last executing test programs: 11.516901998s ago: executing program 3 (id=357): syz_open_dev$tty1(0xc, 0x4, 0x1) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000180)={{0x1, 0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000140)='%pS \x00'}, 0x1c) ioctl$F2FS_IOC_GET_FEATURES(r0, 0x8004f50c, &(0x7f00000001c0)) syz_pidfd_open(0x0, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = getpid() process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r3, 0x84, 0x6e, &(0x7f0000000000)=[@in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x3b}}, @in={0x2, 0x4e1e, @private=0xa010101}, @in6={0xa, 0x4e21, 0x4, @mcast2, 0x2}], 0x3c) read$FUSE(0xffffffffffffffff, &(0x7f0000000100)={0x2020}, 0x2020) write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002180)={0x11, 0x0, 0x0, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r4 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$DMA_HEAP_IOCTL_ALLOC(r4, 0xc0184800, 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r5, 0x0, 0x0) mmap$dsp(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x100010, 0xffffffffffffffff, 0x0) pread64(0xffffffffffffffff, &(0x7f000001a240)=""/102400, 0x19000, 0x0) r6 = fsopen(&(0x7f0000002140)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0) fsmount(r6, 0x1, 0x0) r7 = fsopen(&(0x7f0000000080)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r7, 0x6, 0x0, 0x0, 0x0) fsmount(r7, 0x0, 0x1) fsconfig$FSCONFIG_SET_FLAG(r7, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r7, 0x7, 0x0, 0x0, 0x0) socket(0x8, 0x2, 0x0) 10.434982346s ago: executing program 1 (id=360): r0 = io_uring_setup(0x354a, &(0x7f0000000080)={0x0, 0x0, 0x200, 0x0, 0x3}) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x6c, 0x0, 0x1, 0x401, 0x1000000, 0x1a14, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x2c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x1}]}, 0x6c}}, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) r4 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x20001, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r4, 0x3304) r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x7fe) ioctl$KVM_SET_LAPIC(r5, 0x4400ae8f, &(0x7f0000000080)={"4af4c1b0750952fc4568c9da2cf111014bae220f51bc99c4d397467f39691ace3c86176e7b277e4f0ee3da7c62af19a3ea52543a9d9768f74730db12a72802cee08f0f9d34ecb7216a601d2aef57abb51ff66badc4554dedbcf3bfa910307e664823c83cb7d8e1b254e15020b632b10bf17d6b521dfd84634597442b9cf43400fa5b060b407c2285cd872780a1656919e827357c1b5d7fdc46b2f0b882ae896a2e9b75237368ae81c1ecbf85fb54ad9c15761d71304114c5597604d0c20f70a00a933fdc6ab8ee62216340a5d1b04f3e61d3964a288c074ed7939e9bb31a79ada1c636941fbbb555c8653a3bf2d7f9cc1d081583331fded38862086be7c2aa6213d36ecd7f06e811eb848cae4ec4e5c867f2ca5ef7f374d57256ec63a704c07de26832feaf7bc6d2c0f36afa12a7ca0aae64fdd55330782ef2b4d8813089b2420423f626065e8343fd7b5326945b93f83d7bcff3bb9fa2a5aea870a4221b9aa93a683a9cb30f958a3263ee51f1882a3090eceda796dc9353ec9fa8004fbcba3e3eadfc6c86bcc6990a759cf6181f014b4b0c0a5ac1f0f78dc77ba4bdabc8c9454e1339d5fcc92895f2a5f75f20774deb637a6305b0116d9d6a1ac691078f51dc68fac7f38d7fb9ee558f6396fd30a1d478eeca382ff18534f93bfa52483841cb3345560e5634c363eec2212f8ca334cb8b832223290dd279b1cf3c8bc8d338e1abebc1122c9b528091b5db315fd9babbdd7f1208e6ba55f966023e176fad5aa96df4ad5ab30bbf080b81f82568f028f26a5be18fab0a22d4cc92ad3bf96d8fc7eaec5eab00159ace3884a66b71da7642396ebfd9c77aea4ad358e92a18d8b9ddecfe2b44fc0d9ce80d77839c95341de6575d778c594dd4692178e227bb0b5667b7a75a69ce142ba237c61b0bb06860a49193e79904efb40ecae688441f1bede1da5ba93f46791162eee5a59415567de83cbac0fd2a49b7e589b14f08909edd960e2bb61bdd91c4c27ebb3a7cc3b89a4359d34de5f012e2ff8599bb008a31309c2f7ff90bb5527652bc20bc9cb7b1522af369c2716cd6100a16de7ba3dd160e626601a6958bd88e9366715438e0756f4d57c95cf2544161acf696869e41d079c44e1c5c7dc1d41d765ca7a80fc7beecbc7d033ed5e6ba59969ba91cac40e19dc9b8a0f0014a6160eb3a06cda013f339adcfff7092cbdfe9233141ef8d2d1b3c8a16a73b3ee0af8bd5ce5f0638effda121d0b75c233870e30e3efadb2aa156b1ff4f8a5b26081f1f945c8b73f4cf851505cbb57dae9947421e5610474c9462ab65c887baeef78732b28a1d0c1ca0b2132b5da94e64dfe91fbf0b5e89c8b0af00b8507756730dc0d3ea4877034090bbce6d82fcd24cf771e5b16127bb89397ef7d9f0553fd4a2b7abec74228fd41f8c7d7ca839dabbfbace03dce60de676480f6a0"}) close_range(r0, 0xffffffffffffffff, 0x0) 10.285027763s ago: executing program 0 (id=362): r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x80383, 0x0) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000000000000dc820000000000"], 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) fcntl$getownex(r3, 0x10, &(0x7f00000007c0)={0x0, 0x0}) statx(r3, &(0x7f0000000800)='./file0\x00', 0x4000, 0x10, &(0x7f0000000840)) stat(&(0x7f0000000940)='./file0\x00', &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000980)=0x0) lstat(&(0x7f00000000c0)='.\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r10, 0xffffffffffffffff) read$FUSE(0xffffffffffffffff, &(0x7f0000001bc0)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000ac0)=[{{&(0x7f00000003c0)=@abs={0x1, 0x0, 0x4e21}, 0x6e, &(0x7f00000006c0)=[{&(0x7f0000000440)="2b2318f87b8be9703a921ab904e15eb3d590d8549c060911bfb4052aa95b3f8892bbad29a037d4e5f5949ee0286d57ca1094ca2ad658575d9e00b5d8fadda3e052b756b54d613a970b55722240fa7565b9a691a3d0d2ec9a41583f6e119babea8accaf8d9e862ea928d88a324fcea770082318cc26e0b54858d470651e25ea11eb9631ee48a42d46e2b9b8c1f0e5580a399f13ee0600c378453924f778e46f520df96d469f4f07b938a6406ebe021378ea957b06b67d38d18d6e91d05a859239c7ac41b66699c1116de49a5cd3c85c580b4c2f5dbbd7108376a677528be55cbf65b1f242c87d", 0xe6}, {&(0x7f0000000540)="be49f3cbf13c024371e985345f914838e2d307f33f8c7d54299919d985f6055b722bf5751049324f954a9c60042490301e2fbb34094d7092ba1e19326480e1d6f102801d91af18ec1af2e577e5c5", 0x4e}, {&(0x7f0000000300)}, {&(0x7f0000000bc0)="7e61f65170c88d81fdd460e5dc8a020e6bb1273cced25dea314dfd2b037cf2e0cefd55fea3b141f27dff4dda94b51abaa798dfcda126ee0514fbcdf9e0f11bb0fbe710eccf41c8577fe6b64f631f100d3f84fa96605d8412cff2c80cff797ae259f6bdf6f40368c9cf003381bbf3e36e6c05223aa446f5e1164aae29d2f693afffc163c37b4e631721cf2ec81b64d487adff364f28e28237a771a0ee425f69114511c80ef887d5ffbd1889c98c3ae232e8feeaeab63952acb2444daa883762e5104200a6c178825f1baed5cab5a16609ef3ec78b382a9d6530fcad401d721eb5a92e6c1bbda8b3e7dd140e16e0c87c34c344c435f3773b246a548eb85a18562cb0e410c198e820eb3b2a9db3162743f3d96c60be42311048094c4517b64295a78252dc4b55c74de9d4a1878f46bc81d33f81d3e5d7f74d47fb8ebe01dfbe5e75fa302b9b7bcbc626d9faf06198c01a8807c5f8a4b6fa1821afdd85b6043b1aeeb120d6b2ed16abe54d66fd1d7e21ba7458bfaf638897d43ab56a428cc029047e1a5690eee931e57b10c07387b40446615670c987dc477443cc6a2703398182f971bfeacc81162b2664ed535aa703504e69504a6722e68dd6c3365dc3ed84b3c6a23a0be358fcd9a1b46c7cf3eaf7f664f8882c9521c72fff97ec3c445c85fceb9b280574ccef903626416a92db7a46e711023ab84b1a638af8618ab58d3254619083a97627353fb8a69aa34d024ee34769b32882ab1d1c807c83637f871d1b827f56c08a575c0b953f0fa8b743abb8a6f0b5a17195f127520d65d2a6be02f18b20af148d03f12ab2c7dc65b00360dbef25121c458d6042abec01e55bb9071498eafd17696c447b15f50fc26241074a869fd85da4844b01dc334a91019a70028872adbe5215c989513a0244d641dbe3ac17f9243215d837f976ddba5378cfb44249665c99c8a59ff42a83ba8a234a8fc27d6c564b290529fa182df952d421e6aa4527463f6b8bb05dd6f7b718b6d1f21fccc474b02a4ddeefeb63954fea7da6f6265c4ca7e384de50cec6b458a8300caaead1782e574f2737a7c730acf2458b8bf9da113340201a21a2822a17f06f653c5f7b6d60b079e2f2fcf4452b846433f3896a59e9fb2d7c372e514e1821ed270bc047e2f9b4f5c13b91ec50c62a626162d55dd05f1948d905661c7cb26f3b36b5cfe5e507043f1594075695c0c9598d8cd436d4b42dae4b7ed68ab5fb83fcfaee054abc5a9b7d8d84623b2779a4d7aeccd87b24b26bd134d57ebbdad8bd1b44410a4592954a631085dff9042394a050dddc4295a0fddbfe11f3673f52149258bb07420b1393e0c64ed1af39bfc63d3840e3541e4461d4ea7660164a78748e963e69f48aced73fc665c718837842bb4f0d765cb35ee210c8eeb05eea4a5331dffd66efe328ef58c7abbbf6c9edd92b2a7e69d49ef94582758b25fb22d7af4293f5dc44423319cdf7de570045189ba33607766b5fc55c891b975e79e82f237bc92c7bb6007bb12a2d14246b96aa9d1dd9c334c6bcafe8442be87dfb7f2b40704973640f151c7a7dd3d166f1d20ae5c39cc638795c0d3d44f7bc2faaa3970eaca1f740fcb97fd24a2ec702390a3c199f7f7a44c5d514b6a613cc940bf36a245d7d9f8179ecbaa49323423b506299daafa665f01ed396867516d86245aa0783709076f0f98822004087ea12d8c3f95a282b43b91fab77570ef6bc5e94117bc610c3d71940f8a38f62b11ec1f218e5e9761709ec2747a098619000680ceec553256766079b8ec83619093fcc6ab2621a08742863c289accd8e4df22e7581ed3768eea8eac020c7fe6e7d8eb91f4ef6f996edd91c2383adbec92bcdd60f19fce98ec302cbeb1c8a123a7907faf4c8d3acca71ef88c75ee4ff8f7bfcdad8c33edaaac7c495adf513fe0f7cd3afada77170ccfc424d7542553d959f75549108c27a4afffc42a5d90c871f36f4b174d628fc41a02b619ae5b4ad4e825c1950522b2a40aa40c127be890978e1a4b9e4d11dcc86bf52fd52d906037d988a5eb703d1d41064764ad626d7d69c091d2ef705736110fd64acc5aeb5d14bbf5d74c8d446f55516308d757947f5e49359f7850eb65275dd9b533df36474c4382fda9bcad6002db7224e7fbd9203a8e670fa6d2f8365a40344a89c3b8ca3352afda60bbdc6f572c47c6b6ed51c8d94dc1fa16835482a70a9d1fc0904819ce9e5dda50397c2858fd556cea7f25aec842ff2e65a885bb8389c3a5e7f49fe9adb292966e43e1c058bc7d7df6cf04d3cc73b37f3a3c69c690428309933a63a96739ba2cfd28457b404c2d8868fa95c233473f77699a9a466b0527668a16b3595a2b6946e99a3faa3c56e1ce1611596dfdb63a6c7affaef480303de067ed6a7ce35605fa03810118d15f92362126e5384d64fff7c31c2e89470d79defa7e3631bce5939c8d28f142003083d6065448000ff13c1977e05ede574cf5bf6638930ed08b12864eaef3313cf155e153ff797f7980773803c34a485a792a84122164407198148b6a475b3f4f61af33d30bf3ccc2a1f3dd6690518ee21b57d9b16e62d2b83503bb3b2e4fc59ee47c211f4ac94e34d08a6cfbde980399d98c17e15488abb7d8598ffd520dc80209fa3d6ed478018a41af5941846582479b42b996819bedb8ab96aad7491fe0557ac12f0b9fba5a8130254c11dc87eeda1dddefb093c68264f024a068f9693332ab31d62842b7e700eaab089376d50c414b5f7e43f4515265bd83d7f8bedd59910c7998bfb91d4b64b08100c48aa81de8a574699a568abe8244ca39085f43c33946d1942c8b46a8252c20aad9ffa8b56c12e69d7461af2cf835c2c11e9aa2f2e90b49183b5ec93a9cfad6a0c3508bbb9d22212b0ef46fb159023652b830d08b5ea1ddd7f67f9ece01137af40bb17d7c4f25ac7b8ece690878b889406aab0fa6d055143f2155edc11bedd48c0c1683671368a9a00055921591c7de2429a94e9aef1bfe7413ca84b33a2ee7f052e5985808464483f1279ebb543a1c10152df3ccbe8f51f9a6f85a653b8a95bd3e2bdbb6eae29a81bf53a978f8df1a85858e04e0dc2f8ab86ed6429ed5542e8a48feb4fcbcf65129dac83c5599a381094c75372db8ceb9464d48d82dc6292cbe1462757d9c24161cc3235284852edd8e291a05e85a062ded643018ce05c1bc23d3a2a5aed850bd6baaefe490d39e731a451999d51c4dd10caedddface322a23db0cd9f333326fbb10595cbbc80a2f4ea21d4796d1b2f684251f42cbd16590a096ed6ba2798c870c8462ca15ba394a0081cfd038dacc30bb2dfd6ce78f9b4c20130b98956f3d6148a77c464ce4c2e74132b0f47c0687959fdaf89d50b9608ffd1f773f1990409a000a5780b065b4eaa4237ae24d7c9b78a279fe4e4516d580782b066ace5d81659136809cb02aa3f35d0db7de16aab6713b9dc7891ee59834c06541d91aeca68476c1ce7820a772ed41bec56b6c6f6b723cffe42d9b69748fcd29db2078eb90b885fd7d92680c96cd404072442daf86d4321ac7d8de3b4aa6aef6ab0f8eff637f5ee813ab27dbe2a72252d4cd5d85a0a26d5ae62c6f58b8e9706811a15eb206bbc15010020455a66fa9aec9e17303fbcbfab7a12d1206d11b3b964c9e262029f990298eca2bef1d0821258b2a9e36e7a6cad538cd4d677d44f89f7c5b26f90936080248f03c6aebc75e09be3bc72623cfe4fd930fef1c912df3773b6bae4f289a468e21f3b2e1ddc6bb802c80f403ae1d1968034460c19c632b603b51a740d663318e5f8ed6d19e6a8623db01d8d3afc558a6945cae6f07ecb31f76ed504d34517140f6e8e33a627b765bf92b870bab8ec5b36a1aabc295f1f270174aebf0d3b3b24e78cfe2de0b36911f0817eb61e1af52f48223e521b6f1a022fd2eb3dbd92ef027545e686c2cf3ff07d6fa1d50f70f064c4c3c987d1dcb4cb13d23992debb23f1addab860991c97e38bc847deb9d9b1f96dd93df66e87151efd621bb35445c982decca7664f3a9fecd37ab24c68307cfd32b1bab880ae0465b4fe5172341bd6178d482db864eaee84a3919acead71a01f5df42be6e940fa36ae3b16ff995dfdf3e594ed8f94be0d011bfd13d6046adc065d1ecc418717d5ca9eccef9818bbaa27b3219fe9a0c9de5fb30732c737091912ffb471d711ebf7e92bb71701635f76cd5ece0417156491f6413f3f4d8e2d42c69de47a243c9609aed9a13bcc8a5ac981d331a7f5fad39156d5265c78768762cb09cbee5b85f8361978ad6746cc772e5d390334e891413ff570114d86a4d14ccb8b1724400a0ed5941e0f1e6c4d56ed1d4c46de40a6a5f89111ca99204a027b224477915fb995ef2595835700da322989d2946a0763329b2c33403d1410a76775f06cb06c10ba19fa9ddc5aa8746e1f0e37f53f78d2f2c321a29ad6bb8c6af1847a543db936fbf17faeb97ccb2a6996b11f8e49865de3ebe6d4c57b46ac58f96816c6c54a91587761cafe5f16659d7d74e30fddbe22093a3e8d38b05e1275590db4980817bde053d6156566d35a97893d91f37b108397cc93ccd829794e51af5ffe5dcfcd39e4ac15acfc2421c7229634d5c9128800985e1c66d8e176ae6be149c6194dc1cc3d89950bff9a59dea99058c3e728f8422e6a63d9963aa24312018792f3fa25675c832764552620cbcbe55c2a194aca77b1648526c68fc92529b213bef702f79fc5dcfa05c089a66b852752af4295821312b7dfb71439651bdf5171bc10f675668d44baff1e8dfaa6ffa9dcbbe6e3732b40aa876a4fa16a2974c2e3d1f17d014587cde703dc3db566a06c9f6f32b4d6c5ceef7d47e6983694ec62f49a4d74b81d72f2e948f078cf8c75dbd834be2d047531354aec8d3ac746e29aa0269db85e6c266eef2cdebaf469e89ce645e2406d02ac74f767b03404450aa6e731cdea64617dde7aced3c7c2c73c4584e4ebed648b36e5b802b0d2289c9328e343a21a99afe662ecd956710a225893a47b6602ee9b9a9d4c9c4eb6d152f7bc801d35be3ad43a07862af0979e01b9df5055a71b0f9a0942c4669392a45e0e828330944d776081604e3662931a23febb855566ecfddb212cb2105238f02dde40211e8d9e2b7a593c308d2e6af5dc3a2c8a84e0f997c6a672c4dc4c9532dbf3cb34f3e026fd7200d4b89678bbfeb106821f3aa04223b73e18dfa1ad0c87b7d1d2b106f0926e7ca4f484f09ef77268ce763588f444d7faa89f363986148976e3ebcc44e51a3dce9f2bd3273725bf2565f0c2a556069b513f58118a039a375f5b6d173a839b8768f42c23b0e47b5e7ddbbbc6657b4448484d54b3403a1a742bc0945c4baa367ebcf2a8b0b661c747c60a081be321503c92da14e02599a4837f8b56483c837dc0deef60b2b1f3221178ec355e83885641d2a0cdc46e5479d5efa109ddbe157444e4361eefc08ac569c6e433684c432c4e1fce9dc72717e93176054881ae9328b93b54c638a1baac07a9ce2704184785e049e4cd15c6b7c0ae17ddc1cf8e7f1660f459cde719f26d60feb14fe54e3eaaaebee6960b8f1641e118732a41063da7d1f994282ea02b43680cef3471f3ac82a5812484ab992a040341ba3022468f79bb653f639e44b780bb8920c0a7b32858458e79269612c8915f23e849c2c422675c132f166bedb7b900e7cbfacc49ef6a61464871641a591b104ad0d04613ea2361bb4b36ada3b909a6f9f7a8c91a78bebbbfe23d853df1290e3a60ba3ea9ab7fcc6301c941ced08e1e7c1c61a", 0x1000}, {&(0x7f00000005c0)="0706d53d6d862e607771c2fc3671c7dfcc7cfa12b9ca8262741023535fec99b79ff8bc9fe21a0a2b3620cffc7870a56dccc3472bb772d98120b9a09b9c3f7a181c453c8a15277688c0f0f665e3449d6726a1a517ae8065e45d267f73e1766997ea06a372e347abc96bb6f813470899bb61b201f34cc6e122065dfd4087fa7f33b72f316564870d92b71364d00530f91c7fd0ebd5501da042fd04d7e44c51340174051d7f44fdae9fa5cbf4455b487da25da465331bd1eceb75255b5f7846306562e9a3bfec818ea4", 0xc8}], 0x5, &(0x7f0000003c00)=ANY=[@ANYBLOB="200000000100", @ANYRES32=r2, @ANYRES32, @ANYRES32=r0, @ANYRES32=r1, @ANYRES32=r2, @ANYBLOB="180000000100000001000000", @ANYRES32, @ANYRES32=r0, @ANYRES32, @ANYBLOB="0300", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="200000000100000001000000", @ANYRES32=r1, @ANYRES32=r5, @ANYRES32=r1, @ANYRES32=r0, @ANYRES32, @ANYRES32, @ANYRES32=r6, @ANYRES32=r7, @ANYRES32=r8, @ANYBLOB="1800000001000000020000", @ANYRES32=r9, @ANYRES32=r11], 0xb4, 0x800}}], 0x1, 0x80) syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000000)='0', 0xfffffd2c) r12 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x103201, 0x0) write$P9_RSTATu(r12, &(0x7f0000003cc0)=ANY=[@ANYBLOB="6502000002000a000524012800000000000000000000000000000000000000000000000000000c00000001040000000000007dff0a6e6f6465767b65766f03d38b9200000000000000000000000000280070673effeb09b5351f5bde054000000000187899a916638814e5708103b4b400000000000000000002000800ac00f8f669fb716dcf315ecaf385409ac65b9408678c2c3b9e1d52c36cde7ba4a440b4b0b4f174a666a8529a451b3407dbdab2884baf050000000000000047ec21cabff20f9c1cbe36f4fd1a4cc280e8e289da649a3700398641631d44f4a39b1191937a280e8d889fc220d115ac8e2f184b9a61758d26772ab0f2044d8ef0263ddd97d3c427b3a532efab1d1ce32ca7c1fc231af48408e02b255028b7c9bb85396f4d8af0eb95fc0ecc99f780e22c016f6465762f6eb17b2300f9daa5ee23266ecf85fea65e42d979a3fde5f475daf03b1172d97badc7095afd76fe4f0441f7f7741eac030000ecff0000dba0c2f7f09ff53c7e4d1ad66e2d070198019f30118447aa9a74f51685f506ae894806878267d5a1298d792c4a37f2e1cbbd2482929a0d8972b5cf732ea5b0d723859dba3f93aed3b42ee7cac07de09d1d68a60333a882467f2b31aacdf9188549b1125d6c4c9b18c2fb56c558d5bfd69fc32c303ff55f917d7dc626e4390796a1eb48274669ab13f8b11d146059f310e2634d593fec65d529f382066664df244e4c90570a70049f399f061f75b7797ce1fe11ea919609d51a41dd3de304bd7c7ed0a456f0ae12516105c9ce887df5a6e0b6a77d596cf88ba6e5c6397c7d5021d7989528fd1739e1c2d87fff00"/613, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0], 0xfd85) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x300}, 0x0, &(0x7f00000002c0)={0x3ff}, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) 10.215171404s ago: executing program 3 (id=363): openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) r0 = socket(0x10, 0x3, 0x0) (async) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000680)=@newqdisc={0x38, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0x4}}, @TCA_RATE={0x6}]}, 0x38}}, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) (async) sendmsg$NL80211_CMD_GET_POWER_SAVE(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000400)={0x0, 0x14}}, 0x20014000) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = memfd_create(&(0x7f0000000340)='D\xa3\xd5Wj\x00\x00x0\xc1\xac\x1a\x1a\vG\xa9~vB\xbc\t\x00\x00\x00VoA\xaa\xbc\xee[\xe1\xa2\xe0\xff\x04\x00\x00\x00\\i\xcf\t\xb0\xa9 +H/\x1a\xe7\x95\xce\"\"\xbd\xf9!\xfd\xa4\xcaN\x84\xadS\x8bqE\x99\x01t\xb1\x1f|\x99PL\x92\x8f\xc2\xf9\xcd\x8cj\x03X\x05\x17mwI\xf0\x01\xe5z\xcdJ)\xc7\xfa)\xaa}\xef\xbb\xf5\xcd\xb1o5\x18\xd6\v\x85q\x98\x9bB\xb9\xea\xe7\xff\x7f\x00\x00T\xc0\xd2\t?