last executing test programs: 3.789767272s ago: executing program 0 (id=1448): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000004000000b703000008000040850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f00000002c0)='mm_page_alloc\x00', r3}, 0x10) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x131d, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r4}, 0x38) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001040)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x17, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffe}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000001b80)={0x0, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000003c0)='initcall_finish\x00', r5}, 0xffffffe3) r8 = syz_open_procfs(0x0, &(0x7f0000000080)='map_files\x00') getdents64(r8, &(0x7f0000002f40)=""/4098, 0x1002) sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x0, 0x10000021, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x4}, 0x0) r9 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x6, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x48) r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x14, &(0x7f00000006c0)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r10}, 0x10) ioctl$AUTOFS_IOC_FAIL(r9, 0x4c80, 0xffffffffffffffb6) r11 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r11, 0xc0502100, &(0x7f0000000340)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r11, 0xc0182101, &(0x7f0000000180)={r12}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r6, 0xc0182101, &(0x7f0000000040)={r12, 0x3, 0x7ff}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='mm_page_alloc\x00', r5}, 0x10) r13 = socket$vsock_stream(0x28, 0x1, 0x0) bind$vsock_stream(r13, &(0x7f00000001c0), 0x9) 3.447098002s ago: executing program 3 (id=1450): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="d824000028000100020000080000000009"], 0x24d8}], 0x1}, 0x0) (fail_nth: 3) 3.348550383s ago: executing program 3 (id=1451): r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c) listen(r0, 0xc) r1 = socket$inet_dccp(0x2, 0x6, 0x0) setsockopt(r1, 0x0, 0xa, &(0x7f00001c9fff)="03", 0x19) connect$inet(r1, &(0x7f0000000080)={0x2, 0x4e20, @remote}, 0x10) 3.165976802s ago: executing program 1 (id=1453): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f0000000000), 0x2808000, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"]) chdir(&(0x7f0000000100)='./file0\x00') openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0) (fail_nth: 10) 3.047133357s ago: executing program 1 (id=1454): socket$inet_sctp(0x2, 0x400000000001, 0x84) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000130000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001340)=[{&(0x7f00000001c0)="2e00000010008188040f46ecdb4cb9cca7480ef40f000000e3bd6efb010509000b000a000d000000ba8000001201", 0x2e}], 0x1, 0x0, 0x0, 0xc9e}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d) r3 = syz_io_uring_setup(0x2dda, &(0x7f0000000600)={0x0, 0x0, 0x10100, 0x3}, &(0x7f0000000240), &(0x7f0000000140)=0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="043ef50d"], 0xf8) syz_io_uring_setup(0x5e2, &(0x7f00000003c0), &(0x7f0000000040)=0x0, &(0x7f0000000180)) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_PROTOCOL(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c0000000106010100000000000000f4ff00"/28], 0x1c}}, 0x0) syz_io_uring_submit(r5, r4, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x4}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r7 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x1, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r7, 0x80045530, &(0x7f00000000c0)=""/87) io_uring_enter(r3, 0xa3d, 0x0, 0x0, 0x0, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000580)) r8 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[], 0x24}}, 0x0) syz_init_net_socket$llc(0x1a, 0x1, 0x0) r9 = openat$sr(0xffffff9c, &(0x7f0000000740), 0x20100, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x6, 0x20, &(0x7f0000000780)=ANY=[@ANYBLOB="1f0000000000000700000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000e07b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002000000850000008200000024040c00f0ffffff185000000f00000000000000000000001836000005000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000640600007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000001000000850000008200000018420000ffffffff000000000000000018530000010000000000000000000000186200000f00000000000000070000009500000000000000"], &(0x7f0000000880)='GPL\x00', 0x10001, 0x2c, &(0x7f00000008c0)=""/44, 0x40f00, 0x4, '\x00', 0x0, 0x25, r0, 0x8, &(0x7f0000000900)={0x9, 0x2}, 0x8, 0x10, &(0x7f0000000940)={0x3, 0x3, 0x34, 0x101}, 0x10, 0x0, 0x0, 0x7, 0x0, &(0x7f0000000980)=[{0x1, 0x4, 0x7, 0x7}, {0x5, 0x2, 0x0, 0xc}, {0x5, 0x1, 0xb, 0x5}, {0x4, 0x2, 0xb, 0x7}, {0x2, 0x5, 0x9}, {0x0, 0x1, 0xf, 0x6}, {0x3, 0x5, 0x2, 0x1}], 0x10, 0x8}, 0x90) r10 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) read(r10, &(0x7f0000000200)=""/209, 0xd1) 2.824224659s ago: executing program 0 (id=1455): r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c) listen(r0, 0xc) r1 = socket$inet_dccp(0x2, 0x6, 0x0) setsockopt(r1, 0x10d, 0x0, &(0x7f00001c9fff)="03", 0x19) connect$inet(r1, &(0x7f0000000080)={0x2, 0x4e20, @remote}, 0x10) 2.377439836s ago: executing program 3 (id=1458): r0 = getpid() syz_pidfd_open(r0, 0x0) syz_open_dev$tty20(0xc, 0x4, 0x1) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = getpid() process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) read$FUSE(0xffffffffffffffff, &(0x7f0000000100)={0x2020}, 0x2020) mlock2(&(0x7f0000ffa000/0x2000)=nil, 0x2000, 0x0) write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xb, &(0x7f0000000140)=@framed={{0x18, 0x2}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000080)='GPL\x00'}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48) r6 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000340)=@base={0x12, 0x2, 0x8, 0x2}, 0x48) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r6, r5, 0x7}, 0x10) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map, r4, 0x7, 0x0, 0x0, @prog_id}, 0x20) getpid() r7 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r7, &(0x7f0000000040)={0x2, 0x4e21, @multicast2}, 0x10) connect$inet(r7, &(0x7f0000000080)={0x2, 0x4e21, @empty}, 0x10) bind$inet6(0xffffffffffffffff, &(0x7f0000002240)={0xa, 0x4e23, 0x8, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}, 0xfffffffa}, 0x1c) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x1b, &(0x7f00000000c0)=0x9, 0x4) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r3, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9540700000000000400b55467", 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0) ioctl$KDGKBTYPE(0xffffffffffffffff, 0x4b33, &(0x7f0000000040)) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000021c0)={0x7d}, 0x8) setsockopt$MRT_INIT(0xffffffffffffffff, 0x0, 0xc8, &(0x7f0000003d40), 0x4) syz_emit_ethernet(0xfffffffffffffe56, &(0x7f0000002140)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaa3e08004500002c0000000000119078ffffffffe000c80000040000001a907804000003c3e121a1d7d184ede93a0ce485e97300"/74], 0x0) 2.266926342s ago: executing program 2 (id=1459): r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000080), 0x821, &(0x7f00000003c0)=ANY=[@ANYRES16=r0, @ANYRESOCT=r0, @ANYRESDEC=r0, @ANYRESDEC=r0]) read$FUSE(r0, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xffffffffffffff16) r1 = syz_open_dev$MSR(&(0x7f0000001540), 0x0, 0x0) read$msr(r1, &(0x7f000004c240)=""/102385, 0x1902d) prctl$PR_SCHED_CORE(0x3e, 0x4, 0x0, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) add_key$fscrypt_v1(&(0x7f0000000180), 0x0, 0x0, 0x0, 0xfffffffffffffffd) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) syz_genetlink_get_family_id$nfc(&(0x7f0000000280), 0xffffffffffffffff) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000029c0)) brk(0x0) sendmsg$NFC_CMD_LLC_SET_PARAMS(0xffffffffffffffff, 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x8c4b815a5465c2b2, 0xffffffffffffffff, 0x1000) pread64(0xffffffffffffffff, &(0x7f000001a240)=""/102400, 0x19000, 0x3c) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000005980)=@raw={'raw\x00', 0x3c1, 0x3, 0x32c, 0x0, 0x150, 0x150, 0x178, 0x0, 0x264, 0x238, 0x238, 0x264, 0x238, 0x3, 0x0, {[{{@ipv6={@remote, @mcast2, [], [], 'batadv0\x00', 'ip6tnl0\x00'}, 0x0, 0x154, 0x178, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'dummy0\x00', {0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x10001, 0x7}}}, @common=@inet=@hashlimit1={{0x58}}]}, @common=@inet=@TCPMSS={0x24}}, {{@uncond, 0x0, 0xa4, 0xec}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00'}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x388) setsockopt$inet6_tcp_int(r2, 0x6, 0x17, &(0x7f0000000000)=0x2000001, 0x4) r3 = socket$l2tp6(0xa, 0x2, 0x73) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r3, 0x890b, &(0x7f0000000080)={@private0, @dev={0xfe, 0x80, '\x00', 0x32}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x6, 0x0, 0x8, 0x100, 0x10000008, 0x6060000, r4}) connect$inet6(r3, 0x0, 0xffffffffffffff78) openat$vnet(0xffffff9c, &(0x7f0000000040), 0x2, 0x0) openat2$dir(0xffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000300)={0x400, 0x0, 0xd}, 0x18) r5 = open_tree(0xffffffffffffffff, &(0x7f0000000340)='./file0\x00', 0x1) ioctl$VHOST_SET_VRING_ADDR(r5, 0x4028af11, &(0x7f0000000140)={0x2, 0x3, 0x0, &(0x7f0000000240)=""/20, &(0x7f0000002a00)=""/4090, 0x2000}) ioctl$CDROM_CHANGER_NSLOTS(r5, 0x5328) lgetxattr(&(0x7f00000013c0)='./file0\x00', &(0x7f0000000200)=ANY=[@ANYBLOB='os\x00\x00\x00\x00c\x00'], &(0x7f00000004c0)=""/171, 0xab) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000001500)={0x0, 0x0, 0x30}, 0xc) 2.176252586s ago: executing program 2 (id=1460): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@bridge_setlink={0x34, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r2}, [@IFLA_AF_SPEC={0x14, 0x1a, 0x0, 0x1, [@AF_INET={0x10, 0x4, 0x0, 0x1, {0xc, 0x9, 0x0, 0x1, [{0x8}]}}]}]}, 0x34}}, 0x0) 2.17577794s ago: executing program 1 (id=1461): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-blowfish-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3", 0x4) r1 = accept4(r0, 0x0, 0x0, 0x0) recvmsg$kcm(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000680)=""/233, 0xe9}], 0x1}, 0x0) sendmsg$DEVLINK_CMD_PORT_UNSPLIT(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)={0x14}, 0x14}}, 0x20048880) sendmsg$alg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) 2.122725847s ago: executing program 2 (id=1462): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021900000000c0a01010000000000000000070000000900020073797a31000000000900010073797a30000000006400038060000080080003400000000054000b80500001800800010066f764004400028008000340"], 0x114}}, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x4, 0x6, 0x80, 0x42}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000540), &(0x7f0000000680)="61bf59ee7a", 0x619, r0}, 0x38) (fail_nth: 10) 1.917142427s ago: executing program 2 (id=1463): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19) ioctl$IOCTL_VMCI_CTX_ADD_NOTIFICATION(0xffffffffffffffff, 0x7af, &(0x7f0000000380)={@local}) r0 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$L2TP_CMD_TUNNEL_DELETE(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000400)={&(0x7f00000001c0)=ANY=[@ANYRES64=r0, @ANYRES8, @ANYRESOCT], 0x30}, 0x1, 0x0, 0x0, 0x24008000}, 0x20000884) r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0) ioctl$EVIOCSKEYCODE_V2(r1, 0x40104593, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, "7f0e279d2e5cf55a61c5c40d6e76943e0347c7cbf6336e676a359b970be7f3f3"}) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000)={0xffffffffffffffff}, 0x111}}, 0x20) write$RDMA_USER_CM_CMD_DISCONNECT(r2, &(0x7f00000000c0)={0xa, 0x4, 0xfa00, {r3}}, 0xc) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x18, r1, {0x6}}, './file0\x00'}) syz_genetlink_get_family_id$devlink(&(0x7f0000000100), 0xffffffffffffffff) prctl$PR_CAPBSET_DROP(0x18, 0x83) socket$kcm(0x10, 0x0, 0x4) socket$kcm(0x10, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r4 = openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0) read$FUSE(0xffffffffffffffff, 0x0, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) pipe2(&(0x7f0000001440)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) splice(r7, 0x0, r6, 0x0, 0x6, 0x0) writev(r6, &(0x7f0000000680)=[{&(0x7f0000000300)='G', 0x7ffff000}], 0x1) vmsplice(r6, &(0x7f00000003c0)=[{&(0x7f0000000040)="8c", 0x1}], 0x1, 0x0) read(r5, &(0x7f00000000c0)=""/141, 0x8d) sendmsg$IPCTNL_MSG_EXP_GET(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="14000000010201"], 0xfdda}}, 0x0) syz_fuse_handle_req(r4, &(0x7f000000c280)="897c6500ff3035465c7acb4e06980b05687c1480c7aafe631c0543db2bf0d6f539506e8782da06c1ca018774d72e9e5a3418ab66ee78dad68457b17ec9d47bf7d8272d607c1c0a4bd906f0cee7f8451828d2458596bdd6a459ba18ebaf61b38f5d66c27fa8a024ad7832a85e58689a4c254c94cbcf7208fce6e61d9566459789d15a6f91dd7db7c54cc3a94da956fb290a8a15f849270bc459d9d9f47801be86dd5c9d18382081a993b7bfde5c28adca4c71329afd6be743b076033b5859891703eb65fa256d6f47450b6edacbd05a9bd8b372e90cfc30f32826566dac6c48e6ef001881cbc30482f9ec469e476a101da496b8c0785eaf875d3608b0c49e9d39baaa1041f903a805f0f24aa63722fa2d87b98595fa5cfaf8b79c458de43ee39904e7cac7540a934b4108957785d58807abff186949f1b94cd21b724aff34ac45c7066dcdbd68ea7b766af9d045cd7fafeafc5c5a0c3400ef4e0c71a6fdd5b8d68a6f317644cda9d2fd2c839a82b97b3d909b54c672227bef573c9de1991d65a63017f724d1f7f1575e69db53318a7fd7065b303e751518c8eef04f642dbd4dfa349040a7b5401050ffc2b4ef62803a7c8eaba99e011dfac24d81b2b61e0b0581e53bf520f623eca17f0545c5e59ff15b527475f970f589894ae589145fa4283f7225088ccfeba1d72e9128f8c223ae1840f2edae3dbcdf7e560d5cdf4f71c9ada1931c0f8312c000101b264aaddb9fab166ba8d8903d6098eca20935ca607ea79e936798b3dfb22a7e159abb234cf21f3733dbf263a8ff116092f251659108892b2e21e1b428fd225096a5040270b2d70347013eaa1fd8e452942200283aab092c4ffc5b8b427b5d691a5a773e09da20539ff0f8214331c5d84107ae8a59aeb58efe22d7a079e446f1dfb07510377799bfdc7ee59cabcd76af0fe8a427ac8258ff33bbad5a8061f1cfdfbf375d73d676cc7916d6658ce46a0b17ad6350150f98e3512b513e25ca73f5f5df0a1fb9582ace7906c493fe1fd2889d9aac0b7c29c2b6c205537627bad64df433336a5ace32ca871e51b4dab0fbb00886a1fa81a98b74de0a26cebf65723515ebb807fc3c161ed42d1a7b6b55717613577ea437f3a2967c66ce45ff85a6a35b7cd40625fc575b107d7394e3d2db51d58347276c33e21f50b5a6b5672bf9fda63139bb75aead1fe4ee9a4064af5a5958466aa39faa6d821489fa415224c8d69d3b5922236832c2b1e4f6b8863b32f9aea83fb522a2de081d674502b48f73ce6db98d84136059b4a6676bc85ac6b7626329afa9bc7d3f9f2caa3c4d872744e0a8e02d72a75c6c545b8ec8e15b6fb0fe4185bd0d154960e6fef05ba40e5fe2968eb1301dcc52a03337179e74ba1522af93d77827845f8941c69ed8bb84567e3c63f1cc378a542f1de7007b688ff0a9c69d5861f0b85402c30a2fd391c52bafbe65f8e82135fd38361d7c0b43c982b2f3e7cb09c40c7e215114f4243d670cd576bcd93c1e959345170c75d6c3cf89cf8c2c70dc792e646e7c649d4c5f36bb016c7acd466ad58473d40dfef36394e581065a8581ab852250403cf372ac0065bf757fa3f445424ac0d82aec1938a2ea116bdfd306baa1cb06c62a4a97d66ab1b9489469cb8ba842da12e310caed02c5ef05c0be1e1e8c9c8b87d6871c94c57d164d08672b205c948086a06a545b266b7ad902a908681eb188bc51b6190b5cb9d8ca59b8c4c6e7369c00d6f6119fd5d437239e3d3c89cb81e09e560fb817590106015f08e7b09f1e1e65bfab3b8489fa058e24081978b9e25463d9945bfbca81c08885d4b6d4c62e217bd9e19460762f36c66bc948fe31cde089626fbb310e3c78a8d3f2eac21d374d9b58d887235d3a95721168e4b9475849071d60ecfe7ea5d6c4bf60da3747612ef59bb651270f326c0af31bc8c71361f851de34ccb3c8071b96f1128d7ee79b41246e566edd0272dbd3ccfe472b38e5e03d3ef83218bd498e6de8b4d92cb6f82716449ede7ba845028eccdb9137be8a622ac88ac53118fbc39637fa7a93cd3abc6f7671c7804420d66e94720acbcac916950f9baca77fef4217155ccc2cd0507339a0486f9f468eb28772986ee768c63eba671bf8c52e48a2a5dc2cc24fe925368706c2d712dd1064692b0fb2a32ddfbd4a0ffcf9c2abcedaae6e527bc1d42637aff2a275b76a7a7f010e42e1cc1d27141f6c3585a2bf58c6c5789ce61551d10118a000e3764631ec0b7f4b1a6f22a678133a30940b79dc76f863dd9f6e0d7776300898c97cef286c731c2050928c492439256e481652bff0d202db3cfdc54c9816ceea7895357bfa0362fad79afd09ed55189294d6ead7e898ac091cddbe7efcedb314bc02a18dd5bbddc42e089124758bb491fd1536aab27c5c124567bc325e7028bced5a179a011d1cb9a5ffb61d7af863e91ec8e60495561188b74d158ba1418228d44e92915a22eb1c166ef7d6179e84381ed950ffd747f13e24172942d922ca3109fb8b1e4e6264fa4a4eec75ad0d0e22579d90f45d6cd157300e38ae665eb56457202e25a8dd5877ba99725de288660badd2704345d9bad208c903ba27ea167dd45a77f77b6502b525b2973270582858183c784c324c1366fbba8d410c38bf75b41e067f6a9a017c56595161db4fc5639393fdafb1f148d3f416c1adc5fe1ab9cebe4689855c9b4bda6dcba5d5fa858a1b87d2ad23cdf54dbdf4d14aa4462da0b6f1107f4afa0091c2643508861a4d9f133ba77751941bb8fb756abf1a104205b80d47a3b4a59724d959c8b5833da4f56fb6613231f230a9378c9af741e94fd2c7213ac1d7625559b3f032f6c8df3ab441929720fe43d7c548cc661eed5b3c62b3c61f538ea3228376e2a18c6da2ad906322f64fb4865cde8e1889a8e5237fd6a39bbd6662f1dedc22fbd74e4376fa610cd710703dbd3924a38beae69783d1d5abf36122cbb87129ba719042748f060f4303a3199c5891c5040fd8cdb9761b006bf64cdcb65e5cc50a29994b8c1c34b83760ece12ed9ed7c3d2a7f8911cdf23a1afe0d7db1bf342aa0123dd5cd31339f5c8e160c4efef882602b3eccbe76fb690162b8bfb8a31910bcdf9a4a5dde76c2ac2fcd8678add7a000cfdcab398eb2171c026313eb6eb56b4b87bf8ef93f7f8a1c0bcc3775b681d4229ea561cb52281d8ba4315c3694ed08433596884d5a7ce3a8b1f82359846b7136726e2fe37bf4f7b7e2206cdcdb0705ced9f0dcaaa2ed3a78ea70d2cfeab668eb321400fc955e9aeb7bbcf86cd03f02dd443503a100000000899f53bd747a95293786798fc59fceb09e686a9328da4f929b6201841bbbefaffcf3386abdf69540e3b46a643ec10f0acf21f27c0053dc13f18485dbc898729dfbeaaa4887b58cd442d7ffa941808cd9658595be8650a815b088621278d89f0d8a4252566b923df3a3cd65c0e4af08fad385927251b31d35f75eaf25e6cf13a579aeeb0bcc0a14ca4a20a6831d532be0b2af3821792a2df95131b7fafef245aa19b214053342aa820c35858d13f84e496294529411015c41ed447b5b51dc44a45d52552a2be1abfc157f3ace7bfa32d5b931421d5a152dd66b7bf549311b08325e5a7201f793037b38990bedeca8a647c08d2478670f8fc2b4e8983ea18bcd514daeeeeb9d7a778f783c76edf01bd4beda4b77b612cd2e865c2e4f58ca7ae06147bf66ae6aee221cf9b9505dc07e6fb6cf4f82dc8c406c78e270210c11cf2531011ed678d9dfe1f49c9a69a95a9f3b0e5b624d9c2664d787ab911b75a4a38d63e9d6c353f8aaf433ff961fe5e34d84936ead0d0bc7954caf84e541f5c6f3f20c9eed21eb0316b82c0dc5182540e63a0af25565496792153d6395adc2b8d68b8bcd93dd110ff5685879db4384ec390d44b89663d43a5de3bdc0e103b7c1b355dc5f6fe3518c93628780ba03f156badea65d1d0af8433c9e8a975fdd19453da662a33fa9f0f5fa15fdb216b483fb48370a967246e0b763df8b3bc7924a6c76c4b114f803dbfa3b312e6815b4eb67be167283a9e482d9a5beac250089d069d4c386b7fda5fc228404a0f58b12ca4dc131c381b49b42b570bcfc0dd663f24afaf65a26a21f6d92f52c9f8de36cb76bacbaa0eef98ba6b7dbbc2629a03bb2b6f83fc5adaf20c217bc8d0f0d2421e01472532bcb546aeb2d483c8f95011a3ba1d2fd8086a717cb015dd53064ef4a80b6d6fdc12d9069223fdf2aa9b192a0e0bdb38436f49d9eedfef3665815633fee4344aff11162526362b70b18e1dbedbb5d8c4698860beccf667851878a25a1e766caae2861f2e23404aac859e62fdfeac06a6057554828d7035806e8ab3ee2fa6d711e5811db61231a22f4672f6a11b27641f350bcab78792362e6ebc1c054a643bbbf2746678c14dc567d1f73e37005c8ab6374c4d8d3106384a2d32c5fcf05cb9ba97cb7fa1aff11505a701bead543e555f3901ef3b693d5b9ebf49518c3509af042b7e84b1b867c22b7e08725220e4338fd074edce428212e6a3563a08e2ccd8ab71910256532904542e93d5c7deb5bf5d49beb3202d4da4f643649e55edbb91188cdcf0883a40c6ed6b8a086fb5c50dc08fee00308420121d4c7431b3cfb80f9c1e099423ac451d67b12e930d9e391d0a799c7d4b54a0d56ea0aae00c1d009e21fb5459416b464b227d66ccc1a68da59d64c1583dee54bbcd7d61ffe541fd0fb7452adba91906918966a7d58019ad1f8fdebeceeed7018837b6e4272eefeec8385abe7207fb2d7061fa6cdc478165a98971f9729b818a73edefed976d5c7c0a651c099a6f7594c020e39330a79144271fe4cbc61ea0ffa274d0d87d06dd08c1d5f8a0364