e/0x220 [ 120.441330][ T7524] ? __pfx___sys_sendmsg+0x10/0x10 [ 120.442669][ T7524] __do_fast_syscall_32+0x73/0x120 [ 120.444006][ T7524] do_fast_syscall_32+0x32/0x80 [ 120.445295][ T7524] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 120.446940][ T7524] RIP: 0023:0xf7f37579 [ 120.448020][ T7524] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 120.452995][ T7524] RSP: 002b:00000000f50b657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 120.455157][ T7524] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000280 [ 120.457214][ T7524] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 120.459502][ T7524] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 120.461564][ T7524] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 120.463640][ T7524] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 120.465705][ T7524] [ 120.467310][ T7524] kobject: kobject_add_internal failed for macsec1 (error: -12 parent: net) [ 120.570297][ C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 121.324991][ T39] audit: type=1800 audit(1732857361.945:98): pid=7557 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.377" name="bus" dev="overlay" ino=566 res=0 errno=0 [ 121.387071][ T7559] netlink: 8 bytes leftover after parsing attributes in process `syz.3.378'. [ 121.389502][ T7559] netlink: 12 bytes leftover after parsing attributes in process `syz.3.378'. [ 121.391936][ T7559] netlink: 'syz.3.378': attribute type 20 has an invalid length. [ 121.501861][ T7563] syz.0.379 (7563): drop_caches: 2 [ 121.504001][ T7566] syz.0.379 (7566): drop_caches: 2 [ 121.666675][ T833] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 121.817724][ T833] usb 8-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0 [ 121.823270][ T833] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 121.825640][ T833] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 121.827869][ T833] usb 8-1: Product: syz [ 121.828963][ T833] usb 8-1: Manufacturer: syz [ 121.830175][ T833] usb 8-1: SerialNumber: syz [ 122.056539][ T39] audit: type=1326 audit(1732857362.675:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7564 comm="syz.3.380" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 122.062109][ T39] audit: type=1326 audit(1732857362.685:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7564 comm="syz.3.380" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 122.067677][ T39] audit: type=1326 audit(1732857362.695:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7564 comm="syz.3.380" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 122.073247][ T39] audit: type=1326 audit(1732857362.695:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7564 comm="syz.3.380" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 122.079003][ T39] audit: type=1326 audit(1732857362.695:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7564 comm="syz.3.380" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 122.084638][ T39] audit: type=1326 audit(1732857362.695:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7564 comm="syz.3.380" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 122.091870][ T39] audit: type=1326 audit(1732857362.695:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7564 comm="syz.3.380" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 122.097445][ T39] audit: type=1326 audit(1732857362.695:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7564 comm="syz.3.380" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 122.103120][ T39] audit: type=1326 audit(1732857362.695:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7564 comm="syz.3.380" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 122.110796][ T39] audit: type=1326 audit(1732857362.695:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7564 comm="syz.3.380" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 122.190709][ T833] cdc_ether 8-1:1.0: probe with driver cdc_ether failed with error -22 [ 122.194781][ T833] usb 8-1: USB disconnect, device number 5 [ 122.510891][ T7588] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 122.746493][ T6004] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 122.896487][ T6004] usb 7-1: Using ep0 maxpacket: 8 [ 122.899665][ T6004] usb 7-1: config index 0 descriptor too short (expected 301, got 45) [ 122.901853][ T6004] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 122.904433][ T6004] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 122.907216][ T6004] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 122.909808][ T6004] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 122.913228][ T6004] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 122.915575][ T6004] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 122.976528][ T25] usb 6-1: new full-speed USB device number 3 using dummy_hcd [ 123.129153][ T25] usb 6-1: config 1 interface 0 has no altsetting 0 [ 123.131166][ T25] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice=f3.40 [ 123.133980][ T25] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 123.345644][ T7602] tmpfs: Bad value for 'mpol' [ 123.410461][ T7590] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 123.781251][ T25] usb 6-1: string descriptor 0 read error: -71 [ 123.790291][ T25] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 3 if 0 alt 253 proto 1 vid 0x0525 pid 0xA4A8 [ 123.795408][ T25] usb 6-1: USB disconnect, device number 3 [ 123.802682][ T25] usblp0: removed [ 124.441856][ T7628] xt_hashlimit: Unknown mode mask 368, kernel too old? [ 124.756646][ T25] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 124.906474][ T25] usb 8-1: Using ep0 maxpacket: 8 [ 124.910213][ T25] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 124.912791][ T25] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 124.915468][ T25] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 124.918132][ T25] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 124.921558][ T25] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 124.923927][ T25] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 125.133579][ T25] usb 8-1: GET_CAPABILITIES returned 0 [ 125.135116][ T25] usbtmc 8-1:16.0: can't read capabilities [ 125.180506][ T5977] Bluetooth: hci0: unexpected event for opcode 0x2043 [ 125.338942][ T25] usb 8-1: USB disconnect, device number 6 [ 125.433158][ T834] IPVS: starting estimator thread 0... [ 125.516049][ T6004] usb 7-1: usb_control_msg returned -71 [ 125.517667][ T6004] usbtmc 7-1:16.0: can't read capabilities [ 125.526729][ T7650] IPVS: using max 39 ests per chain, 93600 per kthread [ 125.531495][ T6004] usb 7-1: USB disconnect, device number 2 [ 125.564313][ T7655] netlink: 28 bytes leftover after parsing attributes in process `syz.2.406'. [ 125.566790][ T7655] netlink: 8 bytes leftover after parsing attributes in process `syz.2.406'. [ 125.776539][ T25] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 125.906510][ T6004] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 125.926664][ T25] usb 6-1: Using ep0 maxpacket: 8 [ 125.929172][ T25] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 125.931158][ T25] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 125.934099][ T25] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 125.937233][ T25] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 125.940124][ T25] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 125.943679][ T25] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 125.945618][ T25] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 125.948621][ T25] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 125.951648][ T25] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 125.954524][ T25] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 125.958267][ T25] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 125.960297][ T25] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 125.963161][ T25] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 125.966190][ T25] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 125.969064][ T25] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 125.974058][ T25] usb 6-1: string descriptor 0 read error: -22 [ 125.975693][ T25] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 125.978538][ T25] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 125.983651][ T25] adutux 6-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 126.056606][ T6004] usb 7-1: Using ep0 maxpacket: 16 [ 126.060510][ T6004] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 126.063163][ T6004] usb 7-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 126.065539][ T6004] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 126.069833][ T6004] usb 7-1: config 0 descriptor?? [ 126.073835][ T6004] input: bcm5974 as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input7 [ 126.327646][ T5367] bcm5974 7-1:0.0: could not read from device [ 126.327746][ T6005] usb 7-1: USB disconnect, device number 3 [ 126.334810][ T7116] bcm5974 7-1:0.0: could not read from device [ 126.634701][ T7680] Illegal XDP return value 4294967274 on prog (id 73) dev N/A, expect packet loss! [ 126.665828][ T7682] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 127.006286][ T7687] dlm: no locking on control device [ 127.289423][ T5977] Bluetooth: hci0: unexpected event for opcode 0x2043 [ 127.544338][ T74] Bluetooth: hci4: Frame reassembly failed (-84) [ 127.550544][ T45] Bluetooth: hci4: Frame reassembly failed (-84) [ 127.552391][ T1154] Bluetooth: hci4: Frame reassembly failed (-84) [ 127.554082][ T1142] Bluetooth: hci4: Frame reassembly failed (-84) [ 127.556156][ T7713] netlink: 750 bytes leftover after parsing attributes in process `syz.0.422'. [ 127.910391][ T7729] Cannot find set identified by id 0 to match [ 128.242184][ T7738] afs: Unknown parameter 'fƒfC½üapwal' [ 128.509869][ T6005] usb 6-1: USB disconnect, device number 4 [ 129.081274][ T7755] bridge_slave_0: entered allmulticast mode [ 129.085173][ T7755] bridge_slave_0: entered promiscuous mode [ 129.144842][ T833] IPVS: starting estimator thread 0... [ 129.236992][ T7761] IPVS: using max 39 ests per chain, 93600 per kthread [ 129.441828][ T7768] macvlan1: entered promiscuous mode [ 129.443774][ T7768] netlink: 4 bytes leftover after parsing attributes in process `syz.2.439'. [ 129.447276][ T7768] veth1_vlan: left promiscuous mode [ 129.455353][ T7768] macvlan1 (unregistering): left promiscuous mode [ 129.596579][ T5974] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 129.606584][ T5977] block nbd0: Receive control failed (result -32) [ 129.609757][ T7714] block nbd0: shutting down sockets [ 130.432102][ T7798] FAULT_INJECTION: forcing a failure. [ 130.432102][ T7798] name failslab, interval 1, probability 0, space 0, times 0 [ 130.435567][ T7798] CPU: 2 UID: 0 PID: 7798 Comm: syz.2.449 Not tainted 6.12.0-syzkaller-10681-g65ae975e97d5 #0 [ 130.438284][ T7798] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 130.441079][ T7798] Call Trace: [ 130.441966][ T7798] [ 130.442759][ T7798] dump_stack_lvl+0x16c/0x1f0 [ 130.444006][ T7798] should_fail_ex+0x497/0x5b0 [ 130.445254][ T7798] ? fs_reclaim_acquire+0xae/0x150 [ 130.446591][ T7798] should_failslab+0xc2/0x120 [ 130.447834][ T7798] __kmalloc_noprof+0xce/0x4f0 [ 130.449574][ T7798] ? lsm_blob_alloc+0x68/0x90 [ 130.451315][ T7798] lsm_blob_alloc+0x68/0x90 [ 130.452672][ T7798] security_prepare_creds+0x30/0x270 [ 130.454054][ T7798] prepare_creds+0x53e/0x750 [ 130.455266][ T7798] prepare_exec_creds+0x10/0x240 [ 130.456555][ T7798] bprm_execve+0xc2/0x19b0 [ 130.457725][ T7798] ? __pfx_get_arg_page+0x10/0x10 [ 130.459073][ T7798] ? up_write+0x1b2/0x520 [ 130.460199][ T7798] ? __pfx_bprm_execve+0x10/0x10 [ 130.461489][ T7798] ? put_page+0xdb/0x280 [ 130.462596][ T7798] ? copy_string_kernel+0x1d4/0x210 [ 130.463941][ T7798] do_execveat_common.isra.0+0x4f1/0x630 [ 130.465403][ T7798] __ia32_compat_sys_execve+0x90/0xc0 [ 130.466803][ T7798] __do_fast_syscall_32+0x73/0x120 [ 130.468283][ T7798] do_fast_syscall_32+0x32/0x80 [ 130.470056][ T7798] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 130.471722][ T7798] RIP: 0023:0xf7f37579 [ 130.472801][ T7798] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 130.477863][ T7798] RSP: 002b:00000000f50b657c EFLAGS: 00000292 ORIG_RAX: 000000000000000b [ 130.480160][ T7798] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000000000 [ 130.482214][ T7798] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 130.484269][ T7798] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 130.486321][ T7798] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 130.488595][ T7798] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 130.491190][ T7798] [ 130.492093][ C2] vkms_vblank_simulate: vblank timer overrun [ 130.521225][ T7800] netlink: 4 bytes leftover after parsing attributes in process `syz.2.450'. [ 130.945369][ T7814] tipc: Resetting bearer [ 130.962814][ T7814] team0: Unable to change to the same mode the team is in [ 130.969710][ T7814] tipc: Enabling of bearer rejected, already enabled [ 131.103656][ T7815] syzkaller0: entered promiscuous mode [ 131.105331][ T7815] syzkaller0: entered allmulticast mode [ 