\bpBl\xf4*8\xc6\xe5\x06P\xc11\f^\x7f\x8e\xc1\xd1Wra\x19)\xe3\x8f\xd9\x9f\x15\x1e\xf2\x18\r\xad\b\xe0\x96NH\x85\r+\xfc\xb3\xdd\xddhg \x03\xa7\x92\xff\x00+h\xb7@#K\x9cMY\xd3\x9b\b-G\xb1\xdaS\x81\xb2\x93\xb83\x8a\x94*\x8d\\\b\xff/\xa1\xc0\xf9&\xd3M\xf6\n\xff\x83k\xc9\rDa\x16\xbd\x1a\xb2w\b', 0x0) write(r3, &(0x7f00000000c0)='i', 0x1) (async) r4 = socket(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r4, 0xa00000000000000, 0x80, &(0x7f00000000c0)=@broute={'broute\x00', 0x20, 0x1, 0x990, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000e00], 0xfeffff07, 0x0, 0x0}, 0x9e0) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZE(r5, 0x5609, &(0x7f0000000000)={0x4}) (async) getsockname$packet(0xffffffffffffffff, &(0x7f0000000280)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000002c0)=0x14) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r6, &(0x7f0000000a40)=""/102368, 0x18fe0) (async) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) (async) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) (async) r7 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$binfmt_script(r7, &(0x7f0000000100), 0xfecc) ioctl$UI_DEV_CREATE(r7, 0x5501) (async) bind$inet6(0xffffffffffffffff, &(0x7f000047b000)={0xa, 0x0, 0x0, @local}, 0x1c) (async, rerun: 64) mremap(&(0x7f0000241000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil) (async, rerun: 64) madvise(&(0x7f000042f000/0x800000)=nil, 0x800000, 0x15) socket$nl_netfilter(0x10, 0x3, 0xc) 10.025222973s ago: executing program 0 (id=364): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$ARPT_SO_SET_REPLACE(r1, 0x0, 0x60, &(0x7f0000000440)={'filter\x00', 0x4, 0x4, 0x3d4, 0x0, 0x1f8, 0xfc, 0x2f4, 0x2f4, 0x2f4, 0x4, 0x0, {[{{@arp={@remote, @broadcast, 0x0, 0x0, 0x0, 0x0, {@mac=@dev={'\xaa\xaa\xaa\xaa\xaa', 0x16}}, {@mac}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 'bridge0\x00', 'erspan0\x00'}, 0xbc, 0xfc}, @unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x2, 0x4, {0x7}}}}, {{@arp={@initdev={0xac, 0x1e, 0x0, 0x0}, @remote, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'erspan0\x00', 'dvmrp0\x00'}, 0xbc, 0xfc}, @unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00', 0x0, 0x2}}}, {{@uncond, 0xbc, 0xfc}, @unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x2}}}], {{'\x00', 0xbc, 0xe0}, {0x24}}}}, 0x420) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) r4 = dup(r3) ioctl$GIO_UNISCRNMAP(r4, 0x4b69, &(0x7f0000000000)=""/113) r5 = openat$cgroup_ro(r2, &(0x7f0000000040)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) preadv2(r5, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$IPSET_CMD_FLUSH(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)={0x1c, 0x4, 0x6, 0x0, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0xf5ff}, 0x0) 9.83032103s ago: executing program 0 (id=365): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000012c0), 0x0, &(0x7f0000001500)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}) read$FUSE(r0, &(0x7f000000b800)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x1f}}, 0x50) syz_emit_ethernet(0x32, &(0x7f0000000140)={@local, @empty, @void, {@ipv4={0x800, @dccp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x21, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast}, {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0bc0f7", 0x0, "de9560"}}}}}}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x0, 0x0) r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r4, 0xc0502100, &(0x7f0000000580)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r4, 0xc0502100, &(0x7f0000000340)) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r7 = openat$cgroup_procs(r6, &(0x7f00000000c0)='cgroup.procs\x00', 0x2, 0x0) sendfile(r7, r7, 0x0, 0x7) r8 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x1000, 0x20100) ioctl$SNDRV_CTL_IOCTL_ELEM_REMOVE(r8, 0xc0405519, &(0x7f00000001c0)={0x9, 0x2, 0x0, 0x0, 'syz1\x00', 0x9}) close(r7) epoll_create1(0x0) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r4, 0xc0182101, &(0x7f00000003c0)={r5}) 9.704391977s ago: executing program 1 (id=366): socket(0xa, 0x2, 0x0) socket(0x200000100000011, 0x3, 0x0) syz_emit_vhci(0x0, 0x0) syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="040efaff0520"], 0x7) socket$packet(0x11, 0x3, 0x300) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4008001) setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) connect$qrtr(0xffffffffffffffff, &(0x7f0000000040), 0xc) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x210000000013, 0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000040)={'batadv0\x00', 0x0}) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) socket$packet(0x11, 0x2, 0x300) r3 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000480)={'batadv0\x00', 0x0}) sendto$packet(r3, &(0x7f0000000080)="020000ffffffba000040000086dd", 0xe, 0x0, &(0x7f0000000000)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @random="6d6eb1f60783"}, 0x14) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=@setlink={0x3c, 0x13, 0x1, 0x0, 0x0, {}, [@IFLA_MASTER={0x8, 0xa, r2}, @IFLA_ALT_IFNAME={0x14, 0x35, 'dummy0\x00'}]}, 0x3c}}, 0x0) r5 = socket$pppl2tp(0x18, 0x1, 0x1) socket$pppl2tp(0x18, 0x1, 0x1) ioctl$SIOCSIFMTU(r5, 0x8922, &(0x7f0000000080)={'dummy0\x00'}) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="0100000000000000000003000000400001802c0004001400010002000000ac1414aa00000003000000001400020002000000e000000200000000000004000d0001007564703a73"], 0x54}}, 0x0) 9.033560216s ago: executing program 1 (id=368): mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x1) r1 = socket$key(0xf, 0x3, 0x2) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10) sendmsg$key(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)={0x2, 0xb, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x7, 0x0, 0x0, 0x0, @in={0x2, 0x0, @broadcast}}]}, 0x28}}, 0x0) ioctl$TIOCVHANGUP(r0, 0x5437, 0x0) r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r3) ptrace$PTRACE_SECCOMP_GET_FILTER(0x420c, r3, 0x0, 0x0) chdir(&(0x7f00000003c0)='./bus\x00') fsconfig$FSCONFIG_CMD_RECONFIGURE(0xffffffffffffffff, 0x7, 0x0, 0x0, 0x0) 8.8851056s ago: executing program 0 (id=370): syz_open_dev$hidraw(&(0x7f0000000280), 0x0, 0x4a141) r0 = memfd_secret(0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x4013, r0, 0x0) mremap(&(0x7f0000a01000/0x4000)=nil, 0x4000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) mremap(&(0x7f0000a4c000/0xf000)=nil, 0xf000, 0x2000, 0x0, &(0x7f0000ffd000/0x2000)=nil) munmap(&(0x7f0000ba0000/0x2000)=nil, 0x2000) mremap(&(0x7f0000dde000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000bb3000/0x1000)=nil) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 7) 8.685392399s ago: executing program 1 (id=372): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000012c0), 0x0, &(0x7f0000001500)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}) read$FUSE(r0, &(0x7f000000b800)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x1f}}, 0x50) syz_emit_ethernet(0x32, &(0x7f0000000140)={@local, @empty, @void, {@ipv4={0x800, @dccp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x21, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast}, {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0bc0f7", 0x0, "de9560"}}}}}}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, 0x0) 8.135283963s ago: executing program 3 (id=373): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$ARPT_SO_SET_REPLACE(r1, 0x0, 0x60, &(0x7f0000000440)={'filter\x00', 0x4, 0x4, 0x3d4, 0x0, 0x1f8, 0xfc, 0x2f4, 0x2f4, 0x2f4, 0x4, 0x0, {[{{@arp={@remote, @broadcast, 0x0, 0x0, 0x0, 0x0, {@mac=@dev={'\xaa\xaa\xaa\xaa\xaa', 0x16}}, {@mac}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 'bridge0\x00', 'erspan0\x00'}, 0xbc, 0xfc}, @unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x2, 0x4, {0x7}}}}, {{@arp={@initdev={0xac, 0x1e, 0x0, 0x0}, @remote, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'erspan0\x00', 'dvmrp0\x00'}, 0xbc, 0xfc}, @unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00', 0x0, 0x2}}}, {{@uncond, 0xbc, 0xfc}, @unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x2}}}], {{'\x00', 0xbc, 0xe0}, {0x24}}}}, 0x420) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) r4 = dup(r3) ioctl$GIO_UNISCRNMAP(r4, 0x4b69, &(0x7f0000000000)=""/113) r5 = openat$cgroup_ro(r2, &(0x7f0000000040)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) preadv2(r5, &(0x7f0000000280), 0x0, 0x0, 0x0, 0x0) sendmsg$IPSET_CMD_FLUSH(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)={0x1c, 0x4, 0x6, 0x0, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0xf5ff}, 0x0) 8.061909s ago: executing program 0 (id=374): syz_emit_ethernet(0x7e, &(0x7f0000000240)={@local, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x4, 0x70, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr=0x64010100, @dev={0xac, 0x14, 0x14, 0x10}}, @time_exceeded={0xb, 0x0, 0x0, 0x3, 0x7f, 0x0, {0x15, 0x4, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x89, 0x0, @multicast2, @local, {[@cipso={0x86, 0x2a, 0x0, [{0x0, 0xd, "5e000000ff000000000000"}, {0x0, 0x5, "4eb8a6"}, {0x0, 0x12, "9606053d0006ff00800000b61af93a93"}]}, @lsrr={0x83, 0x13, 0x0, [@dev, @loopback, @loopback, @multicast2]}]}}}}}}}, 0x0) syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000000)={0x0, 0x0}) read$msr(r1, &(0x7f0000032680)=""/102392, 0x18ff8) r2 = openat$qat_adf_ctl(0xffffff9c, &(0x7f00000000c0), 0x0, 0x0) r3 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r3, 0x402, 0x8000003d) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x42, 0x0) mkdir(&(0x7f0000000000)='./control\x00', 0x0) open$dir(&(0x7f00000002c0)='./control/file0\x00', 0x80040, 0x0) rename(0x0, 0x0) ioctl$IOCTL_CONFIG_SYS_RESOURCE_PARAMETERS(r2, 0x40096100, 0x0) r4 = socket(0x1d, 0x5, 0x6) bind$can_j1939(r4, 0x0, 0x0) getsockopt$WPAN_WANTLQI(0xffffffffffffffff, 0x29, 0x49, 0x0, 0x0) sendmsg$inet(0xffffffffffffffff, 0x0, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r5, &(0x7f0000000040), 0x208e24b) r6 = syz_clone(0x4220000, &(0x7f0000000100)="8e40eb2fb3c0f969bc40380820e50d40c7c1819377ecd6fbb097ca96df626fdbc6e85715e075058a211d079b23fa22a747bc1fcc39de66378946088a43e6e78eb6c763d83f388a3ffeadf6e8997379f1852a1b55acb99ef68366e0f14fb7435d63aa98e7ed510db3fc449395bfe87cda06d844ba7e6ca4c2af932b99ee4d289310911b8f4a409cd2419b404d7b8a8a1fd528c8d3a6e8ba0cb6a7", 0x9a, &(0x7f0000000080), &(0x7f0000000200), &(0x7f0000000600)="12fc4f952963d8c15fb60430a8134357680caa4f1470212e6f6a2987d28de529e3bfb0ba00d8f96b69c42f526137a7a4e485d37284cee7321f9b57fb8be01c92b756cd8a75f025284d254f8e2bf61553732e6031275f3821fdbd30abb321c10171c5018eca0c1f67e47f4266e119de0c76b58a2b20a0f5a5bddbebee55ea2a93d847a0bf481fbbad1a8f1545742d6fe6d8bede25ef02098b6752e5361064b899902f37694a7df5b223") syz_open_procfs(r6, &(0x7f0000000240)='net/ip_vs\x00') r7 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) connect$llc(r7, &(0x7f00000001c0)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @dev}, 0x10) ioctl$vim2m_VIDIOC_TRY_FMT(r0, 0xc0cc5640, &(0x7f0000000440)={0x0, @win={{0x6, 0x8, 0x0, 0x7eb3}, 0x5, 0x7fffffff, 0x0, 0x40, &(0x7f0000000340)="44011442ea15762ca1f0f54739574f5946d2f0c181c43f1adaec0ba2ecd3dce54d258e4578e5bdb83fbc9af4b57482b2f5ad70fbca161c04f7bc0eca2d70b746eb655dcf48fc2d65c3d25bd4a18a05ea85cd0c3c4095c6", 0x7}}) recvmmsg(r7, &(0x7f00000005c0)=[{{0x0, 0xe8, 0x0, 0x0, 0x0, 0x0, 0xffffffff00003f00}}], 0x4000000000001db, 0x0, 0x0) sendfile(r7, r5, 0x0, 0xffefffff) 8.061410875s ago: executing program 3 (id=375): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x4a, &(0x7f0000000040)=0x7, 0x4) recvmsg(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x1a}, 0x10060) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) connect$inet6(r1, &(0x7f0000000100)={0xa, 0x0, 0x4000000, @mcast2, 0x5}, 0x1c) sendmmsg$inet6(r1, &(0x7f0000004b80)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000000c0)="8252", 0x2}], 0x1}}], 0x1, 0x4000c000) sendto$inet6(r1, &(0x7f0000000300), 0x16, 0x0, 0x0, 0xfffffffffffffdfd) sendmsg$AUDIT_USER_AVC(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)={0x10, 0x453, 0x4, 0x70bd29, 0x25dfdbfd}, 0x10}, 0x1, 0x0, 0x0, 0x4004}, 0x8080) r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01) ioctl$USBDEVFS_ALLOW_SUSPEND(r2, 0x5522) openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000080)="30a0", 0x2}], 0x1}, 0x4040001) bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) rt_sigprocmask(0x0, &(0x7f000078b000)={[0xfffffffffffffffd]}, 0x0, 0x8) r4 = gettid() r5 = getpid() rt_tgsigqueueinfo(r5, r4, 0x7, &(0x7f0000000000)={0x0, 0x0, 0x4}) r6 = signalfd(0xffffffffffffffff, &(0x7f00007aeff8)={[0xfffffffffffffffe]}, 0x8) read(r6, &(0x7f0000000740)=""/384, 0x200008c0) close(0xffffffffffffffff) 7.871092964s ago: executing program 1 (id=377): r0 = socket$nl_route(0x10, 0x3, 0x0) getpeername$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f00000000c0)=0x14) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000540)=ANY=[@ANYBLOB="9feb01001800000000000000340000003400000006000000040000000000000e0300000000000000030000000000000800000000000000000000000200000000000000000000000a020000000000006161"], 0x0, 0x52, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r4 = dup3(r2, r3, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r7, 0x8080aea1, &(0x7f0000000100)) recvmmsg(r4, &(0x7f00000004c0)=[{{0x0, 0x0, 0x0}}], 0xf00, 0x0, 0x0) r8 = getpid() r9 = socket$can_raw(0x1d, 0x3, 0x1) bind$can_raw(r9, &(0x7f00000000c0)={0x2}, 0x10) syz_pidfd_open(r8, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) socket(0x28, 0x5, 0x0) setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f00000001c0)=0x4, 0x4) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) pselect6(0x40, &(0x7f0000000340), 0x0, &(0x7f0000000080)={0x3fe}, 0x0, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f00000000c0)={@map, 0xffffffffffffffff, 0x26, 0x0, 0x0, @void, @value}, 0x10) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000100)={'team0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="44000000520000022abd7000fddbdf251c08000100", @ANYRES32=r1, @ANYBLOB="080006000100000008000100", @ANYRES32=r10, @ANYBLOB="080000000000000008000600090000000f00060004000000000000"], 0x44}}, 0x0) 7.84081587s ago: executing program 3 (id=378): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000012c0), 0x0, &(0x7f0000001500)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}) read$FUSE(r0, &(0x7f000000b800)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x1f}}, 0x50) syz_emit_ethernet(0x32, &(0x7f0000000140)={@local, @empty, @void, {@ipv4={0x800, @dccp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x21, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast}, {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0bc0f7", 0x0, "de9560"}}}}}}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x0, 0x0) r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r4, 0xc0502100, &(0x7f0000000580)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r4, 0xc0502100, &(0x7f0000000340)) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r7 = openat$cgroup_procs(r6, &(0x7f00000000c0)='cgroup.procs\x00', 0x2, 0x0) sendfile(r7, r7, 0x0, 0x7) r8 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x1000, 0x20100) ioctl$SNDRV_CTL_IOCTL_ELEM_REMOVE(r8, 0xc0405519, &(0x7f00000001c0)={0x9, 0x2, 0x0, 0x0, 'syz1\x00', 0x9}) close(r7) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r4, &(0x7f0000000140)) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r4, 0xc0182101, &(0x7f00000003c0)={r5}) 7.675578446s ago: executing program 2 (id=379): madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) r0 = syz_open_dev$dri(0x0, 0x4260, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0}) syz_open_dev$dri(0x0, 0x20, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102377, 0x1902c}], 0x1, 0x0, 0x0) bind$inet6(0xffffffffffffffff, 0x0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_emit_vhci(0x0, 0x7) r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000002c0)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x7, [@enum={0x5}]}, {0x0, [0x0, 0x0, 0x0, 0x0, 0x61]}}, 0x0, 0x2b, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x20) bpf$MAP_CREATE(0x0, &(0x7f0000001400)=@base={0xb, 0x6, 0x4, 0x3a7, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, r2, 0x0, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r3 = socket$inet6(0xa, 0x800000000000002, 0x0) sendmmsg$inet6(r3, &(0x7f0000001580)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000}, 0xa}], 0x1, 0x0) ioprio_set$uid(0x3, 0x0, 0x0) r4 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0) read$usbmon(r4, 0x0, 0x0) ioctl$MON_IOCH_MFLUSH(r4, 0x541b, 0x0) r5 = openat$incfs(r1, &(0x7f0000000040)='.pending_reads\x00', 0x40000, 0xc0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x4, 0x200000005c831, r5, 0xa8e25000) socket$inet6(0xa, 0xa, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) r6 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$poke(0x5, r6, &(0x7f0000000080), 0x0) 7.33553059s ago: executing program 1 (id=380): sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f0000000500), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x0) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r2) sendmsg$NLBL_CIPSOV4_C_ADD(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)={0x30, r3, 0x1, 0x0, 0x4000000, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}, @NLBL_CIPSOV4_A_TAGLST={0xc, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x1}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x3}]}, 0x30}}, 0x0) r4 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r4, &(0x7f0000000080), 0x10) sendmsg$can_bcm(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[], 0x48}}, 0x0) sendmsg$can_bcm(r4, &(0x7f00000001c0)={&(0x7f0000000040), 0x10, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x2710, @ANYBLOB="0000000011000000000000010000b68c5206a7fd05900000"], 0x34}}, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r6 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r6, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) sendmsg$nl_route_sched(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000f00)=@newtfilter={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x74, r7}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f00000008c0)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x8) sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r8 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r8, &(0x7f0000000340)={0xa, 0x4e22, 0x0, @rand_addr=' \x01\x00'}, 0x1c) openat$vcs(0xffffff9c, &(0x7f0000000140), 0x183000, 0x0) listen(r8, 0x0) r9 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_int(r9, 0x6, 0x9, &(0x7f00000000c0)=0xa, 0x4) connect$inet(r9, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) sendto$inet(r9, &(0x7f0000000040)='u', 0xa792a, 0x801, 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)) 6.800667652s ago: executing program 3 (id=381): bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000640)={{0xffffffffffffffff, 0xffffffffffffffff}, &(0x7f00000004c0), &(0x7f0000000500)}, 0x1c) socket$nl_route(0x10, 