d46ef7b54426bc286330c75fa257afeb2715c2ae511ff53b1189cc59ab80b1325fbdcedfdb8f36ed71f70091116e16b52188b794e637755027caac8db8554f8674b844964c710cacd7a9d6b06baf6fef76159a380e639b0d3e66080a7cf7f86baac01dbe47fe687fcef2f3bfbf6f8fba045181dee688360a11ee56e5fc73ed31c0e2924ae57f0cc93c63a30662a65c5d5f17123ae28cc5b74dd13ed81b03dc7fa61dc575668868c0df12d3553269f04ba79084d070abcdbd4745de80e90e4e3e524f27249b5c4a2f2d4c8b331b0cb6d4efe62a298daacc6eacdfe008c1f912795dbdc37098c42db860953120fda709baa6d46f52eaba781505e68561ca0f281e850532ef8e7c779883e312806e1c357bdef8d0dda005e710cfa6eb8686e8bf3bff036b3fcdc4036541d93530ce6f598442c24170b307ef05f23c93aa0ec96831b532d8120402214a940d1fa01ed649061a4a71308be189cffd729a196754fb8a75f23851189589be1b819f0612cad3dc94ccee88f4ab9ef6ac9c7daad8cf94f5ed9496c4c824bdadc0522251203aa6ef069a32f6812e656aa5f5742bd432afdf026c86e8f28212c1139dad47d7fc07e5c1a83e993daaa4a4bb5f0c9435ccab2a10f867ffe259dba7a1d9168619b1e3048860a5122e4a5d0b00372eaae861a0cc88549852fffa76e6d78739b654d67df15ea97a9a46b7c382d83191a673aa619b4a10ec05bc681379b0d6df824cb6fe158e9d89ae5dd1ef66976f67972b553db52eb6feef836dca6026293f83a61e117754a7424a3da63bd82d017f87f0603e2a9b8fc550aae611681935ae91f7ca2b5341b05a25208bd28f1a202a7f2a213b1d7411ffb557470aec00c4d13c70163f22a038a189710dd19a47e8db4a87c3fd329a63abca172a9810edad2d8e19ef85b57ea4287cfb3d740d7ea3fa9c80d06e1aa84b317f678ddb3c147ba5e0db432125f59ca4944c8e9050281ca82a3ecf67b2a5df678697a52a7297af1ecb03c586af7b91d74e881964ed95f7be12fa07e2a4e71aab8b913a13996fa33e915144bf00e49b8e7adec5b2c4b8165f54ba3155230e241ee023af77a295ab87c40f63f6092ccee05cb08a265abe8f57c9919bf45064b6c2240ba8011db223a283a4e2292d9b59df8c9a4fdc763f0631007db9976f351717db0e6b5f9c6e5f227c2efa1ae5fe0be1af0b22fc164f9f9678a01fe8b059749fe8a2972455732da1989c609d191544ef9fbb3e58da93ec4a582430523f260b776e4d747312747d18a9bae14740f5dcd35fd1072f8a4d81573b5882203be856b62d7e1d87081a9e431872c9d68864197bbc61f15dd8aeae950d34d6ce97182deebd2ad64cabd1c723baf512acfc7e94675b31369bd60e155af79b97bb734312569f736dcd5b5a78223ffaa0f7e93e1a112cb9f6a5b88fe3cf12c30024c16c6b8380fdf086c662665d3751c11617cc4dbd5b8bc7543301a23fbc90ba8d060193cdc2b68c31c734d516707b759f7db009c8f06e69b40154e1cd8ae444afb28134acdf871136b4fd78bd86d7faaaf618afb25e92d1ee37cdff0595278f9565f5eb109e181e9cacec2f22e32e9f34774ee223fdb992febcc5dbc5cceeda16cbcf1434730d859e7e03d36ff17636a7a7e66956b515894da114f3040909f90ce3cfbb2d7d46e37049c0fb124e0683d662eb427cd7b851ada229451e6e3aaee64b9964ced3036bde5d9d80eb062474f96ecfb9b65fcafc719494ac12ab7df245475f2a5e7f85ca4789833ca373e6214d39176c8f51dde87a4cfe5414a20f68bb9f34709979b99533ba3435c4aa56e525195e10ffd00f8e41aee30a909c07b973bbf733d45500b539ebe2206d438216690998d9e256db1b7ac6bef3e810785e1986985c945a2b820323a592721fcfa444934d0faf8aa439d5efca5dcd77b72d1eb91b3790d50d0a7483e354c415f81d99c133d648c1293e795b3c43f9b47e23ef982e10072ea5baafb0df675e69af1807b225afa0cec3eafbde8535d3ecaa0ea6ddbffe4465207425bb003670320324df0aeeb16b38a043f9c0e85673b36def332fd68b2b1e6edda621d0cadebbced8c7fc8f890489115b457249e8d8103676b3207a472804d33e0fe511ac56cd8dc5333b2333892f87b455940ada78fcf5075c358fce990e6f65f095eb416d876ce6f120b8b02cfa6b176ee269c942f881247c3e464cce2aa65c39137607c585aeb4b5f24f5f8e058c9c8b48003c1809da3e8aad1bee7955c3a976d43fe132e2b16f4758a0a9884e51d13b930675a4361ff366b0fed190ad7b2a00385528951e39cd44ea06d8921b9d613d7626221154cf86249a550198fe4e5b05ad3052b474291da0a0a2f701759859bc0392adf243ad5eca89e6d18e28dff99ef95743bcabe75504be8c715cd6360facf3bb06cb97c29989d4f6ff5083573cefe6ef0b39a252a2678112fa88e5b06c9a6bfc9597cc96e5a49710c4fc120fb0da4945b9d94e46de1e9989d0fc3d8d20df23d815b660c799a903f651b0d013f7fe158f1d297f7fcb6a48780ca5525f1d081ada0aafa83552318b848783306549750b6254cf676c7b934cf7fdab992717f0cdc089b34278f3fb151cadde14d0d3250e85a4b0ff2a2778a219aa40563d3ef575285484424b6d0e7cc8392342e4848c6fc8cb20fa1b450cc4c1fea19f3bbdd9e342e6c49cd7ac893b1eda2e93d1d74d20969465946b398fbc733757741ac822c4a118632cd242a439fc37512cf79b7c629504ccc1e7f2f11798955c3262b5e9695625ba74d8050e20f51d4769e1ab938f487f1bc4b55b5abcaa3ec079c2d0972b2ae9bfb7c5423b959119292ea05f1d79d35afe47e49d97c946b193bffc0a8f607f18a6845cecbbdd98cd351db2b2dce05a4848ba84a6a497b4618950130cb7e76c03d0976eb2fb41d3a42a1430063ed8e5b8c67e80fd4fc1148911958babbcbff33a6505de209b0d9320017fd736fd027a16564008ab2e1f48a6dd66c9256730e9fda0a606875d0871b2b9b0bc2ed4e1b696dbf0283c8dc72cf4338e595266f5390bc3a21f988353118f2948fc75d050ea076b73508d9ed89bade0ba305c1f4e5daf9d40d2f5e7ababed8d1b1d919c61a6d3fb149c1a9b44e38585a2fe322f83d73a3aecb44da3f0e82942d75d62ed3f91eb44f3411df014f88839e4cb1e21b9b259d4eb4adaf6b0be433d0ed4c87ec77dde5ee9d566e3dd8d928fc1875c63af26c59daba5ae267d9bd5da72b99a03e6a33cc48ed961ab484ff4a46c2d5fa597e626e00b530d7b9a9705e4e08d03f3a7f2a5a5233ad6340e3b5c89db81ca713b6d7d855c6324955f85109b204566f50178cd88abe3fcba25de905e8ea0b75ad51831761ed9b1af2470f976f05ec73bf74d137c207270cfd614170518cdc449aeeb663e114359c8124eaf2499d8cf5dc84a0872301db2e57b50bd285060ec4390d99d4ae3674ca3bb8679c1b08e566ba4f30daec8684a980055eb43cb5a1306c4b52a154682aa96637e06c869278aa2f74ef7345632c11265ef8ac97e953745302556881ba0cb590fef271c0abb193fb84d18ee3f24d9976ae816b857d6f68d1fdfe10b312c799fe014debf875d04bff8b4f387859e97c6bf13f7083c28a2045a0b5eb09c94e781a165965e8617c0efed1701ea9667aeca26d9577ea7b1242e1d91b25d6a66756cc627648a293b9f4345966bc469fafaeddc1118d0972bd5c7751a1f51e5989fd952f314ae10417c97b41e60ebfbc47e496486fa4a89fd16aea7fa1eabebd26eb2a37a3e2b351e0c9d2f67b2e5be0f921adc9b6045b045948e5103af0e5050b9c0799b513c00865deebda730de538f956ceb6164e08bd6f58655a294b4b44fc65309b30f9c00f92ef5bd5b911a3d830f72c258b19521bb8e80db02129954efb61423f518d2c5f36587303890cad9a93fa4f4bcd0e24c67db679c67ea59c1350b8442577632d5e8735833f3daf5a74bc7bd82659a81beba8c889632efe03cd24187aee856cf659e16e195464f52f2b984fc7a299e7b2aa53979a147ebed35705d5e89691666536f2febacfcef9b32d14952f958b72512869e4f6a0a34176918217888b1eb8b89322ebb6bb1dead2b4744e728479880db70e6147edaff6c3f083f18e0696bdbd78cf0bda14d9f42e5c1077ced00041aadff90470aacec0e48e2a5f2a0ed37818a173b96061e8c5bf24c0bde9e09f9e0ddb8e13306ef1d4eb8043ebadde5d7553e5212ecd4691eb426251f9d6720b8276ac543dde02399a35d974b22c1727d4b6df01957cae47443b706d43165e01d6932b136f561ce837431254cfb2a6e7d8070a2d3805aaa15b3c10ccd0cda2e9b418ce9ef380e5d08217752e12b3b892d03a9495c83d78d674612fde5a67738b2d4649ce44606ecce6bf3bd1293eca246a83643e4f1c7ba362b110e07c8479f216e3d4afc4fcb8d0820c8ab702a66d8183e83174597035e92b9b500dee08c80b927b42c3689c7c9717b4112c9e54cbfa504000000d42b80c595d3edd265f138e8128cfbbb0e4f53aa0aa95a2ecda4518b2e564c42d5de7671560843d08103b9bdceac5fdeb0b1266f72f491265dd2b2b80a225a50955167da1812364ea340d82f61535401bae6f3140a8795d7c318a64cee4676627244930957b2f0b227be21b72d90027e6a5a7af3c59470c74dcdb71d1ef090a0f49c91acd604c792385c8f4e085765292822ee5e46a487c5a483ed1e4fbf37c93886ea27bb35c812089b900b77c7c924147e97b6a71533610750bc84921012aa8158b213f7601d934a20bdd1f757b0a33042a683af6b9069f3900059d7f80f9fdcc9f33ece8cf7888dc9e24f1fc6ca0ecccf161c5334c60f440feb3acfc3d115011c176dfa05314c5bcf089e3c82bbe7680a3eefdcdbf3ac27265b779db4f49bade0128eda6e29bc5933ef454601db1b49628fd39ab938794fa46a33937a086ece7050d31a21524e2f0cacb307ed4412a2078636f9cc8e11c5c31cc0f9edd7be6d1e31a1513a58e25215f5a24245cb988589e6d5e5119f4f6557c697fad7d1c3a7e3bae064db4382701e33e48c5b6a52fe9141a385ef2325c6f7781134607e98bfd02c43d6deefaa861700388b40d98e941cfb2ddec209f977e8b9f93d29fdbf85e3010ce7cd622e8c75ce3df535e3e1052b6d65d5042d2a6e78bbfe5ee146e8b18d4bc7fb024dbba57cbe0402205593766a313950cb719d00c67bb6b3bcaa1015b89e820f11475afce655947113a7c3dcbb52427f090df994fbf076db867e0ab3f6125fb8884c1d13ff3e99fab5fa8b9f0b72cb44db4d0a48d9ec17f9733764e213c40a15ad621ec60e4a88cb2fd9dd9a4f35e6a708f4b74067f4be3f03a95261f6b191df53fa5bb5164e4a164630ad9ce39087aa950ad9e60cd2c44fa2237c49abf858c97737fd21180fd0b9542767150fbed3f39a29e6c3484d9437e15d2439f2a54b2a1ac7e63e6c436658abc3f1dd52d984f6c6901768a8cf2ec98ebf44e90e0fc0c24f8957c62e05d8eacecaf25b178fd710af609a8a1bc4d7955b5f0cb4f48a37685e6304ea5843573a1abff37b5106916c83c8f23f939a0dc43aea8d196191ed6e18dd793990d1f37d7de0bf8fac6f469843724eaab86be8a483be281b8ecf4aa29d9c571951cde8cd8c2aaf4d597ac2cb48f23fad145916920a55d655924940573b64dbd42a280cddc4810434f930183fdbbdc72db1491a4c9d44daf9b1bc2fecd855508648063040faeb125da0e68e6cd2002181118eecff0be1dd8eae726af5d451630cd65119c52abd6dded97f931202f186a18c4ba34bc2c3f6d765e2d8f445e959f26ffb55827cf3ff2cc0289f17b82c8caa5a2d3d54306a300f0ef42bbe4ea9e32c5d4b1173942745cdcfe4f5d1619eefaf8dc600afbc9171d516f7f4b35331d0b9be005132ffad5e9df59710278b842afb626a78b8b8b37fc3a894dc705b2d4e0940cb264e9dc87eaa148e6faf78125462f28a0f1d7b3c65a291b85713fa71ffc478f6601e8716c35489f4a54ed0c70bcfd5502cc91374dc3c982075c5180398bc6b195b36e79dcc4087cb990cc9d964a150e0dcc887d496bdd27c3f298736b9ad8345ba2df46021964cf43c38f9d2e94b77bee2b7bf059e0870ff9f17b9ef1320c0aa88a2fa9781e9017ab64643de9a3df9ed4b8cfd8fa080a2e494409520b795eb1517d224a05e450c4c8ae0e9fd29c0e72d3a592cce55f6dd5107f21214e1a3f9a5448384de06149f959ec0c92790f0ff229ab4971171f1c528ae6d095ec007bf5e7f55d623a68194e9ea8edc3af418075338328f24e7504341c22bef72c2963fc9c3237ba990d29c2c8aa3007395f6d96e95b40ee1b18dbad550bf39d0d98268cb74dde76d987c3169c9067495fb1b88508bbb7e94cbb7dfc15c03b1d5b163132c8a468906f02d422a8cf98d0b432b5779dd962074b72dd27439b2e94312f573435e5aa84664432c1914839cd6e172186ce93eeb1d7cb0659696d9d550eb3b185f8c6ee16e53f78233cbe709f99d2879d63d93f7d0ed133241d2f1ab1eb2c56605ca0f0e01c39ab0ba2370fe5c4e68de0561b517ff9a10023c386236398372c7176e35443e2cf5dd6cbed9f23395f231e6a54f65626cb5860a8b72122c34664119e7c47204ef4a70583a00", 0x2000, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)={0x90, 0x0, 0x0, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}}}, 0x0, 0x0, 0x0, 0x0}) stat64(&(0x7f0000000180)='./file0\x00', &(0x7f0000000400)) 1.916638886s ago: executing program 0 (id=1464): socket$nl_netfilter(0x10, 0x3, 0xc) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close(0xffffffffffffffff) r1 = getpid() r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4) setsockopt$packet_fanout_data(r2, 0x107, 0x16, &(0x7f0000000100)={0x1, &(0x7f0000000080)=[{0x6}]}, 0x8) syz_emit_ethernet(0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="ffffffffffff0180c2000000810000b0503c00080045002324000000000021907800000000ff212e9db600eb50ebff6f88a9a6245f00474d24598a65dd8ea83b733272f56e81ad81b2f3c2841497676d7b202f731547cfb8847796d1e15c5fcf278715205b468d3e1b3d1f43504693afcee9b4fd6d9755bab77c"], 0x0) process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x5, &(0x7f0000000ac0)=ANY=[@ANYBLOB="180200001600830000000000800000008500000020000000850000002a00"], &(0x7f0000000080)='GPL\x00'}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x7, 0x0, &(0x7f0000000400)="e0b9547ed387db", 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r3 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r3, &(0x7f0000000040)={0xa, 0x4f22, 0xc8, @empty}, 0x1c) listen(r0, 0x0) socket$inet_mptcp(0x2, 0x1, 0x106) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff85b490fb566d92fd8700000000bfa200000000000007026098000000000000000008000000b70400000000000085000000030000d4c42707c7bb8deb7a92d4ca580e1ac59f193559105fed1fcaacfcf36051d02c3ab6b98a6501071288d3a342494583c0f811be56b3cd24abc32f82a30abecc0f2371ad7d76ac4a32068e6099c278a4075593d38f300994d08ed55e5e143cfdf9982f339c21fc609b87bc47c621c47bbfe515"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) mlockall(0x2) rmdir(&(0x7f0000000100)='./cgroup/../file0\x00') mount(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000040)='cpuset\x00', 0x0, 0x0) 1.443880927s ago: executing program 3 (id=1465): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = eventfd(0x0) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000140)={0x0, r1}) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 1.440122484s ago: executing program 0 (id=1466): socket(0x0, 0x80805, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) getdents64(0xffffffffffffffff, 0x0, 0x0) mkdir(&(0x7f0000000000)='./control\x00', 0x0) rmdir(&(0x7f0000000040)='./control\x00') ioctl$FS_IOC_SET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x800c6613, &(0x7f0000000100)=@v2={0x2, @aes128, 0x0, '\x00', @b}) r0 = syz_init_net_socket$llc(0x1a, 0x801, 0x0) bind$llc(r0, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x10) connect$llc(r0, &(0x7f0000000340)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x10) r1 = syz_init_net_socket$llc(0x1a, 0x802, 0x0) bind$llc(r1, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x10) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close_range(r2, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30) r3 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x12, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYRES64=0x0], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00'}) r4 = socket$nl_route(0x10, 0x3, 0x0) ioctl(r4, 0x8b2c, &(0x7f0000000040)) r5 = signalfd4(0xffffffffffffffff, &(0x7f0000000000), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r5, &(0x7f00000006c0)) openat$cgroup_subtree(r5, &(0x7f0000000080), 0x2, 0x0) lsetxattr$security_ima(&(0x7f0000000340)='./control\x00', &(0x7f0000000380), &(0x7f0000000400)=@sha1={0x1, "07ea5e3b049b3085b733656f439cc3fcfc9c33e8"}, 0x15, 0x0) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x11, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000080000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b70400000000000085000000330000009500000000000000"], &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) openat$cgroup_root(0xffffff9c, &(0x7f00000001c0)='./cgroup.cpu/syz0\x00', 0x200002, 0x0) 1.338776482s ago: executing program 3 (id=1467): r0 = getpid() syz_pidfd_open(r0, 0x0) syz_open_dev$tty20(0xc, 0x4, 0x1) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = getpid() process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) read$FUSE(0xffffffffffffffff, &(0x7f0000000100)={0x2020}, 0x2020) mlock2(&(0x7f0000ffa000/0x2000)=nil, 0x2000, 0x0) write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xb, &(0x7f0000000140)=@framed={{0x18, 0x2}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000080)='GPL\x00'}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48) r6 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000340)=@base={0x12, 0x2, 0x8, 0x2}, 0x48) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r6, r5, 0x7}, 0x10) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map, r4, 0x7, 0x0, 0x0, @prog_id}, 0x20) getpid() r7 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r7, &(0x7f0000000040)={0x2, 0x4e21, @multicast2}, 0x10) connect$inet(r7, &(0x7f0000000080)={0x2, 0x4e21, @empty}, 0x10) bind$inet6(0xffffffffffffffff, &(0x7f0000002240)={0xa, 0x4e23, 0x8, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}, 0xfffffffa}, 0x1c) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x1b, &(0x7f00000000c0)=0x9, 0x4) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r3, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9540700000000000400b55467", 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0) ioctl$KDGKBTYPE(0xffffffffffffffff, 0x4b33, &(0x7f0000000040)) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000021c0)={0x7d}, 0x8) socket$igmp(0x2, 0x3, 0x2) syz_emit_ethernet(0xfffffffffffffe56, &(0x7f0000002140)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaa3e08004500002c0000000000119078ffffffffe000c80000040000001a907804000003c3e121a1d7d184ede93a0ce485e97300"/74], 0x0) 1.246858869s ago: executing program 0 (id=1468): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) ioctl$TCSETAF(r2, 0x5408, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xbfff, 0x0, "ec28a144f13d7607"}) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000900), r3) sendmsg$NLBL_UNLABEL_C_STATICREMOVE(r3, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000a00)={&(0x7f0000000940)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000006e02000000000400000014000200fc0000000000000000000000006772cfc100000000f2017deb00000000"], 0x3c}}, 0x0) write$binfmt_aout(r2, &(0x7f00000000c0)=ANY=[], 0xff2e) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f00000000c0)={0x0, 0xfffffffe, 0x40000000, 0x1, 0xf, "0062ba7d82000000000000000000f7ffffff00"}) syz_open_pts(r2, 0x21a802) ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000000)=0x44) r5 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000002c0)={'vxcan1\x00', 0x0}) sendto$packet(r5, &(0x7f0000000180)="248100000008003c0416e6", 0xb, 0x0, &(0x7f0000000140)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @broadcast}, 0x14) r7 = socket$l2tp(0x2, 0x2, 0x73) setsockopt$IPT_SO_SET_REPLACE(r7, 0x4000000000000, 0x40, &(0x7f00000002c0)=@raw={'raw\x00', 0x4001, 0x3, 0x270, 0x0, 0x0, 0x148, 0xb8, 0x148, 0x1b0, 0x240, 0x240, 0x1b0, 0x240, 0x7fffffe, 0x0, {[{{@uncond, 0x0, 0x70, 0xb8}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x2, 0xcb, 0xb31, 0x0, 'netbios-ns\x00'}}}, {{@ip={@local, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'ip6gre0\x00', 'pim6reg\x00'}, 0x0, 0xb8, 0x124, 0x0, {}, [@inet=@rpfilter={{0x24}, {0x4}}, @inet=@rpfilter={{0x24}}]}, @common=@unspec=@ERROR={0x0, 'ERROR\x00', 0x0, "e9514f9595bad6c87b952fcae6e266b9bc641eb49c89a84f08263e8776b6"}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0xd6) 1.246488531s ago: executing program 1 (id=1469): close(0xffffffffffffffff) bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c) listen(0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {0x1}}, './file0\x00'}) ioctl$FBIOPUT_VSCREENINFO(r2, 0x4601, &(0x7f0000000140)={0x190, 0x1000, 0x60, 0x20, 0x4, 0x7, 0xf, 0x0, {0x1, 0x80000000}, {0x1, 0x0, 0x1}, {0x2, 0x0, 0x1}, {0x3, 0x3, 0x1}, 0x2, 0x10, 0x800000cf, 0x5, 0x1, 0x8, 0x4, 0x2, 0x6, 0x8, 0x48000, 0x7fffffff, 0x2, 0x4, 0x1, 0x6}) syz_genetlink_get_family_id$nfc(0x0, r1) r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) setsockopt$ax25_SO_BINDTODEVICE(r3, 0x101, 0x19, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) connect$inet(0xffffffffffffffff, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) listen(0xffffffffffffffff, 0x8) r4 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) write$binfmt_elf64(r4, &(0x7f0000000240)=ANY=[], 0x78) 1.175320927s ago: executing program 1 (id=1470): socket$inet_sctp(0x2, 0x400000000001, 0x84) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000130000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001340)=[{&(0x7f00000001c0)="2e00000010008188040f46ecdb4cb9cca7480ef40f000000e3bd6efb010509000b000a000d000000ba8000001201", 0x2e}], 0x1, 0x0, 0x0, 0xc9e}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d) r3 = syz_io_uring_setup(0x2dda, &(0x7f0000000600)={0x0, 0x0, 0x10100, 0x3}, &(0x7f0000000240), &(0x7f0000000140)=0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="043ef50d"], 0xf8) syz_io_uring_setup(0x5e2, &(0x7f00000003c0), &(0x7f0000000040)=0x0, &(0x7f0000000180)) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_PROTOCOL(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c0000000106010100000000000000f4ff00"/28], 0x1c}}, 0x0) syz_io_uring_submit(r5, r4, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x4}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r7 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x1, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r7, 0x80045530, &(0x7f00000000c0)=""/87) io_uring_enter(r3, 0xa3d, 0x0, 0x0, 0x0, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000580)) r8 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[], 0x24}}, 0x0) syz_init_net_socket$llc(0x1a, 0x1, 0x0) r9 = openat$sr(0xffffff9c, &(0x7f0000000740), 0x20100, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x6, 