131.109063][ T7821] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 131.110923][ T7821] syzkaller0: Linktype set failed because interface is up [ 131.113110][ T1135] syzkaller0: tun_net_xmit 48 [ 131.830970][ T7828] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117 [ 131.833364][ T7828] PKCS7: Only support pkcs7_signedData type [ 131.841155][ T7828] netlink: 40 bytes leftover after parsing attributes in process `syz.1.458'. [ 131.892450][ T7830] netlink: 40 bytes leftover after parsing attributes in process `syz.1.458'. [ 132.041804][ T7835] xt_CT: You must specify a L4 protocol and not use inversions on it [ 132.157350][ T1414] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.159133][ T1414] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.902151][ T7852] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 134.222447][ T7884] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117 [ 134.224172][ T7884] PKCS7: Only support pkcs7_signedData type [ 134.234441][ T7884] netlink: 40 bytes leftover after parsing attributes in process `syz.0.474'. [ 134.239222][ T7884] netlink: 40 bytes leftover after parsing attributes in process `syz.0.474'. [ 134.690020][ T7892] tipc: Resetting bearer [ 134.706088][ T7892] team0: Unable to change to the same mode the team is in [ 134.712732][ T7892] team0: Port device vlan0 added [ 134.806735][ T7896] syzkaller0: entered promiscuous mode [ 134.808357][ T7896] syzkaller0: entered allmulticast mode [ 134.811496][ T1142] syzkaller0: tun_net_xmit 48 [ 134.823068][ T7896] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 134.824841][ T7896] syzkaller0: Linktype set failed because interface is up [ 135.060944][ T7899] netlink: zone id is out of range [ 135.062700][ T7899] netlink: zone id is out of range [ 135.064420][ T7899] netlink: zone id is out of range [ 135.067416][ T7899] netlink: zone id is out of range [ 135.069312][ T7899] netlink: zone id is out of range [ 135.070763][ T7899] netlink: zone id is out of range [ 135.072459][ T7899] netlink: zone id is out of range [ 135.074224][ T7899] netlink: zone id is out of range [ 135.075929][ T7899] netlink: zone id is out of range [ 135.077912][ T7899] netlink: zone id is out of range [ 135.100764][ T7899] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 135.102615][ T7899] overlayfs: failed to set xattr on upper [ 135.104046][ T7899] overlayfs: ...falling back to redirect_dir=nofollow. [ 135.110297][ T7899] overlayfs: ...falling back to index=off. [ 135.114255][ T7899] overlayfs: ...falling back to uuid=null. [ 135.117047][ T7899] overlayfs: NFS export requires "index=on", falling back to nfs_export=off. [ 136.284757][ T7925] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117 [ 136.286750][ T7925] PKCS7: Only support pkcs7_signedData type [ 136.292403][ T7925] netlink: 40 bytes leftover after parsing attributes in process `syz.1.487'. [ 136.344341][ T7927] netlink: 40 bytes leftover after parsing attributes in process `syz.1.487'. [ 136.391833][ T39] kauditd_printk_skb: 57 callbacks suppressed [ 136.391844][ T39] audit: type=1800 audit(1732857377.015:166): pid=7928 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.488" name="/" dev="fuse" ino=1 res=0 errno=0 [ 137.770604][ T7957] tipc: Resetting bearer [ 137.790726][ T7957] team0: Unable to change to the same mode the team is in [ 137.795109][ T7957] team0: Port device vlan0 added [ 137.894654][ T7963] syzkaller0: entered promiscuous mode [ 137.896137][ T7963] syzkaller0: entered allmulticast mode [ 137.906861][ T1142] syzkaller0: tun_net_xmit 48 [ 137.920970][ T7963] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 137.922601][ T7963] syzkaller0: Linktype set failed because interface is up [ 138.061530][ T7967] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117 [ 138.063452][ T7967] PKCS7: Only support pkcs7_signedData type [ 138.071891][ T7967] netlink: 40 bytes leftover after parsing attributes in process `syz.3.499'. [ 138.077664][ T7967] netlink: 40 bytes leftover after parsing attributes in process `syz.3.499'. [ 138.646534][ T7982] capability: warning: `syz.1.505' uses 32-bit capabilities (legacy support in use) [ 139.294742][ T5977] Bluetooth: hci1: unexpected cc 0x042f length: 9 > 7 [ 139.321255][ T7998] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117 [ 139.322921][ T7998] PKCS7: Only support pkcs7_signedData type [ 139.327833][ T7998] netlink: 40 bytes leftover after parsing attributes in process `syz.1.508'. [ 139.330733][ T7998] netlink: 40 bytes leftover after parsing attributes in process `syz.1.508'. [ 139.461785][ T39] audit: type=1326 audit(1732857380.085:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8012 comm="syz.0.514" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 139.481002][ T39] audit: type=1326 audit(1732857380.095:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8012 comm="syz.0.514" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 139.487765][ T39] audit: type=1326 audit(1732857380.115:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8012 comm="syz.0.514" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 139.493577][ T39] audit: type=1326 audit(1732857380.115:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8012 comm="syz.0.514" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 139.499171][ T39] audit: type=1326 audit(1732857380.115:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8012 comm="syz.0.514" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 139.504936][ T39] audit: type=1326 audit(1732857380.115:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8012 comm="syz.0.514" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 139.510553][ T39] audit: type=1326 audit(1732857380.115:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8012 comm="syz.0.514" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 139.516358][ T39] audit: type=1326 audit(1732857380.115:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8012 comm="syz.0.514" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 139.521950][ T39] audit: type=1326 audit(1732857380.115:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8012 comm="syz.0.514" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 140.085394][ T8029] team0: Port device vlan0 removed [ 140.091627][ T97] tipc: Resetting bearer [ 140.103882][ T8029] team0: Unable to change to the same mode the team is in [ 140.114637][ T8029] team0: Port device vlan0 added [ 140.422548][ T8032] syzkaller0: entered promiscuous mode [ 140.424132][ T8032] syzkaller0: entered allmulticast mode [ 140.430458][ T45] syzkaller0: tun_net_xmit 48 [ 140.432275][ T8035] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 140.433892][ T8035] syzkaller0: Linktype set failed because interface is up [ 140.804489][ T8051] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117 [ 140.807013][ T8051] PKCS7: Only support pkcs7_signedData type [ 140.813572][ T8051] netlink: 40 bytes leftover after parsing attributes in process `syz.0.524'. [ 140.871397][ T8052] netlink: 40 bytes leftover after parsing attributes in process `syz.0.524'. [ 141.712060][ T8064] netlink: 44 bytes leftover after parsing attributes in process `syz.1.527'. [ 141.717061][ T8064] netlink: 59 bytes leftover after parsing attributes in process `syz.1.527'. [ 142.339480][ T8104] net_ratelimit: 6 callbacks suppressed [ 142.339491][ T8104] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 142.458257][ T8118] FAULT_INJECTION: forcing a failure. [ 142.458257][ T8118] name failslab, interval 1, probability 0, space 0, times 0 [ 142.462849][ T8118] CPU: 0 UID: 0 PID: 8118 Comm: syz.3.534 Not tainted 6.12.0-syzkaller-10681-g65ae975e97d5 #0 [ 142.465387][ T8118] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 142.468316][ T8118] Call Trace: [ 142.469176][ T8118] [ 142.469955][ T8118] dump_stack_lvl+0x16c/0x1f0 [ 142.471164][ T8118] should_fail_ex+0x497/0x5b0 [ 142.472325][ T8118] should_failslab+0xc2/0x120 [ 142.473478][ T8118] __kmalloc_cache_noprof+0x68/0x420 [ 142.474814][ T8118] sctp_add_bind_addr+0x9d/0x3e0 [ 142.476035][ T8118] sctp_copy_local_addr_list+0x39e/0x5a0 [ 142.477426][ T8118] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 142.479002][ T8118] ? sctp_auth_asoc_copy_shkeys+0x2a7/0x360 [ 142.480468][ T8118] ? sctp_bind_addr_copy+0xe0/0x530 [ 142.481764][ T8118] sctp_bind_addr_copy+0xe0/0x530 [ 142.483013][ T8118] sctp_connect_new_asoc+0x1d8/0x790 [ 142.484347][ T8118] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 142.485791][ T8118] ? lock_acquire+0x2f/0xb0 [ 142.486938][ T8118] ? sctp_endpoint_lookup_assoc+0xac/0x2a0 [ 142.488386][ T8118] __sctp_connect+0x3f5/0xc60 [ 142.489567][ T8118] ? __might_fault+0x13b/0x190 [ 142.490753][ T8118] ? trace_lock_acquire+0x146/0x1e0 [ 142.492056][ T8118] ? __pfx___sctp_connect+0x10/0x10 [ 142.493357][ T8118] ? lock_acquire+0x2f/0xb0 [ 142.494487][ T8118] ? __might_fault+0xe3/0x190 [ 142.495710][ T8118] ? __might_fault+0xe3/0x190 [ 142.496885][ T8118] __sctp_setsockopt_connectx+0xfc/0x170 [ 142.498312][ T8118] sctp_getsockopt+0x2e9f/0x7ae0 [ 142.499551][ T8118] ? hlock_class+0x4e/0x130 [ 142.500728][ T8118] ? mark_lock+0xb5/0xc60 [ 142.501934][ T8118] ? aa_label_sk_perm+0x19d/0x5a0 [ 142.503354][ T8118] ? __pfx_sctp_getsockopt+0x10/0x10 [ 142.504727][ T8118] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 142.506032][ T8118] ? find_held_lock+0x2d/0x110 [ 142.507234][ T8118] ? __pfx___might_resched+0x10/0x10 [ 142.508558][ T8118] ? aa_sk_perm+0x2f5/0xb20 [ 142.509704][ T8118] ? ksys_write+0x191/0x250 [ 142.510830][ T8118] ? __pfx_aa_sk_perm+0x10/0x10 [ 142.512060][ T8118] ? find_held_lock+0x2d/0x110 [ 142.513271][ T8118] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 142.514764][ T8118] ? do_sock_getsockopt+0x3fe/0x870 [ 142.516045][ T8118] do_sock_getsockopt+0x3fe/0x870 [ 142.517347][ T8118] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 142.518771][ T8118] ? lock_acquire+0x2f/0xb0 [ 142.519951][ T8118] ? __fget_files+0x40/0x3a0 [ 142.521161][ T8118] ? __fget_files+0x206/0x3a0 [ 142.522340][ T8118] __sys_getsockopt+0x12f/0x260 [ 142.523565][ T8118] __ia32_sys_getsockopt+0xbc/0x160 [ 142.524875][ T8118] ? lockdep_hardirqs_on+0x7c/0x110 [ 142.526185][ T8118] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 142.527831][ T8118] __do_fast_syscall_32+0x73/0x120 [ 142.529155][ T8118] do_fast_syscall_32+0x32/0x80 [ 142.530410][ T8118] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 142.532020][ T8118] RIP: 0023:0xf73de579 [ 142.533069][ T8118] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 142.537922][ T8118] RSP: 002b:00000000f50a557c EFLAGS: 00000292 ORIG_RAX: 000000000000016d [ 142.540025][ T8118] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000084 [ 142.542059][ T8118] RDX: 000000000000006f RSI: 00000000200000c0 RDI: 0000000020000100 [ 142.544087][ T8118] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 142.546238][ T8118] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 142.548860][ T8118] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 142.551333][ T8118] [ 142.606508][ T833] usb 6-1: new full-speed USB device number 5 using dummy_hcd [ 142.642672][ T8123] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117 [ 142.644499][ T8123] PKCS7: Only support pkcs7_signedData type [ 142.650515][ T8123] netlink: 40 bytes leftover after parsing attributes in process `syz.0.536'. [ 142.653457][ T8123] netlink: 40 bytes leftover after parsing attributes in process `syz.0.536'. [ 142.756550][ T833] usb 6-1: device descriptor read/64, error -71 [ 142.997188][ T833] usb 6-1: new full-speed USB device number 6 using dummy_hcd [ 143.159259][ T8132] team0: Port device vlan0 removed [ 143.163152][ T97] tipc: Resetting bearer [ 143.168716][ T8132] team0: Unable to change to the same mode the team is in [ 143.172247][ T8132] team0: Port device vlan0 added [ 143.216572][ T833] usb 6-1: device descriptor read/64, error -71 [ 143.300932][ T8133] syzkaller0: entered promiscuous mode [ 143.302486][ T8133] syzkaller0: entered allmulticast mode [ 143.305040][ T1135] syzkaller0: tun_net_xmit 48 [ 143.319058][ T8133] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 143.321092][ T8133] syzkaller0: Linktype set failed because interface is up [ 143.326678][ T833] usb usb6-port1: attempt power cycle [ 143.667828][ T833] usb 6-1: new full-speed USB device number 7 using dummy_hcd [ 143.688782][ T833] usb 6-1: device descriptor read/8, error -71 [ 143.928462][ T833] usb 6-1: new full-speed USB device number 8 using dummy_hcd [ 143.948756][ T833] usb 6-1: device descriptor read/8, error -71 [ 144.064906][ T833] usb usb6-port1: unable to enumerate USB device [ 144.488994][ T8148] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117 [ 144.490697][ T8148] PKCS7: Only support pkcs7_signedData type [ 144.497712][ T8148] netlink: 40 bytes leftover after parsing attributes in process `syz.0.540'. [ 144.501181][ T8148] netlink: 40 bytes leftover after parsing attributes in process `syz.0.540'. [ 145.049345][ T8165] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117 [ 145.052116][ T8165] PKCS7: Only support pkcs7_signedData