0x3, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0a0000008c130000050000000200000088820000", @ANYRES32=r0, @ANYBLOB="060000000000000000000000000000000000000010ad618bb5fe82375bce31e0b01a2229b64f41c2fa2b1d3bfbb47b4bfd0ece062388f46040532cebbc7238eaacc4980bd5bb87ac15bed3f65bd0458b476b56b27256de65bf3b9c5896fefc611d12de", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="03000000020000000400"/20, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00'], 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r1, 0xffffffffffffffff}, 0x4) madvise(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000002700)=""/102392, 0x18ff8) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r4) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x2000000, 0x0) r5 = inotify_init1(0x0) fcntl$setown(r5, 0x8, 0xffffffffffffffff) ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000100)={@dev={0xfe, 0x80, '\x00', 0xa}}) r6 = socket$inet6_mptcp(0xa, 0x1, 0x106) getsockopt$inet6_tcp_buf(r6, 0x6, 0xd, 0x0, 0x0) write$binfmt_script(0xffffffffffffffff, &(0x7f0000000100), 0xfffffd9d) getsockopt$inet6_mptcp_buf(r6, 0x11c, 0x2, &(0x7f0000000100)=""/222, &(0x7f0000000000)=0x61637876) fcntl$getownex(r5, 0x10, &(0x7f0000000140)={0x0, 0x0}) r8 = syz_open_procfs(r7, &(0x7f0000000600)='fd/4\x00') ioctl$FS_IOC_SETFLAGS(r8, 0x40086602, &(0x7f0000000380)) r9 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000380), 0x4) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000740)={0x6, 0x18, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000001fcffff00000000090000004570200001000000186000000d00000000000000030000008500000057000000b7080000000000007b8af8ff00000000b7080000070000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500020800000085000000a500000018111c00", @ANYRES32=r1, @ANYBLOB="0000000000000000b70200000000000085000000860000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x3c61, 0x62, &(0x7f0000000300)=""/98, 0x41100, 0x60, '\x00', 0x0, 0x25, r9, 0x8, &(0x7f00000003c0)={0x3, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000400)=[r1, r1, r1], &(0x7f0000000440)=[{0x0, 0x5, 0x10, 0x8}, {0x4, 0x4, 0xb, 0x7}, {0x0, 0x5, 0x9, 0xa}, {0x3, 0x1, 0x0, 0x5}, {0x0, 0x1, 0xd, 0x6}], 0x10, 0x6, @void, @value}, 0x94) r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r10}, 0x10) r11 = fsopen(&(0x7f0000000000)='ceph\x00', 0x0) munlock(&(0x7f0000ffd000/0x2000)=nil, 0x2000) fsconfig$FSCONFIG_SET_STRING(r11, 0x1, &(0x7f00000000c0)='test_dummy_encryption', &(0x7f0000000180)='auto_da_alloc', 0x0) 6.685105414s ago: executing program 2 (id=382): syz_open_dev$hidraw(&(0x7f0000000280), 0x0, 0x4a141) r0 = memfd_secret(0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x4013, r0, 0x0) mremap(&(0x7f0000a01000/0x4000)=nil, 0x4000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) mremap(&(0x7f0000a4c000/0xf000)=nil, 0xf000, 0x2000, 0x0, &(0x7f0000ffd000/0x2000)=nil) munmap(&(0x7f0000ba0000/0x2000)=nil, 0x2000) mremap(&(0x7f0000dde000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000bb3000/0x1000)=nil) syz_clone(0x7b, 0x0, 0x0, 0x0, 0x0, 0x0) 6.525423976s ago: executing program 2 (id=383): r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x7, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000100000003000040182000"/28, @ANYRES32, @ANYBLOB="0000000000000000950000000000000095"], &(0x7f0000000280)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r0, 0x8, 0x0, 0x0, 0x29, &(0x7f00000004c0), 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 6.365299774s ago: executing program 2 (id=384): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000012c0), 0x0, &(0x7f0000001500)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}) read$FUSE(r0, &(0x7f000000b800)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x1f}}, 0x50) syz_emit_ethernet(0x32, &(0x7f0000000140)={@local, @empty, @void, {@ipv4={0x800, @dccp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x21, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast}, {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0bc0f7", 0x0, "de9560"}}}}}}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, 0x0) 5.035485498s ago: executing program 2 (id=385): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_PORT_UNSPLIT(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)={0x3c, r1, 0xb48491eb6d210a0f, 0x1000000, 0x0, {0xb}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2404c844}, 0x0) 2.305357181s ago: executing program 2 (id=386): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0) socket$nl_route(0x10, 0x3, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) uname(&(0x7f0000000400)=""/220) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', 0x0}) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="78226e6f65786163638173733d616e792c63616368653d66736361636865"]) chdir(&(0x7f0000000280)='./file0\x00') r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_serviced\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0) ftruncate(r3, 0xc17c) write$FUSE_LK(r3, &(0x7f00000002c0)={0x28, 0x0, 0x0, {{0x0, 0x0, 0x0, 0xffffffffffffffff}}}, 0x28) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001000)=ANY=[@ANYBLOB="340000006800e97800000000000000000a0000000000000014000600fe8000000000000000000000000000bb08000500", @ANYRES32=r2, @ANYBLOB], 0x34}}, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', 0x0}) sendmsg$nl_route(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x20, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_OIF={0x8, 0x5, r7}]}, 0x20}}, 0x0) r8 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x2, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(r8, 0xc10c5541, &(0x7f0000000140)={0x0, 0x1}) finit_module(r6, &(0x7f0000000180)='\x00', 0x3) sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000003c0)=@newlink={0x20, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, r7, 0x192}}, 0x20}}, 0x0) syz_emit_ethernet(0xd7, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaabb00000000000c0a716ae1d9f23e000004ab011d008c30d780353c43a966ee274e57f67b77365666ea7eab4e953084d3bcea12ccc5d332067944139f8372a345b127a2aed3a3d5d33549d3fa00fcca35fec42bbd340135f8ff92ae043d867a0b7b20d9979f1a2071c9b158e6a9e70bcdad6f0280ebf4d9ff3b3c3efafd922076da14e5447d5ab9e4179bad3742149b00e1133e84e2cae9b305b3317cff15ef394358fb233b091c7206372c8689d7662d40df3a7e21b1378b67d638f9f09d415db184a84fdebaf35523e815c295ed362b43c8"], &(0x7f0000000040)={0x1, 0x2, [0xb72, 0x977, 0x91e, 0x6f8]}) setrlimit(0x0, &(0x7f0000000500)) 0s ago: executing program 0 (id=387): mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x8, 0x1, &(0x7f0000000300)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$netlink(0x10, 0x3, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) getsockopt$PNPIPE_HANDLE(0xffffffffffffffff, 0x113, 0x3, &(0x7f0000000040), &(0x7f0000000200)=0x4) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cpuset.effective_cpus\x00', 0x275a, 0x0) r3 = dup(r2) pwritev2(r2, &(0x7f0000000240)=[{0x0}, {&(0x7f0000000500)="aa32955d2f598d37fd32d133dd89ef65e51b5e40948ebdf63533d9cdbb7f8d2e15561f1d0291dc67dbde893e127f270a4e230fb5412d50828a24d0224155d1b04e0919c818f79d9649e0d57a34fb94d2fad549b0f2f7e693d1c1c9674bdbb201e7c3c8130c7573d124aa455f1295f2e2acf38df64d12c96806fb3c6125ed6d7fe6869de24d63b5e22f7749073ce52f4fb0125a156e1bcff9352a9b2fbbc3463b531316e8beb777c2bd9e", 0xaa}], 0x2, 0xffffffff, 0x1fffffff, 0x0) sendfile(r3, r2, 0x0, 0x20000) r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000280), 0x1e1982, 0x0) ioctl$PPPIOCSMAXCID(r4, 0x40047451, &(0x7f0000000140)) ioctl$PPPIOCSFLAGS1(r4, 0x40047459, &(0x7f0000000100)=0x2000004) pwritev(r4, &(0x7f00000001c0)=[{&(0x7f00000004c0)="00214717a70700000000030600710a5e31163ceb9d04712000000005000000182ce0ab6d000041a15be2d9d13cd1cb0c238e61cfd6a5d7cd0eaa50e027db", 0x3e}], 0x1, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) socket$nl_route(0x10, 0x3, 0x0) syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYBLOB="043e1f0a00c9"], 0x22) r5 = syz_io_uring_setup(0x3254, 0x0, 0x0, 0x0) syz_io_uring_setup(0x67fd, &(0x7f0000000380)={0x0, 0x3400, 0x200, 0x3, 0x2e9, 0x0, r5}, 0x0, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0) syz_clone(0x8044000, 0x0, 0x0, 0x0, 0x0, 0x0) syz_clone(0x80082000, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) r6 = fcntl$dupfd(r0, 0x0, r0) ioctl$TCFLSH(r6, 0x400455c8, 0x2) ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000080)) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:57772' (ED25519) to the list of known hosts. [ 43.043530][ T5334] cgroup: Unknown subsys name 'net' [ 43.226423][ T5334] cgroup: Unknown subsys name 'cpuset' [ 43.232704][ T5334] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 44.428648][ T5334] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 47.674346][ T5350] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 47.676590][ T5350] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 47.697692][ T5358] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 47.699945][ T5358] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 47.702431][ T5358] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 47.704684][ T5358] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 47.707645][ T5358] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 47.710194][ T5358] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 47.712516][ T5358] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 47.715901][ T5358] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 47.717920][ T5358] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 47.720304][ T5358] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 47.722529][ T5358] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 47.724994][ T5358] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 47.732786][ T5363] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 47.737077][ T5366] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 47.738206][ T5365] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 47.740283][ T5366] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 47.742645][ T5365] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 47.744754][ T5366] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 47.747457][ T5365] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 47.752168][ T5365] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 47.755748][ T5364] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 47.759587][ T5354] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 47.960324][ T5349] chnl_net:caif_netlink_parms(): no params data found [ 47.972875][ T5355] chnl_net:caif_netlink_parms(): no params data found [ 48.041592][ T5347] chnl_net:caif_netlink_parms(): no params data found [ 48.110077][ T5356] chnl_net:caif_netlink_parms(): no params data found [ 48.125900][ T5355] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.128061][ T5355] bridge0: port 1(bridge_slave_0) entered disabled state [ 48.130208][ T5355] bridge_slave_0: entered allmulticast mode [ 48.133204][ T5355] bridge_slave_0: entered promiscuous mode [ 48.136917][ T5355] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.139248][ T5355] bridge0: port 2(bridge_slave_1) entered disabled state [ 48.141802][ T5355] bridge_slave_1: entered allmulticast mode [ 48.144406][ T5355] bridge_slave_1: entered promiscuous mode [ 48.165928][ T5349] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.167827][ T5349] bridge0: port 1(bridge_slave_0) entered disabled state [ 48.169690][ T5349] bridge_slave_0: entered allmulticast mode [ 48.172122][ T5349] bridge_slave_0: entered promiscuous mode [ 48.176417][ T5349] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.178992][ T5349] bridge0: port 2(bridge_slave_1) entered disabled state [ 48.181581][ T5349] bridge_slave_1: entered allmulticast mode [ 48.184130][ T5349] bridge_slave_1: entered promiscuous mode [ 48.285357][ T5355] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 48.293501][ T5349] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 48.307576][ T5347] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.309644][ T5347] bridge0: port 1(bridge_slave_0) entered disabled state [ 48.311989][ T5347] bridge_slave_0: entered allmulticast mode [ 48.314269][ T5347] bridge_slave_0: entered promiscuous mode [ 48.319062][ T5355] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 48.325896][ T5349] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 48.346364][ T5347] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.348891][ T5347] bridge0: port 2(bridge_slave_1) entered disabled state [ 48.351918][ T5347] bridge_slave_1: entered allmulticast mode [ 48.355026][ T5347] bridge_slave_1: entered promiscuous mode [ 48.401056][ T5356] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.403170][ T5356] bridge0: port 1(bridge_slave_0) entered disabled state [ 48.405067][ T5356] bridge_slave_0: entered allmulticast mode [ 48.407729][ T5356] bridge_slave_0: entered promiscuous mode [ 48.442583][ T5355] team0: Port device team_slave_0 added [ 48.444662][ T5356] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.446952][ T5356] bridge0: port 2(bridge_slave_1) entered disabled state [ 48.449086][ T5356] bridge_slave_1: entered allmulticast mode [ 48.451347][ T5356] bridge_slave_1: entered promiscuous mode [ 48.464632][ T5349] team0: Port device team_slave_0 added [ 48.468763][ T5347] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 48.475379][ T5355] team0: Port device team_slave_1 added [ 48.496695][ T5356] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 48.502826][ T5349] team0: Port device team_slave_1 added [ 48.507524][ T5347] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 48.558829][ T5356] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 48.578876][ T5347] team0: Port device team_slave_0 added [ 48.582023][ T5355] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 48.584067][ T5355] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 48.593644][ T5355] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 48.628232][ T5347] team0: Port device team_slave_1 added [ 48.630895][ T5355] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 48.633864][ T5355] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 48.643042][ T5355] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 48.658329][ T5349] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 48.660849][ T5349] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 48.671835][ T5349] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 48.693742][ T5356] team0: Port device team_slave_0 added [ 48.696286][ T5349] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 48.698335][ T5349] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 48.705603][ T5349] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 48.728341][ T5356] team0: Port device team_slave_1 added [ 48.733406][ T5347] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 48.735910][ T5347] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 48.745382][ T5347] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 48.795076][ T5356] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 48.797615][ T5356] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 48.807446][ T5356] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 48.812432][ T5347] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 48.815088][ T5347] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 48.824228][ T5347] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 48.831564][ T5355] hsr_slave_0: entered promiscuous mode [ 48.835776][ T5355] hsr_slave_1: entered promiscuous mode [ 48.841842][ T5356] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 48.843727][ T5356] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 48.850679][ T5356] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 48.885011][ T5349] hsr_slave_0: entered promiscuous mode [ 48.887657][ T5349] hsr_slave_1: entered promiscuous mode [ 48.890294][ T5349] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 48.892936][ T5349] Cannot create hsr debugfs directory [ 49.033995][ T5356] hsr_slave_0: entered promiscuous mode [ 49.036924][ T5356] hsr_slave_1: entered promiscuous mode [ 49.039450][ T5356] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 49.042293][ T5356] Cannot create hsr debugfs directory [ 49.048401][ T5347] hsr_slave_0: entered promiscuous mode [ 49.051218][ T5347] hsr_slave_1: entered promiscuous mode [ 49.053807][ T5347] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 49.056489][ T5347] Cannot create hsr debugfs directory [ 49.289546][ T5355] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 49.298735][ T5355] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 49.308379][ T5355] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 49.313197][ T5355] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 49.350190][ T5347] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 49.357383][ T5347] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 49.362741][ T5347] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 49.371479][ T5347] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 49.403667][ T5356] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 49.408808][ T5356] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 49.413981][ T5356] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 49.418818][ T5356] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 49.457574][ T5349] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 49.463110][ T5349] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 49.468026][ T5349] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 49.471484][ T5349] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 49.483344][ T5355] 8021q: adding VLAN 0 to HW filter on device bond0 [ 49.514922][ T5355] 8021q: adding VLAN 0 to HW filter on device team0 [ 49.533720][ T45] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.535687][ T45] bridge0: port 1(bridge_slave_0) entered forwarding state [ 49.539495][ T45] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.541697][ T45] bridge0: port 2(bridge_slave_1) entered forwarding state [ 49.577632][ T5347] 8021q: adding VLAN 0 to HW filter on device bond0 [ 49.585256][ T5356] 8021q: adding VLAN 0 to HW filter on device bond0 [ 49.599446][ T5355] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 49.602992][ T5355] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 49.611950][ T5349] 8021q: adding VLAN 0 to HW filter on device bond0 [ 49.616062][ T5356] 8021q: adding VLAN 0 to HW filter on device team0 [ 49.619860][ T5347] 8021q: adding VLAN 0 to HW filter on device team0 [ 49.636401][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.638437][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 49.641043][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.643048][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 49.653351][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.655815][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 49.660594][ T5349] 8021q: adding VLAN 0 to HW filter on device team0 [ 49.676923][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.678998][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 49.684367][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.687028][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 49.697968][ T211] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.700413][ T211] bridge0: port 2(bridge_slave_1) entered forwarding state [ 49.714638][ T5356] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 49.718458][ T5356] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 49.769122][ T5355] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 49.789777][ T5355] veth0_vlan: entered promiscuous mode [ 49.792243][ T5350] Bluetooth: hci0: command tx timeout [ 49.792447][ T5354] Bluetooth: hci2: command tx timeout [ 49.794643][ T5366] Bluetooth: hci3: command tx timeout [ 49.794654][ T5364] Bluetooth: hci1: command tx timeout [ 49.801448][ T5355] veth1_vlan: entered promiscuous mode [ 49.815320][ T5355] veth0_macvtap: entered promiscuous mode [ 49.818481][ T5355] veth1_macvtap: entered promiscuous mode [ 49.828692][ T5347] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 49.833985][ T5355] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 49.840088][ T5355] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 49.849670][ T5355] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.852915][ T5355] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.855247][ T5355] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.857519][ T5355] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.864381][ T5349] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 49.877474][ T5356] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 49.898838][ T5347] veth0_vlan: entered promiscuous mode [ 49.918419][ T5347] veth1_vlan: entered promiscuous mode [ 49.918709][ T1199] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.923353][ T1199] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.937539][ T101] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.940069][ T101] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.941731][ T5349] veth0_vlan: entered promiscuous mode [ 49.949251][ T5356] veth0_vlan: entered promiscuous mode [ 49.960558][ T5349] veth1_vlan: entered promiscuous mode [ 49.963981][ T5347] veth0_macvtap: entered promiscuous mode [ 49.968200][ T5356] veth1_vlan: entered promiscuous mode [ 49.974627][ T5347] veth1_macvtap: entered promiscuous mode [ 49.981890][ T5355] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 49.982081][ T5347] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.989005][ T5347] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.992983][ T5347] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 49.997493][ T5347] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 50.000796][ T5347] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 50.004368][ T5347] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 50.012026][ T5347] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 50.014339][ T5347] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 50.016615][ T5347] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 50.019472][ T5347] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 50.023964][ T5349] veth0_macvtap: entered promiscuous mode [ 50.036135][ T5349] veth1_macvtap: entered promiscuous mode [ 50.057113][ T5356] veth0_macvtap: entered promiscuous mode [ 50.066952][ T5356] veth1_macvtap: entered promiscuous mode [ 50.076877][ T5349] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 50.080523][ T5349] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 50.084043][ T5349] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 50.087502][ T5349] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 50.092222][ T5349] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 50.096360][ T5349] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 50.099092][ T5349] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 50.101809][ T5349] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 50.104498][ T5349] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 50.108525][ T5349] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 50.121427][ T5349] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 50.123880][ T5349] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 50.126011][ T5349] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 50.128124][ T5349] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 50.133137][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 50.135465][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 50.148628][ T5356] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 50.151523][ T5356] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 50.155073][ T5356] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 50.158416][ T5356] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 50.161910][ T5356] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 50.165061][ T5356] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 50.169474][ T5356] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 50.179907][ T5356] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 50.182866][ T5356] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 50.185410][ T5356] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 50.188094][ T5356] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 50.190693][ T5356] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 50.194144][ T5356] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 50.198201][ T5356] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 50.212354][ T1199] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 50.214442][ T1199] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 50.219928][ T101] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 50.224614][ T101] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 50.239950][ T216] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 50.243872][ T216] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 50.248028][ T5356] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 50.250360][ T5356] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 50.255094][ T5356] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 50.257700][ T5356] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 50.325468][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 50.328380][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 50.332038][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 50.363002][ T216] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 50.365103][ T216] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 50.791874][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 50.810042][ T5437] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 50.823909][ T5437] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 50.933341][ T5437] netlink: 156 bytes leftover after parsing attributes in process `syz.2.5'. [ 50.938968][ T5437] netlink: 'syz.2.5': attribute type 2 has an invalid length. [ 50.946753][ T5437] netlink: 60 bytes leftover after parsing attributes in process `syz.2.5'. [ 51.872483][ T5366] Bluetooth: hci2: command tx timeout [ 51.873366][ T5354] Bluetooth: hci0: command tx timeout [ 51.873437][ T5364] Bluetooth: hci3: command tx timeout [ 51.881804][ T5354] Bluetooth: hci1: command tx timeout [ 52.021046][ T5447] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7'. [ 52.538533][ T0] NOHZ tick-stop error: local softirq work is pending, handler #48!!! [ 52.544293][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 52.911799][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 52.921800][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 52.949785][ T5459] netlink: 60 bytes leftover after parsing attributes in process `syz.0.10'. [ 53.026614][ T5459] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.029386][ T5459] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.109262][ T5459] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 53.117709][ T5459] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 53.219360][ T5459] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 53.222525][ T5459] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 53.225413][ T5459] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 53.228285][ T5459] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 53.363838][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 53.622198][ T5467] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0 [ 53.864974][ T39] audit: type=1326 audit(1727978642.371:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5466 comm="syz.2.13" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd1579 code=0x7fc00000 [ 53.952020][ T5354] Bluetooth: hci3: command 0x040f tx timeout [ 53.952041][ T5366] Bluetooth: hci1: command tx timeout [ 53.953671][ T5364] Bluetooth: hci0: command tx timeout [ 53.953692][ T5365] Bluetooth: hci2: command tx timeout [ 54.419718][ T39] audit: type=1326 audit(1727978642.921:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5466 comm="syz.2.13" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fd1579 code=0x7fc00000 [ 54.432050][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 54.434584][ T39] audit: type=1326 audit(1727978642.921:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5466 comm="syz.2.13" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd1579 code=0x7fc00000 [ 54.440557][ T39] audit: type=1326 audit(1727978642.921:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5466 comm="syz.2.13" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd1579 code=0x7fc00000 [ 54.468065][ T39] audit: type=1326 audit(1727978642.921:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5466 comm="syz.2.13" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd1579 code=0x7fc00000 [ 54.479400][ T39] audit: type=1326 audit(1727978642.921:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5466 comm="syz.2.13" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd1579 code=0x7fc00000 [ 54.492776][ T39] audit: type=1326 audit(1727978642.921:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5466 comm="syz.2.13" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd1579 code=0x7fc00000 [ 54.505528][ T39] audit: type=1326 audit(1727978642.921:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5466 comm="syz.2.13" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd1579 code=0x7fc00000 [ 54.513762][ T39] audit: type=1326 audit(1727978642.921:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5466 comm="syz.2.13" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd1579 code=0x7fc00000 [ 54.519202][ T39] audit: type=1326 audit(1727978642.921:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5466 comm="syz.2.13" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd1579 code=0x7fc00000 [ 54.544124][ T5480] netlink: 48 bytes leftover after parsing attributes in process `syz.2.15'. [ 54.677053][ T5482] netlink: 'syz.2.16': attribute type 29 has an invalid length. [ 54.971846][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 55.115013][ T5486] syz.3.17 uses obsolete (PF_INET,SOCK_PACKET) [ 55.241829][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 55.386184][ T5498] netlink: 8 bytes leftover after parsing attributes in process `syz.1.19'. [ 55.861872][ T5418] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 56.032278][ T5350] Bluetooth: hci2: command tx timeout [ 56.042180][ T5350] Bluetooth: hci3: command 0x040f tx timeout [ 56.042214][ T5366] Bluetooth: hci1: command tx timeout [ 56.044433][ T5350] Bluetooth: hci0: command tx timeout [ 56.049608][ T5418] usb 5-1: New USB device found, idVendor=05ac, idProduct=0290, bcdDevice=dc.1b [ 56.052370][ T5418] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 56.058967][ T5418] usb 5-1: config 0 descriptor?? [ 56.070230][ T5418] input: bcm5974 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input5 [ 56.298251][ T832] usb 5-1: USB disconnect, device number 2 [ 56.398396][ T5511] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0 [ 56.752827][ T5515] 9pnet_virtio: no channels available for device syz [ 56.802615][ T5517] netlink: 8 bytes leftover after parsing attributes in process `syz.3.26'. [ 56.808342][ T5517] netlink: 4 bytes leftover after parsing attributes in process `syz.3.26'. [ 56.810769][ T5517] netlink: 4 bytes leftover after parsing attributes in process `syz.3.26'. [ 56.959746][ T5524] netlink: 24 bytes leftover after parsing attributes in process `syz.0.27'. [ 56.969951][ T5524] nvme_fabrics: unknown parameter or missing value 'õ' in ctrl creation request [ 57.240561][ T5532] netlink: 52 bytes leftover after parsing attributes in process `syz.2.31'. [ 57.522904][ T5548] netlink: 'syz.2.36': attribute type 1 has an invalid length. [ 57.525969][ T5548] netlink: 9328 bytes leftover after parsing attributes in process `syz.2.36'. [ 57.530766][ T5548] netlink: 'syz.2.36': attribute type 1 has an invalid length. [ 57.530796][ T5538] netlink: 8 bytes leftover after parsing attributes in process `syz.0.32'. [ 57.868062][ T5562] warning: `syz.2.40' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 58.112242][ T5366] Bluetooth: hci3: command 0x040f tx timeout [ 58.530378][ T5540] syz.3.34 (5540): drop_caches: 1 [ 58.535649][ T5540] FAULT_INJECTION: forcing a failure. [ 58.535649][ T5540] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 58.540382][ T5540] CPU: 0 UID: 0 PID: 5540 Comm: syz.3.34 Not tainted 6.12.0-rc1-syzkaller-00046-g7ec462100ef9 #0 [ 58.544166][ T5540] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 58.548224][ T5540] Call Trace: [ 58.549563][ T5540] [ 58.550755][ T5540] dump_stack_lvl+0x16c/0x1f0 [ 58.552675][ T5540] should_fail_ex+0x497/0x5b0 [ 58.554320][ T5540] ? fs_reclaim_acquire+0xae/0x160 [ 58.555870][ T5540] should_fail_alloc_page+0xe7/0x130 [ 58.557248][ T5540] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 58.558854][ T5540] __alloc_pages_noprof+0x190/0x25c0 [ 58.560285][ T5540] ? hlock_class+0x4e/0x130 [ 58.561633][ T5540] ? __lock_acquire+0x163e/0x3ce0 [ 58.562930][ T5540] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 58.564397][ T5540] ? __pfx___lock_acquire+0x10/0x10 [ 58.565790][ T5540] ? lock_acquire.part.0+0x11b/0x380 [ 58.567263][ T5540] ? find_held_lock+0x2d/0x110 [ 58.569030][ T5540] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 58.570914][ T5540] ? policy_nodemask+0xea/0x4e0 [ 58.572623][ T5540] alloc_pages_mpol_noprof+0x2c9/0x610 [ 58.574269][ T5540] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 58.575829][ T5540] ? do_raw_spin_unlock+0x172/0x230 [ 58.577284][ T5540] ? _raw_spin_unlock+0x28/0x50 [ 58.578722][ T5540] ? swap_swapcount+0x13c/0x220 [ 58.580082][ T5540] ? __pfx_swap_swapcount+0x10/0x10 [ 58.581425][ T5540] folio_alloc_mpol_noprof+0x36/0xd0 [ 58.582866][ T5540] __read_swap_cache_async+0x50a/0x660 [ 58.584262][ T5540] ? __pfx___read_swap_cache_async+0x10/0x10 [ 58.585875][ T5540] ? swp_swap_info+0xcf/0x130 [ 58.587149][ T5540] ? __pfx_swp_swap_info+0x10/0x10 [ 58.588503][ T5540] swap_cluster_readahead+0x4a9/0x6e0 [ 58.589977][ T5540] ? __pfx_swap_cluster_readahead+0x10/0x10 [ 58.591591][ T5540] ? xas_load+0x49/0x5b0 [ 58.592686][ T5540] ? filemap_get_entry+0xd0/0x3c0 [ 58.594074][ T5540] ? filemap_get_entry+0x1b2/0x3c0 [ 58.595551][ T5540] ? __pfx_filemap_get_entry+0x10/0x10 [ 58.597362][ T5540] swapin_readahead+0x12e/0xd20 [ 58.598925][ T5540] ? __filemap_get_folio+0x2a5/0xaf0 [ 58.600609][ T5540] ? __pfx_swapin_readahead+0x10/0x10 [ 58.602068][ T5540] ? swap_cache_get_folio+0x1e0/0x460 [ 58.603453][ T5540] ? get_swap_device+0x245/0x5e0 [ 58.604907][ T5540] ? __pfx_swap_cache_get_folio+0x10/0x10 [ 58.606398][ T5540] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 58.606500][ T5574] netlink: 40 bytes leftover after parsing attributes in process `syz.1.45'. [ 58.607830][ T5540] ? rcu_is_watching+0x12/0xc0 [ 58.612743][ T5540] do_swap_page+0x61a/0x59b0 [ 58.614133][ T5540] ? __pte_offset_map+0x42/0x540 [ 58.615440][ T5540] ? __pte_offset_map+0x1b9/0x540 [ 58.616737][ T5540] ? pte_offset_map_nolock+0xfe/0x1c0 [ 58.618187][ T5540] ? __pfx_do_swap_page+0x10/0x10 [ 58.619537][ T5540] __handle_mm_fault+0x1023/0x2a10 [ 58.620895][ T5540] ? __pfx_mt_find+0x10/0x10 [ 58.622281][ T5540] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 58.623942][ T5540] ? __pfx___handle_mm_fault+0x10/0x10 [ 58.625532][ T5540] ? find_vma+0xc0/0x140 [ 58.626858][ T5540] ? __pfx_find_vma+0x10/0x10 [ 58.628253][ T5540] handle_mm_fault+0x3fa/0xaa0 [ 58.629990][ T5540] do_user_addr_fault+0x7a3/0x13f0 [ 58.631709][ T5540] exc_page_fault+0x5c/0xc0 [ 58.633102][ T5540] asm_exc_page_fault+0x26/0x30 [ 58.634560][ T5540] RIP: 0010:__put_user_4+0x11/0x20 [ 58.636061][ T5540] Code: 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 [ 58.641225][ T5540] RSP: 0018:ffffc9000631fe70 EFLAGS: 00050202 [ 58.643164][ T5540] RAX: 0000000000000041 RBX: 0000000000000000 RCX: 0000000020002080 [ 58.645154][ T5540] RDX: ffff888022abc880 RSI: ffffffff81ffa827 RDI: ffffffff8bb12020 [ 58.647140][ T5540] RBP: 0000000020002080 R08: 0000000000000000 R09: fffffbfff20398a9 [ 58.649198][ T5540] R10: ffffffff901cc54f R11: 0000000000000000 R12: 1ffff92000c63fd0 [ 58.651341][ T5540] R13: 0000000000000007 R14: 0000000000000007 R15: 0000000000000006 [ 58.653437][ T5540] ? __ia32_compat_sys_sendfile+0x177/0x230 [ 58.655180][ T5540] __ia32_compat_sys_sendfile+0x183/0x230 [ 58.656746][ T5540] ? __pfx___ia32_compat_sys_sendfile+0x10/0x10 [ 58.658477][ T5540] __do_fast_syscall_32+0x73/0x120 [ 58.659860][ T5540] do_fast_syscall_32+0x32/0x80 [ 58.661206][ T5540] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 58.662927][ T5540] RIP: 0023:0xf7f2f579 [ 58.664003][ T5540] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 58.669245][ T5540] RSP: 002b:00000000f56b656c EFLAGS: 00000296 ORIG_RAX: 00000000000000bb [ 58.671376][ T5540] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000000005 [ 58.673351][ T5540] RDX: 0000000020002080 RSI: 0000000000000007 RDI: 0000000000000000 [ 58.675745][ T5540] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 58.677768][ T5540] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 58.679770][ T5540] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 58.682000][ T5540] [ 58.713124][ T5579] netlink: 40 bytes leftover after parsing attributes in process `syz.3.47'. [ 58.769638][ T5584] FAULT_INJECTION: forcing a failure. [ 58.769638][ T5584] name failslab, interval 1, probability 0, space 0, times 1 [ 58.774171][ T5584] CPU: 1 UID: 0 PID: 5584 Comm: syz.3.47 Not tainted 6.12.0-rc1-syzkaller-00046-g7ec462100ef9 #0 [ 58.777774][ T5584] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 58.777831][ T5581] netlink: 168 bytes leftover after parsing attributes in process `syz.0.46'. [ 58.781669][ T5584] Call Trace: [ 58.781687][ T5584] [ 58.781697][ T5584] dump_stack_lvl+0x16c/0x1f0 [ 58.781728][ T5584] should_fail_ex+0x497/0x5b0 [ 58.789485][ T5584] should_failslab+0xc2/0x120 [ 58.791122][ T5584] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 58.792917][ T5584] ? dst_alloc+0x99/0x1a0 [ 58.794713][ T5584] dst_alloc+0x99/0x1a0 [ 58.796215][ T5584] ? fib_validate_source+0x13d/0x730 [ 58.798142][ T5584] rt_dst_alloc+0x35/0x3a0 [ 58.799718][ T5584] ip_route_input_slow+0x19bd/0x39a0 [ 58.801125][ T5584] ? __pfx_ip_route_input_slow+0x10/0x10 [ 58.802710][ T5584] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 58.804161][ T5584] ? lock_acquire+0x2f/0xb0 [ 58.805343][ T5584] ? ip_route_input_noref+0xb9/0x2e0 [ 58.806691][ T5584] ip_route_input_noref+0x124/0x2e0 [ 58.808098][ T5584] ? __pfx_ip_route_input_noref+0x10/0x10 [ 58.809708][ T5584] ? tcp_v4_early_demux+0xae/0xb50 [ 58.811107][ T5584] ip_rcv_finish_core.constprop.0+0x469/0x2280 [ 58.812773][ T5584] ip_rcv+0x1c0/0x5d0 [ 58.814024][ T5584] ? __pfx_ip_rcv+0x10/0x10 [ 58.815579][ T5584] __netif_receive_skb_one_core+0x199/0x1e0 [ 58.817640][ T5584] ? __pfx___netif_receive_skb_one_core+0x10/0x10 [ 58.819805][ T5584] ? trace_lock_acquire+0x14a/0x1d0 [ 58.821619][ T5584] ? netif_receive_skb+0x109/0x7b0 [ 58.823382][ T5584] __netif_receive_skb+0x1d/0x160 [ 58.825153][ T5584] netif_receive_skb+0x13f/0x7b0 [ 58.826974][ T5584] ? __pfx_netif_receive_skb+0x10/0x10 [ 58.828999][ T5584] ? __pfx___lock_acquire+0x10/0x10 [ 58.830904][ T5584] ? __pfx_tun_build_skb.constprop.0+0x10/0x10 [ 58.833062][ T5584] tun_rx_batched+0x429/0x780 [ 58.834705][ T5584] ? __pfx_tun_rx_batched+0x10/0x10 [ 58.836543][ T5584] ? lock_acquire+0x2f/0xb0 [ 58.838187][ T5584] ? tun_get_user+0x13ae/0x3d70 [ 58.839924][ T5584] tun_get_user+0x2a3c/0x3d70 [ 58.841675][ T5584] ? find_held_lock+0x2d/0x110 [ 58.843457][ T5584] ? __pfx_tun_get_user+0x10/0x10 [ 58.845250][ T5584] ? find_held_lock+0x2d/0x110 [ 58.846852][ T5584] ? __pfx_lock_release+0x10/0x10 [ 58.848577][ T5584] tun_chr_write_iter+0xdc/0x210 [ 58.850315][ T5584] vfs_write+0x6b5/0x1140 [ 58.851774][ T5584] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 58.853468][ T5584] ? trace_lock_acquire+0x14a/0x1d0 [ 58.855013][ T5584] ? __pfx_vfs_write+0x10/0x10 [ 58.856358][ T5584] ? __fget_files+0x40/0x3f0 [ 58.857725][ T5584] ksys_write+0x12f/0x260 [ 58.859016][ T5584] ? __pfx_ksys_write+0x10/0x10 [ 58.860390][ T5584] __do_fast_syscall_32+0x73/0x120 [ 58.861821][ T5584] do_fast_syscall_32+0x32/0x80 [ 58.863135][ T5584] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 58.864844][ T5584] RIP: 0023:0xf7f2f579 [ 58.865869][ T5584] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 58.870799][ T5584] RSP: 002b:00000000f5695530 EFLAGS: 00000293 ORIG_RAX: 0000000000000004 [ 58.873134][ T5584] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 00000000200000c0 [ 58.875744][ T5584] RDX: 0000000000000036 RSI: 00000000f73bbff4 RDI: 0000000000000000 [ 58.878430][ T5584] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 58.881061][ T5584] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 58.883594][ T5584] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 58.886262][ T5584] [ 59.028461][ T5591] Zero length message leads to an empty skb [ 59.703140][ T5616] FAULT_INJECTION: forcing a failure. [ 59.703140][ T5616] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 59.707290][ T5616] CPU: 0 UID: 0 PID: 5616 Comm: syz.2.59 Not tainted 6.12.0-rc1-syzkaller-00046-g7ec462100ef9 #0 [ 59.710593][ T5616] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 59.714054][ T5616] Call Trace: [ 59.715140][ T5616] [ 59.716376][ T5616] dump_stack_lvl+0x16c/0x1f0 [ 59.718043][ T5616] should_fail_ex+0x497/0x5b0 [ 59.719565][ T5616] _copy_to_user+0x30/0xc0 [ 59.720986][ T5616] generic_map_lookup_batch+0x69a/0xb90 [ 59.722806][ T5616] ? __pfx_generic_map_lookup_batch+0x10/0x10 [ 59.724719][ T5616] ? __pfx_generic_map_lookup_batch+0x10/0x10 [ 59.726677][ T5616] bpf_map_do_batch+0x483/0x640 [ 59.728264][ T5616] __sys_bpf+0x4bb7/0x5780 [ 59.729722][ T5616] ? ksys_write+0x21e/0x260 [ 59.731216][ T5616] ? __pfx___sys_bpf+0x10/0x10 [ 59.732740][ T5616] ? vfs_write+0x14d/0x1140 [ 59.734348][ T5616] ? __mutex_unlock_slowpath+0x164/0x650 [ 59.736244][ T5616] ? fput+0x30/0x390 [ 59.737505][ T5616] ? ksys_write+0x1ad/0x260 [ 59.739372][ T5616] ? __pfx_ksys_write+0x10/0x10 [ 59.740949][ T5616] __ia32_sys_bpf+0x76/0xe0 [ 59.742455][ T5616] __do_fast_syscall_32+0x73/0x120 [ 59.744094][ T5616] do_fast_syscall_32+0x32/0x80 [ 59.745677][ T5616] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 59.747760][ T5616] RIP: 0023:0xf7fd1579 [ 59.749237][ T5616] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 59.755154][ T5616] RSP: 002b:00000000f575656c EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 59.757483][ T5616] RAX: ffffffffffffffda RBX: 0000000000000018 RCX: 00000000200003c0 [ 59.759441][ T5616] RDX: 0000000000000038 RSI: 0000000000000000 RDI: 0000000000000000 [ 59.761394][ T5616] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 59.763785][ T5616] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 59.765918][ T5616] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 59.768018][ T5616] [ 60.006016][ T39] kauditd_printk_skb: 5 callbacks suppressed [ 60.006026][ T39] audit: type=1326 audit(1727978648.511:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5595 comm="syz.0.53" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x7fc00000 [ 60.066538][ T5639] FAULT_INJECTION: forcing a failure. [ 60.066538][ T5639] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 60.073419][ T5640] process 'syz.3.68' launched './file2' with NULL argv: empty string added [ 60.080309][ T5639] CPU: 1 UID: 0 PID: 5639 Comm: syz.1.69 Not tainted 6.12.0-rc1-syzkaller-00046-g7ec462100ef9 #0 [ 60.083425][ T5639] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 60.086750][ T5639] Call Trace: [ 60.087737][ T5639] [ 60.088549][ T5639] dump_stack_lvl+0x16c/0x1f0 [ 60.090155][ T5639] should_fail_ex+0x497/0x5b0 [ 60.091833][ T5639] _copy_to_user+0x30/0xc0 [ 60.092973][ T5639] msr_read+0x14f/0x250 [ 60.094561][ T5639] ? __pfx_msr_read+0x10/0x10 [ 60.095963][ T5639] ? bpf_lsm_file_permission+0x9/0x10 [ 60.097405][ T5639] ? security_file_permission+0x71/0x210 [ 60.098916][ T5639] ? __pfx_msr_read+0x10/0x10 [ 60.100153][ T5639] vfs_read+0x1ce/0xbd0 [ 60.101315][ T5639] ? __fget_files+0x23a/0x3f0 [ 60.102794][ T5639] ? __pfx_lock_release+0x10/0x10 [ 60.104620][ T5639] ? trace_lock_acquire+0x14a/0x1d0 [ 60.106088][ T5639] ? __pfx_vfs_read+0x10/0x10 [ 60.107357][ T5639] ? lock_acquire+0x2f/0xb0 [ 60.108523][ T5639] ? __fget_files+0x40/0x3f0 [ 60.109761][ T5639] ? __fget_files+0x244/0x3f0 [ 60.111290][ T5639] ksys_read+0x12f/0x260 [ 60.112474][ T5639] ? __pfx_ksys_read+0x10/0x10 [ 60.113708][ T5639] __do_fast_syscall_32+0x73/0x120 [ 60.115413][ T5639] do_fast_syscall_32+0x32/0x80 [ 60.117121][ T5639] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 60.119329][ T5639] RIP: 0023:0xf742e579 [ 60.120749][ T5639] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 60.127366][ T5639] RSP: 002b:00000000f571656c EFLAGS: 00000296 ORIG_RAX: 0000000000000003 [ 60.130404][ T5639] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020019680 [ 60.132470][ T5639] RDX: 0000000000018ff8 RSI: 0000000000000000 RDI: 0000000000000000 [ 60.134482][ T5639] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 60.136448][ T5639] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 60.138473][ T5639] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 60.140569][ T5639] [ 60.202264][ T5350] Bluetooth: hci3: command 0x040f tx timeout [ 60.444474][ T5648] mmap: syz.0.72 (5648) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 60.453597][ T5648] capability: warning: `syz.0.72' uses deprecated v2 capabilities in a way that may be insecure [ 60.665172][ T5648] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 60.867985][ T5671] FAULT_INJECTION: forcing a failure. [ 60.867985][ T5671] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 60.872906][ T5671] CPU: 3 UID: 0 PID: 5671 Comm: syz.2.81 Not tainted 6.12.0-rc1-syzkaller-00046-g7ec462100ef9 #0 [ 60.876590][ T5671] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 60.879699][ T5671] Call Trace: [ 60.880682][ T5671] [ 60.881560][ T5671] dump_stack_lvl+0x16c/0x1f0 [ 60.883010][ T5671] should_fail_ex+0x497/0x5b0 [ 60.884419][ T5671] _copy_from_iter+0x29b/0x13e0 [ 60.885877][ T5671] ? __pfx__copy_from_iter+0x10/0x10 [ 60.887365][ T5671] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 60.889053][ T5671] ? tun_build_skb.constprop.0+0x1b8/0x1120 [ 60.890705][ T5671] ? __pfx_lock_release+0x10/0x10 [ 60.892083][ T5671] ? trace_lock_acquire+0x14a/0x1d0 [ 60.893508][ T5671] copy_page_from_iter+0xa5/0x120 [ 60.895300][ T5671] tun_build_skb.constprop.0+0x294/0x1120 [ 60.897741][ T5671] ? __pfx_tun_build_skb.constprop.0+0x10/0x10 [ 60.899435][ T5671] ? __pfx___lock_acquire+0x10/0x10 [ 60.900884][ T5671] ? __pfx___lock_acquire+0x10/0x10 [ 60.902316][ T5671] ? __pfx___lock_acquire+0x10/0x10 [ 60.903738][ T5671] ? __lock_acquire+0xbdd/0x3ce0 [ 60.905204][ T5671] tun_get_user+0x872/0x3d70 [ 60.906577][ T5671] ? find_held_lock+0x2d/0x110 [ 60.907962][ T5671] ? __pfx_tun_get_user+0x10/0x10 [ 60.909399][ T5671] ? find_held_lock+0x2d/0x110 [ 60.910706][ T5671] ? __pfx_lock_release+0x10/0x10 [ 60.912116][ T5671] tun_chr_write_iter+0xdc/0x210 [ 60.913466][ T5671] vfs_write+0x6b5/0x1140 [ 60.914942][ T5671] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 60.916910][ T5671] ? trace_lock_acquire+0x14a/0x1d0 [ 60.918375][ T5671] ? __pfx_vfs_write+0x10/0x10 [ 60.919702][ T5671] ? __fget_files+0x40/0x3f0 [ 60.920990][ T5671] ksys_write+0x12f/0x260 [ 60.922191][ T5671] ? __pfx_ksys_write+0x10/0x10 [ 60.923566][ T5671] __do_fast_syscall_32+0x73/0x120 [ 60.924984][ T5671] do_fast_syscall_32+0x32/0x80 [ 60.926339][ T5671] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 60.928118][ T5671] RIP: 0023:0xf7fd1579 [ 60.929276][ T5671] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 60.934709][ T5671] RSP: 002b:00000000f5756530 EFLAGS: 00000293 ORIG_RAX: 0000000000000004 [ 60.937471][ T5671] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000020000080 [ 60.939551][ T5671] RDX: 0000000000000036 RSI: 00000000f745bff4 RDI: 0000000000000000 [ 60.941606][ T5671] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 60.943554][ T5671] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 60.945623][ T5671] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 60.947707][ T5671] [ 62.797741][ T5710] __nla_validate_parse: 3 callbacks suppressed [ 62.797756][ T5710] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.91'. [ 62.803532][ T5710] openvswitch: netlink: Tunnel attr 0 has unexpected len 1 expected 8 [ 62.811284][ T5710] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.91'. [ 62.815324][ T5710] openvswitch: netlink: Tunnel attr 0 has unexpected len 1 expected 8 [ 64.326604][ T5739] FAULT_INJECTION: forcing a failure. [ 64.326604][ T5739] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 64.330753][ T5739] CPU: 2 UID: 0 PID: 5739 Comm: syz.0.101 Not tainted 6.12.0-rc1-syzkaller-00046-g7ec462100ef9 #0 [ 64.333374][ T5739] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 64.337034][ T5739] Call Trace: [ 64.338143][ T5739] [ 64.339082][ T5739] dump_stack_lvl+0x16c/0x1f0 [ 64.340568][ T5739] should_fail_ex+0x497/0x5b0 [ 64.342062][ T5739] _copy_to_user+0x30/0xc0 [ 64.343466][ T5739] simple_read_from_buffer+0xd0/0x160 [ 64.345040][ T5739] proc_fail_nth_read+0x198/0x270 [ 64.346255][ T5739] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 64.347599][ T5739] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 64.348979][ T5739] vfs_read+0x1ce/0xbd0 [ 64.350046][ T5739] ? __fget_files+0x23a/0x3f0 [ 64.351241][ T5739] ? fdget_pos+0x24c/0x360 [ 64.352403][ T5739] ? __pfx_lock_release+0x10/0x10 [ 64.353740][ T5739] ? trace_lock_acquire+0x14a/0x1d0 [ 64.355120][ T5739] ? __pfx_vfs_read+0x10/0x10 [ 64.356306][ T5739] ? __pfx___mutex_lock+0x10/0x10 [ 64.357530][ T5739] ? __fget_files+0x244/0x3f0 [ 64.358701][ T5739] ksys_read+0x12f/0x260 [ 64.359734][ T5739] ? __pfx_ksys_read+0x10/0x10 [ 64.360897][ T5739] __do_fast_syscall_32+0x73/0x120 [ 64.362137][ T5739] do_fast_syscall_32+0x32/0x80 [ 64.363311][ T5739] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 64.364821][ T5739] RIP: 0023:0xf743e579 [ 64.365852][ T5739] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 64.370755][ T5739] RSP: 002b:00000000f57265a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 64.372742][ T5739] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000f5726620 [ 64.374620][ T5739] RDX: 000000000000000f RSI: 00000000f742bff4 RDI: 0000000000000000 [ 64.376497][ T5739] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 64.378389][ T5739] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 64.380283][ T5739] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 64.382188][ T5739] [ 64.383030][ C2] vkms_vblank_simulate: vblank timer overrun [ 65.494104][ T5767] vivid-000: ================= START STATUS ================= [ 65.496420][ T5767] vivid-000: Test Pattern: 75% Colorbar [ 65.497994][ T5767] vivid-000: Fill Percentage of Frame: 100 [ 65.510174][ T5767] vivid-000: Horizontal Movement: No Movement [ 65.512421][ T5767] vivid-000: Vertical Movement: No Movement [ 65.514132][ T5767] vivid-000: OSD Text Mode: All [ 65.515588][ T5767] vivid-000: Show Border: false [ 65.517136][ T5767] vivid-000: Show Square: false [ 65.518555][ T5767] vivid-000: Sensor Flipped Horizontally: false [ 65.520319][ T5767] vivid-000: Sensor Flipped Vertically: false [ 65.522513][ T5767] vivid-000: Insert SAV Code in Image: false [ 65.524108][ T5767] vivid-000: Insert EAV Code in Image: false [ 65.525816][ T5767] vivid-000: Insert Video Guard Band: false [ 65.527802][ T5767] vivid-000: Reduced Framerate: false [ 65.529351][ T5767] vivid-000: HDMI 000-0 Is Connected To: Test Pattern Generator [ 65.531538][ T5767] vivid-000: S-Video 000-0 Is Connected To: Test Pattern Generator [ 65.534552][ T5767] vivid-000: Enable Capture Cropping: true grabbed [ 65.536400][ T5767] vivid-000: Enable Capture Composing: true grabbed [ 65.538372][ T5767] vivid-000: Enable Capture Scaler: true grabbed [ 65.540366][ T5767] vivid-000: Timestamp Source: End of Frame [ 65.542915][ T5767] vivid-000: Colorspace: sRGB [ 65.544402][ T5767] vivid-000: Transfer Function: Default [ 65.546306][ T5767] vivid-000: Y'CbCr Encoding: Default [ 65.549157][ T5767] vivid-000: HSV Encoding: Hue 0-179 [ 65.550752][ T5767] vivid-000: Quantization: Default [ 65.552713][ T5767] vivid-000: Apply Alpha To Red Only: false [ 65.554430][ T5767] vivid-000: Standard Aspect Ratio: 4x3 [ 65.556299][ T5767] vivid-000: DV Timings Signal Mode: Current DV Timings inactive [ 65.559037][ T5767] vivid-000: DV Timings: 640x480p59 inactive [ 65.562708][ T5767] vivid-000: DV Timings Aspect Ratio: Source Width x Height [ 65.565218][ T5767] vivid-000: Maximum EDID Blocks: 2 [ 65.567019][ T5767] vivid-000: Limited RGB Range (16-235): false [ 65.568907][ T5767] vivid-000: Rx RGB Quantization Range: Automatic [ 65.570678][ T5767] vivid-000: Power Present: 0x00000001 [ 65.572598][ T5767] tpg source WxH: 640x360 (Y'CbCr) [ 65.574068][ T5767] tpg field: 1 [ 65.574973][ T5767] tpg crop: 640x360@0x0 [ 65.576110][ T5767] tpg compose: 640x360@0x0 [ 65.577285][ T5767] tpg colorspace: 8 [ 65.578339][ T5767] tpg transfer function: 0/2 [ 65.579612][ T5767] tpg Y'CbCr encoding: 0/1 [ 65.580931][ T5767] tpg quantization: 0/2 [ 65.583232][ T5767] tpg RGB range: 0/2 [ 65.584820][ T5767] vivid-000: ================== END STATUS ================== [ 65.621394][ T5763] binder: 5762:5763 ioctl c018620c 20000140 returned -22 [ 68.621490][ T5811] overlayfs: unescaped trailing colons in lowerdir mount option. [ 68.701681][ T5812] trusted_key: syz.3.127 sent an empty control message without MSG_MORE. [ 69.466568][ T5829] netlink: 105120 bytes leftover after parsing attributes in process `syz.1.133'. [ 70.459017][ T39] audit: type=1326 audit(1727978658.961:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5842 comm="syz.0.138" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x7fc00000 [ 70.560473][ T5855] kvm: vcpu 2046: requested lapic timer restore with starting count register 0x390=2927474123 (5854948246 ns) > initial count (1287066782 ns). Using initial count to start timer. [ 70.920294][ T1376] ieee802154 phy0 wpan0: encryption failed: -22 [ 70.926725][ T1376] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.183093][ T5874] netlink: 16 bytes leftover after parsing attributes in process `syz.0.147'. [ 71.765812][ T39] audit: type=1326 audit(1727978660.201:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5879 comm="syz.0.149" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x7fc00000 [ 72.090085][ T5894] ======================================================= [ 72.090085][ T5894] WARNING: The mand mount option has been deprecated and [ 72.090085][ T5894] and is ignored by this kernel. Remove the mand [ 72.090085][ T5894] option from the mount to silence this warning. [ 72.090085][ T5894] ======================================================= [ 72.272892][ T39] audit: type=1326 audit(1727978660.781:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5879 comm="syz.0.149" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf743e579 code=0x7fc00000 [ 72.338571][ T5910] FAULT_INJECTION: forcing a failure. [ 72.338571][ T5910] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 72.343807][ T5910] CPU: 3 UID: 0 PID: 5910 Comm: syz.0.160 Not tainted 6.12.0-rc1-syzkaller-00046-g7ec462100ef9 #0 [ 72.346583][ T5910] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 72.350006][ T5910] Call Trace: [ 72.351157][ T5910] [ 72.352174][ T5910] dump_stack_lvl+0x16c/0x1f0 [ 72.353902][ T5910] should_fail_ex+0x497/0x5b0 [ 72.355587][ T5910] _copy_to_user+0x30/0xc0 [ 72.357339][ T5910] __copy_siginfo_to_user32+0x97/0xf0 [ 72.359174][ T5910] ? __pfx___copy_siginfo_to_user32+0x10/0x10 [ 72.361273][ T5910] ? _raw_spin_unlock_irq+0x23/0x50 [ 72.363065][ T5910] ? siginfo_layout+0x177/0x290 [ 72.364727][ T5910] ia32_setup_rt_frame+0x6c3/0xb20 [ 72.366486][ T5910] ? __pfx_ia32_setup_rt_frame+0x10/0x10 [ 72.368381][ T5910] ? mntput_no_expire+0x158/0xaf0 [ 72.370126][ T5910] ? do_raw_spin_lock+0x12d/0x2c0 [ 72.371859][ T5910] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 72.373948][ T5910] arch_do_signal_or_restart+0x47b/0x7e0 [ 72.375902][ T5910] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 72.378067][ T5910] ? __pfx___ia32_compat_sys_truncate+0x10/0x10 [ 72.379933][ T5910] syscall_exit_to_user_mode+0x150/0x2a0 [ 72.381433][ T5910] do_int80_emulation+0x111/0x200 [ 72.383155][ T5910] asm_int80_emulation+0x1a/0x20 [ 72.384601][ T5910] RIP: 0023:0xf743e577 [ 72.385746][ T5910] Code: 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 80 5d 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 [ 72.391831][ T5910] RSP: 002b:00000000f572656c EFLAGS: 00000296 ORIG_RAX: 000000000000005c [ 72.394215][ T5910] RAX: 000000000000005c RBX: 0000000020000000 RCX: 0000000000000000 [ 72.396756][ T5910] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 72.399830][ T5910] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 72.402804][ T5910] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 72.405124][ T5910] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 72.407434][ T5910] [ 72.455787][ T5913] FAULT_INJECTION: forcing a failure. [ 72.455787][ T5913] name failslab, interval 1, probability 0, space 0, times 0 [ 72.461825][ T5913] CPU: 2 UID: 0 PID: 5913 Comm: syz.0.161 Not tainted 6.12.0-rc1-syzkaller-00046-g7ec462100ef9 #0 [ 72.465333][ T5913] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 72.468892][ T5913] Call Trace: [ 72.470031][ T5913] [ 72.470960][ T5913] dump_stack_lvl+0x16c/0x1f0 [ 72.472459][ T5913] should_fail_ex+0x497/0x5b0 [ 72.474024][ T5913] ? fs_reclaim_acquire+0xae/0x160 [ 72.475769][ T5913] should_failslab+0xc2/0x120 [ 72.477454][ T5913] __kmalloc_cache_node_noprof+0x6e/0x360 [ 72.479499][ T5913] ? __get_vm_area_node+0xe1/0x2d0 [ 72.481399][ T5913] __get_vm_area_node+0xe1/0x2d0 [ 72.483020][ T5913] ? stack_trace_save+0x95/0xd0 [ 72.484689][ T5913] __vmalloc_node_range_noprof+0x26a/0x15a0 [ 72.487052][ T5913] ? bpf_prog_alloc_no_stats+0x54/0x5e0 [ 72.489113][ T5913] ? kasan_save_stack+0x33/0x60 [ 72.490925][ T5913] ? __kasan_kmalloc+0xaa/0xb0 [ 72.492746][ T5913] ? __do_fast_syscall_32+0x73/0x120 [ 72.494808][ T5913] ? do_fast_syscall_32+0x32/0x80 [ 72.496282][ T5913] ? bpf_prog_alloc_no_stats+0x54/0x5e0 [ 72.497787][ T5913] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 72.499521][ T5913] ? bpf_prog_alloc_no_stats+0x54/0x5e0 [ 72.501057][ T5913] __vmalloc_noprof+0x6d/0x90 [ 72.502355][ T5913] ? bpf_prog_alloc_no_stats+0x54/0x5e0 [ 72.503869][ T5913] bpf_prog_alloc_no_stats+0x54/0x5e0 [ 72.505415][ T5913] bpf_prog_alloc+0x3b/0x230 [ 72.506629][ T5913] bpf_prog_create_from_user+0xb4/0x2d0 [ 72.508065][ T5913] ? __pfx_seccomp_check_filter+0x10/0x10 [ 72.509612][ T5913] do_seccomp+0x7b6/0x2640 [ 72.510793][ T5913] ? __fget_files+0x244/0x3f0 [ 72.512031][ T5913] ? __pfx_do_seccomp+0x10/0x10 [ 72.513321][ T5913] ? native_tss_update_io_bitmap+0x2ec/0x610 [ 72.514961][ T5913] ? __pfx_native_tss_update_io_bitmap+0x10/0x10 [ 72.516611][ T5913] ? ksys_write+0x1ad/0x260 [ 72.517817][ T5913] ? __pfx_ksys_write+0x10/0x10 [ 72.519102][ T5913] __do_fast_syscall_32+0x73/0x120 [ 72.520443][ T5913] do_fast_syscall_32+0x32/0x80 [ 72.521744][ T5913] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 72.523387][ T5913] RIP: 0023:0xf743e579 [ 72.524484][ T5913] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 72.530082][ T5913] RSP: 002b:00000000f572656c EFLAGS: 00000296 ORIG_RAX: 0000000000000162 [ 72.532933][ T5913] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 000000000000000c [ 72.535768][ T5913] RDX: 0000000020000040 RSI: 0000000000000000 RDI: 0000000000000000 [ 72.538655][ T5913] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 72.541549][ T5913] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 72.544415][ T5913] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 72.547204][ T5913] [ 72.553054][ T5913] syz.0.161: vmalloc error: size 4096, vm_struct allocation failed, mode:0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 72.559437][ T5913] CPU: 2 UID: 0 PID: 5913 Comm: syz.0.161 Not tainted 6.12.0-rc1-syzkaller-00046-g7ec462100ef9 #0 [ 72.563179][ T5913] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 72.566834][ T5913] Call Trace: [ 72.567998][ T5913] [ 72.569029][ T5913] dump_stack_lvl+0x16c/0x1f0 [ 72.570667][ T5913] warn_alloc+0x24d/0x3a0 [ 72.572204][ T5913] ? __pfx_warn_alloc+0x10/0x10 [ 72.573988][ T5913] ? __kasan_kmalloc+0x8a/0xb0 [ 72.575725][ T5913] ? __get_vm_area_node+0x1bc/0x2d0 [ 72.577743][ T5913] __vmalloc_node_range_noprof+0xd27/0x15a0 [ 72.580012][ T5913] ? kasan_save_stack+0x33/0x60 [ 72.581763][ T5913] ? __kasan_kmalloc+0xaa/0xb0 [ 72.583388][ T5913] ? __do_fast_syscall_32+0x73/0x120 [ 72.585186][ T5913] ? do_fast_syscall_32+0x32/0x80 [ 72.586801][ T5913] ? bpf_prog_alloc_no_stats+0x54/0x5e0 [ 72.588587][ T5913] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 72.590766][ T5913] ? bpf_prog_alloc_no_stats+0x54/0x5e0 [ 72.592657][ T5913] __vmalloc_noprof+0x6d/0x90 [ 72.594404][ T5913] ? bpf_prog_alloc_no_stats+0x54/0x5e0 [ 72.596353][ T5913] bpf_prog_alloc_no_stats+0x54/0x5e0 [ 72.598197][ T5913] bpf_prog_alloc+0x3b/0x230 [ 72.599878][ T5913] bpf_prog_create_from_user+0xb4/0x2d0 [ 72.601979][ T5913] ? __pfx_seccomp_check_filter+0x10/0x10 [ 72.604053][ T5913] do_seccomp+0x7b6/0x2640 [ 72.605716][ T5913] ? __fget_files+0x244/0x3f0 [ 72.607462][ T5913] ? __pfx_do_seccomp+0x10/0x10 [ 72.609301][ T5913] ? native_tss_update_io_bitmap+0x2ec/0x610 [ 72.611515][ T5913] ? __pfx_native_tss_update_io_bitmap+0x10/0x10 [ 72.613997][ T5913] ? ksys_write+0x1ad/0x260 [ 72.615813][ T5913] ? __pfx_ksys_write+0x10/0x10 [ 72.617773][ T5913] __do_fast_syscall_32+0x73/0x120 [ 72.619771][ T5913] do_fast_syscall_32+0x32/0x80 [ 72.621619][ T5913] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 72.623906][ T5913] RIP: 0023:0xf743e579 [ 72.625395][ T5913] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 72.632398][ T5913] RSP: 002b:00000000f572656c EFLAGS: 00000296 ORIG_RAX: 0000000000000162 [ 72.635646][ T5913] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 000000000000000c [ 72.638769][ T5913] RDX: 0000000020000040 RSI: 0000000000000000 RDI: 0000000000000000 [ 72.641703][ T5913] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 72.644601][ T5913] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 72.647476][ T5913] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 72.650474][ T5913] [ 72.653453][ T5913] Mem-Info: [ 72.654834][ T5913] active_anon:6111 inactive_anon:26 isolated_anon:0 [ 72.654834][ T5913] active_file:9812 inactive_file:1711 isolated_file:0 [ 72.654834][ T5913] unevictable:768 dirty:368 writeback:0 [ 72.654834][ T5913] slab_reclaimable:4975 slab_unreclaimable:50354 [ 72.654834][ T5913] mapped:16968 shmem:812 pagetables:676 [ 72.654834][ T5913] sec_pagetables:312 bounce:0 [ 72.654834][ T5913] kernel_misc_reclaimable:0 [ 72.654834][ T5913] free:122730 free_pcp:2163 free_cma:0 [ 72.671456][ T5913] Node 0 active_anon:588kB inactive_anon:104kB active_file:20kB inactive_file:2032kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:6100kB dirty:180kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9728kB pagetables:1424kB sec_pagetables:1228kB all_unreclaimable? no [ 72.683709][ T5913] Node 1 active_anon:23856kB inactive_anon:0kB active_file:39228kB inactive_file:4812kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:61772kB dirty:1292kB writeback:0kB shmem:1712kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:1560kB pagetables:1280kB sec_pagetables:20kB all_unreclaimable? no [ 72.695621][ T5913] Node 0 DMA free:932kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:12kB inactive_file:8kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:252kB local_pcp:4kB free_cma:0kB [ 72.704417][ T5913] lowmem_reserve[]: 0 273 0 0 0 [ 72.706484][ T5913] Node 0 DMA32 free:21168kB boost:0kB min:13904kB low:17380kB high:20856kB reserved_highatomic:4096KB active_anon:588kB inactive_anon:104kB active_file:8kB inactive_file:2024kB unevictable:1536kB writepending:180kB present:1032196kB managed:306288kB mlocked:0kB bounce:0kB free_pcp:892kB local_pcp:108kB free_cma:0kB [ 72.717441][ T5913] lowmem_reserve[]: 0 0 0 0 0 [ 72.719358][ T5913] Node 1 DMA32 free:468848kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB active_anon:23856kB inactive_anon:0kB active_file:39228kB inactive_file:4812kB unevictable:1536kB writepending:1292kB present:1048432kB managed:948252kB mlocked:0kB bounce:0kB free_pcp:7700kB local_pcp:492kB free_cma:0kB [ 72.730355][ T5913] lowmem_reserve[]: 0 0 0 0 0 [ 72.732256][ T5913] Node 0 DMA: 1*4kB (U) 8*8kB (U) 8*16kB (U) 23*32kB (U) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 932kB [ 72.737004][ T5913] Node 0 DMA32: 23*4kB (UMEH) 39*8kB (UMEH) 152*16kB (UMEH) 119*32kB (UMEH) 77*64kB (UMEH) 49*128kB (UMEH) 11*256kB (UMH) 1*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 21172kB [ 72.744218][ T5913] Node 1 DMA32: 1*4kB (E) 12*8kB (UME) 17*16kB (UME) 80*32kB (UME) 185*64kB (UME) 28*128kB (UME) 16*256kB (UME) 21*512kB (ME) 19*1024kB (UME) 13*2048kB (UME) 95*4096kB (M) = 468404kB [ 72.750643][ T5913] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 72.754150][ T5913] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 72.757727][ T5913] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 72.762977][ T5913] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 72.766760][ T5913] 13128 total pagecache pages [ 72.768499][ T5913] 793 pages in swap cache [ 72.770153][ T5913] Free swap = 107720kB [ 72.772329][ T5913] Total swap = 124996kB [ 72.774129][ T5913] 524155 pages RAM [ 72.775745][ T5913] 0 pages HighMem/MovableOnly [ 72.777610][ T5913] 206680 pages reserved [ 72.779252][ T5913] 0 pages cma reserved [ 73.221378][ T5928] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 73.962686][ T5943] netlink: 8 bytes leftover after parsing attributes in process `syz.3.171'. [ 74.085616][ T5949] tipc: Started in network mode [ 74.087235][ T5949] tipc: Node identity ac1414aa, cluster identity 4711 [ 74.091075][ T5949] tipc: Enabled bearer , priority 10 [ 74.162065][ T39] audit: type=1326 audit(1727978662.671:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5954 comm="syz.0.177" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x0 [ 74.430815][ T5965] dvmrp8: entered allmulticast mode [ 75.103300][ T833] tipc: Node number set to 2886997162 [ 76.051943][ T64] cfg80211: failed to load regulatory.db [ 76.222448][ T6051] xt_CT: You must specify a L4 protocol and not use inversions on it [ 76.242332][ T39] audit: type=1326 audit(1727978664.751:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6055 comm="syz.0.211" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x0 [ 79.827066][ T6151] Bluetooth: MGMT ver 1.23 [ 80.648911][ T5350] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201' [ 80.653317][ T5350] CPU: 0 UID: 0 PID: 5350 Comm: kworker/u33:2 Not tainted 6.12.0-rc1-syzkaller-00046-g7ec462100ef9 #0 [ 80.657292][ T5350] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 80.661319][ T5350] Workqueue: hci3 hci_rx_work [ 80.663075][ T5350] Call Trace: [ 80.664280][ T5350] [ 80.665377][ T5350] dump_stack_lvl+0x16c/0x1f0 [ 80.667299][ T5350] sysfs_warn_dup+0x7f/0xa0 [ 80.669235][ T5350] sysfs_create_dir_ns+0x24d/0x2b0 [ 80.671295][ T5350] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 80.673412][ T5350] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 80.675428][ T5350] ? kobject_add_internal+0x12d/0x990 [ 80.677466][ T5350] ? do_raw_spin_unlock+0x172/0x230 [ 80.679431][ T5350] kobject_add_internal+0x2c8/0x990 [ 80.681415][ T5350] kobject_add+0x16f/0x240 [ 80.683103][ T5350] ? __pfx_kobject_add+0x10/0x10 [ 80.684963][ T5350] ? class_to_subsys+0x3e/0x160 [ 80.686987][ T5350] ? do_raw_spin_unlock+0x172/0x230 [ 80.689304][ T5350] ? kobject_put+0xab/0x5a0 [ 80.691319][ T5350] device_add+0x289/0x1a70 [ 80.693170][ T5350] ? __pfx_dev_set_name+0x10/0x10 [ 80.695076][ T5350] ? __pfx_device_add+0x10/0x10 [ 80.696861][ T5350] ? mgmt_send_event_skb+0x2f2/0x460 [ 80.698876][ T5350] hci_conn_add_sysfs+0x17e/0x230 [ 80.700738][ T5350] le_conn_complete_evt+0xfc7/0x1cf0 [ 80.702792][ T5350] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 80.704837][ T5350] ? trace_contention_end+0xea/0x140 [ 80.706858][ T5350] hci_le_enh_conn_complete_evt+0x23d/0x380 [ 80.709106][ T5350] ? skb_pull_data+0x166/0x210 [ 80.710868][ T5350] hci_le_meta_evt+0x2e2/0x5d0 [ 80.712679][ T5350] ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10 [ 80.715131][ T5350] hci_event_packet+0x666/0x1190 [ 80.717053][ T5350] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 80.719023][ T5350] ? __pfx_hci_event_packet+0x10/0x10 [ 80.721049][ T5350] ? mark_held_locks+0x9f/0xe0 [ 80.722829][ T5350] ? kcov_remote_start+0x3cf/0x6e0 [ 80.724809][ T5350] ? lockdep_hardirqs_on+0x7c/0x110 [ 80.726714][ T5350] hci_rx_work+0x2c6/0x1610 [ 80.728522][ T5350] ? lock_acquire+0x2f/0xb0 [ 80.730343][ T5350] ? process_one_work+0x8bb/0x1b30 [ 80.732298][ T5350] process_one_work+0x958/0x1b30 [ 80.734216][ T5350] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 80.736264][ T5350] ? __pfx_process_one_work+0x10/0x10 [ 80.738275][ T5350] ? assign_work+0x1a0/0x250 [ 80.740091][ T5350] worker_thread+0x6c8/0xf00 [ 80.741871][ T5350] ? __pfx_worker_thread+0x10/0x10 [ 80.743745][ T5350] kthread+0x2c1/0x3a0 [ 80.745304][ T5350] ? _raw_spin_unlock_irq+0x23/0x50 [ 80.747223][ T5350] ? __pfx_kthread+0x10/0x10 [ 80.748996][ T5350] ret_from_fork+0x45/0x80 [ 80.750511][ T5350] ? __pfx_kthread+0x10/0x10 [ 80.752123][ T5350] ret_from_fork_asm+0x1a/0x30 [ 80.753895][ T5350] [ 80.759140][ T5350] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 80.764471][ T5350] Bluetooth: hci3: failed to register connection device [ 80.884109][ T6194] netlink: 16 bytes leftover after parsing attributes in process `syz.3.258'. [ 82.831861][ T5350] Bluetooth: hci3: command 0x040f tx timeout [ 84.384135][ T6293] netlink: 8 bytes leftover after parsing attributes in process `syz.1.281'. [ 84.545261][ T6309] netlink: 'syz.3.284': attribute type 2 has an invalid length. [ 84.566255][ T6309] netlink: 'syz.3.284': attribute type 2 has an invalid length. [ 84.662253][ T6317] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0 [ 84.707786][ T6307] netlink: 'syz.0.286': attribute type 10 has an invalid length. [ 84.714985][ T6307] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 84.876279][ T39] audit: type=1326 audit(1727978673.381:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6315 comm="syz.1.287" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7fc00000 [ 85.204152][ T6346] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 85.472153][ T39] audit: type=1326 audit(1727978673.961:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6315 comm="syz.1.287" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf742e579 code=0x7fc00000 [ 85.480049][ T39] audit: type=1326 audit(1727978673.961:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6315 comm="syz.1.287" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7fc00000 [ 85.913620][ T6366] unsupported nlmsg_type 40 [ 85.994209][ T6369] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0 [ 86.311719][ T39] audit: type=1800 audit(1727978674.681:26): pid=6379 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.301" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 86.809300][ T39] audit: type=1326 audit(1727978675.311:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6368 comm="syz.3.299" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f2f579 code=0x7fc00000 [ 86.932972][ T6372] netlink: 40 bytes leftover after parsing attributes in process `syz.1.297'. [ 87.891050][ T6411] overlayfs: invalid redirect (./file1) [ 88.448802][ T6421] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0 [ 89.601707][ T39] audit: type=1326 audit(1727978677.751:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6420 comm="syz.1.313" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7fc00000 [ 90.366428][ T6454] dccp_flush_write_queue: CCID did not manage to send all packets [ 90.948205][ T6296] syz.2.277 (6296) used greatest stack depth: 20848 bytes left [ 91.201323][ T6456] FAULT_INJECTION: forcing a failure. [ 91.201323][ T6456] name failslab, interval 1, probability 0, space 0, times 0 [ 91.211854][ T6458] netlink: 4 bytes leftover after parsing attributes in process `syz.0.326'. [ 91.220216][ T6456] CPU: 1 UID: 0 PID: 6456 Comm: syz.2.325 Not tainted 6.12.0-rc1-syzkaller-00046-g7ec462100ef9 #0 [ 91.223031][ T6456] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 91.226113][ T6456] Call Trace: [ 91.227118][ T6456] [ 91.228060][ T6456] dump_stack_lvl+0x16c/0x1f0 [ 91.229455][ T6456] should_fail_ex+0x497/0x5b0 [ 91.230710][ T6456] ? fs_reclaim_acquire+0xae/0x160 [ 91.232088][ T6456] should_failslab+0xc2/0x120 [ 91.233350][ T6456] __kmalloc_node_noprof+0xd1/0x440 [ 91.234726][ T6456] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 91.236151][ T6456] __kvmalloc_node_noprof+0xad/0x1a0 [ 91.237564][ T6456] alloc_netdev_mqs+0xa97/0x12a0 [ 91.238866][ T6456] rtnl_create_link+0xbed/0xf10 [ 91.240132][ T6456] __rtnl_newlink+0x10b3/0x1920 [ 91.241446][ T6456] ? __pfx___rtnl_newlink+0x10/0x10 [ 91.242866][ T6456] rtnl_newlink+0x67/0xa0 [ 91.244037][ T6456] ? __pfx_rtnl_newlink+0x10/0x10 [ 91.245386][ T6456] rtnetlink_rcv_msg+0x3c7/0xea0 [ 91.246709][ T6456] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 91.248294][ T6456] ? __pfx___dev_queue_xmit+0x10/0x10 [ 91.249778][ T6456] netlink_rcv_skb+0x165/0x410 [ 91.251188][ T6456] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 91.253067][ T6456] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 91.254447][ T6456] ? netlink_deliver_tap+0x1ae/0xcf0 [ 91.255805][ T6456] netlink_unicast+0x53c/0x7f0 [ 91.257060][ T6456] ? __pfx_netlink_unicast+0x10/0x10 [ 91.258578][ T6456] ? __phys_addr_symbol+0x30/0x80 [ 91.260039][ T6456] ? __check_object_size+0x488/0x710 [ 91.261651][ T6456] netlink_sendmsg+0x8b8/0xd70 [ 91.263573][ T6456] ? __pfx_netlink_sendmsg+0x10/0x10 [ 91.265709][ T6456] ? lock_acquire+0x2f/0xb0 [ 91.267408][ T6456] ____sys_sendmsg+0x9ae/0xb40 [ 91.269214][ T6456] ? __pfx_____sys_sendmsg+0x10/0x10 [ 91.271177][ T6456] ? get_compat_msghdr+0x11b/0x170 [ 91.273006][ T6456] ? __pfx___lock_acquire+0x10/0x10 [ 91.274934][ T6456] ___sys_sendmsg+0x135/0x1e0 [ 91.276736][ T6456] ? __pfx____sys_sendmsg+0x10/0x10 [ 91.278914][ T6456] ? lock_acquire+0x2f/0xb0 [ 91.281986][ T6456] ? __fget_files+0x40/0x3f0 [ 91.282025][ T6456] ? fdget+0x176/0x210 [ 91.282048][ T6456] __sys_sendmsg+0x117/0x1f0 [ 91.282076][ T6456] ? __pfx___sys_sendmsg+0x10/0x10 [ 91.289127][ T6456] ? __fget_files+0x244/0x3f0 [ 91.290878][ T6456] __do_fast_syscall_32+0x73/0x120 [ 91.292815][ T6456] do_fast_syscall_32+0x32/0x80 [ 91.292862][ T6456] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 91.292890][ T6456] RIP: 0023:0xf7fd1579 [ 91.292907][ T6456] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 91.292925][ T6456] RSP: 002b:00000000f575656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 91.292947][ T6456] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000080 [ 91.312057][ T6456] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 91.314587][ T6456] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 91.317104][ T6456] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 91.319463][ T6456] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 91.321636][ T6456] [ 91.625671][ T6473] netlink: 20 bytes leftover after parsing attributes in process `syz.2.330'. [ 92.140108][ T39] audit: type=1326 audit(1727978680.641:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6462 comm="syz.0.328" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x7fc00000 [ 93.582258][ T6488] netlink: 8 bytes leftover after parsing attributes in process `syz.2.334'. [ 93.584892][ T6488] netlink: 8 bytes leftover after parsing attributes in process `syz.2.334'. [ 94.112750][ T6501] netlink: 64 bytes leftover after parsing attributes in process `syz.3.338'. [ 94.118371][ T6501] netlink: 64 bytes leftover after parsing attributes in process `syz.3.338'. [ 94.130680][ T6501] netlink: 64 bytes leftover after parsing attributes in process `syz.3.338'. [ 94.141117][ T6501] netlink: 64 bytes leftover after parsing attributes in process `syz.3.338'. [ 94.152968][ T6501] netlink: 64 bytes leftover after parsing attributes in process `syz.3.338'. [ 94.162073][ T6501] netlink: 64 bytes leftover after parsing attributes in process `syz.3.338'. [ 94.181734][ T6501] netlink: 64 bytes leftover after parsing attributes in process `syz.3.338'. [ 94.191834][ T6501] netlink: 64 bytes leftover after parsing attributes in process `syz.3.338'. [ 94.383888][ T39] audit: type=1326 audit(1727978682.891:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6498 comm="syz.0.339" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x7fc00000 [ 94.926950][ T39] audit: type=1326 audit(1727978683.431:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6498 comm="syz.0.339" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf743e579 code=0x7fc00000 [ 94.949915][ T39] audit: type=1326 audit(1727978683.431:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6498 comm="syz.0.339" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x7fc00000 [ 100.234934][ T6563] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0 [ 100.461984][ T39] audit: type=1326 audit(1727978688.961:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6560 comm="syz.3.353" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f2f579 code=0x7fc00000 [ 100.914545][ T39] audit: type=1326 audit(1727978689.411:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6560 comm="syz.3.353" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f2f579 code=0x7fc00000 [ 101.195202][ T6578] overlayfs: failed to resolve './file0': -2 [ 102.117528][ T6599] netlink: 80 bytes leftover after parsing attributes in process `syz.0.361'. [ 102.152272][ T6600] random: crng reseeded on system resumption [ 102.724075][ T5350] Bluetooth: hci3: unexpected event for opcode 0x2005 [ 102.733131][ T6623] batman_adv: batadv0: Adding interface: dummy0 [ 102.734851][ T6623] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 102.741423][ T6623] batman_adv: batadv0: Interface activated: dummy0 [ 102.769048][ T6623] batadv0: mtu less than device minimum [ 102.771941][ T6623] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 102.776311][ T6623] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 102.780566][ T6623] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 102.785145][ T6623] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 102.789497][ T6623] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 102.793746][ T6623] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 102.798116][ T6623] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 102.802593][ T6623] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 102.852811][ T6625] tipc: Started in network mode [ 102.854719][ T6625] tipc: Node identity ac1414aa, cluster identity 4711 [ 102.857904][ T6625] tipc: Enabled bearer , priority 10 [ 102.941777][ T39] audit: type=1326 audit(1727978691.431:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6619 comm="syz.0.365" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x7fc00000 [ 103.491975][ T39] audit: type=1326 audit(1727978691.991:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6619 comm="syz.0.365" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf743e579 code=0x7fc00000 [ 103.498748][ T39] audit: type=1326 audit(1727978691.991:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6619 comm="syz.0.365" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x7fc00000 [ 103.513376][ T39] audit: type=1326 audit(1727978691.991:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6619 comm="syz.0.365" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x7fc00000 [ 103.524264][ T6634] overlayfs: failed to resolve './file1': -2 [ 103.550453][ T39] audit: type=1326 audit(1727978691.991:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6619 comm="syz.0.365" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x7fc00000 [ 103.565773][ T6635] netlink: 4 bytes leftover after parsing attributes in process `syz.2.369'. [ 103.572510][ T39] audit: type=1326 audit(1727978691.991:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6619 comm="syz.0.365" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x7fc00000 [ 103.856367][ T6646] syz.0.370: vmalloc error: size 4096, failed to allocate pages, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 103.861874][ T9] tipc: Node number set to 2886997162 [ 103.871852][ T6646] CPU: 3 UID: 0 PID: 6646 Comm: syz.0.370 Not tainted 6.12.0-rc1-syzkaller-00046-g7ec462100ef9 #0 [ 103.875700][ T6646] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 103.878809][ T6646] Call Trace: [ 103.879953][ T6646] [ 103.881267][ T6646] dump_stack_lvl+0x16c/0x1f0 [ 103.883086][ T6646] warn_alloc+0x24d/0x3a0 [ 103.884612][ T6646] ? __pfx_warn_alloc+0x10/0x10 [ 103.886295][ T6646] ? policy_nodemask+0xea/0x4e0 [ 103.887971][ T6646] ? alloc_pages_mpol_noprof+0x315/0x610 [ 103.889818][ T6646] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 103.891584][ T6646] ? __pfx___might_resched+0x10/0x10 [ 103.893116][ T6646] ? __kmalloc_node_noprof+0x22f/0x440 [ 103.895021][ T6646] __vmalloc_node_range_noprof+0x1326/0x15a0 [ 103.896808][ T6646] ? kernel_clone+0xfd/0x960 [ 103.898064][ T6646] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 103.899763][ T6646] ? trace_kmem_cache_alloc+0x2d/0xe0 [ 103.901245][ T6646] ? kmem_cache_alloc_node_noprof+0x1a2/0x310 [ 103.902924][ T6646] ? copy_process+0x4a3/0x6f00 [ 103.904281][ T6646] ? kernel_clone+0xfd/0x960 [ 103.905580][ T6646] copy_process+0x29c5/0x6f00 [ 103.906876][ T6646] ? kernel_clone+0xfd/0x960 [ 103.908363][ T6646] ? get_pid_task+0xfc/0x250 [ 103.909635][ T6646] ? trace_lock_acquire+0x14a/0x1d0 [ 103.911030][ T6646] ? __pfx_copy_process+0x10/0x10 [ 103.912387][ T6646] ? find_held_lock+0x2d/0x110 [ 103.913750][ T6646] kernel_clone+0xfd/0x960 [ 103.915190][ T6646] ? __pfx_kernel_clone+0x10/0x10 [ 103.916745][ T6646] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 103.918498][ T6646] __do_compat_sys_ia32_clone+0xb7/0x100 [ 103.920000][ T6646] ? __pfx___do_compat_sys_ia32_clone+0x10/0x10 [ 103.922176][ T6646] __do_fast_syscall_32+0x73/0x120 [ 103.923797][ T6646] do_fast_syscall_32+0x32/0x80 [ 103.925446][ T6646] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 103.927605][ T6646] RIP: 0023:0xf743e579 [ 103.929042][ T6646] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 103.936361][ T6646] RSP: 002b:00000000f570551c EFLAGS: 00000246 ORIG_RAX: 0000000000000078 [ 103.939426][ T6646] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000000000 [ 103.942112][ T6646] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 103.944385][ T6646] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 103.946803][ T6646] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 103.949343][ T6646] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 103.951501][ T6646] [ 103.952504][ C3] vkms_vblank_simulate: vblank timer overrun [ 104.064664][ T6646] Mem-Info: [ 104.068177][ T6646] active_anon:3426 inactive_anon:49 isolated_anon:0 [ 104.068177][ T6646] active_file:12767 inactive_file:1367 isolated_file:0 [ 104.068177][ T6646] unevictable:768 dirty:229 writeback:0 [ 104.068177][ T6646] slab_reclaimable:5362 slab_unreclaimable:51649 [ 104.068177][ T6646] mapped:17206 shmem:822 pagetables:745 [ 104.068177][ T6646] sec_pagetables:317 bounce:0 [ 104.068177][ T6646] kernel_misc_reclaimable:0 [ 104.068177][ T6646] free:119202 free_pcp:3354 free_cma:0 [ 104.085021][ T6646] Node 0 active_anon:48kB inactive_anon:148kB active_file:0kB inactive_file:272kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:4288kB dirty:120kB writeback:0kB shmem:1616kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9704kB pagetables:1568kB sec_pagetables:1240kB all_unreclaimable? no [ 104.108200][ T6646] Node 1 active_anon:13704kB inactive_anon:0kB active_file:50988kB inactive_file:5276kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:64536kB dirty:796kB writeback:0kB shmem:1672kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:4096kB writeback_tmp:0kB kernel_stack:1696kB pagetables:1412kB sec_pagetables:28kB all_unreclaimable? no [ 104.129296][ T6646] Node 0 DMA free:908kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:124kB local_pcp:0kB free_cma:0kB [ 104.145096][ T6646] lowmem_reserve[]: 0 273 0 0 0 [ 104.148815][ T6646] Node 0 DMA32 free:23520kB boost:2048kB min:15952kB low:19428kB high:22904kB reserved_highatomic:4096KB active_anon:0kB inactive_anon:196kB active_file:0kB inactive_file:272kB unevictable:1536kB writepending:120kB present:1032196kB managed:306288kB mlocked:0kB bounce:0kB free_pcp:3984kB local_pcp:0kB free_cma:0kB [ 104.170903][ T6646] lowmem_reserve[]: 0 0 0 0 0 [ 104.175070][ T6646] Node 1 DMA32 free:450956kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB active_anon:13704kB inactive_anon:0kB active_file:50988kB inactive_file:5276kB unevictable:1536kB writepending:796kB present:1048432kB managed:948252kB mlocked:0kB bounce:0kB free_pcp:9844kB local_pcp:908kB free_cma:0kB [ 104.199663][ T6646] lowmem_reserve[]: 0 0 0 0 0 [ 104.203381][ T6646] Node 0 DMA: 7*4kB (U) 31*8kB (U) 24*16kB (U) 6*32kB (U) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 852kB [ 104.213165][ T6646] Node 0 DMA32: 23*4kB (UME) 21*8kB (UH) 83*16kB (UMEH) 121*32kB (UMEH) 49*64kB (UMEH) 40*128kB (UMEH) 11*256kB (UMEH) 7*512kB (UME) 3*1024kB (MEH) 0*2048kB 0*4096kB = 23188kB [ 104.226044][ T6646] Node 1 DMA32: 147*4kB (UM) 273*8kB (ME) 492*16kB (UME) 461*32kB (UME) 304*64kB (UME) 82*128kB (UME) 55*256kB (UME) 24*512kB (UME) 13*1024kB (UME) 6*2048kB (ME) 84*4096kB (M) = 451380kB [ 104.240468][ T6646] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 104.249535][ T6646] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 104.258819][ T6646] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 104.266176][ T6646] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 104.276865][ T6646] 15838 total pagecache pages [ 104.280402][ T6646] 880 pages in swap cache [ 104.294528][ T6646] Free swap = 108236kB [ 104.299023][ T6646] Total swap = 124996kB [ 104.302690][ T6646] 524155 pages RAM [ 104.307142][ T6646] 0 pages HighMem/MovableOnly [ 104.309745][ T6646] 206680 pages reserved [ 104.318605][ T6646] 0 pages cma reserved [ 104.487702][ T39] audit: type=1326 audit(1727978692.971:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6637 comm="syz.2.371" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd1579 code=0x7fc00000 [ 104.508938][ T39] audit: type=1326 audit(1727978692.971:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6637 comm="syz.2.371" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fd1579 code=0x7fc00000 [ 104.683269][ T6656] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 105.171825][ T6676] netlink: 4 bytes leftover after parsing attributes in process `syz.1.380'. [ 105.560944][ T39] kauditd_printk_skb: 8 callbacks suppressed [ 105.560955][ T39] audit: type=1326 audit(1727978694.061:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6658 comm="syz.3.378" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f2f579 code=0x7fc00000 [ 105.596270][ T39] audit: type=1326 audit(1727978694.061:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6658 comm="syz.3.378" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f2f579 code=0x7fc00000 [ 105.674394][ T39] audit: type=1326 audit(1727978694.061:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6658 comm="syz.3.378" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f2f579 code=0x7fc00000 [ 106.133855][ T6695] net_ratelimit: 14 callbacks suppressed [ 106.133868][ T6695] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0 [ 106.938660][ T39] audit: type=1326 audit(1727978695.441:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6694 comm="syz.2.384" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd1579 code=0x7fc00000 [ 107.041864][ T39] audit: type=1326 audit(1727978695.441:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6694 comm="syz.2.384" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fd1579 code=0x7fc00000 [ 107.049494][ T39] audit: type=1326 audit(1727978695.441:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6694 comm="syz.2.384" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd1579 code=0x7fc00000 [ 107.070718][ T39] audit: type=1326 audit(1727978695.441:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6694 comm="syz.2.384" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd1579 code=0x7fc00000 [ 107.111861][ T39] audit: type=1326 audit(1727978695.441:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6694 comm="syz.2.384" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd1579 code=0x7fc00000 [ 107.118118][ T39] audit: type=1326 audit(1727978695.441:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6694 comm="syz.2.384" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd1579 code=0x7fc00000 [ 107.163476][ T39] audit: type=1326 audit(1727978695.441:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6694 comm="syz.2.384" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd1579 code=0x7fc00000 [ 110.602130][ T6686] sched: DL replenish lagged too much [ 113.082560][ T5350] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201' [ 113.085364][ T5350] CPU: 2 UID: 0 PID: 5350 Comm: kworker/u33:2 Not tainted 6.12.0-rc1-syzkaller-00046-g7ec462100ef9 #0 [ 113.088613][ T5350] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 113.092045][ T5350] Workqueue: hci1 hci_rx_work [ 113.093409][ T5350] Call Trace: [ 113.094303][ T5350] [ 113.095090][ T5350] dump_stack_lvl+0x16c/0x1f0 [ 113.096338][ T5350] sysfs_warn_dup+0x7f/0xa0 [ 113.097550][ T5350] sysfs_create_dir_ns+0x24d/0x2b0 [ 113.098895][ T5350] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 113.100432][ T5350] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 113.101863][ T5350] ? kobject_add_internal+0x12d/0x990 [ 113.103281][ T5350] ? do_raw_spin_unlock+0x172/0x230 [ 113.104678][ T5350] kobject_add_internal+0x2c8/0x990 [ 113.106150][ T5350] kobject_add+0x16f/0x240 [ 113.107414][ T5350] ? __pfx_kobject_add+0x10/0x10 [ 113.108833][ T5350] ? class_to_subsys+0x3e/0x160 [ 113.110197][ T5350] ? do_raw_spin_unlock+0x172/0x230 [ 113.111614][ T5350] ? kobject_put+0xab/0x5a0 [ 113.112876][ T5350] device_add+0x289/0x1a70 [ 113.114084][ T5350] ? __pfx_dev_set_name+0x10/0x10 [ 113.115405][ T5350] ? __pfx_device_add+0x10/0x10 [ 113.116691][ T5350] ? mgmt_send_event_skb+0x2f2/0x460 [ 113.118091][ T5350] hci_conn_add_sysfs+0x17e/0x230 [ 113.119418][ T5350] le_conn_complete_evt+0xfc7/0x1cf0 [ 113.120841][ T5350] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 