0x20, &(0x7f0000000780)=ANY=[@ANYBLOB="1f0000000000000700000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000e07b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002000000850000008200000024040c00f0ffffff185000000f00000000000000000000001836000005000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000640600007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000001000000850000008200000018420000ffffffff000000000000000018530000010000000000000000000000186200000f00000000000000070000009500000000000000"], &(0x7f0000000880)='GPL\x00', 0x10001, 0x2c, &(0x7f00000008c0)=""/44, 0x40f00, 0x4, '\x00', 0x0, 0x25, r0, 0x8, &(0x7f0000000900)={0x9, 0x2}, 0x8, 0x10, &(0x7f0000000940)={0x3, 0x3, 0x34, 0x101}, 0x10, 0x0, 0x0, 0x7, 0x0, &(0x7f0000000980)=[{0x1, 0x4, 0x7, 0x7}, {0x5, 0x2, 0x0, 0xc}, {0x5, 0x1, 0xb, 0x5}, {0x4, 0x2, 0xb, 0x7}, {0x2, 0x5, 0x9}, {0x0, 0x1, 0xf, 0x6}, {0x3, 0x5, 0x2, 0x1}], 0x10, 0x8}, 0x90) r10 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) read(r10, &(0x7f0000000200)=""/209, 0xd1) 937.199729ms ago: executing program 2 (id=1471): r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c) listen(r0, 0xc) r1 = socket$inet_dccp(0x2, 0x6, 0x0) connect$inet(r1, &(0x7f0000000080)={0x2, 0x4e20, @remote}, 0x10) 361.224222ms ago: executing program 3 (id=1472): r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c) listen(r0, 0xc) r1 = socket$inet_dccp(0x2, 0x6, 0x0) setsockopt(r1, 0x10d, 0xa, 0x0, 0x0) connect$inet(r1, &(0x7f0000000080)={0x2, 0x4e20, @remote}, 0x10) 293.478691ms ago: executing program 0 (id=1473): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r0, 0x4030582a, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x40bffe}) ioctl$BTRFS_IOC_START_SYNC(r0, 0x80089418, &(0x7f0000000400)) r1 = openat$urandom(0xffffff9c, &(0x7f00000003c0), 0x200400, 0x0) ioctl$BTRFS_IOC_SCRUB_CANCEL(r1, 0x941c, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt(0xffffffffffffffff, 0x788, 0x4, &(0x7f0000000440)="24ccdd472bd1184045403aa7cf5bef5537e9e01d0b910f1fe7b40b130e6d19a7fe7f9e3cb02d4f3a1e8da477743bc3be121bf133ec84458853061f291b000b0a9256f4edd94172878d57317fed50d71acb01b416c62ae9262a88d1420092260ab280dcbe55b1132285601c7d3809e6a086376ce7bd160a8fc9786f6057f30f0f58141abfc3ffaf04b0cea85ee86bf85e77deeafb805f86a6412623023ab166af483050c8c58ac0c0e98fe3cf190c77521d4403b92214097ffa1b2f7ef473ff09238e988123b99491bd1af4fd8e8cc2b0a14ef1ae1226a8484a99c3b5f3f4a0d68fa405d18bef32d31369269529a3467e74d4e36222ec9c38", 0xf8) sendmsg$NFNL_MSG_COMPAT_GET(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)=ANY=[@ANYBLOB="4c000000000b0102000000000000000003000000080001"], 0x4c}}, 0x0) r3 = socket$inet6_mptcp(0xa, 0x1, 0x106) sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000380)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYBLOB="380000000206010100000000070000081c0007801800018014000240ff020000000001e200000000000000010500040000000000"], 0x38}, 0x1, 0x0, 0x0, 0x4004810}, 0x20004045) r4 = getpid() process_vm_readv(r4, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={r4, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cM\b,\xcf\x83\x00'}, 0x30) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00'}, 0x70) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r5, r6, 0x2}, 0x10) socketpair(0xa, 0x1, 0x100, &(0x7f0000000080)) (fail_nth: 7) getsockopt$inet6_tcp_buf(r3, 0x6, 0xb, &(0x7f0000000000)=""/26, &(0x7f0000000040)=0x1a) 277.729939ms ago: executing program 1 (id=1474): r0 = getpid() syz_pidfd_open(r0, 0x0) syz_open_dev$tty20(0xc, 0x4, 0x1) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = getpid() process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) read$FUSE(0xffffffffffffffff, &(0x7f0000000100)={0x2020}, 0x2020) mlock2(&(0x7f0000ffa000/0x2000)=nil, 0x2000, 0x0) write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xb, &(0x7f0000000140)=@framed={{0x18, 0x2}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000080)='GPL\x00'}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48) r6 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000340)=@base={0x12, 0x2, 0x8, 0x2}, 0x48) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r6, r5, 0x7}, 0x10) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map, r4, 0x7, 0x0, 0x0, @prog_id}, 0x20) getpid() r7 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r7, &(0x7f0000000040)={0x2, 0x4e21, @multicast2}, 0x10) connect$inet(r7, &(0x7f0000000080)={0x2, 0x4e21, @empty}, 0x10) bind$inet6(0xffffffffffffffff, &(0x7f0000002240)={0xa, 0x4e23, 0x8, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}, 0xfffffffa}, 0x1c) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x1b, &(0x7f00000000c0)=0x9, 0x4) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r3, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9540700000000000400b55467", 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0) ioctl$KDGKBTYPE(0xffffffffffffffff, 0x4b33, &(0x7f0000000040)) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000021c0)={0x7d}, 0x8) setsockopt$MRT_INIT(0xffffffffffffffff, 0x0, 0xc8, &(0x7f0000003d40), 0x4) syz_emit_ethernet(0xfffffffffffffe56, &(0x7f0000002140)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaa3e08004500002c0000000000119078ffffffffe000c80000040000001a907804000003c3e121a1d7d184ede93a0ce485e97300"/74], 0x0) 0s ago: executing program 2 (id=1475): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000240)={0x8, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000700)=ANY=[@ANYBLOB="080000000a00000000000000ff0100000000000000000000df000601000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000a00000000000000fe8000000000000000000000000000aa00000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00000000000000fc0100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ee3790447ec7c8585b057b10b2ea573229fc734cef7e530c99a05d70cb56c1896a8a74c7154288b342900db300da6e8fee4a"], 0x190) setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, 0x0, 0x0) socket$netlink(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket(0x0, 0x0, 0x0) process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_trace_dev_match', 0x0, 0x0) pread64(r1, &(0x7f0000000040)=""/41, 0x29, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x49, 0x0, 0x0) syz_emit_ethernet(0x6e, 0x0, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB="500000001800010000000000000000001d01000008000e00", @ANYRES32, @ANYBLOB='\b\x00\n\x00', @ANYRES32, @ANYBLOB="1500010000000000000000007721f5438b20ffdf0300000008000900", @ANYBLOB='\b'], 0x50}}, 0x0) socket$inet_udp(0x2, 0x2, 0x0) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000b80)=[{&(0x7f0000000580)=""/85, 0x69}], 0x1, 0x0, 0x0) kernel console output (not intermixed with test programs): 85][ T9134] [ 230.711008][ T9134] dump_stack_lvl+0x16c/0x1f0 [ 230.713297][ T9134] should_fail_ex+0x497/0x5b0 [ 230.715434][ T9134] ? fs_reclaim_acquire+0xae/0x160 [ 230.717622][ T9134] should_failslab+0xc2/0x120 [ 230.719787][ T9134] kmem_cache_alloc_node_noprof+0x71/0x310 [ 230.722228][ T9134] ? alloc_vmap_area+0xdc8/0x2a70 [ 230.724309][ T9134] alloc_vmap_area+0xdc8/0x2a70 [ 230.726390][ T9134] ? __pfx_alloc_vmap_area+0x10/0x10 [ 230.728621][ T9134] __get_vm_area_node+0x17e/0x2d0 [ 230.730730][ T9134] ? v4l2_write+0x22c/0x360 [ 230.732897][ T9134] __vmalloc_node_range_noprof+0x276/0x1520 [ 230.735353][ T9134] ? vb2_vmalloc_alloc+0x11e/0x3d0 [ 230.737430][ T9134] ? vb2_vmalloc_alloc+0x11e/0x3d0 [ 230.739731][ T9134] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 230.742576][ T9134] ? vb2_vmalloc_alloc+0x11e/0x3d0 [ 230.744883][ T9134] ? __pfx_vb2_vmalloc_alloc+0x10/0x10 [ 230.747294][ T9134] vmalloc_user_noprof+0x6b/0x90 [ 230.749483][ T9134] ? vb2_vmalloc_alloc+0x11e/0x3d0 [ 230.751462][ T9134] vb2_vmalloc_alloc+0x11e/0x3d0 [ 230.753367][ T9134] ? __pfx_vb2_vmalloc_alloc+0x10/0x10 [ 230.755411][ T9134] __vb2_queue_alloc+0x896/0x1220 [ 230.757118][ T9134] vb2_core_reqbufs+0xa73/0xfb0 [ 230.758564][ T9134] ? __pfx_vb2_core_reqbufs+0x10/0x10 [ 230.760737][ T9134] __vb2_init_fileio+0x3f3/0x1110 [ 230.762899][ T9134] ? trace_contention_end+0xea/0x140 [ 230.764946][ T9134] __vb2_perform_fileio+0x9e7/0x1620 [ 230.766988][ T9134] ? __pfx___vb2_perform_fileio+0x10/0x10 [ 230.769170][ T9134] vb2_fop_write+0x20e/0x400 [ 230.770982][ T9134] v4l2_write+0x22c/0x360 [ 230.772659][ T9134] ? __pfx_v4l2_write+0x10/0x10 [ 230.774516][ T9134] vfs_write+0x29a/0x1140 [ 230.775998][ T9134] ? __pfx_vfs_write+0x10/0x10 [ 230.777715][ T9134] ? __fget_files+0x256/0x400 [ 230.779441][ T9134] ? __fget_light+0x173/0x210 [ 230.781855][ T9134] ksys_write+0x12f/0x260 [ 230.783816][ T9134] ? __pfx_ksys_write+0x10/0x10 [ 230.786025][ T9134] __do_fast_syscall_32+0x73/0x120 [ 230.788361][ T9134] do_fast_syscall_32+0x32/0x80 [ 230.790575][ T9134] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 230.793413][ T9134] RIP: 0023:0xf73be579 [ 230.795194][ T9134] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 230.803127][ T9134] RSP: 002b:00000000f56b557c EFLAGS: 00000292 ORIG_RAX: 0000000000000004 [ 230.806759][ T9134] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200000c0 [ 230.810152][ T9134] RDX: 000000000000fea7 RSI: 0000000000000000 RDI: 0000000000000000 [ 230.813644][ T9134] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 230.817096][ T9134] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 230.820444][ T9134] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 230.823732][ T9134] [ 230.967927][ T9144] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1028'. [ 230.990371][ T9144] batman_adv: batadv1: Adding interface: netdevsim0 [ 230.993122][ T9144] batman_adv: batadv1: The MTU of interface netdevsim0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 231.013334][ T9144] batman_adv: batadv1: Interface activated: netdevsim0 [ 231.609761][ T9156] netlink: 'syz.0.1032': attribute type 10 has an invalid length. [ 231.615730][ T9156] netlink: 2 bytes leftover after parsing attributes