type [ 145.058678][ T8165] netlink: 40 bytes leftover after parsing attributes in process `syz.2.547'. [ 145.061440][ T8165] netlink: 40 bytes leftover after parsing attributes in process `syz.2.547'. [ 145.298330][ T8171] netlink: 'syz.0.549': attribute type 10 has an invalid length. [ 145.300954][ T8171] veth0_macvtap: left promiscuous mode [ 145.305673][ T8171] veth0_macvtap: entered promiscuous mode [ 145.310127][ T8171] team0: Device macvtap0 failed to register rx_handler [ 145.312475][ T8171] veth0_macvtap: left promiscuous mode [ 145.371380][ T8175] tipc: Resetting bearer [ 145.445329][ T8175] team0: Unable to change to the same mode the team is in [ 145.452631][ T8175] team0: Port device vlan0 added [ 145.850763][ T8182] syzkaller0: entered promiscuous mode [ 145.852485][ T8182] syzkaller0: entered allmulticast mode [ 145.856291][ T8183] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 145.863204][ T8183] syzkaller0: Linktype set failed because interface is up [ 145.876574][ T45] syzkaller0: tun_net_xmit 48 [ 146.047492][ T8186] overlay: filesystem on ./bus not supported as upperdir [ 146.399077][ T8196] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117 [ 146.400821][ T8196] PKCS7: Only support pkcs7_signedData type [ 146.416866][ T8196] netlink: 40 bytes leftover after parsing attributes in process `syz.3.556'. [ 146.473972][ T8199] netlink: 40 bytes leftover after parsing attributes in process `syz.3.556'. [ 147.456783][ T8213] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117 [ 147.466641][ T8213] PKCS7: Only support pkcs7_signedData type [ 147.478579][ T8213] netlink: 40 bytes leftover after parsing attributes in process `syz.2.558'. [ 147.537596][ T8215] netlink: 40 bytes leftover after parsing attributes in process `syz.2.558'. [ 147.811416][ T8219] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 148.132094][ T8234] team0: Port device vlan0 removed [ 148.170977][ T1135] tipc: Resetting bearer [ 148.173167][ T8234] team0: Unable to change to the same mode the team is in [ 148.176892][ T8234] tipc: Enabling of bearer rejected, already enabled [ 148.305455][ T8239] syzkaller0: entered promiscuous mode [ 148.339761][ T8239] syzkaller0: entered allmulticast mode [ 148.343930][ T97] syzkaller0: tun_net_xmit 48 [ 148.379426][ T8240] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 148.381004][ T8240] syzkaller0: Linktype set failed because interface is up [ 148.505606][ T8246] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117 [ 148.509831][ T8246] PKCS7: Only support pkcs7_signedData type [ 148.514758][ T8246] netlink: 40 bytes leftover after parsing attributes in process `syz.3.569'. [ 148.518026][ T8246] netlink: 40 bytes leftover after parsing attributes in process `syz.3.569'. [ 149.921894][ T8251] tipc: Resetting bearer [ 149.929166][ T8252] team0: Unable to change to the same mode the team is in [ 149.935820][ T8253] team0: Port device vlan0 added [ 149.953627][ T8258] syzkaller0: entered promiscuous mode [ 149.955109][ T8258] syzkaller0: entered allmulticast mode [ 149.974267][ T1135] syzkaller0: tun_net_xmit 48 [ 150.295679][ T5977] Bluetooth: hci2: Malformed LE Event: 0x0b [ 150.498725][ T8281] netlink: 4 bytes leftover after parsing attributes in process `syz.1.577'. [ 150.806528][ T5977] Bluetooth: hci2: command tx timeout [ 150.817840][ T8287] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117 [ 150.819638][ T8287] PKCS7: Only support pkcs7_signedData type [ 150.826626][ T8287] netlink: 40 bytes leftover after parsing attributes in process `syz.2.578'. [ 150.877676][ T8288] netlink: 40 bytes leftover after parsing attributes in process `syz.2.578'. [ 151.737531][ T8306] team0: Port device vlan0 removed [ 151.741404][ T1135] tipc: Resetting bearer [ 151.803454][ T8306] team0: Unable to change to the same mode the team is in [ 151.809194][ T8306] tipc: Enabling of bearer rejected, already enabled [ 152.074734][ T8307] syzkaller0: entered promiscuous mode [ 152.076332][ T8307] syzkaller0: entered allmulticast mode [ 152.079925][ T8308] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 152.083964][ T8308] syzkaller0: Linktype set failed because interface is up [ 152.091619][ T1135] syzkaller0: tun_net_xmit 48 [ 153.135420][ T8320] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117 [ 153.137348][ T8320] PKCS7: Only support pkcs7_signedData type [ 153.168574][ T8320] netlink: 40 bytes leftover after parsing attributes in process `syz.0.586'. [ 153.223647][ T8321] netlink: 40 bytes leftover after parsing attributes in process `syz.0.586'. [ 153.611684][ T8330] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117 [ 153.626672][ T8330] PKCS7: Only support pkcs7_signedData type [ 153.640046][ T8330] netlink: 40 bytes leftover after parsing attributes in process `syz.2.590'. [ 153.642727][ T8332] netlink: 4 bytes leftover after parsing attributes in process `syz.3.591'. [ 153.647736][ T8330] netlink: 40 bytes leftover after parsing attributes in process `syz.2.590'. [ 153.707110][ T8334] tipc: Resetting bearer [ 153.724765][ T8334] team0: Unable to change to the same mode the team is in [ 153.730593][ T8334] team0: Port device vlan0 added [ 153.834153][ T8335] syzkaller0: entered promiscuous mode [ 153.835656][ T8335] syzkaller0: entered allmulticast mode [ 153.839598][ T97] syzkaller0: tun_net_xmit 48 [ 153.855073][ T8335] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 153.856770][ T8335] syzkaller0: Linktype set failed because interface is up [ 154.183247][ T8339] netlink: 4 bytes leftover after parsing attributes in process `syz.0.593'. [ 154.822339][ T8340] orangefs_mount: mount request failed with -4 [ 155.487855][ T8362] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117 [ 155.489575][ T8362] PKCS7: Only support pkcs7_signedData type [ 155.510001][ T8362] netlink: 40 bytes leftover after parsing attributes in process `syz.1.599'. [ 155.514499][ T8362] netlink: 40 bytes leftover after parsing attributes in process `syz.1.599'. [ 155.927447][ T8371] md: superblock version 402653184 not known [ 155.929086][ T8371] md: couldn't set array info. -22 [ 156.089580][ T8383] team0: Port device vlan0 removed [ 156.093018][ T1135] tipc: Resetting bearer [ 156.101155][ T8383] team0: Unable to change to the same mode the team is in [ 156.105637][ T8383] team0: Port device vlan0 added [ 156.248833][ T8387] netlink: 4 bytes leftover after parsing attributes in process `syz.3.605'. [ 156.288379][ T8386] syzkaller0: entered promiscuous mode [ 156.289938][ T8386] syzkaller0: entered allmulticast mode [ 156.293045][ T1135] syzkaller0: tun_net_xmit 48 [ 156.301791][ T8386] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 156.303422][ T8386] syzkaller0: Linktype set failed because interface is up [ 156.891072][ T8387] orangefs_mount: mount request failed with -4 [ 156.928222][ T8395] netlink: 4 bytes leftover after parsing attributes in process `syz.2.607'. [ 157.713736][ T8410] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4) [ 157.715496][ T8410] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 157.723325][ T8410] vhci_hcd vhci_hcd.0: Device attached [ 157.743297][ T8412] vhci_hcd: connection closed [ 157.743489][ T74] vhci_hcd: stop threads [ 157.746365][ T74] vhci_hcd: release socket [ 157.749494][ T74] vhci_hcd: disconnect device [ 158.026710][ T8416] team0: Port device vlan0 removed [ 158.030706][ T8417] team0: Unable to change to the same mode the team is in [ 158.033124][ T1154] tipc: Resetting bearer [ 158.066561][ T8416] tipc: Enabling of bearer rejected, already enabled [ 158.170749][ T8417] syzkaller0: entered promiscuous mode [ 158.172362][ T8417] syzkaller0: entered allmulticast mode [ 158.175174][ T1135] syzkaller0: tun_net_xmit 48 [ 158.208688][ T8417] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 158.210300][ T8417] syzkaller0: Linktype set failed because interface is up [ 158.448690][ T8425] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117 [ 158.450441][ T8425] PKCS7: Only support pkcs7_signedData type [ 158.460356][ T8425] netlink: 40 bytes leftover after parsing attributes in process `syz.0.613'. [ 158.511443][ T8429] netlink: 40 bytes leftover after parsing attributes in process `syz.0.613'. [ 158.549242][ T8430] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117 [ 158.551043][ T8430] PKCS7: Only support pkcs7_signedData type [ 158.557139][ T8430] netlink: 40 bytes leftover after parsing attributes in process `syz.2.616'. [ 158.609937][ T8432] netlink: 40 bytes leftover after parsing attributes in process `syz.2.616'. [ 159.321626][ T8436] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 159.693593][ T8454] netlink: 24 bytes leftover after parsing attributes in process `syz.3.623'. [ 159.837298][ T5330] Bluetooth: hci1: command 0x0406 tx timeout [ 159.838949][ T65] Bluetooth: hci0: command 0x1407 tx timeout [ 159.838958][ T5330] Bluetooth: hci2: command 0x0406 tx timeout [ 159.838976][ T5330] Bluetooth: hci3: command 0x0406 tx timeout [ 160.403898][ T8475] FAULT_INJECTION: forcing a failure. [ 160.403898][ T8475] name failslab, interval 1, probability 0, space 0, times 0 [ 160.414018][ T8475] CPU: 1 UID: 0 PID: 8475 Comm: syz.3.629 Not tainted 6.12.0-syzkaller-10681-g65ae975e97d5 #0 [ 160.416739][ T8475] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 160.419502][ T8475] Call Trace: [ 160.420393][ T8475] [ 160.421170][ T8475] dump_stack_lvl+0x16c/0x1f0 [ 160.422419][ T8475] should_fail_ex+0x497/0x5b0 [ 160.423663][ T8475] ? fs_reclaim_acquire+0xae/0x150 [ 160.425009][ T8475] should_failslab+0xc2/0x120 [ 160.426255][ T8475] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 160.427648][ T8475] ? security_file_alloc+0x34/0x2b0 [ 160.429003][ T8475] security_file_alloc+0x34/0x2b0 [ 160.430305][ T8475] init_file+0x93/0x480 [ 160.431411][ T8475] alloc_empty_file+0x91/0x1e0 [ 160.432665][ T8475] alloc_file_pseudo+0x13d/0x200 [ 160.433960][ T8475] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 160.435388][ T8475] ? __pfx_idr_alloc_u32+0x10/0x10 [ 160.437063][ T8475] ? find_held_lock+0x2d/0x110 [ 160.438327][ T8475] ? find_held_lock+0x2d/0x110 [ 160.439584][ T8475] __anon_inode_getfile+0x136/0x3c0 [ 160.440952][ T8475] ? __pfx___anon_inode_getfile+0x10/0x10 [ 160.442438][ T8475] ? __local_bh_enable_ip+0xa4/0x120 [ 160.443814][ T8475] bpf_link_prime+0x202/0x4d0 [ 160.445070][ T8475] bpf_raw_tp_link_attach+0x28e/0x5f0 [ 160.446474][ T8475] ? __pfx_lock_release+0x10/0x10 [ 160.447800][ T8475] ? __pfx_bpf_raw_tp_link_attach+0x10/0x10 [ 160.449355][ T8475] ? lock_acquire+0x2f/0xb0 [ 160.450540][ T8475] ? __fget_files+0x40/0x3a0 [ 160.451765][ T8475] ? fput+0x67/0x440 [ 160.452806][ T8475] ? __bpf_prog_get+0xa0/0x290 [ 160.454076][ T8475] __sys_bpf+0x3a7/0x57a0 [ 160.455208][ T8475] ? __pfx_lock_release+0x10/0x10 [ 160.456535][ T8475] ? __pfx___sys_bpf+0x10/0x10 [ 160.457877][ T8475] ? vfs_write+0x306/0x1150 [ 160.459071][ T8475] ? __mutex_unlock_slowpath+0x164/0x690 [ 160.460559][ T8475] ? fput+0x67/0x440 [ 160.461569][ T8475] ? ksys_write+0x1ba/0x250 [ 160.462770][ T8475] ? __pfx_ksys_write+0x10/0x10 [ 160.464054][ T8475] __ia32_sys_bpf+0x76/0xe0 [ 160.465258][ T8475] __do_fast_syscall_32+0x73/0x120 [ 160.466587][ T8475] do_fast_syscall_32+0x32/0x80 [ 160.467860][ T8475] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 160.469512][ T8475] RIP: 0023:0xf73de579 [ 160.470587][ T8475] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 160.475496][ T8475] RSP: 002b:00000000f50c657c EFLAGS: 00000292 ORIG_RAX: 0000000000000165 [ 160.477659][ T8475] RAX: ffffffffffffffda RBX: 0000000000000011 RCX: 0000000020000080 [ 160.479716][ T8475] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000000 [ 160.481763][ T8475] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 160.484120][ T8475] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 160.486174][ T8475] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 160.488221][ T8475] [ 160.498879][ T8478] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117 [ 160.500667][ T8478] PKCS7: Only support pkcs7_signedData type [ 160.503555][ T8478] netlink: 40 bytes leftover after parsing attributes in process `syz.1.628'. [ 160.582140][ T8484] FAULT_INJECTION: forcing a failure. [ 160.582140][ T8484] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 160.585735][ T8484] CPU: 2 UID: 0 PID: 8484 Comm: syz.2.632 Not tainted 6.12.0-syzkaller-10681-g65ae975e97d5 #0 [ 160.585950][ T8483] __nla_validate_parse: 1 callbacks suppressed [ 160.585966][ T8483] netlink: 8 bytes leftover after parsing attributes in process `syz.0.631'. [ 160.588401][ T8484] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 160.588413][ T8484] Call Trace: [ 160.588417][ T8484] [ 160.588422][ T8484] dump_stack_lvl+0x16c/0x1f0 [ 160.588440][ T8484] should_fail_ex+0x497/0x5b0 [ 160.588456][ T8484] _copy_from_iter+0x29b/0x1400 [ 160.588474][ T8484] ? __pfx__copy_from_iter+0x10/0x10 [ 160.588489][ T8484] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 160.588500][ T8484] ? tun_build_skb.constprop.0+0x1b8/0x1120 [ 160.588515][ T8484] ? __pfx_lock_release+0x10/0x10 [ 160.588525][ T8484] ? trace_lock_acquire+0x146/0x1e0 [ 160.588539][ T8484] copy_page_from_iter+0xa5/0x120 [ 160.588550][ T8484] tun_build_skb.constprop.0+0x294/0x1120 [ 160.588566][ T8484] ? __pfx_tun_build_skb.constprop.0+0x10/0x10 [ 160.588579][ T8484] ? __pfx___lock_acquire+0x10/0x10 [ 160.588595][ T8484] ? __lock_acquire+0xcc5/0x3c40 [ 160.588606][ T8484] tun_get_user+0x870/0x3e30 [ 160.588622][ T8484] ? find_held_lock+0x2d/0x110 [ 160.588635][ T8484] ? __pfx_tun_get_user+0x10/0x10 [ 160.588647][ T8484] ? find_held_lock+0x2d/0x110 [ 160.588661][ T8484] ? __pfx_lock_release+0x10/0x10 [ 160.588675][ T8484] tun_chr_write_iter+0xdc/0x210 [ 160.588689][ T8484] vfs_write+0x5ae/0x1150 [ 160.588701][ T8484] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 160.588716][ T8484] ? __pfx_vfs_write+0x10/0x10 [ 160.626756][ T8484] ? __fget_files+0x40/0x3a0 [ 160.627995][ T8484] ksys_write+0x12b/0x250 [ 160.629148][ T8484] ? __pfx_ksys_write+0x10/0x10 [ 160.630427][ T8484] __do_fast_syscall_32+0x73/0x120 [ 160.631769][ T8484] do_fast_syscall_32+0x32/0x80 [ 160.633061][ T8484] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 160.634707][ T8484] RIP: 0023:0xf7f37579 [ 160.635779][ T8484] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 160.640750][ T8484] RSP: 002b:00000000f50b6540 EFLAGS: 00000293 ORIG_RAX: 0000000000000004 [ 160.642923][ T8484] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000020000200 [ 160.644988][ T8484] RDX: 000000000000003a RSI: 00000000f73c0ff4 RDI: 0000000000000000 [ 160.647042][ T8484] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 160.649103][ T8484] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 160.651163][ T8484] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 160.653230][ T8484] [ 160.658126][ T8483] netlink: 8 bytes leftover after parsing attributes in process `syz.0.631'. [ 160.665853][ T8483] netlink: 8 bytes leftover after parsing attributes in process `syz.0.631'. [ 160.679882][ T8486] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 160.705069][ T8483] netlink: 8 bytes leftover after parsing attributes in process `syz.0.631'. [ 160.707544][ T8483] netlink: 8 bytes leftover after parsing attributes in process `syz.0.631'. [ 160.709936][ T8483] netlink: 8 bytes leftover after parsing attributes in process `syz.0.631'. [ 160.712306][ T8483] netlink: 8 bytes leftover after parsing attributes in process `syz.0.631'. [ 160.714616][ T8483] netlink: 8 bytes leftover after parsing attributes in process `syz.0.631'. [ 160.717017][ T8483] netlink: 8 bytes leftover after parsing attributes in process `syz.0.631'. [ 160.719304][ T8483] netlink: 8 bytes leftover after parsing attributes in process `syz.0.631'. [ 161.786055][ T8520] FAULT_INJECTION: forcing a failure. [ 161.786055][ T8520] name failslab, interval 1, probability 0, space 0, times 0 [ 161.790460][ T8520] CPU: 3 UID: 0 PID: 8520 Comm: syz.2.643 Not tainted 6.12.0-syzkaller-10681-g65ae975e97d5 #0 [ 161.793154][ T8520] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 161.795941][ T8520] Call Trace: [ 161.796860][ T8520] [ 161.797646][ T8520] dump_stack_lvl+0x16c/0x1f0 [ 161.798902][ T8520] should_fail_ex+0x497/0x5b0 [ 161.800148][ T8520] ? fs_reclaim_acquire+0xae/0x150 [ 161.801520][ T8520] should_failslab+0xc2/0x120 [ 161.802769][ T8520] __kmalloc_cache_noprof+0x68/0x420 [ 161.804160][ T8520] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 161.805702][ T8520] ? lockdep_hardirqs_on+0x7c/0x110 [ 161.807078][ T8520] __request_module+0x2c6/0x6c0 [ 161.808355][ T8520] ? nf_tables_abort+0x2a30/0x3ce0 [ 161.809737][ T8520] ? __pfx___request_module+0x10/0x10 [ 161.811147][ T8520] ? __mutex_unlock_slowpath+0x164/0x690 [ 161.812680][ T8520] nf_tables_abort+0x2a30/0x3ce0 [ 161.813987][ T8520] ? __pfx_nf_tables_abort+0x10/0x10 [ 161.815369][ T8520] ? net_generic+0xea/0x2a0 [ 161.816580][ T8520] ? __pfx_nf_tables_newsetelem+0x10/0x10 [ 161.818066][ T8520] ? __nla_parse+0x40/0x60 [ 161.819248][ T8520] nfnetlink_rcv_batch+0xabb/0x24e0 [ 161.820635][ T8520] ? __pfx_nfnetlink_rcv_batch+0x10/0x10 [ 161.822097][ T8520] ? __pfx_lock_release+0x10/0x10 [ 161.823423][ T8520] ? __local_bh_enable_ip+0xa4/0x120 [ 161.824886][ T8520] ? lockdep_hardirqs_on+0x7c/0x110 [ 161.826270][ T8520] ? __pfx___dev_queue_xmit+0x10/0x10 [ 161.827701][ T8520] ? __nla_parse+0x40/0x60 [ 161.828902][ T8520] nfnetlink_rcv+0x3c3/0x430 [ 161.830255][ T8520] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 161.831658][ T8520] netlink_unicast+0x53c/0x7f0 [ 161.832991][ T8520] ? __pfx_netlink_unicast+0x10/0x10 [ 161.834397][ T8520] ? __phys_addr_symbol+0x30/0x80 [ 161.835717][ T8520] ? __check_object_size+0x488/0x710 [ 161.837132][ T8520] netlink_sendmsg+0x8b8/0xd70 [ 161.838416][ T8520] ? __pfx_netlink_sendmsg+0x10/0x10 [ 161.839824][ T8520] ____sys_sendmsg+0x9ae/0xb40 [ 161.841107][ T8520] ? __pfx_____sys_sendmsg+0x10/0x10 [ 161.842499][ T8520] ? get_compat_msghdr+0x11b/0x170 [ 161.843853][ T8520] ___sys_sendmsg+0x135/0x1e0 [ 161.845116][ T8520] ? __pfx____sys_sendmsg+0x10/0x10 [ 161.846490][ T8520] ? __pfx_lock_release+0x10/0x10 [ 161.847818][ T8520] ? trace_lock_acquire+0x146/0x1e0 [ 161.849203][ T8520] ? __fget_files+0x206/0x3a0 [ 161.850453][ T8520] __sys_sendmsg+0x16e/0x220 [ 161.851710][ T8520] ? __pfx___sys_sendmsg+0x10/0x10 [ 161.853084][ T8520] __do_fast_syscall_32+0x73/0x120 [ 161.854434][ T8520] do_fast_syscall_32+0x32/0x80 [ 161.855722][ T8520] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 161.857459][ T8520] RIP: 0023:0xf7f37579 [ 161.858538][ T8520] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 161.863561][ T8520] RSP: 002b:00000000f50b657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 161.865815][ T8520] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 161.868085][ T8520] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 161.870195][ T8520] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 161.872313][ T8520] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 161.874413][ T8520] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 161.876514][ T8520] [ 161.923236][ T8524] FAULT_INJECTION: forcing a failure. [ 161.923236][ T8524] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 161.928297][ T8524] CPU: 0 UID: 0 PID: 8524 Comm: syz.1.644 Not tainted 6.12.0-syzkaller-10681-g65ae975e97d5 #0 [ 161.930949][ T8524] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 161.933756][ T8524] Call Trace: [ 161.934648][ T8524] [ 161.935428][ T8524] dump_stack_lvl+0x16c/0x1f0 [ 161.936660][ T8524] should_fail_ex+0x497/0x5b0 [ 161.937870][ T8524] _copy_from_user+0x2e/0xd0 [ 161.938728][ T8526] tipc: Resetting bearer [ 161.939063][ T8524] kstrtouint_from_user+0xd7/0x1c0 [ 161.939095][ T8524] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 161.943304][ T8524] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 161.944771][ T8524] proc_fail_nth_write+0x84/0x250 [ 161.946089][ T8524] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 161.947546][ T8524] ? ksys_write+0x12b/0x250 [ 161.948747][ T8524] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 161.950212][ T8524] vfs_write+0x24c/0x1150 [ 161.951371][ T8524] ? __fget_files+0x1fc/0x3a0 [ 161.952619][ T8524] ? __pfx___mutex_lock+0x10/0x10 [ 161.953943][ T8524] ? __pfx_vfs_write+0x10/0x10 [ 161.955203][ T8524] ? __fget_files+0x206/0x3a0 [ 161.956450][ T8524] ksys_write+0x12b/0x250 [ 161.957762][ T8524] ? __pfx_ksys_write+0x10/0x10 [ 161.959095][ T8524] __do_fast_syscall_32+0x73/0x120 [ 161.960449][ T8524] do_fast_syscall_32+0x32/0x80 [ 161.961733][ T8524] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 161.963376][ T8524] RIP: 0023:0xf748e579 [ 161.964455][ T8524] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 161.969409][ T8524] RSP: 002b:00000000f51765b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000004 [ 161.971579][ T8524] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5176620 [ 161.972998][ T8526] team0: Unable to change to the same mode the team is in [ 161.973628][ T8524] RDX: 0000000000000001 RSI: 00000000f7480ff4 RDI: 0000000000000000 [ 161.977597][ T8524] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 161.979673][ T8524] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 161.979916][ T8526] team0: Port device vlan0 added [ 161.981724][ T8524] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 161.981740][ T8524] [ 161.981800][ C0] vkms_vblank_simulate: vblank timer overrun [ 162.117432][ T8530] syzkaller0: entered promiscuous mode [ 162.119024][ T8530] syzkaller0: entered allmulticast mode [ 162.122411][ T1154] syzkaller0: tun_net_xmit 48 [ 162.203140][ T8530] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 162.204832][ T8530] syzkaller0: Linktype set failed because interface is up [ 163.160743][ T8550] netlink: 'syz.3.653': attribute type 1 has an invalid length. [ 164.397644][ T5977] Bluetooth: hci3: command 0x0406 tx timeout [ 164.486634][ T8584] FAULT_INJECTION: forcing a failure. [ 164.486634][ T8584] name failslab, interval 1, probability 0, space 0, times 0 [ 164.490100][ T8584] CPU: 2 UID: 0 PID: 8584 Comm: syz.3.663 Not tainted 6.12.0-syzkaller-10681-g65ae975e97d5 #0 [ 164.492791][ T8584] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 164.495578][ T8584] Call Trace: [ 164.496482][ T8584] [ 164.497265][ T8584] dump_stack_lvl+0x16c/0x1f0 [ 164.498509][ T8584] should_fail_ex+0x497/0x5b0 [ 164.499741][ T8584] ? fs_reclaim_acquire+0xae/0x150 [ 164.501103][ T8584] should_failslab+0xc2/0x120 [ 164.502334][ T8584] __kmalloc_cache_noprof+0x68/0x420 [ 164.503719][ T8584] __xdp_reg_mem_model+0x135/0x680 [ 164.505104][ T8584] ? __pfx___xdp_reg_mem_model+0x10/0x10 [ 164.506561][ T8584] ? page_pool_list+0x262/0x2f0 [ 164.507838][ T8584] xdp_reg_mem_model+0x22/0x70 [ 164.509128][ T8584] bpf_test_run_xdp_live+0x1cc/0x500 [ 164.510538][ T8584] ? __pfx_bpf_test_run_xdp_live+0x10/0x10 [ 164.512069][ T8584] ? __pfx___lock_acquire+0x10/0x10 [ 164.513456][ T8584] ? __pfx_xdp_test_run_init_page+0x10/0x10 [ 164.515007][ T8584] ? find_held_lock+0x2d/0x110 [ 164.516272][ T8584] ? __might_fault+0xe3/0x190 [ 164.517536][ T8584] ? _copy_from_user+0x59/0xd0 [ 164.518808][ T8584] ? bpf_test_init.isra.0+0x111/0x150 [ 164.520210][ T8584] bpf_prog_test_run_xdp+0x827/0x1580 [ 164.521646][ T8584] ? lock_acquire+0x2f/0xb0 [ 164.522844][ T8584] ? __fget_files+0x40/0x3a0 [ 164.524074][ T8584] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 164.525621][ T8584] ? __fget_files+0x206/0x3a0 [ 164.526870][ T8584] ? fput+0x67/0x440 [ 164.527912][ T8584] ? __bpf_prog_get+0xa0/0x290 [ 164.529193][ T8584] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 164.530746][ T8584] __sys_bpf+0x1921/0x57a0 [ 164.531923][ T8584] ? __pfx_lock_release+0x10/0x10 [ 164.533267][ T8584] ? __pfx___sys_bpf+0x10/0x10 [ 164.534526][ T8584] ? vfs_write+0x306/0x1150 [ 164.535750][ T8584] ? __mutex_unlock_slowpath+0x164/0x690 [ 164.537257][ T8584] ? fput+0x67/0x440 [ 164.538287][ T8584] ? ksys_write+0x1ba/0x250 [ 164.539477][ T8584] ? __pfx_ksys_write+0x10/0x10 [ 164.540780][ T8584] __ia32_sys_bpf+0x76/0xe0 [ 164.541985][ T8584] __do_fast_syscall_32+0x73/0x120 [ 164.543323][ T8584] do_fast_syscall_32+0x32/0x80 [ 164.544627][ T8584] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 164.546278][ T8584] RIP: 0023:0xf73de579 [ 164.547347][ T8584] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 164.552373][ T8584] RSP: 002b:00000000f50c657c EFLAGS: 00000292 ORIG_RAX: 0000000000000165 [ 164.554548][ T8584] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000020000600 [ 164.556620][ T8584] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000 [ 164.558666][ T8584] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 164.560736][ T8584] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 164.562778][ T8584] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 164.564881][ T8584] [ 164.674792][ T8587] ucma_write: process 623 (syz.2.664) changed security contexts after opening file descriptor, this is not allowed. [ 164.719949][ T8598] openvswitch: netlink: Missing key (keys=40, expected=200000) [ 164.788832][ T8602] FAULT_INJECTION: forcing a failure. [ 164.788832][ T8602] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 164.792417][ T8602] CPU: 0 UID: 0 PID: 8602 Comm: syz.0.669 Not tainted 6.12.0-syzkaller-10681-g65ae975e97d5 #0 [ 164.795108][ T8602] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 164.797940][ T8602] Call Trace: [ 164.798834][ T8602] [ 164.799627][ T8602] dump_stack_lvl+0x16c/0x1f0 [ 164.800906][ T8602] should_fail_ex+0x497/0x5b0 [ 164.802165][ T8602] _copy_to_user+0x32/0xd0 [ 164.803357][ T8602] pagemap_read+0x536/0x880 [ 164.804599][ T8602] ? __pfx_pagemap_read+0x10/0x10 [ 164.805946][ T8602] ? __pfx_pagemap_read+0x10/0x10 [ 164.807287][ T8602] vfs_read+0x1df/0xbe0 [ 164.808414][ T8602] ? __fget_files+0x1fc/0x3a0 [ 164.809661][ T8602] ? __pfx_lock_release+0x10/0x10 [ 164.811012][ T8602] ? __pfx_vfs_read+0x10/0x10 [ 164.812269][ T8602] ? lock_acquire+0x2f/0xb0 [ 164.813491][ T8602] ? __fget_files+0x40/0x3a0 [ 164.814722][ T8602] ? __fget_files+0x206/0x3a0 [ 164.815971][ T8602] ksys_pread64+0x170/0x1a0 [ 164.817211][ T8602] ? __pfx_ksys_pread64+0x10/0x10 [ 