113.122454][ T5350] ? trace_contention_end+0xea/0x140 [ 113.123990][ T5350] hci_le_enh_conn_complete_evt+0x23d/0x380 [ 113.125648][ T5350] ? skb_pull_data+0x166/0x210 [ 113.126917][ T5350] hci_le_meta_evt+0x2e2/0x5d0 [ 113.128182][ T5350] ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10 [ 113.129873][ T5350] hci_event_packet+0x666/0x1190 [ 113.131173][ T5350] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 113.132547][ T5350] ? __pfx_hci_event_packet+0x10/0x10 [ 113.133969][ T5350] ? mark_held_locks+0x9f/0xe0 [ 113.135230][ T5350] ? kcov_remote_start+0x3cf/0x6e0 [ 113.136568][ T5350] ? lockdep_hardirqs_on+0x7c/0x110 [ 113.137978][ T5350] hci_rx_work+0x2c6/0x1610 [ 113.139237][ T5350] ? lock_acquire+0x2f/0xb0 [ 113.140520][ T5350] ? process_one_work+0x8bb/0x1b30 [ 113.142022][ T5350] process_one_work+0x958/0x1b30 [ 113.143458][ T5350] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 113.145002][ T5350] ? __pfx_process_one_work+0x10/0x10 [ 113.146371][ T5350] ? assign_work+0x1a0/0x250 [ 113.147829][ T5350] worker_thread+0x6c8/0xf00 [ 113.149213][ T5350] ? __pfx_worker_thread+0x10/0x10 [ 113.150568][ T5350] kthread+0x2c1/0x3a0 [ 113.151736][ T5350] ? _raw_spin_unlock_irq+0x23/0x50 [ 113.153138][ T5350] ? __pfx_kthread+0x10/0x10 [ 113.154411][ T5350] ret_from_fork+0x45/0x80 [ 113.155665][ T5350] ? __pfx_kthread+0x10/0x10 [ 113.156972][ T5350] ret_from_fork_asm+0x1a/0x30 [ 113.158347][ T5350] [ 113.171292][ T5350] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 113.175430][ T5350] Bluetooth: hci1: failed to register connection device [ 113.229821][ T6702] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xf7495 pfn:0x6448d [ 113.243346][ T6702] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff) [ 113.245694][ T6702] raw: 04fff00000000000 ffffea00012be448 ffffea0001285908 0000000000000000 [ 113.259059][ T6702] raw: 00000000000f7495 0000000000000000 00000000ffffffff 0000000000000000 [ 113.269225][ T6702] page dumped because: VM_BUG_ON_FOLIO(((unsigned int) folio_ref_count(folio) + 127u <= 127u)) [ 113.275344][ T6702] page_owner tracks the page as freed [ 113.280785][ T6702] page last allocated via order 0, migratetype Movable, gfp_mask 0x140cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP), pid 6702, tgid 6701 (syz.2.386), ts 110205300242, free_ts 113221108911 [ 113.301366][ T6702] post_alloc_hook+0x2d1/0x350 [ 113.302790][ T6702] get_page_from_freelist+0x101e/0x3070 [ 113.304404][ T6702] __alloc_pages_noprof+0x223/0x25c0 [ 113.306053][ T6702] alloc_pages_mpol_noprof+0x2c9/0x610 [ 113.307640][ T6702] folio_alloc_mpol_noprof+0x36/0xd0 [ 113.309129][ T6702] vma_alloc_folio_noprof+0xee/0x1b0 [ 113.310543][ T6702] do_wp_page+0x2012/0x4930 [ 113.321676][ T6702] __handle_mm_fault+0x1a93/0x2a10 [ 113.323289][ T6702] handle_mm_fault+0x3fa/0xaa0 [ 113.324689][ T6702] do_user_addr_fault+0x60d/0x13f0 [ 113.326045][ T6702] exc_page_fault+0x5c/0xc0 [ 113.327385][ T6702] asm_exc_page_fault+0x26/0x30 [ 113.328807][ T6702] page last free pid 6701 tgid 6701 stack trace: [ 113.330591][ T6702] free_unref_folios+0x956/0x1310 [ 113.353716][ T6702] folios_put_refs+0x551/0x750 [ 113.355185][ T6702] free_pages_and_swap_cache+0x45f/0x510 [ 113.356696][ T6702] __tlb_batch_free_encoded_pages+0xf9/0x290 [ 113.358390][ T6702] tlb_finish_mmu+0x168/0x7b0 [ 113.359734][ T6702] exit_mmap+0x3df/0xb30 [ 113.360902][ T6702] __mmput+0x12a/0x480 [ 113.381865][ T6702] mmput+0x62/0x70 [ 113.382996][ T6702] do_exit+0x9bf/0x2d70 [ 113.384136][ T6702] do_group_exit+0xd3/0x2a0 [ 113.385416][ T6702] get_signal+0x2658/0x26d0 [ 113.386618][ T6702] arch_do_signal_or_restart+0x90/0x7e0 [ 113.388197][ T6702] syscall_exit_to_user_mode+0x150/0x2a0 [ 113.389800][ T6702] __do_fast_syscall_32+0x80/0x120 [ 113.391459][ T6702] do_fast_syscall_32+0x32/0x80 [ 113.411733][ T6702] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 113.413947][ T6702] ------------[ cut here ]------------ [ 113.416008][ T6702] kernel BUG at include/linux/mm.h:1444! [ 113.418422][ T6702] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI [ 113.422172][ T6702] CPU: 0 UID: 0 PID: 6702 Comm: syz.2.386 Not tainted 6.12.0-rc1-syzkaller-00046-g7ec462100ef9 #0 [ 113.426232][ T6702] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 113.429068][ T6702] RIP: 0010:__iov_iter_get_pages_alloc+0x1d10/0x2230 [ 113.430966][ T6702] Code: b0 8b 48 89 df e8 d0 23 4b fd 90 0f 0b 49 89 c5 e9 99 f6 ff ff e8 20 75 05 fd 48 c7 c6 60 c6 b0 8b 4c 89 e7 e8 b1 23 4b fd 90 <0f> 0b e8 09 75 05 fd 4c 8b 64 24 48 49 83 ec 01 e9 94 fd ff ff 4c [ 113.436257][ T6702] RSP: 0018:ffffc9002c256cc0 EFLAGS: 00010293 [ 113.438090][ T6702] RAX: 0000000000000000 RBX: 0000000000000002 RCX: 0000000000000000 [ 113.440400][ T6702] RDX: ffff888023ad4880 RSI: ffffffff84873a5f RDI: ffff888023ad4cc4 [ 113.442527][ T6702] RBP: ffffea0001912374 R08: 0000000000000001 R09: fffffbfff2d315bd [ 113.444603][ T6702] R10: ffffffff9698adef R11: 1ffff110042d408a R12: ffffea0001912340 [ 113.446695][ T6702] R13: ffff88805321d000 R14: 0000000000001000 R15: 0000000000001000 [ 113.448995][ T6702] FS: 0000000000000000(0000) GS:ffff88802b400000(0000) knlGS:0000000000000000 [ 113.451647][ T6702] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 113.453526][ T6702] CR2: 00000000328d70a0 CR3: 000000005c730000 CR4: 0000000000352ef0 [ 113.455661][ T6702] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 113.457730][ T6702] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 113.459789][ T6702] Call Trace: [ 113.460679][ T6702] [ 113.461464][ T6702] ? die+0x31/0x80 [ 113.462499][ T6702] ? do_trap+0x232/0x430 [ 113.463666][ T6702] ? __iov_iter_get_pages_alloc+0x1d10/0x2230 [ 113.465520][ T6702] ? __iov_iter_get_pages_alloc+0x1d10/0x2230 [ 113.467375][ T6702] ? do_error_trap+0xf4/0x230 [ 113.468873][ T6702] ? __iov_iter_get_pages_alloc+0x1d10/0x2230 [ 113.470493][ T6702] ? handle_invalid_op+0x34/0x40 [ 113.471794][ T6702] ? __iov_iter_get_pages_alloc+0x1d10/0x2230 [ 113.473396][ T6702] ? exc_invalid_op+0x2e/0x50 [ 113.474638][ T6702] ? asm_exc_invalid_op+0x1a/0x20 [ 113.475966][ T6702] ? __iov_iter_get_pages_alloc+0x1d0f/0x2230 [ 113.477572][ T6702] ? __iov_iter_get_pages_alloc+0x1d10/0x2230 [ 113.479171][ T6702] ? __pfx___iov_iter_get_pages_alloc+0x10/0x10 [ 113.480815][ T6702] ? delete_node+0x207/0x8e0 [ 113.482047][ T6702] iov_iter_get_pages_alloc2+0x53/0xf0 [ 113.483600][ T6702] p9_get_mapped_pages.part.0.constprop.0+0x4ca/0x7d0 [ 113.485560][ T6702] ? p9pdu_vwritef+0x368/0x21d0 [ 113.486981][ T6702] ? __pfx_p9_get_mapped_pages.part.0.constprop.0+0x10/0x10 [ 113.488994][ T6702] ? __pfx_p9pdu_vwritef+0x10/0x10 [ 113.490363][ T6702] ? __pfx_p9pdu_vwritef+0x10/0x10 [ 113.491722][ T6702] ? p9_tag_alloc+0x4cc/0x870 [ 113.492983][ T6702] ? reacquire_held_locks+0x466/0x4c0 [ 113.494418][ T6702] p9_virtio_zc_request+0x1ac/0x1460 [ 113.495830][ T6702] ? p9pdu_writef+0xc4/0x100 [ 113.497104][ T6702] ? __pfx_p9pdu_writef+0x10/0x10 [ 113.498517][ T6702] ? __pfx_p9pdu_vwritef+0x10/0x10 [ 113.500003][ T6702] ? __pfx_p9_virtio_zc_request+0x10/0x10 [ 113.501597][ T6702] ? rcu_is_watching+0x12/0xc0 [ 113.503049][ T6702] ? trace_9p_protocol_dump+0x192/0x220 [ 113.504576][ T6702] ? rcu_is_watching+0x12/0xc0 [ 113.505898][ T6702] ? p9_client_prepare_req+0x111/0x4d0 [ 113.507353][ T6702] ? __pfx_p9_client_prepare_req+0x10/0x10 [ 113.509049][ T6702] p9_client_zc_rpc.constprop.0+0x29a/0x880 [ 113.510768][ T6702] ? __pfx_p9_client_zc_rpc.constprop.0+0x10/0x10 [ 113.512518][ T6702] ? kmem_cache_free+0x31d/0x4b0 [ 113.513863][ T6702] ? p9_req_put+0x1c6/0x250 [ 113.515517][ T6702] ? __pfx_p9_virtio_zc_request+0x10/0x10 [ 113.517019][ T6702] p9_client_write+0x447/0x680 [ 113.518323][ T6702] ? __pfx_p9_client_write+0x10/0x10 [ 113.519797][ T6702] ? mark_held_locks+0x9f/0xe0 [ 113.521192][ T6702] v9fs_issue_write+0xe2/0x180 [ 113.522559][ T6702] ? __pfx_v9fs_issue_write+0x10/0x10 [ 113.524017][ T6702] ? rcu_is_watching+0x12/0xc0 [ 113.525284][ T6702] ? trace_netfs_sreq+0x193/0x220 [ 113.526609][ T6702] netfs_do_issue_write+0x92/0x110 [ 113.527947][ T6702] netfs_advance_write+0x164/0xc80 [ 113.529340][ T6702] ? netfs_buffer_append_folio+0x276/0x360 [ 113.531088][ T6702] netfs_write_folio+0xc19/0x1930 [ 113.532690][ T6702] netfs_writepages+0x2ba/0xb90 [ 113.534126][ T6702] ? __pfx_netfs_writepages+0x10/0x10 [ 113.535588][ T6702] ? do_raw_spin_lock+0x12d/0x2c0 [ 113.536930][ T6702] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 113.538340][ T6702] ? lock_acquire+0x2f/0xb0 [ 113.539532][ T6702] ? do_writepages+0x58c/0x7f0 [ 113.540802][ T6702] ? __pfx_netfs_writepages+0x10/0x10 [ 113.542213][ T6702] do_writepages+0x1a3/0x7f0 [ 113.543629][ T6702] ? __pfx_do_writepages+0x10/0x10 [ 113.545339][ T6702] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 113.547049][ T6702] ? do_raw_spin_lock+0x12d/0x2c0 [ 113.548533][ T6702] ? do_raw_spin_unlock+0x172/0x230 [ 113.550037][ T6702] ? _raw_spin_unlock+0x28/0x50 [ 113.551417][ T6702] ? wbc_attach_and_unlock_inode+0x597/0x940 [ 113.553376][ T6702] filemap_fdatawrite_wbc+0x148/0x1c0 [ 113.555155][ T6702] ? mark_lock+0xb5/0xc60 [ 113.556428][ T6702] __filemap_fdatawrite_range+0xb3/0xf0 [ 113.558052][ T6702] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 113.560085][ T6702] ? __lock_acquire+0x163e/0x3ce0 [ 113.561497][ T6702] ? __pfx___lock_acquire+0x10/0x10 [ 113.562927][ T6702] v9fs_dir_release+0x429/0x590 [ 113.564272][ T6702] ? __pfx_v9fs_dir_release+0x10/0x10 [ 113.565714][ T6702] ? __pfx___might_resched+0x10/0x10 [ 113.567082][ T6702] ? task_work_run+0x126/0x250 [ 113.568498][ T6702] ? __pfx_v9fs_dir_release+0x10/0x10 [ 113.570143][ T6702] __fput+0x3f6/0xb60 [ 113.571370][ T6702] ? _raw_spin_unlock_irq+0x23/0x50 [ 113.572900][ T6702] task_work_run+0x14e/0x250 [ 113.574200][ T6702] ? __pfx_task_work_run+0x10/0x10 [ 113.575566][ T6702] ? do_raw_spin_unlock+0x172/0x230 [ 113.576972][ T6702] do_exit+0xadd/0x2d70 [ 113.578132][ T6702] ? __pfx_do_exit+0x10/0x10 [ 113.579440][ T6702] do_group_exit+0xd3/0x2a0 [ 113.580771][ T6702] get_signal+0x2658/0x26d0 [ 113.582034][ T6702] ? lockdep_hardirqs_on+0x7c/0x110 [ 113.583596][ T6702] ? __pfx_get_signal+0x10/0x10 [ 113.584995][ T6702] ? force_sig_info_to_task+0x3a0/0x660 [ 113.586500][ T6702] arch_do_signal_or_restart+0x90/0x7e0 [ 113.588062][ T6702] ? __pfx_force_exit_sig+0x10/0x10 [ 113.589525][ T6702] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 113.591459][ T6702] syscall_exit_to_user_mode+0x150/0x2a0 [ 113.593159][ T6702] __do_fast_syscall_32+0x80/0x120 [ 113.594600][ T6702] do_fast_syscall_32+0x32/0x80 [ 113.595918][ T6702] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 113.597632][ T6702] RIP: 0023:0xf7fd1579 [ 113.598734][ T6702] Code: Unable to access opcode bytes at 0xf7fd154f. [ 113.600612][ T6702] RSP: 002b:00000000f575661c EFLAGS: 00000246 ORIG_RAX: 00000000000000f0 [ 113.603046][ T6702] RAX: ffffffffffffffda RBX: 00000000f7494f8c RCX: 0000000000000081 [ 113.605435][ T6702] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000000000000000 [ 113.608314][ T6702] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 113.611379][ T6702] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 113.614528][ T6702] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 113.617457][ T6702] [ 113.618527][ T6702] Modules linked in: [ 113.619696][ T6702] ---[ end trace 0000000000000000 ]--- [ 113.711685][ T6702] RIP: 0010:__iov_iter_get_pages_alloc+0x1d10/0x2230 [ 113.713920][ T6702] Code: b0 8b 48 89 df e8 d0 23 4b fd 90 0f 0b 49 89 c5 e9 99 f6 ff ff e8 20 75 05 fd 48 c7 c6 60 c6 b0 8b 4c 89 e7 e8 b1 23 4b fd 90 <0f> 0b e8 09 75 05 fd 4c 8b 64 24 48 49 83 ec 01 e9 94 fd ff ff 4c [ 113.720321][ T6702] RSP: 0018:ffffc9002c256cc0 EFLAGS: 00010293 [ 113.731691][ T6702] RAX: 0000000000000000 RBX: 0000000000000002 RCX: 0000000000000000 [ 113.734444][ T6702] RDX: ffff888023ad4880 RSI: ffffffff84873a5f RDI: ffff888023ad4cc4 [ 113.737411][ T6702] RBP: ffffea0001912374 R08: 0000000000000001 R09: fffffbfff2d315bd [ 113.739758][ T6702] R10: ffffffff9698adef R11: 1ffff110042d408a R12: ffffea0001912340 [ 113.751660][ T6702] R13: ffff88805321d000 R14: 0000000000001000 R15: 0000000000001000 [ 113.754138][ T6702] FS: 0000000000000000(0000) GS:ffff88802b400000(0000) knlGS:0000000000000000 [ 113.761881][ T6702] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 113.763824][ T6702] CR2: 00000000328d70a0 CR3: 000000005c730000 CR4: 0000000000352ef0 [ 113.766240][ T6702] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 113.778965][ T6702] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 113.781524][ T6702] Kernel panic - not syncing: Fatal exception [ 113.783726][ T6702] Kernel Offset: disabled [ 113.784944][ T6702] Rebooting in 86400 seconds.. VM DIAGNOSIS: 18:05:02 Registers: info registers vcpu 0 CPU#0 RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd RSI=ffffffff85035ad0 RDI=ffffffff9a63a260 RBP=ffffffff9a63a220 RSP=ffffc9002c2565d0 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=6e69203a73706f4f R12=0000000000000000 R13=0000000000000020 R14=fffffbfff34c749e R15=dffffc0000000000 RIP=ffffffff85035af7 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b400000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000328d70a0 CR3=000000005c730000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=00000000001eebb5 RBX=0000000000000001 RCX=ffffffff8b12e739 RDX=0000000000000000 RSI=ffffffff8b4cc8e0 RDI=ffffffff8bb12020 RBP=ffffed10036e9910 RSP=ffffc90000477e08 R8 =0000000000000001 R9 =ffffed10056a7025 R10=ffff88802b53812b R11=0000000000000000 R12=0000000000000001 R13=ffff88801b74c880 R14=ffffffff901cc548 R15=0000000000000000 RIP=ffffffff8b12fb1f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b500000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f5725cc0 CR3=00000000609b0000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=ffffffff90b9fd34 RBX=ffffffff90358ae0 RCX=dffffc0000000000 RDX=1ffffffff206b15c RSI=0000000000000000 RDI=ffffffff90358ad0 RBP=ffffffff90358ad0 RSP=ffffc9000339f238 R8 =ffffffff90b9fd6a R9 =ffffffff90b9f798 R10=ffffc9000339f2e8 R11=000000000000e735 R12=ffffffff90358af0 R13=ffffffff81e73571 R14=ffffffff90358ad0 R15=ffffffff90358ad0 RIP=ffffffff813ce340 RFL=00000a06 [-O---P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fd8c7a94d00 ffffffff 00c00000 GS =0000 ffff88802b600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00005596e3bd7000 CR3=0000000000890000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 0054454955510029 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 005445495551000c ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 ZMM21=69291d5f69291d5f 69291d5f69291d5f 69291d5f69291d5f 69291d5f69291d5f 69291d5f69291d5f 69291d5f69291d5f 69291d5f69291d5f 69291d5f69291d5f ZMM22=0688d5830688d583 0688d5830688d583 0688d5830688d583 0688d5830688d583 0688d5830688d583 0688d5830688d583 0688d5830688d583 0688d5830688d583 ZMM23=585b7292585b7292 585b7292585b7292 585b7292585b7292 585b7292585b7292 585b7292585b7292 585b7292585b7292 585b7292585b7292 585b7292585b7292 ZMM24=7e61e1647e61e164 7e61e1647e61e164 7e61e1647e61e164 7e61e1647e61e164 7e61e1647e61e164 7e61e1647e61e164 7e61e1647e61e164 7e61e1647e61e164 ZMM25=6b0517cb6b0517cb 6b0517cb6b0517cb 6b0517cb6b0517cb 6b0517cb6b0517cb 6b0517cb6b0517cb 6b0517cb6b0517cb 6b0517cb6b0517cb 6b0517cb6b0517cb ZMM26=863a0af1863a0af1 863a0af1863a0af1 863a0af1863a0af1 863a0af1863a0af1 863a0af1863a0af1 863a0af1863a0af1 863a0af1863a0af1 863a0af1863a0af1 ZMM27=81b5e06081b5e060 81b5e06081b5e060 81b5e06081b5e060 81b5e06081b5e060 81b5e06081b5e060 81b5e06081b5e060 81b5e06081b5e060 81b5e06081b5e060 ZMM28=000000200000001f 0000001e0000001d 0000001c0000001b 0000001a00000019 0000001800000017 0000001600000015 0000001400000013 0000001200000011 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=a3030000a3030000 a3030000a3030000 a3030000a3030000 a3030000a3030000 a3030000a3030000 a3030000a3030000 a3030000a3030000 a3030000a3030000 info registers vcpu 3 CPU#3 RAX=dffffc0000000000 RBX=0000000000000000 RCX=ffffffff8132f0d1 RDX=ffff888025954880 RSI=0000000000000000 RDI=0000000000000001 RBP=ffff888025954880 RSP=ffffc9000421fee0 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001 R12=ffff888025954880 R13=00000000000000e8 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff818cb001 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f3bb61b9280 ffffffff 00c00000 GS =0000 ffff88802b700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000057cfc99c CR3=000000002a63e000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000002000002 Opmask01=0000000000000001 Opmask02=000000000000ffdf Opmask03=0000000000000000 Opmask04=00000000ffffffdf Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc301d9ce0 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff000000ff000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ff000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000ff0000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffff0000 ffffffffffffffff ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 c0d9a4bf75d602ec 737326045a3c1db0 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7373737373737142 7373737373737373 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2c2c2c2c2c2c2c2c 2c2c2c2c2c2c2c2c 2c2c2c2c2c2c2c2c 2c2c2c2c2c2c2c2c ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6e69646165520073 25203a656c696620 7974706d6520676e 697070696b530065 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4245484d4952005f 090c164940454a0c 55585c41490c4b42 455c5c4547530049 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 b3aad7cc06a5719f 0000557729402b42 00000000000000c1 000000000000302e ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000e1 0000000000000000 0000000000000062 642e79726f74616c ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 59647a305f474f5b 647c79303a243a78 68303e3b3a38253b 3a253e3a6e68303b ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3a2433273f397b27 697a787c69303b7e 69305f474f5b647c 69303a2433273f39 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692054524f50202c 2064696c61696d20 0070253a20252054 524f504d49005452 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692020520050202c 2025204f504d4900 0061253a20252000 2527204d49005452 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000