in process `syz.0.1032'. [ 231.632387][ T9156] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1032'. [ 231.930717][ T9162] bridge_slave_0: left allmulticast mode [ 231.933115][ T9162] bridge_slave_0: left promiscuous mode [ 231.937907][ T9162] bridge0: port 1(bridge_slave_0) entered disabled state [ 231.945900][ T9162] bridge_slave_1: left allmulticast mode [ 231.948498][ T9162] bridge_slave_1: left promiscuous mode [ 231.950737][ T9162] bridge0: port 2(bridge_slave_1) entered disabled state [ 231.975081][ T9162] bond0: (slave bond_slave_0): Releasing backup interface [ 231.986453][ T9162] bond0: (slave bond_slave_1): Releasing backup interface [ 232.042730][ T9162] team0: Port device team_slave_0 removed [ 232.060624][ T9162] team0: Port device team_slave_1 removed [ 232.064773][ T9162] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 232.068218][ T9162] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 232.075798][ T9162] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 232.079242][ T9162] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 232.093596][ T9162] batman_adv: batadv1: Interface deactivated: netdevsim0 [ 232.095843][ T9168] FAULT_INJECTION: forcing a failure. [ 232.095843][ T9168] name failslab, interval 1, probability 0, space 0, times 0 [ 232.097011][ T9162] batman_adv: batadv1: Removing interface: netdevsim0 [ 232.102551][ T9168] CPU: 1 UID: 0 PID: 9168 Comm: syz.2.1036 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 232.102576][ T9168] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 232.102588][ T9168] Call Trace: [ 232.102595][ T9168] [ 232.117634][ T9168] dump_stack_lvl+0x16c/0x1f0 [ 232.119889][ T9168] should_fail_ex+0x497/0x5b0 [ 232.122000][ T9168] ? fs_reclaim_acquire+0xae/0x160 [ 232.124118][ T9168] should_failslab+0xc2/0x120 [ 232.126018][ T9168] __kmalloc_noprof+0xcb/0x410 [ 232.128171][ T9168] ext4_find_extent+0x95c/0xce0 [ 232.130224][ T9168] ? rcu_is_watching+0x12/0xc0 [ 232.132268][ T9168] ext4_ext_map_blocks+0x27d/0x5cd0 [ 232.134559][ T9168] ? __pfx___lock_acquire+0x10/0x10 [ 232.136872][ T9168] ? __pfx___lock_acquire+0x10/0x10 [ 232.139193][ T9168] ? __pfx_do_raw_write_lock+0x10/0x10 [ 232.141850][ T9168] ? __pfx_ext4_ext_map_blocks+0x10/0x10 [ 232.144333][ T9168] ? rwsem_read_trylock+0x12d/0x250 [ 232.146615][ T9168] ? __pfx_rwsem_read_trylock+0x10/0x10 [ 232.149047][ T9168] ? find_held_lock+0x2d/0x110 [ 232.151160][ T9168] ? __pfx___might_resched+0x10/0x10 [ 232.153487][ T9168] ext4_map_blocks+0x848/0x17d0 [ 232.155644][ T9168] ? kernel_text_address+0x8d/0x100 [ 232.158168][ T9168] ? __pfx_ext4_map_blocks+0x10/0x10 [ 232.160542][ T9168] ? unwind_get_return_address+0x45/0xe0 [ 232.163001][ T9168] ? jbd2_transaction_committed+0x4e/0x70 [ 232.165323][ T9168] ? ext4_set_iomap+0x6c6/0xc90 [ 232.167111][ T9168] ext4_iomap_begin_report+0x2b1/0x4a0 [ 232.169266][ T9168] ? __pfx_ext4_iomap_begin_report+0x10/0x10 [ 232.171901][ T9168] ? __pfx_mark_lock+0x10/0x10 [ 232.174260][ T9168] ? tomoyo_path_number_perm+0x467/0x5b0 [ 232.176705][ T9168] ? kasan_save_stack+0x42/0x60 [ 232.178842][ T9168] ? __pfx_ext4_iomap_begin_report+0x10/0x10 [ 232.181183][ T9168] iomap_iter+0x61f/0x1080 [ 232.182946][ T9168] iomap_fiemap+0x196/0x390 [ 232.184731][ T9168] ? __pfx_iomap_fiemap+0x10/0x10 [ 232.186714][ T9168] ? __might_fault+0x13b/0x190 [ 232.188835][ T9168] ? __pfx_lock_release+0x10/0x10 [ 232.191069][ T9168] ext4_fiemap+0x172/0x1f0 [ 232.192830][ T9168] ? __pfx_ext4_fiemap+0x10/0x10 [ 232.194782][ T9168] do_vfs_ioctl+0x404/0x1a90 [ 232.196538][ T9168] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 232.198017][ T9168] ? __pfx_lock_release+0x10/0x10 [ 232.199846][ T9168] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 232.202479][ T9168] ? bpf_lsm_file_ioctl_compat+0x9/0x10 [ 232.204979][ T9168] __do_compat_sys_ioctl+0x149/0x330 [ 232.207024][ T9168] __do_fast_syscall_32+0x73/0x120 [ 232.209414][ T9168] do_fast_syscall_32+0x32/0x80 [ 232.211491][ T9168] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 232.213660][ T9168] RIP: 0023:0xf73be579 [ 232.215320][ T9168] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 232.222945][ T9168] RSP: 002b:00000000f56b557c EFLAGS: 00000292 ORIG_RAX: 0000000000000036 [ 232.226397][ T9168] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000c020660b [ 232.230246][ T9168] RDX: 0000000020000180 RSI: 0000000000000000 RDI: 0000000000000000 [ 232.233793][ T9168] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 232.237104][ T9168] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 232.240521][ T9168] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 232.243917][ T9168] [ 232.468179][ T9177] futex_wake_op: syz.3.1039 tries to shift op by 144; fix this program [ 232.794943][ T9187] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22 [ 232.799286][ T9187] netdevsim netdevsim3: Direct firmware load for . failed with error -22 [ 232.815940][ T9187] netdevsim netdevsim3: Falling back to sysfs fallback for: . [ 232.930925][ T9195] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1047'. [ 233.229533][ T9198] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1048'. [ 233.302926][ T9201] FAULT_INJECTION: forcing a failure. [ 233.302926][ T9201] name failslab, interval 1, probability 0, space 0, times 0 [ 233.308666][ T9201] CPU: 3 UID: 0 PID: 9201 Comm: syz.2.1049 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 233.313550][ T9201] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 233.318354][ T9201] Call Trace: [ 233.319878][ T9201] [ 233.321205][ T9201] dump_stack_lvl+0x16c/0x1f0 [ 233.323507][ T9201] should_fail_ex+0x497/0x5b0 [ 233.325830][ T9201] ? fs_reclaim_acquire+0xae/0x160 [ 233.328123][ T9201] should_failslab+0xc2/0x120 [ 233.330179][ T9201] __kmalloc_noprof+0xcb/0x410 [ 233.332387][ T9201] nf_tables_newrule+0xbf9/0x2890 [ 233.334880][ T9201] ? __pfx_nf_tables_newrule+0x10/0x10 [ 233.337366][ T9201] ? net_generic+0xea/0x2a0 [ 233.339547][ T9201] ? __pfx_lock_release+0x10/0x10 [ 233.342144][ T9201] ? __nla_parse+0x40/0x60 [ 233.344522][ T9201] nfnetlink_rcv_batch+0x1a19/0x24e0 [ 233.347365][ T9201] ? __pfx_nfnetlink_rcv_batch+0x10/0x10 [ 233.350285][ T9201] ? __pfx_lock_release+0x10/0x10 [ 233.352487][ T9201] ? __local_bh_enable_ip+0xa4/0x120 [ 233.354715][ T9201] ? lockdep_hardirqs_on+0x7c/0x110 [ 233.356965][ T9201] ? __pfx___dev_queue_xmit+0x10/0x10 [ 233.359278][ T9201] ? bpf_lsm_capable+0x9/0x10 [ 233.361338][ T9201] ? __nla_parse+0x40/0x60 [ 233.363418][ T9201] nfnetlink_rcv+0x3c3/0x430 [ 233.365398][ T9201] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 233.367605][ T9201] netlink_unicast+0x544/0x830 [ 233.369782][ T9201] ? __pfx_netlink_unicast+0x10/0x10 [ 233.371918][ T9201] ? __phys_addr_symbol+0x30/0x80 [ 233.373839][ T9201] ? __check_object_size+0x497/0x720 [ 233.376156][ T9201] netlink_sendmsg+0x8b8/0xd70 [ 233.378434][ T9201] ? __pfx_netlink_sendmsg+0x10/0x10 [ 233.381030][ T9201] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 233.383466][ T9201] ____sys_sendmsg+0x9b4/0xb50 [ 233.385591][ T9201] ? __pfx_____sys_sendmsg+0x10/0x10 [ 233.387971][ T9201] ? get_compat_msghdr+0x11b/0x170 [ 233.390135][ T9201] ? __pfx___lock_acquire+0x10/0x10 [ 233.392053][ T9201] ___sys_sendmsg+0x135/0x1e0 [ 233.394065][ T9201] ? __pfx____sys_sendmsg+0x10/0x10 [ 233.396021][ T9201] ? ksys_write+0x21c/0x260 [ 233.397747][ T9201] ? __fget_light+0x173/0x210 [ 233.399757][ T9201] __sys_sendmsg+0x117/0x1f0 [ 233.401718][ T9201] ? __pfx___sys_sendmsg+0x10/0x10 [ 233.403903][ T9201] __do_fast_syscall_32+0x73/0x120 [ 233.406188][ T9201] do_fast_syscall_32+0x32/0x80 [ 233.408397][ T9201] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 233.411246][ T9201] RIP: 0023:0xf73be579 [ 233.413083][ T9201] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 233.420917][ T9201] RSP: 002b:00000000f56d657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 233.424422][ T9201] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000 [ 233.427821][ T9201] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 233.431277][ T9201] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 233.434517][ T9201] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 233.437845][ T9201] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 233.441217][ T9201] [ 234.086864][ T9218] FAULT_INJECTION: forcing a failure. [ 234.086864][ T9218] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 234.093101][ T9218] CPU: 2 UID: 0 PID: 9218 Comm: syz.2.1056 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 234.099103][ T9218] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 234.104225][ T9218] Call Trace: [ 234.105907][ T9218] [ 234.107192][ T9218] dump_stack_lvl+0x16c/0x1f0 [ 234.109300][ T9218] should_fail_ex+0x497/0x5b0 [ 234.111346][ T9218] _copy_to_user+0x30/0xc0 [ 234.113261][ T9218] simple_read_from_buffer+0xd0/0x160 [ 234.115613][ T9218] proc_fail_nth_read+0x1b0/0x290 [ 234.118087][ T9218] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 234.120500][ T9218] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 234.123000][ T9218] vfs_read+0x1d4/0xbd0 [ 234.124814][ T9218] ? __fdget_pos+0xeb/0x180 [ 234.126815][ T9218] ? __pfx_vfs_read+0x10/0x10 [ 234.128892][ T9218] ? __pfx___mutex_lock+0x10/0x10 [ 234.131019][ T9218] ? __fget_files+0x256/0x400 [ 234.132792][ T9218] ksys_read+0x12f/0x260 [ 234.134661][ T9218] ? __pfx_ksys_read+0x10/0x10 [ 234.136752][ T9218] __do_fast_syscall_32+0x73/0x120 [ 234.138929][ T9218] do_fast_syscall_32+0x32/0x80 [ 234.140996][ T9218] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 234.143686][ T9218] RIP: 0023:0xf73be579 [ 234.145506][ T9218] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 234.153938][ T9218] RSP: 002b:00000000f56d65b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 234.157413][ T9218] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f56d6630 [ 234.160743][ T9218] RDX: 000000000000000f RSI: 00000000f73acff4 RDI: 0000000000000000 [ 234.163894][ T9218] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 234.167168][ T9218] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 234.170462][ T9218] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 234.173776][ T9218] [ 234.247220][ T9219] nbd0: detected capacity change from 0 to 12 [ 234.254242][ T7209] block nbd0: Send control failed (result -89) [ 234.260512][ T7209] block nbd0: Request send failed, requeueing [ 234.270656][ T66] block nbd0: Receive control failed (result -32) [ 234.294973][ T832] block nbd0: Dead connection, failed to find a fallback [ 234.298453][ T832] block nbd0: shutting down sockets [ 234.301347][ T832] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 234.305967][ T832] Buffer I/O error on dev nbd0, logical block 0, async page read [ 234.309563][ T7209] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 234.334941][ T7209] Buffer I/O error on dev nbd0, logical block 0, async page read [ 234.341760][ T7209] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 234.351676][ T7209] Buffer I/O error on dev nbd0, logical block 0, async page read [ 234.354891][ T7209] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 234.358448][ T7209] Buffer I/O error on dev nbd0, logical block 0, async page read [ 234.373728][ T7209] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 234.383596][ T7209] Buffer I/O error on dev nbd0, logical block 0, async page read [ 234.387405][ T7209] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 234.401856][ T7209] Buffer I/O error on dev nbd0, logical block 0, async page read [ 234.405086][ T7209] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 234.408885][ T7209] Buffer I/O error on dev nbd0, logical block 0, async page read [ 234.411692][ T7209] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 234.426162][ T7209] Buffer I/O error on dev nbd0, logical block 0, async page read [ 234.429579][ T7209] ldm_validate_partition_table(): Disk read failed. [ 234.455867][ T7209] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 234.459851][ T7209] Buffer I/O error on dev nbd0, logical block 0, async page read [ 234.463340][ T7209] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 234.473578][ T7209] Buffer I/O error on dev nbd0, logical block 0, async page read [ 234.476601][ T7209] Dev nbd0: unable to read RDB block 0 [ 234.478594][ T7209] nbd0: unable to read partition table [ 234.484182][ T7209] nbd0: partition table beyond EOD, truncated [ 234.495714][ T7209] ldm_validate_partition_table(): Disk read failed. [ 234.499211][ T7209] Dev nbd0: unable to read RDB block 0 [ 234.501997][ T7209] nbd0: unable to read partition table [ 234.505294][ T7209] nbd0: partition table beyond EOD, truncated [ 234.621653][ T9228] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1059'. [ 234.899907][ T9238] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 234.912066][ T9238] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 235.791328][ T9259] netlink: 'syz.3.1066': attribute type 20 has an invalid length. [ 236.109054][ T9262] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 237.291819][ T9277] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1073'. [ 237.308073][ T9277] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1073'. [ 237.322122][ T9277] fuse: Invalid rootmode [ 237.620433][ T9283] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1076'. [ 237.798381][ T9285] netlink: 'syz.2.1077': attribute type 20 has an invalid length. [ 237.849974][ T9293] can0: slcan on ttyprintk. [ 237.871735][ T9296] FAULT_INJECTION: forcing a failure. [ 237.871735][ T9296] name failslab, interval 1, probability 0, space 0, times 0 [ 237.877286][ T9296] CPU: 2 UID: 0 PID: 9296 Comm: syz.3.1079 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 237.881500][ T9296] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 237.886064][ T9296] Call Trace: [ 237.887506][ T9296] [ 237.888772][ T9296] dump_stack_lvl+0x16c/0x1f0 [ 237.890768][ T9296] should_fail_ex+0x497/0x5b0 [ 237.892795][ T9296] should_failslab+0xc2/0x120 [ 237.894794][ T9296] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 237.896941][ T9296] ? skb_clone+0x190/0x3f0 [ 237.898837][ T9296] skb_clone+0x190/0x3f0 [ 237.900798][ T9296] netlink_deliver_tap+0xb26/0xcf0 [ 237.902920][ T9296] netlink_unicast+0x606/0x830 [ 237.904776][ T9296] ? __pfx_netlink_unicast+0x10/0x10 [ 237.906777][ T9296] ? __phys_addr_symbol+0x30/0x80 [ 237.908669][ T9296] ? __check_object_size+0x497/0x720 [ 237.910638][ T9296] netlink_sendmsg+0x8b8/0xd70 [ 237.912465][ T9296] ? __pfx_netlink_sendmsg+0x10/0x10 [ 237.914455][ T9296] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 237.916808][ T9296] ____sys_sendmsg+0x9b4/0xb50 [ 237.918856][ T9296] ? __pfx_____sys_sendmsg+0x10/0x10 [ 237.921402][ T9296] ? get_compat_msghdr+0x11b/0x170 [ 237.923759][ T9296] ? __pfx___lock_acquire+0x10/0x10 [ 237.926013][ T9296] ___sys_sendmsg+0x135/0x1e0 [ 237.928099][ T9296] ? __pfx____sys_sendmsg+0x10/0x10 [ 237.930320][ T9296] ? ksys_write+0x21c/0x260 [ 237.932623][ T9296] ? __fget_light+0x173/0x210 [ 237.934804][ T9296] __sys_sendmsg+0x117/0x1f0 [ 237.936770][ T9296] ? __pfx___sys_sendmsg+0x10/0x10 [ 237.938861][ T9296] __do_fast_syscall_32+0x73/0x120 [ 237.941524][ T9296] do_fast_syscall_32+0x32/0x80 [ 237.943589][ T9296] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 237.946065][ T9296] RIP: 0023:0xf7f1f579 [ 237.947814][ T9296] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 237.955874][ T9296] RSP: 002b:00000000f56d657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 237.959268][ T9296] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000600 [ 237.962641][ T9296] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 237.966062][ T9296] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 237.969390][ T9296] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 237.972761][ T9296] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 237.980253][ T9296] [ 238.175051][ T9301] netlink: 'syz.3.1080': attribute type 20 has an invalid length. [ 238.640639][ T9315] block nbd2: not configured, cannot reconfigure [ 238.647295][ T9289] can0 (unregistered): slcan off ttyprintk. [ 238.898405][ T9329] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1084'. [ 239.122882][ T9349] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1088'. [ 239.170079][ T9336] block nbd3: not configured, cannot reconfigure [ 239.202024][ T9344] netlink: 'syz.2.1090': attribute type 20 has an invalid length. [ 239.323833][ T5373] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 239.537008][ T5373] usb 5-1: config 0 has no interfaces? [ 239.541087][ T5373] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 239.546227][ T5373] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 239.549940][ T5373] usb 5-1: SerialNumber: syz [ 239.556946][ T5373] usb 5-1: config 0 descriptor?? [ 239.643582][ T6553] usb 8-1: new high-speed USB device number 10 using dummy_hcd [ 239.743529][ T9355] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1092'. [ 239.747121][ T9355] FAULT_INJECTION: forcing a failure. [ 239.747121][ T9355] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 239.760724][ T9355] CPU: 1 UID: 0 PID: 9355 Comm: syz.1.1092 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 239.767532][ T9355] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 239.772463][ T9355] Call Trace: [ 239.774042][ T9355] [ 239.775888][ T9355] dump_stack_lvl+0x16c/0x1f0 [ 239.778546][ T9355] should_fail_ex+0x497/0x5b0 [ 239.780642][ T9355] _copy_to_user+0x30/0xc0 [ 239.780665][ T9355] simple_read_from_buffer+0xd0/0x160 [ 239.780688][ T9355] proc_fail_nth_read+0x1b0/0x290 [ 239.780714][ T9355] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 239.783868][ T5373] usb 5-1: USB disconnect, device number 12 [ 239.784920][ T9355] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 239.784955][ T9355] vfs_read+0x1d4/0xbd0 [ 239.795792][ T9355] ? __fdget_pos+0xeb/0x180 [ 239.797769][ T9355] ? __pfx_vfs_read+0x10/0x10 [ 239.799721][ T9355] ? __pfx___mutex_lock+0x10/0x10 [ 239.801572][ T9355] ? __fget_files+0x256/0x400 [ 239.803327][ T9355] ksys_read+0x12f/0x260 [ 239.805232][ T9355] ? __pfx_ksys_read+0x10/0x10 [ 239.807603][ T9355] __do_fast_syscall_32+0x73/0x120 [ 239.809883][ T9355] do_fast_syscall_32+0x32/0x80 [ 239.812059][ T9355] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 239.814919][ T9355] RIP: 0023:0xf7f57579 [ 239.816774][ T9355] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 239.825443][ T9355] RSP: 002b:00000000f57065b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 239.829034][ T9355] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5706630 [ 239.832101][ T9355] RDX: 000000000000000f RSI: 00000000f73dcff4 RDI: 0000000000000000 [ 239.835446][ T9355] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000 [ 239.838871][ T9355] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 239.842127][ T9355] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 239.845140][ T9355] [ 239.873579][ T6553] usb 8-1: Using ep0 maxpacket: 8 [ 239.878064][ T6553] usb 8-1: New USB device found, idVendor=0c10, idProduct=0000, bcdDevice=bd.3b [ 239.882211][ T6553] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 239.893598][ T6553] usb 8-1: config 0 descriptor?? [ 240.131494][ T9361] netlink: 'syz.2.1095': attribute type 20 has an invalid length. [ 240.232824][ T30] usb 8-1: USB disconnect, device number 10 [ 240.387515][ T9373] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1097'. [ 240.493178][ T9377] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1099'. [ 240.647210][ T9381] netlink: 'syz.0.1100': attribute type 10 has