164.818541][ T8602] __do_fast_syscall_32+0x73/0x120 [ 164.819902][ T8602] do_fast_syscall_32+0x32/0x80 [ 164.821213][ T8602] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 164.822878][ T8602] RIP: 0023:0xf747e579 [ 164.823961][ T8602] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 164.829587][ T8602] RSP: 002b:00000000f514557c EFLAGS: 00000292 ORIG_RAX: 00000000000000b4 [ 164.832473][ T8602] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000002001a240 [ 164.835173][ T8602] RDX: 0000000000019000 RSI: 0000000000100008 RDI: 0000000000000000 [ 164.837929][ T8602] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 164.840644][ T8602] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 164.843394][ T8602] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 164.845827][ T8602] [ 164.846861][ C0] vkms_vblank_simulate: vblank timer overrun [ 164.952735][ T8610] FAULT_INJECTION: forcing a failure. [ 164.952735][ T8610] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 164.956099][ T8610] CPU: 2 UID: 0 PID: 8610 Comm: syz.0.673 Not tainted 6.12.0-syzkaller-10681-g65ae975e97d5 #0 [ 164.958771][ T8610] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 164.961556][ T8610] Call Trace: [ 164.962413][ T8610] [ 164.963197][ T8610] dump_stack_lvl+0x16c/0x1f0 [ 164.964473][ T8610] should_fail_ex+0x497/0x5b0 [ 164.965733][ T8610] _copy_from_user+0x2e/0xd0 [ 164.966974][ T8610] kstrtouint_from_user+0xd7/0x1c0 [ 164.968321][ T8610] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 164.969851][ T8610] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 164.971355][ T8610] proc_fail_nth_write+0x84/0x250 [ 164.972711][ T8610] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 164.974198][ T8610] ? ksys_write+0x12b/0x250 [ 164.975362][ T8610] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 164.976855][ T8610] vfs_write+0x24c/0x1150 [ 164.978003][ T8610] ? __fget_files+0x1fc/0x3a0 [ 164.979254][ T8610] ? __pfx___mutex_lock+0x10/0x10 [ 164.980614][ T8610] ? __pfx_vfs_write+0x10/0x10 [ 164.981881][ T8610] ? __fget_files+0x206/0x3a0 [ 164.983101][ T8610] ksys_write+0x12b/0x250 [ 164.984254][ T8610] ? __pfx_ksys_write+0x10/0x10 [ 164.985656][ T8610] __do_fast_syscall_32+0x73/0x120 [ 164.987207][ T8610] do_fast_syscall_32+0x32/0x80 [ 164.988564][ T8610] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 164.990371][ T8610] RIP: 0023:0xf747e579 [ 164.991490][ T8610] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 164.996461][ T8610] RSP: 002b:00000000f51665b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000004 [ 164.998611][ T8610] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f5166620 [ 165.000697][ T8610] RDX: 0000000000000001 RSI: 00000000f7470ff4 RDI: 0000000000000000 [ 165.002762][ T8610] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 165.004857][ T8610] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 165.006911][ T8610] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 165.009005][ T8610] [ 165.029087][ T8618] FAULT_INJECTION: forcing a failure. [ 165.029087][ T8618] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 165.032468][ T8618] CPU: 1 UID: 0 PID: 8618 Comm: syz.1.676 Not tainted 6.12.0-syzkaller-10681-g65ae975e97d5 #0 [ 165.035078][ T8618] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 165.037849][ T8618] Call Trace: [ 165.038725][ T8618] [ 165.039502][ T8618] dump_stack_lvl+0x16c/0x1f0 [ 165.040723][ T8618] should_fail_ex+0x497/0x5b0 [ 165.041954][ T8618] _copy_to_user+0x32/0xd0 [ 165.043123][ T8618] bpf_test_finish.isra.0+0x52b/0x680 [ 165.044535][ T8618] ? lock_acquire+0x2f/0xb0 [ 165.045724][ T8618] ? __pfx_bpf_test_finish.isra.0+0x10/0x10 [ 165.047276][ T8618] ? _copy_from_user+0x59/0xd0 [ 165.048585][ T8618] bpf_prog_test_run_xdp+0xa13/0x1580 [ 165.049984][ T8618] ? lock_acquire+0x2f/0xb0 [ 165.051188][ T8618] ? __fget_files+0x40/0x3a0 [ 165.052408][ T8618] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 165.053929][ T8618] ? __fget_files+0x206/0x3a0 [ 165.055166][ T8618] ? fput+0x67/0x440 [ 165.056215][ T8618] ? __bpf_prog_get+0xa0/0x290 [ 165.057477][ T8618] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 165.058995][ T8618] __sys_bpf+0x1921/0x57a0 [ 165.060158][ T8618] ? __pfx_lock_release+0x10/0x10 [ 165.061475][ T8618] ? __pfx___sys_bpf+0x10/0x10 [ 165.062720][ T8618] ? vfs_write+0x306/0x1150 [ 165.063907][ T8618] ? __mutex_unlock_slowpath+0x164/0x690 [ 165.065395][ T8618] ? fput+0x67/0x440 [ 165.066424][ T8618] ? ksys_write+0x1ba/0x250 [ 165.067607][ T8618] ? __pfx_ksys_write+0x10/0x10 [ 165.068896][ T8618] __ia32_sys_bpf+0x76/0xe0 [ 165.070103][ T8618] __do_fast_syscall_32+0x73/0x120 [ 165.071485][ T8618] do_fast_syscall_32+0x32/0x80 [ 165.072768][ T8618] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 165.074415][ T8618] RIP: 0023:0xf748e579 [ 165.075480][ T8618] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 165.080431][ T8618] RSP: 002b:00000000f517657c EFLAGS: 00000292 ORIG_RAX: 0000000000000165 [ 165.082579][ T8618] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000020000500 [ 165.084628][ T8618] RDX: 000000000000000c RSI: 0000000000000000 RDI: 0000000000000000 [ 165.086667][ T8618] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 165.088733][ T8618] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 165.090791][ T8618] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 165.092847][ T8618] [ 165.835143][ C0] vkms_vblank_simulate: vblank timer overrun [ 166.025086][ C0] vkms_vblank_simulate: vblank timer overrun [ 167.344907][ T8663] loop2: detected capacity change from 0 to 7 [ 167.356123][ T8663] loop2: [CUMANA/ADFS] p1 [Linux] p2 [ADFS] p1 [Linux] p2 [ 167.359874][ T8663] loop2: partition table partially beyond EOD, truncated [ 167.363963][ T8663] loop2: p1 size 276741282 extends beyond EOD, truncated [ 167.372714][ T8663] loop2: p2 start 579963744 is beyond EOD, truncated [ 167.461084][ T7360] loop2: [CUMANA/ADFS] p1 [Linux] p2 [ADFS] p1 [Linux] p2 [ 167.463090][ T7360] loop2: partition table partially beyond EOD, truncated [ 167.465102][ T7360] loop2: p1 size 276741282 extends beyond EOD, truncated [ 167.470622][ T8668] team0: Port device vlan0 removed [ 167.477520][ T74] tipc: Resetting bearer [ 167.480754][ T8668] team0: Unable to change to the same mode the team is in [ 167.481186][ T7360] loop2: p2 start 579963744 is beyond EOD, truncated [ 167.484398][ T8668] team0: Port device vlan0 added [ 167.487144][ T8663] loop2: [CUMANA/ADFS] p1 [Linux] p2 [ADFS] p1 [Linux] p2 [ 167.489169][ T8663] loop2: partition table partially beyond EOD, truncated [ 167.489456][ T8668] tipc: Enabling of bearer rejected, already enabled [ 167.491067][ T8663] loop2: p1 size 276741282 extends beyond EOD, truncated [ 167.498391][ T7360] udevd[7360]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 167.502742][ T8663] loop2: p2 start 579963744 is beyond EOD, truncated [ 167.515370][ T5382] loop2: [CUMANA/ADFS] p1 [Linux] p2 [ADFS] p1 [Linux] p2 [ 167.517717][ T5382] loop2: partition table partially beyond EOD, truncated [ 167.519709][ T5382] loop2: p1 size 276741282 extends beyond EOD, truncated [ 167.522419][ T5382] loop2: p2 start 579963744 is beyond EOD, truncated [ 167.591599][ T8672] syzkaller0: entered promiscuous mode [ 167.593113][ T8672] syzkaller0: entered allmulticast mode [ 167.595820][ T74] syzkaller0: tun_net_xmit 48 [ 167.605558][ T8672] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 167.607324][ T8672] syzkaller0: Linktype set failed because interface is up [ 167.814818][ T39] kauditd_printk_skb: 5 callbacks suppressed [ 167.814837][ T39] audit: type=1326 audit(1732857408.435:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8654 comm="syz.3.687" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7fc00000 [ 167.826758][ T39] audit: type=1326 audit(1732857408.435:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8654 comm="syz.3.687" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf73de579 code=0x7fc00000 [ 167.832306][ T39] audit: type=1326 audit(1732857408.435:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8654 comm="syz.3.687" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7fc00000 [ 167.839269][ T39] audit: type=1326 audit(1732857408.435:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8654 comm="syz.3.687" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7fc00000 [ 167.845068][ T39] audit: type=1326 audit(1732857408.435:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8654 comm="syz.3.687" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7fc00000 [ 167.855310][ T39] audit: type=1326 audit(1732857408.435:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8654 comm="syz.3.687" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7fc00000 [ 167.861044][ T39] audit: type=1326 audit(1732857408.435:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8654 comm="syz.3.687" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7fc00000 [ 167.866860][ T39] audit: type=1326 audit(1732857408.435:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8654 comm="syz.3.687" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7fc00000 [ 167.872402][ T39] audit: type=1326 audit(1732857408.435:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8654 comm="syz.3.687" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7fc00000 [ 167.877902][ T39] audit: type=1326 audit(1732857408.435:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8654 comm="syz.3.687" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7fc00000 [ 168.280945][ T8686] netlink: 'syz.1.694': attribute type 1 has an invalid length. [ 168.285649][ T8686] __nla_validate_parse: 73 callbacks suppressed [ 168.285658][ T8686] netlink: 24 bytes leftover after parsing attributes in process `syz.1.694'. [ 168.738823][ T8676] tipc: Resetting bearer [ 168.749031][ T8677] team0: Unable to change to the same mode the team is in [ 168.752425][ T8678] team0: Port device vlan0 added [ 168.759788][ T8679] tipc: Enabling of bearer rejected, already enabled [ 169.638936][ T8724] netlink: 16 bytes leftover after parsing attributes in process `syz.2.705'. [ 169.750639][ T8726] FAULT_INJECTION: forcing a failure. [ 169.750639][ T8726] name failslab, interval 1, probability 0, space 0, times 0 [ 169.753953][ T8726] CPU: 2 UID: 0 PID: 8726 Comm: syz.3.706 Not tainted 6.12.0-syzkaller-10681-g65ae975e97d5 #0 [ 169.756629][ T8726] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 169.759707][ T8726] Call Trace: [ 169.760600][ T8726] [ 169.761382][ T8726] dump_stack_lvl+0x16c/0x1f0 [ 169.762625][ T8726] should_fail_ex+0x497/0x5b0 [ 169.763871][ T8726] ? fs_reclaim_acquire+0xae/0x150 [ 169.765224][ T8726] should_failslab+0xc2/0x120 [ 169.766465][ T8726] kmem_cache_alloc_node_noprof+0x72/0x3b0 [ 169.768007][ T8726] ? __alloc_skb+0x2b3/0x380 [ 169.769237][ T8726] __alloc_skb+0x2b3/0x380 [ 169.770408][ T8726] ? __pfx___alloc_skb+0x10/0x10 [ 169.771727][ T8726] ? rcu_is_watching+0x12/0xc0 [ 169.773016][ T8726] ? trace_kmem_cache_alloc+0x2d/0xd0 [ 169.774532][ T8726] ? kmem_cache_alloc_noprof+0x21b/0x3b0 [ 169.776037][ T8726] ? audit_log_start+0x2bc/0x7e0 [ 169.777508][ T8726] audit_log_start+0x2e1/0x7e0 [ 169.778906][ T8726] ? __pfx_audit_log_start+0x10/0x10 [ 169.780316][ T8726] ? __pfx_lock_release+0x10/0x10 [ 169.781646][ T8726] ? migrate_enable+0x1ef/0x260 [ 169.782997][ T8726] ? __pfx_migrate_enable+0x10/0x10 [ 169.784530][ T8726] audit_seccomp+0x61/0x280 [ 169.785777][ T8726] __seccomp_filter+0x816/0xf40 [ 169.787070][ T8726] ? __pfx___seccomp_filter+0x10/0x10 [ 169.788490][ T8726] ? fput+0x67/0x440 [ 169.789539][ T8726] ? ksys_write+0x1ba/0x250 [ 169.790769][ T8726] __secure_computing+0x26c/0x3f0 [ 169.792054][ T8726] syscall_trace_enter+0x8b/0x2c0 [ 169.793380][ T8726] __do_fast_syscall_32+0xc2/0x120 [ 169.794693][ T8726] do_fast_syscall_32+0x32/0x80 [ 169.795961][ T8726] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 169.797573][ T8726] RIP: 0023:0xf73de579 [ 169.798621][ T8726] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 169.804004][ T8726] RSP: 002b:00000000f50c657c EFLAGS: 00000292 ORIG_RAX: 00000000000001b6 [ 169.806182][ T8726] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000004 [ 169.808238][ T8726] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 169.810317][ T8726] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 169.811715][ T8729] netlink: 4 bytes leftover after parsing attributes in process `syz.1.707'. [ 169.812381][ T8726] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 169.812391][ T8726] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 169.812403][ T8726] [ 169.815773][ T8729] netlink: 4 bytes leftover after parsing attributes in process `syz.1.707'. [ 169.861344][ T8731] team0: Port device vlan0 removed [ 169.865352][ T45] tipc: Resetting bearer [ 169.872699][ T8731] team0: Unable to change to the same mode the team is in [ 169.873568][ T8733] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic [ 169.878203][ T8731] team0: Port device vlan0 added [ 169.885470][ T8731] tipc: Enabling of bearer rejected, already enabled [ 169.886521][ T6007] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 169.893590][ T8733] netlink: 20 bytes leftover after parsing attributes in process `syz.0.709'. [ 169.984577][ T8736] syzkaller0: entered promiscuous mode [ 169.986060][ T8736] syzkaller0: entered allmulticast mode [ 169.989151][ T1154] syzkaller0: tun_net_xmit 48 [ 170.001786][ T8736] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 170.003346][ T8736] syzkaller0: Linktype set failed because interface is up [ 170.026488][ T6007] usb 7-1: device descriptor read/64, error -71 [ 170.426481][ T6007] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 170.588953][ T6007] usb 7-1: device descriptor read/64, error -71 [ 170.699473][ T6007] usb usb7-port1: attempt power cycle [ 170.775609][ T8741] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 170.779386][ T8745] ceph: No mds server is up or the cluster is laggy [ 171.039221][ T6007] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 171.058011][ T6007] usb 7-1: device descriptor read/8, error -71 [ 171.296571][ T6007] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 171.316914][ T6007] usb 7-1: device descriptor read/8, error -71 [ 171.427009][ T6007] usb usb7-port1: unable to enumerate USB device [ 171.452368][ T8755] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117 [ 171.454200][ T8755] PKCS7: Only support pkcs7_signedData type [ 171.830765][ T8770] xt_time: invalid argument - start or stop time greater than 23:59:59 [ 171.837667][ T8772] FAULT_INJECTION: forcing a failure. [ 171.837667][ T8772] name failslab, interval 1, probability 0, space 0, times 0 [ 171.842050][ T8772] CPU: 3 UID: 0 PID: 8772 Comm: syz.1.718 Not tainted 6.12.0-syzkaller-10681-g65ae975e97d5 #0 [ 171.843834][ T8770] netlink: 'syz.3.715': attribute type 5 has an invalid length. [ 171.845346][ T8772] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 171.845360][ T8772] Call Trace: [ 171.845367][ T8772] [ 171.853565][ T8772] dump_stack_lvl+0x16c/0x1f0 [ 171.855213][ T8772] should_fail_ex+0x497/0x5b0 [ 171.855303][ T8770] binder: 8756:8770 ioctl c0306201 20000240 returned -22 [ 171.856683][ T8772] ? fs_reclaim_acquire+0xae/0x150 [ 171.856708][ T8772] should_failslab+0xc2/0x120 [ 171.856732][ T8772] kmem_cache_alloc_node_noprof+0x72/0x3b0 [ 171.864207][ T8772] ? __alloc_skb+0x2b3/0x380 [ 171.865894][ T8772] __alloc_skb+0x2b3/0x380 [ 171.867467][ T8772] ? __pfx___alloc_skb+0x10/0x10 [ 171.869385][ T8772] ? lock_acquire+0x2f/0xb0 [ 171.871060][ T8772] netlink_alloc_large_skb+0x69/0x130 [ 171.873139][ T8772] netlink_sendmsg+0x689/0xd70 [ 171.874889][ T8772] ? __pfx_netlink_sendmsg+0x10/0x10 [ 171.876834][ T8772] ____sys_sendmsg+0x9ae/0xb40 [ 171.878572][ T8772] ? __pfx_____sys_sendmsg+0x10/0x10 [ 171.880510][ T8772] ? get_compat_msghdr+0x11b/0x170 [ 171.882356][ T8772] ___sys_sendmsg+0x135/0x1e0 [ 171.884071][ T8772] ? __pfx____sys_sendmsg+0x10/0x10 [ 171.886051][ T8772] ? __pfx_lock_release+0x10/0x10 [ 171.887930][ T8772] ? trace_lock_acquire+0x146/0x1e0 [ 171.889826][ T8772] ? __fget_files+0x206/0x3a0 [ 171.891547][ T8772] __sys_sendmsg+0x16e/0x220 [ 171.893231][ T8772] ? __pfx___sys_sendmsg+0x10/0x10 [ 171.895092][ T8772] __do_fast_syscall_32+0x73/0x120 [ 171.896953][ T8772] do_fast_syscall_32+0x32/0x80 [ 171.898735][ T8772] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 171.901037][ T8772] RIP: 0023:0xf748e579 [ 171.902503][ T8772] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 171.909481][ T8772] RSP: 002b:00000000f517657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 171.912503][ T8772] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000940 [ 171.915469][ T8772] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 171.918303][ T8772] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 171.921249][ T8772] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 171.924065][ T8772] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 171.926903][ T8772] [ 172.026146][ T8778] netlink: 'syz.1.721': attribute type 1 has an invalid length. [ 172.028654][ T8778] netlink: 'syz.1.721': attribute type 2 has an invalid length. [ 172.139010][ T8782] BFS-fs: bfs_fill_super(): No BFS filesystem on nullb0 (magic=00000000) [ 172.870198][ T8800] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117 [ 172.872054][ T8800] PKCS7: Only support pkcs7_signedData type [ 173.110871][ T8818] FAULT_INJECTION: forcing a failure. [ 173.110871][ T8818] name failslab, interval 1, probability 0, space 0, times 0 [ 173.114348][ T8818] CPU: 1 UID: 0 PID: 8818 Comm: syz.3.731 Not tainted 6.12.0-syzkaller-10681-g65ae975e97d5 #0 [ 173.117157][ T8818] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 173.120027][ T8818] Call Trace: [ 173.120937][ T8818] [ 173.121736][ T8818] dump_stack_lvl+0x16c/0x1f0 [ 173.123019][ T8818] should_fail_ex+0x497/0x5b0 [ 173.124319][ T8818] ? fs_reclaim_acquire+0xae/0x150 [ 173.125700][ T8818] should_failslab+0xc2/0x120 [ 173.126988][ T8818] __kmalloc_cache_noprof+0x68/0x420 [ 173.128538][ T8818] ? rcu_is_watching+0x12/0xc0 [ 173.129840][ T8818] ? trace_kmalloc+0x2d/0xd0 [ 173.131103][ T8818] ? __pfx_free_modprobe_argv+0x10/0x10 [ 173.132594][ T8818] call_usermodehelper_setup+0x9a/0x340 [ 173.134079][ T8818] __request_module+0x3d6/0x6c0 [ 173.135386][ T8818] ? dev_load+0x221/0x240 [ 173.136564][ T8818] ? __pfx___request_module+0x10/0x10 [ 173.138004][ T8818] ? aa_get_newest_label+0x376/0x680 [ 173.139432][ T8818] ? __pfx_aa_get_newest_label+0x10/0x10 [ 173.140942][ T8818] ? apparmor_capable+0x114/0x1d0 [ 173.142291][ T8818] ? dev_load+0x1c0/0x240 [ 173.143453][ T8818] dev_load+0x221/0x240 [ 173.144592][ T8818] dev_ioctl+0x19c/0x10c0 [ 173.145757][ T8818] sock_ioctl+0x5b9/0x6c0 [ 173.146924][ T8818] ? __pfx_sock_ioctl+0x10/0x10 [ 173.148247][ T8818] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 173.149618][ T8818] compat_sock_ioctl+0x619/0x7e0 [ 173.150983][ T8818] ? __pfx_compat_sock_ioctl+0x10/0x10 [ 173.152489][ T8818] ? __fget_files+0x206/0x3a0 [ 173.153762][ T8818] ? __pfx_compat_sock_ioctl+0x10/0x10 [ 173.155226][ T8818] __do_compat_sys_ioctl+0x1cb/0x2c0 [ 173.156685][ T8818] __do_fast_syscall_32+0x73/0x120 [ 173.158106][ T8818] do_fast_syscall_32+0x32/0x80 [ 173.159433][ T8818] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 173.161126][ T8818] RIP: 0023:0xf73de579 [ 173.162221][ T8818] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 173.167319][ T8818] RSP: 002b:00000000f50c657c EFLAGS: 00000292 ORIG_RAX: 0000000000000036 [ 173.169499][ T8818] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000000089f3 [ 173.171492][ T8818] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 0000000000000000 [ 173.173511][ T8818] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 173.175600][ T8818] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 173.177680][ T8818] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 173.179719][ T8818] [ 173.463446][ T8829] netlink: 28 bytes leftover after parsing attributes in process `syz.2.734'. [ 174.077546][ T5977] Bluetooth: hci3: command 0x0406 tx timeout [ 174.089957][ T39] kauditd_printk_skb: 96 callbacks suppressed [ 174.089967][ T39] audit: type=1326 audit(1732857414.715:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8822 comm="syz.1.732" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7fc00000 [ 174.102434][ T39] audit: type=1326 audit(1732857414.715:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8822 comm="syz.1.732" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf748e579 code=0x7fc00000 [ 174.116584][ T39] audit: type=1326 audit(1732857414.715:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8822 comm="syz.1.732" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7fc00000 [ 174.136488][ T39] audit: type=1326 audit(1732857414.715:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8822 comm="syz.1.732" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7fc00000 [ 174.142074][ T39] audit: type=1326 audit(1732857414.715:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8822 comm="syz.1.732" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7fc00000 [ 174.162409][ T39] audit: type=1326 audit(1732857414.715:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8822 comm="syz.1.732" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7fc00000 [ 174.169476][ T39] audit: type=1326 audit(1732857414.715:291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8822 comm="syz.1.732" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7fc00000 [ 174.175158][ T39] audit: type=1326 audit(1732857414.715:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8822 comm="syz.1.732" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7fc00000 [ 174.182087][ T39] audit: type=1326 audit(1732857414.715:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8822 comm="syz.1.732" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7fc00000 [ 174.187648][ T39] audit: type=1326 audit(1732857414.715:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8822 comm="syz.1.732" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7fc00000 [ 174.837255][ T8856] team0: Port device vlan0 removed [ 174.841152][ T1135] tipc: Resetting bearer [ 174.846584][ T8856] team0: Unable to change to the same mode the team is in [ 174.850021][ T8856] team0: Port device vlan0 added [ 174.856780][ T8856] tipc: Enabling of bearer rejected, already enabled [ 174.974642][ T8858] syzkaller0: entered promiscuous mode [ 174.976792][ T8858] syzkaller0: entered allmulticast mode [ 174.985408][ T45] syzkaller0: tun_net_xmit 48 [ 175.010045][ T8858] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 175.011671][ T8858] syzkaller0: Linktype set failed because interface is up [ 175.367667][ T8862] netlink: 'syz.2.743': attribute type 1 has an invalid length. [ 175.371610][ T8862] netlink: 24 bytes leftover after parsing attributes in process `syz.2.743'. [ 176.468653][ T8872] team0: Port device vlan0 removed [ 176.472206][ T8874] team0: Unable to change to the same mode the team is in [ 176.477313][ T8875] team0: Port device vlan0 added [ 176.495550][ T8886] syzkaller0: entered promiscuous mode [ 176.497186][ T8886] syzkaller0: entered allmulticast mode [ 176.499506][ T1142] syzkaller0: tun_net_xmit 48 [ 177.973615][ T8914] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 178.352424][ T8921] netlink: 36 bytes leftover after parsing attributes in process `syz.3.755'. [ 178.488754][ T8929] loop2: detected capacity change from 0 to 7 [ 178.491962][ T8929] loop2: [CUMANA/ADFS] p1 [Linux] p2 [ADFS] p1 [Linux] p2 [ 178.493908][ T8929] loop2: partition table partially beyond EOD, truncated [ 178.496888][ T8929] loop2: p1 size 276741282 extends beyond EOD, truncated [ 178.499828][ T8929] loop2: p2 start 579963744 is beyond EOD, truncated [ 178.547818][ T7360] loop2: [CUMANA/ADFS] p1 [Linux] p2 [ADFS] p1 [Linux] p2 [ 178.549797][ T7360] loop2: partition table partially beyond EOD, truncated [ 178.551629][ T7360] loop2: p1 size 276741282 extends beyond EOD, truncated [ 178.554524][ T7360] loop2: p2 start 579963744 is beyond EOD, truncated [ 178.561564][ T8929] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-16) [ 178.749283][ T5382] loop2: [CUMANA/ADFS] p1 [Linux] p2 [ADFS] p1 [Linux] p2 [ 178.751211][ T5382] loop2: partition table partially beyond EOD, truncated [ 178.753081][ T5382] loop2: p1 size 276741282 extends beyond EOD, truncated [ 178.755385][ T5382] loop2: p2 start 579963744 is beyond EOD, truncated [ 178.987314][ T8941] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117 [ 178.989041][ T8941] PKCS7: Only support pkcs7_signedData type [ 178.993499][ T8941] netlink: 40 bytes leftover after parsing attributes in process `syz.0.759'. [ 178.997134][ T8941] netlink: 40 bytes leftover after parsing attributes in process `syz.0.759'. [ 179.050365][ T5977] Bluetooth: hci3: unexpected event for opcode 0x2043 [ 181.151347][ T8985] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117 [ 181.153133][ T8985] PKCS7: Only support pkcs7_signedData type [ 181.169360][ T8985] netlink: 40 bytes leftover after parsing attributes in process `syz.0.769'. [ 181.174031][ T8985] netlink: 40 bytes leftover after parsing attributes in process `syz.0.769'. [ 181.212699][ T8986] loop2: detected capacity change from 0 to 7 [ 181.223269][ T8986] loop2: [CUMANA/ADFS] p1 [Linux] p2 [ADFS] p1 [Linux] p2 [ 181.225576][ T8986] loop2: partition table partially beyond EOD, truncated [ 181.231538][ T8986] loop2: p1 size 276741282 extends beyond EOD, truncated [ 181.246657][ T8986] loop2: p2 start 579963744 is beyond EOD, truncated [ 181.326740][ T8986] loop2: [CUMANA/ADFS] p1 [Linux] p2 [ADFS] p1 [Linux] p2 [ 181.329842][ T8986] loop2: partition table partially beyond EOD, truncated [ 181.333092][ T8986] loop2: p1 size 276741282 extends beyond EOD, truncated [ 181.337313][ T8986] loop2: p2 start 579963744 is beyond EOD, truncated [ 181.635571][ T8995] netlink: 4 bytes leftover after parsing attributes in process `syz.3.770'. [ 181.659677][ T8994] afs: Unknown parameter 'fƒfC½üapwal' [ 182.069188][ T9008] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117 [ 182.071011][ T9008] PKCS7: Only support pkcs7_signedData type [ 182.082922][ T9008] netlink: 40 bytes leftover after parsing attributes in process `syz.2.776'. [ 182.087130][ T9008] netlink: 40 bytes leftover after parsing attributes in process `syz.2.776'. [ 182.203342][ T9010] team0: Port device vlan0 removed [ 182.211335][ T8995] orangefs_mount: mount request failed with -4 [ 182.217238][ T45] tipc: Resetting bearer [ 182.238779][ T9010] team0: Unable to change to the same mode the team is in [ 182.243031][ T9010] team0: Port device vlan0 added [ 182.354522][ T9014] syzkaller0: entered promiscuous mode [ 182.356307][ T9014] syzkaller0: entered allmulticast mode [ 182.360852][ T74] syzkaller0: tun_net_xmit 48 [ 182.412666][ T9014] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 182.414291][ T9014] syzkaller0: Linktype set failed because interface is up [ 182.657240][ T1329] libceph: connect (1)[c::]:6789 error -101 [ 182.659115][ T1329] libceph: mon0 (1)[c::]:6789 connect error [ 182.836897][ T9019] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 182.847932][ T9020] ceph: No mds server is up or the cluster is laggy [ 183.888743][ T9045] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117 [ 183.890525][ T9045] PKCS7: Only support pkcs7_signedData type [ 184.643293][ T9056] netlink: 36 bytes leftover after parsing attributes in process `syz.2.790'. [ 184.876561][ T5977] Bluetooth: hci0: command 0x1407 tx timeout [ 185.080036][ T9075] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117 [ 185.080250][ T9074] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117 [ 185.081781][ T9075] PKCS7: Only support pkcs7_signedData type [ 185.083318][ T9074] PKCS7: Only support pkcs7_signedData type [ 185.482468][ T9084] netlink: 36 bytes leftover after parsing attributes in process `syz.3.799'. [ 185.564317][ T9082] BFS-fs: bfs_fill_super(): No BFS filesystem on nullb0 (magic=00000000) [ 186.340116][ T9105] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117 [ 186.341879][ T9105] PKCS7: Only support pkcs7_signedData type [ 186.876479][ T5977] Bluetooth: hci1: command 0x0406 tx timeout [ 186.992228][ T9119] team0: Port device vlan0 removed [ 186.996683][ T12] tipc: Resetting bearer [ 187.004425][ T9120] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117 [ 187.006187][ T9120] PKCS7: Only support pkcs7_signedData type [ 187.006210][ T9119] team0: Unable to change to the same mode the team is in [ 187.018846][ T9119] team0: Port device vlan0 added [ 187.024163][ T9119] tipc: Enabling of bearer rejected, already enabled [ 187.053921][ T9119] syzkaller0: entered promiscuous mode [ 187.055451][ T9119] syzkaller0: entered allmulticast mode [ 187.061139][ T97] syzkaller0: tun_net_xmit 48 [ 187.065704][ T9119] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 187.067949][ T9119] syzkaller0: Linktype set failed because interface is up [ 187.278082][ T9123] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117 [ 187.279956][ T9123] PKCS7: Only support pkcs7_signedData type [ 187.499265][ T9131] netlink: 28 bytes leftover after parsing attributes in process `syz.1.812'. [ 187.511533][ T9130] netlink: 'syz.0.813': attribute type 1 has an invalid length. [ 187.513665][ T9130] netlink: 24 bytes leftover after parsing attributes in process `syz.0.813'. [ 187.608227][ T5977] Bluetooth: hci2: command 0x0406 tx timeout [ 188.647433][ T9148] netlink: 36 bytes leftover after parsing attributes in process `syz.3.817'. [ 188.741896][ T9154] loop2: detected capacity change from 0 to 7 [ 188.743848][ T9154] Dev loop2: unable to read RDB block 7 [ 188.745344][ T9154] loop2: unable to read partition table [ 188.747666][ T9154] loop2: partition table beyond EOD, truncated [ 188.749370][ T9154] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 188.818371][ T5964] Dev loop2: unable to read RDB block 7 [ 188.819894][ T5964] loop2: unable to read partition table [ 188.821448][ T5964] loop2: partition table beyond EOD, truncated [ 188.823616][ T9154] Dev loop2: unable to read RDB block 7 [ 188.825113][ T9154] loop2: unable to read partition table [ 188.828915][ T9154] loop2: partition table beyond EOD, truncated [ 188.836712][ T9154] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 188.842004][ T5382] Dev loop2: unable to read RDB block 7 [ 188.843501][ T5382] loop2: unable to read partition table [ 188.845049][ T5382] loop2: partition table beyond EOD, truncated [ 190.621431][ T9191] team0: Port device vlan0 removed [ 190.625205][ T9194] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117 [ 190.627259][ T9194] PKCS7: Only support pkcs7_signedData type [ 190.629461][ T12] tipc: Resetting bearer [ 190.632070][ T9194] netlink: 48 bytes leftover after parsing attributes in process `syz.1.826'. [ 190.634711][ T9194] netlink: 48 bytes leftover after parsing attributes in process `syz.1.826'. [ 190.635970][ T9191] team0: Unable to change to the same mode the team is in [ 190.644448][ T9191] team0: Port device vlan0 added [ 190.647644][ T9191] tipc: Enabling of bearer rejected, already enabled [ 190.671184][ T9191] syzkaller0: entered promiscuous mode [ 190.672875][ T9191] syzkaller0: entered allmulticast mode [ 190.675106][ T1135] syzkaller0: tun_net_xmit 48 [ 190.680124][ T9191] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 190.681891][ T9191] syzkaller0: Linktype set failed because interface is up [ 191.795604][ T9209] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117 [ 191.797594][ T9209] PKCS7: Only support pkcs7_signedData type [ 191.916605][ T5977] Bluetooth: hci1: command 0x0406 tx timeout [ 192.131743][ T9223] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117 [ 192.133643][ T9223] PKCS7: Only support pkcs7_signedData type [ 193.011431][ T9235] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117 [ 193.013251][ T9235] PKCS7: Only support pkcs7_signedData type [ 193.021181][ T9235] netlink: 48 bytes leftover after parsing attributes in process `syz.2.840'. [ 193.024690][ T9235] netlink: 48 bytes leftover after parsing attributes in process `syz.2.840'. [ 193.078563][ T9237] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 193.229380][ T9247] 9pnet_fd: Insufficient options for proto=fd [ 193.338006][ T9253] team0: Port device vlan0 removed [ 193.344585][ T97] tipc: Resetting bearer [ 193.354882][ T9253] team0: Unable to change to the same mode the team is in [ 193.371089][ T9253] team0: Port device vlan0 added [ 193.379317][ T9253] tipc: Enabling of bearer rejected, already enabled [ 193.462465][ T9253] syzkaller0: entered promiscuous mode [ 193.467910][ T9253] syzkaller0: entered allmulticast mode [ 193.495076][ T9265] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 193.497057][ T9265] syzkaller0: Linktype set failed because interface is up [ 193.505374][ T1142] syzkaller0: tun_net_xmit 48 [ 193.609952][ T1414] ieee802154 phy0 wpan0: encryption failed: -22 [ 193.611668][ T1414] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.021027][ T39] kauditd_printk_skb: 147 callbacks suppressed [ 194.021037][ T39] audit: type=1800 audit(1732857434.645:442): pid=9273 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.849" name="/" dev="9p" ino=2 res=0 errno=0 [ 195.594462][ T9310] FAULT_INJECTION: forcing a failure. [ 195.594462][ T9310] name failslab, interval 1, probability 0, space 0, times 0 [ 195.598690][ T9310] CPU: 2 UID: 0 PID: 9310 Comm: syz.2.853 Not tainted 6.12.0-syzkaller-10681-g65ae975e97d5 #0 [ 195.601359][ T9310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 195.604151][ T9310] Call Trace: [ 195.605041][ T9310] [ 195.605934][ T9310] dump_stack_lvl+0x16c/0x1f0 [ 195.607142][ T9310] should_fail_ex+0x497/0x5b0 [ 195.608401][ T9310] ? fs_reclaim_acquire+0xae/0x150 [ 195.609819][ T9310] should_failslab+0xc2/0x120 [ 195.611070][ T9310] __kmalloc_noprof+0xce/0x4f0 [ 195.612345][ T9310] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 195.613810][ T9310] ? tomoyo_realpath_from_path+0xbf/0x710 [ 195.615305][ T9310] tomoyo_realpath_from_path+0xbf/0x710 [ 195.616772][ T9310] ? tomoyo_path_number_perm+0x235/0x5b0 [ 195.618243][ T9310] tomoyo_path_number_perm+0x248/0x5b0 [ 195.619675][ T9310] ? tomoyo_path_number_perm+0x235/0x5b0 [ 195.621164][ T9310] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 195.622745][ T9310] ? __pfx_lock_release+0x10/0x10 [ 195.624076][ T9310] ? trace_lock_acquire+0x146/0x1e0 [ 195.625449][ T9310] ? lock_acquire+0x2f/0xb0 [ 195.626648][ T9310] ? __fget_files+0x40/0x3a0 [ 195.627880][ T9310] ? __fget_files+0x206/0x3a0 [ 195.629120][ T9310] security_file_ioctl_compat+0x9b/0x240 [ 195.630597][ T9310] __do_compat_sys_ioctl+0x4e/0x2c0 [ 195.631955][ T9310] __do_fast_syscall_32+0x73/0x120 [ 195.633287][ T9310] do_fast_syscall_32+0x32/0x80 [ 195.634565][ T9310] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 195.636213][ T9310] RIP: 0023:0xf7f37579 [ 195.637276][ T9310] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 195.642263][ T9310] RSP: 002b:00000000f50b657c EFLAGS: 00000292 ORIG_RAX: 0000000000000036 [ 195.644430][ T9310] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0686611 [ 195.646452][ T9310] RDX: 0000000020000180 RSI: 0000000000000000 RDI: 0000000000000000 [ 195.648496][ T9310] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 195.650546][ T9310] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 195.652604][ T9310] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 195.654671][ T9310] [ 195.659906][ T9310] ERROR: Out of memory at tomoyo_realpath_from_path. [ 195.723826][ T9319] netlink: 36 bytes leftover after parsing attributes in process `syz.3.857'. [ 195.910345][ T9335] FAULT_INJECTION: forcing a failure. [ 195.910345][ T9335] name failslab, interval 1, probability 0, space 0, times 0 [ 195.914735][ T9335] CPU: 2 UID: 0 PID: 9335 Comm: syz.2.862 Not tainted 6.12.0-syzkaller-10681-g65ae975e97d5 #0 [ 195.917425][ T9335] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 195.920220][ T9335] Call Trace: [ 195.921102][ T9335] [ 195.921881][ T9335] dump_stack_lvl+0x16c/0x1f0 [ 195.923419][ T9335] should_fail_ex+0x497/0x5b0 [ 195.925040][ T9335] ? fs_reclaim_acquire+0xae/0x150 [ 195.926597][ T9335] should_failslab+0xc2/0x120 [ 195.928089][ T9335] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 195.929951][ T9335] ? __break_lease+0xd3/0x17e0 [ 195.931618][ T9335] __break_lease+0xd3/0x17e0 [ 195.932907][ T9335] ? make_vfsuid+0xf1/0x140 [ 195.934156][ T9335] ? __pfx_make_vfsuid+0x10/0x10 [ 195.935852][ T9335] ? trace_lock_acquire+0x146/0x1e0 [ 195.937646][ T9335] ? __pfx___break_lease+0x10/0x10 [ 195.939037][ T9335] ? mnt_get_write_access+0x6a/0x300 [ 195.940448][ T9335] ? make_vfsgid+0xf2/0x140 [ 195.941761][ T9335] ? generic_permission+0xad/0x7d0 [ 195.943107][ T9335] ? bpf_lsm_inode_permission+0x9/0x10 [ 195.944797][ T9335] ? security_inode_permission+0xbf/0x260 [ 195.946591][ T9335] ? inode_permission+0xdd/0x5f0 [ 195.948017][ T9335] vfs_truncate+0x32e/0x4e0 [ 195.949587][ T9335] __ia32_compat_sys_truncate+0x173/0x1e0 [ 195.951241][ T9335] ? __pfx___ia32_compat_sys_truncate+0x10/0x10 [ 195.952900][ T9335] do_int80_emulation+0x104/0x200 [ 195.954227][ T9335] asm_int80_emulation+0x1a/0x20 [ 195.955647][ T9335] RIP: 0023:0xf7f37579 [ 195.957023][ T9335] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 195.962960][ T9335] RSP: 002b:00000000f509557c EFLAGS: 00000292 ORIG_RAX: 000000000000005c [ 195.965636][ T9335] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 0000000000000000 [ 195.967717][ T9335] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 195.969806][ T9335] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 195.971880][ T9335] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 195.973959][ T9335] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 195.976039][ T9335] [ 195.976996][ C2] vkms_vblank_simulate: vblank timer overrun [ 196.018136][ T9337] netlink: zone id is out of range [ 196.129482][ T9341] xt_time: invalid argument - start or stop time greater than 23:59:59 [ 196.333129][ T9340] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117 [ 196.334929][ T9340] PKCS7: Only support pkcs7_signedData type [ 196.428668][ T9340] netlink: 48 bytes leftover after parsing attributes in process `syz.0.863'. [ 196.433310][ T9340] netlink: 48 bytes leftover after parsing attributes in process `syz.0.863'. [ 196.775233][ T9350] netlink: 36 bytes leftover after parsing attributes in process `syz.3.867'. [ 196.783121][ T9348] netlink: 48 bytes leftover after parsing attributes in process `syz.2.866'. [ 196.837022][ T6004] usb 6-1: new full-speed USB device number 9 using dummy_hcd [ 196.991963][ T6004] usb 6-1: unable to get BOS descriptor or descriptor too short [ 196.995208][ T6004] usb 6-1: unable to read config index 0 descriptor/start: -71 [ 196.997620][ T6004] usb 6-1: can't read configurations, error -71 [ 197.057614][ T9347] dccp_close: ABORT with 46467 bytes unread [ 197.472059][ T9369] ================================================================== [ 197.474251][ T9369] BUG: KASAN: vmalloc-out-of-bounds in push_insn_history+0x615/0x690 [ 197.476492][ T9369] Write of size 4 at addr ffffc90022231010 by task syz.0.871/9369 [ 197.479170][ T9369] [ 197.480279][ T9369] CPU: 3 UID: 0 PID: 9369 Comm: syz.0.871 Not tainted 6.12.0-syzkaller-10681-g65ae975e97d5 #0 [ 197.483241][ T9369] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 197.486092][ T9369] Call Trace: [ 197.486989][ T9369] [ 197.487786][ T9369] dump_stack_lvl+0x116/0x1f0 [ 197.489061][ T9369] print_report+0xc3/0x620 [ 197.490255][ T9369] ? __virt_addr_valid+0x5e/0x590 [ 197.491630][ T9369] kasan_report+0xd9/0x110 [ 197.492833][ T9369] ? push_insn_history+0x615/0x690 [ 197.494202][ T9369] ? push_insn_history+0x615/0x690 [ 197.495575][ T9369] push_insn_history+0x615/0x690 [ 197.496927][ T9369] do_check_common+0xb78/0xd540 [ 197.498235][ T9369] ? lockdep_hardirqs_on+0x7c/0x110 [ 197.499619][ T9369] ? __pfx_do_check_common+0x10/0x10 [ 197.501042][ T9369] ? kvfree+0x47/0x50 [ 197.502125][ T9369] ? check_cfg+0x403/0x840 [ 197.503319][ T9369] bpf_check+0x77c2/0xc9b0 [ 197.504719][ T9369] ? hlock_class+0x4e/0x130 [ 197.505971][ T9369] ? __pfx_bpf_check+0x10/0x10 [ 197.507277][ T9369] ? find_held_lock+0x2d/0x110 [ 197.508588][ T9369] ? bpf_prog_load+0xd45/0x2670 [ 197.509904][ T9369] ? __pfx_lock_release+0x10/0x10 [ 197.511269][ T9369] ? trace_lock_acquire+0x146/0x1e0 [ 197.512688][ T9369] ? bpf_prog_load+0xd45/0x2670 [ 197.514005][ T9369] ? lockdep_hardirqs_on+0x7c/0x110 [ 197.515402][ T9369] ? read_tsc+0x9/0x20 [ 197.516515][ T9369] ? ktime_get_with_offset+0x20f/0x3a0 [ 197.517977][ T9369] ? bpf_obj_name_cpy+0x156/0x1b0 [ 197.519322][ T9369] bpf_prog_load+0xe3f/0x2670 [ 197.520601][ T9369] ? __pfx_bpf_prog_load+0x10/0x10 [ 197.521984][ T9369] ? find_held_lock+0x2d/0x110 [ 197.523274][ T9369] ? __might_fault+0x13b/0x190 [ 197.524572][ T9369] ? __might_fault+0xe3/0x190 [ 197.525835][ T9369] __sys_bpf+0x5677/0x57a0 [ 197.527036][ T9369] ? __pfx___sys_bpf+0x10/0x10 [ 197.528330][ T9369] ? do_futex+0x123/0x350 [ 197.529493][ T9369] ? __pfx_do_futex+0x10/0x10 [ 197.530761][ T9369] ? xfd_validate_state+0x5d/0x180 [ 197.532164][ T9369] ? rcu_is_watching+0x12/0xc0 [ 197.533422][ T9369] __ia32_sys_bpf+0x76/0xe0 [ 197.534664][ T9369] __do_fast_syscall_32+0x73/0x120 [ 197.536018][ T9369] do_fast_syscall_32+0x32/0x80 [ 197.537328][ T9369] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 197.539007][ T9369] RIP: 0023:0xf747e579 [ 197.540111][ T9369] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 197.545190][ T9369] RSP: 002b:00000000f516657c EFLAGS: 00000292 ORIG_RAX: 0000000000000165 [ 197.547396][ T9369] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200017c0 [ 197.549502][ T9369] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000 [ 197.551608][ T9369] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 197.553713][ T9369] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 197.555822][ T9369] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 197.557934][ T9369] [ 197.558772][ T9369] [ 197.559425][ T9369] The buggy address belongs to the virtual mapping at [ 197.559425][ T9369] [ffffc90022211000, ffffc90022233000) created by: [ 197.559425][ T9369] kvrealloc_noprof+0xfc/0x150 [ 197.564062][ T9369] [ 197.564715][ T9369] The buggy address belongs to the physical page: [ 197.566392][ T9369] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x18 pfn:0x4c130 [ 197.568729][ T9369] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff) [ 197.570645][ T9369] raw: 04fff00000000000 0000000000000000 dead000000000122 0000000000000000 [ 197.572908][ T9369] raw: 0000000000000018 0000000000000000 00000001ffffffff 0000000000000000 [ 197.575173][ T9369] page dumped because: kasan: bad access detected [ 197.576886][ T9369] page_owner tracks the page as allocated [ 197.578399][ T9369] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x102cc2(GFP_HIGHUSER|__GFP_NOWARN), pid 9369, tgid 9368 (syz.0.871), ts 197471972391, free_ts 197314740990 [ 197.582872][ T9369] post_alloc_hook+0x2d1/0x350 [ 197.584174][ T9369] get_page_from_freelist+0xfce/0x2f80 [ 197.585632][ T9369] __alloc_pages_noprof+0x6a6/0x25a0 [ 197.587049][ T9369] alloc_pages_mpol_noprof+0x2c9/0x610 [ 197.588513][ T9369] __vmalloc_node_range_noprof+0x724/0x1530 [ 197.590098][ T9369] __kvmalloc_node_noprof+0x14f/0x1a0 [ 197.591547][ T9369] kvrealloc_noprof+0xfc/0x150 [ 197.592827][ T9369] push_insn_history+0x2ac/0x690 [ 197.594149][ T9369] do_check_common+0xb78/0xd540 [ 197.595443][ T9369] bpf_check+0x77c2/0xc9b0 [ 197.596647][ T9369] bpf_prog_load+0xe3f/0x2670 [ 197.597910][ T9369] __sys_bpf+0x5677/0x57a0 [ 197.599108][ T9369] __ia32_sys_bpf+0x76/0xe0 [ 197.600421][ T9369] __do_fast_syscall_32+0x73/0x120 [ 197.601823][ T9369] do_fast_syscall_32+0x32/0x80 [ 197.603145][ T9369] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 197.604856][ T9369] page last free pid 114 tgid 114 stack trace: [ 197.606488][ T9369] free_unref_folios+0xa7b/0x14f0 [ 197.607846][ T9369] shrink_folio_list+0x3468/0x42d0 [ 197.609234][ T9369] evict_folios+0x6e3/0x19c0 [ 197.610501][ T9369] try_to_shrink_lruvec+0x61e/0xa80 [ 197.611897][ T9369] shrink_one+0x3e3/0x7b0 [ 197.613041][ T9369] shrink_node+0xbf0/0x3f20 [ 197.614254][ T9369] balance_pgdat+0xc1f/0x18f0 [ 197.615515][ T9369] kswapd+0x5f8/0xc30 [ 197.616596][ T9369] kthread+0x2c1/0x3a0 [ 197.617689][ T9369] ret_from_fork+0x45/0x80 [ 197.618881][ T9369] ret_from_fork_asm+0x1a/0x30 [ 197.620169][ T9369] [ 197.620812][ T9369] Memory state around the buggy address: [ 197.622300][ T9369] ffffc90022230f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 197.624423][ T9369] ffffc90022230f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 197.626485][ T9369] >ffffc90022231000: 00 00 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 197.628541][ T9369] ^ [ 197.629751][ T9369] ffffc90022231080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 197.631719][ T9369] ffffc90022231100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 197.633741][ T9369] ================================================================== [ 197.639957][ T9369] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 197.641850][ T9369] CPU: 0 UID: 0 PID: 9369 Comm: syz.0.871 Not tainted 6.12.0-syzkaller-10681-g65ae975e97d5 #0 [ 197.644455][ T9369] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 197.647125][ T9369] Call Trace: [ 197.647944][ T9369] [ 197.648664][ T9369] dump_stack_lvl+0x3d/0x1f0 [ 197.649817][ T9369] panic+0x71d/0x800 [ 197.650823][ T9369] ? __pfx_panic+0x10/0x10 [ 197.651958][ T9369] ? preempt_schedule_thunk+0x1a/0x30 [ 197.653406][ T9369] ? preempt_schedule_common+0x44/0xc0 [ 197.654801][ T9369] check_panic_on_warn+0xab/0xb0 [ 197.656033][ T9369] end_report+0x117/0x180 [ 197.657198][ T9369] kasan_report+0xe9/0x110 [ 197.658360][ T9369] ? push_insn_history+0x615/0x690 [ 197.659607][ T9369] ? push_insn_history+0x615/0x690 [ 197.660863][ T9369] push_insn_history+0x615/0x690 [ 197.662069][ T9369] do_check_common+0xb78/0xd540 [ 197.663245][ T9369] ? lockdep_hardirqs_on+0x7c/0x110 [ 197.664511][ T9369] ? __pfx_do_check_common+0x10/0x10 [ 197.665794][ T9369] ? kvfree+0x47/0x50 [ 197.666797][ T9369] ? check_cfg+0x403/0x840 [ 197.667881][ T9369] bpf_check+0x77c2/0xc9b0 [ 197.668982][ T9369] ? hlock_class+0x4e/0x130 [ 197.670100][ T9369] ? __pfx_bpf_check+0x10/0x10 [ 197.671276][ T9369] ? find_held_lock+0x2d/0x110 [ 197.672452][ T9369] ? bpf_prog_load+0xd45/0x2670 [ 197.673647][ T9369] ? __pfx_lock_release+0x10/0x10 [ 197.674856][ T9369] ? trace_lock_acquire+0x146/0x1e0 [ 197.676147][ T9369] ? bpf_prog_load+0xd45/0x2670 [ 197.677329][ T9369] ? lockdep_hardirqs_on+0x7c/0x110 [ 197.678582][ T9369] ? read_tsc+0x9/0x20 [ 197.679579][ T9369] ? ktime_get_with_offset+0x20f/0x3a0 [ 197.680872][ T9369] ? bpf_obj_name_cpy+0x156/0x1b0 [ 197.682110][ T9369] bpf_prog_load+0xe3f/0x2670 [ 197.683345][ T9369] ? __pfx_bpf_prog_load+0x10/0x10 [ 197.684695][ T9369] ? find_held_lock+0x2d/0x110 [ 197.685946][ T9369] ? __might_fault+0x13b/0x190 [ 197.687199][ T9369] ? __might_fault+0xe3/0x190 [ 197.688405][ T9369] __sys_bpf+0x5677/0x57a0 [ 197.689563][ T9369] ? __pfx___sys_bpf+0x10/0x10 [ 197.690819][ T9369] ? do_futex+0x123/0x350 [ 197.691946][ T9369] ? __pfx_do_futex+0x10/0x10 [ 197.693187][ T9369] ? xfd_validate_state+0x5d/0x180 [ 197.694511][ T9369] ? rcu_is_watching+0x12/0xc0 [ 197.695753][ T9369] __ia32_sys_bpf+0x76/0xe0 [ 197.696941][ T9369] __do_fast_syscall_32+0x73/0x120 [ 197.698269][ T9369] do_fast_syscall_32+0x32/0x80 [ 197.699542][ T9369] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 197.701182][ T9369] RIP: 0023:0xf747e579 [ 197.702245][ T9369] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 197.707146][ T9369] RSP: 002b:00000000f516657c EFLAGS: 00000292 ORIG_RAX: 0000000000000165 [ 197.709300][ T9369] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200017c0 [ 197.711353][ T9369] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000 [ 197.713412][ T9369] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 197.715448][ T9369] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 197.717459][ T9369] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 197.719452][ T9369] [ 197.720966][ T9369] Kernel Offset: disabled [ 197.722077][ T9369] Rebooting in 86400 seconds.. VM DIAGNOSIS: 05:17:18 Registers: info registers vcpu 0 CPU#0 RAX=000000000061a865 RBX=0000000000000000 RCX=ffffffff8b20bd79 RDX=0000000000000000 RSI=ffffffff8b6cd8a0 RDI=ffffffff8bd168e0 RBP=fffffbfff1b92f00 RSP=ffffffff8dc07e20 R8 =0000000000000001 R9 =ffffed1005686fed R10=ffff88802b437f6b R11=0000000000000000 R12=0000000000000000 R13=ffffffff8dc97800 R14=ffffffff903e40d0 R15=0000000000000000 RIP=ffffffff8b20d15f RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b400000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000020b7e000 CR3=000000007450a000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000039d6f2d2 RBX=000000009e21999f RCX=0000000000000010 RDX=ffffc9000103f070 RSI=000000009e21999f RDI=0000000046b80027 RBP=0000000000000001 RSP=ffffc9000103efd8 R8 =ffffffff90c96cbc R9 =00000000f30227ce R10=ffffc9000103ef08 R11=000000000000004f R12=0000000000002800 R13=ffffc9000103f058 R14=000000000000000b R15=000000000000000b RIP=ffffffff84bdc51c RFL=00000216 [----AP-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b500000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f73c6f74 CR3=000000007450a000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=ffffffff813d0cd0 RBX=0000000000000001 RCX=ffffc90025961000 RDX=dffffc0000000000 RSI=ffffffff8182030d RDI=ffff88802b63fe50 RBP=0000000000000004 RSP=ffffc9000df5f670 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000002 R12=ffffffff81820a04 R13=0000000000000003 R14=ffff88802b63fe50 R15=ffff88802b63fe40 RIP=ffffffff81820338 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b600000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007ff693346bce CR3=000000007450a000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 ZMM17=7fb9cbd560972373 42c13c444d4ce1fa 7fb9cbd560972373 42c13c444d4ce1fa 7fb9cbd560972373 42c13c444d4ce1fa 7fb9cbd560972373 42c13c444d4ce1fa ZMM18=154fb281cca3cbe9 38e3ad3ef017f0f1 154fb281cca3cbe9 38e3ad3ef017f0f1 154fb281cca3cbe9 38e3ad3ef017f0f1 154fb281cca3cbe9 38e3ad3ef017f0f1 ZMM19=dd07000000000000 0000000000000011 dd07000000000000 0000000000000010 dd07000000000000 000000000000000f dd07000000000000 000000000000000e ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 ZMM21=42c13c4442c13c44 42c13c4442c13c44 42c13c4442c13c44 42c13c4442c13c44 42c13c4442c13c44 42c13c4442c13c44 42c13c4442c13c44 42c13c4442c13c44 ZMM22=6097237360972373 6097237360972373 6097237360972373 6097237360972373 6097237360972373 6097237360972373 6097237360972373 6097237360972373 ZMM23=7fb9cbd57fb9cbd5 7fb9cbd57fb9cbd5 7fb9cbd57fb9cbd5 7fb9cbd57fb9cbd5 7fb9cbd57fb9cbd5 7fb9cbd57fb9cbd5 7fb9cbd57fb9cbd5 7fb9cbd57fb9cbd5 ZMM24=f017f0f1f017f0f1 f017f0f1f017f0f1 f017f0f1f017f0f1 f017f0f1f017f0f1 f017f0f1f017f0f1 f017f0f1f017f0f1 f017f0f1f017f0f1 f017f0f1f017f0f1 ZMM25=38e3ad3e38e3ad3e 38e3ad3e38e3ad3e 38e3ad3e38e3ad3e 38e3ad3e38e3ad3e 38e3ad3e38e3ad3e 38e3ad3e38e3ad3e 38e3ad3e38e3ad3e 38e3ad3e38e3ad3e ZMM26=cca3cbe9cca3cbe9 cca3cbe9cca3cbe9 cca3cbe9cca3cbe9 cca3cbe9cca3cbe9 cca3cbe9cca3cbe9 cca3cbe9cca3cbe9 cca3cbe9cca3cbe9 cca3cbe9cca3cbe9 ZMM27=154fb281154fb281 154fb281154fb281 154fb281154fb281 154fb281154fb281 154fb281154fb281 154fb281154fb281 154fb281154fb281 154fb281154fb281 ZMM28=000000100000000f 0000000e0000000d 0000000c0000000b 0000000a00000009 0000000800000007 0000000600000005 0000000400000003 0000000200000001 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=dd070000dd070000 dd070000dd070000 dd070000dd070000 dd070000dd070000 dd070000dd070000 dd070000dd070000 dd070000dd070000 dd070000dd070000 info registers vcpu 3 CPU#3 RAX=000000000000005d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8509f205 RDI=ffffffff9a8a2280 RBP=ffffffff9a8a2240 RSP=ffffc90020aa6f68 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=552033203a555043 R12=0000000000000000 R13=000000000000005d R14=ffffffff8509f1a0 R15=0000000000000000 RIP=ffffffff8509f22f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b700000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000057033448 CR3=0000000026540000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000