an invalid length. [ 240.650735][ T9381] netlink: 2 bytes leftover after parsing attributes in process `syz.0.1100'. [ 240.687290][ T9381] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1100'. [ 240.949126][ T9387] block nbd2: not configured, cannot reconfigure [ 241.083636][ T30] usb 8-1: new high-speed USB device number 11 using dummy_hcd [ 241.276943][ T30] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 241.276973][ T30] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 241.277008][ T30] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 241.277019][ T30] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 241.281321][ T9383] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 241.283354][ T30] usb 8-1: Quirk or no altset; falling back to MIDI 1.0 [ 241.498362][ T30] usb 8-1: USB disconnect, device number 11 [ 241.728288][ T9399] FAULT_INJECTION: forcing a failure. [ 241.728288][ T9399] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 241.728356][ T9399] CPU: 3 UID: 0 PID: 9399 Comm: syz.0.1107 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 241.728375][ T9399] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 241.728383][ T9399] Call Trace: [ 241.728402][ T9399] [ 241.728410][ T9399] dump_stack_lvl+0x16c/0x1f0 [ 241.728434][ T9399] should_fail_ex+0x497/0x5b0 [ 241.728466][ T9399] _copy_from_user+0x30/0xf0 [ 241.728484][ T9399] get_compat_msghdr+0xa8/0x170 [ 241.728502][ T9399] ? __pfx_get_compat_msghdr+0x10/0x10 [ 241.728520][ T9399] ? kfree+0x245/0x3b0 [ 241.728533][ T9399] ? find_held_lock+0x2d/0x110 [ 241.728551][ T9399] ___sys_recvmsg+0x193/0x1a0 [ 241.728571][ T9399] ? __pfx____sys_recvmsg+0x10/0x10 [ 241.728599][ T9399] ? __pfx___might_resched+0x10/0x10 [ 241.728620][ T9399] ? __fget_light+0x173/0x210 [ 241.728645][ T9399] do_recvmmsg+0x51a/0x750 [ 241.728665][ T9399] ? __pfx_do_recvmmsg+0x10/0x10 [ 241.728680][ T9399] ? __pfx_lock_release+0x10/0x10 [ 241.728701][ T9399] ? vfs_write+0x14d/0x1140 [ 241.728740][ T9399] __sys_recvmmsg+0x21e/0x280 [ 241.785872][ T9399] ? __pfx___sys_recvmmsg+0x10/0x10 [ 241.785903][ T9399] ? __pfx_ksys_write+0x10/0x10 [ 241.785933][ T9399] __ia32_compat_sys_recvmmsg_time32+0xc4/0x160 [ 241.785953][ T9399] ? lockdep_hardirqs_on+0x7c/0x110 [ 241.785977][ T9399] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 241.786001][ T9399] __do_fast_syscall_32+0x73/0x120 [ 241.786028][ T9399] do_fast_syscall_32+0x32/0x80 [ 241.786053][ T9399] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 241.786076][ T9399] RIP: 0023:0xf7f7f579 [ 241.786093][ T9399] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 241.786108][ T9399] RSP: 002b:00000000f571557c EFLAGS: 00000292 ORIG_RAX: 0000000000000151 [ 241.786125][ T9399] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200066c0 [ 241.786136][ T9399] RDX: 0000000000000a0d RSI: 0000000000000000 RDI: 0000000000000000 [ 241.786147][ T9399] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 241.786157][ T9399] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 241.786167][ T9399] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 241.786191][ T9399] [ 242.494015][ T9413] netlink: 'syz.0.1111': attribute type 20 has an invalid length. [ 242.915970][ T9422] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 243.127764][ T9427] FAULT_INJECTION: forcing a failure. [ 243.127764][ T9427] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 243.137823][ T9427] CPU: 2 UID: 0 PID: 9427 Comm: syz.3.1114 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 243.143340][ T9427] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 243.148791][ T9427] Call Trace: [ 243.150244][ T9427] [ 243.151540][ T9427] dump_stack_lvl+0x16c/0x1f0 [ 243.153612][ T9427] should_fail_ex+0x497/0x5b0 [ 243.155846][ T9427] _copy_to_user+0x30/0xc0 [ 243.157926][ T9427] simple_read_from_buffer+0xd0/0x160 [ 243.160307][ T9427] proc_fail_nth_read+0x1b0/0x290 [ 243.162525][ T9427] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 243.165267][ T9427] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 243.167782][ T9427] vfs_read+0x1d4/0xbd0 [ 243.169588][ T9427] ? __fdget_pos+0xeb/0x180 [ 243.171794][ T9427] ? __pfx_vfs_read+0x10/0x10 [ 243.174108][ T9427] ? __pfx___mutex_lock+0x10/0x10 [ 243.176400][ T9427] ? __fget_files+0x256/0x400 [ 243.178478][ T9427] ksys_read+0x12f/0x260 [ 243.180411][ T9427] ? __pfx_ksys_read+0x10/0x10 [ 243.182944][ T9427] __do_fast_syscall_32+0x73/0x120 [ 243.185293][ T9427] do_fast_syscall_32+0x32/0x80 [ 243.187444][ T9427] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 243.190132][ T9427] RIP: 0023:0xf7f1f579 [ 243.191937][ T9427] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 243.201383][ T9427] RSP: 002b:00000000f56d65b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 243.205198][ T9427] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f56d6630 [ 243.209101][ T9427] RDX: 000000000000000f RSI: 00000000f73acff4 RDI: 0000000000000000 [ 243.212657][ T9427] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000 [ 243.216237][ T9427] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 243.219623][ T9427] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 243.223627][ T9427] [ 243.703916][ T35] usb 7-1: new high-speed USB device number 12 using dummy_hcd [ 243.895861][ T35] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 243.901256][ T35] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 243.906282][ T35] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 243.910661][ T35] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 243.915473][ T9441] batadv_slave_0: entered promiscuous mode [ 243.927860][ T9436] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 243.934571][ T35] usb 7-1: Quirk or no altset; falling back to MIDI 1.0 [ 244.016311][ T9440] batadv_slave_0: left promiscuous mode [ 244.140556][ T56] usb 7-1: USB disconnect, device number 12 [ 244.361432][ T9455] __nla_validate_parse: 2 callbacks suppressed [ 244.361449][ T9455] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1124'. [ 244.388534][ T9455] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 244.399001][ T9456] 9pnet_fd: Insufficient options for proto=fd [ 244.403292][ T9455] dvmrp1: entered allmulticast mode [ 244.411738][ T9455] dvmrp1: left allmulticast mode [ 244.464925][ T9457] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1124'. [ 244.611324][ T9444] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1121'. [ 245.054591][ T9462] syzkaller0: entered allmulticast mode [ 245.100972][ T9462] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue [ 245.127858][ T9462] syzkaller0: entered promiscuous mode [ 246.027927][ T9476] overlay: Unknown parameter 'obj_role' [ 246.212712][ T9483] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1132'. [ 246.413679][ T56] usb 7-1: new high-speed USB device number 13 using dummy_hcd [ 246.627214][ T56] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 246.631867][ T56] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 246.643685][ T56] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 246.647379][ T56] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 246.652676][ T9482] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 246.683837][ T56] usb 7-1: Quirk or no altset; falling back to MIDI 1.0 [ 246.925679][ T5373] usb 7-1: USB disconnect, device number 13 [ 247.732044][ T9495] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1135'. [ 248.032988][ T9480] netlink: 'syz.1.1132': attribute type 10 has an invalid length. [ 248.037251][ T9480] netlink: 2 bytes leftover after parsing attributes in process `syz.1.1132'. [ 248.444213][ T9503] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1138'. [ 248.464492][ T9503] block nbd0: not configured, cannot reconfigure [ 248.569871][ T9510] netlink: 'syz.3.1140': attribute type 10 has an invalid length. [ 248.573174][ T9510] netlink: 2 bytes leftover after parsing attributes in process `syz.3.1140'. [ 248.593677][ T9510] bond0: entered promiscuous mode [ 248.595986][ T9510] bridge0: port 1(bond0) entered blocking state [ 248.602168][ T9510] bridge0: port 1(bond0) entered disabled state [ 248.605334][ T9510] bond0: entered allmulticast mode [ 248.656673][ T9510] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1140'. [ 248.827388][ T9521] syzkaller0: entered allmulticast mode [ 248.848884][ T9521] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue [ 248.862743][ T9521] syzkaller0: entered promiscuous mode [ 248.933728][ T56] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 249.115903][ T56] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 249.120914][ T56] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 249.133098][ T56] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 249.141261][ T56] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 249.162485][ T9517] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 249.174177][ T56] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 249.397518][ T56] usb 6-1: USB disconnect, device number 8 [ 249.698495][ T9526] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1147'. [ 250.320687][ T9532] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1149'. [ 251.308319][ T9541] syzkaller0: entered promiscuous mode [ 251.311082][ T9541] syzkaller0: entered allmulticast mode [ 251.506214][ T9543] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1153'. [ 251.544484][ T9535] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1150'. [ 251.573151][ T9545] netlink: 'syz.1.1154': attribute type 10 has an invalid length. [ 251.576623][ T9545] netlink: 2 bytes leftover after parsing attributes in process `syz.1.1154'. [ 251.596369][ T9545] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1154'. [ 252.592652][ T9565] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1157'. [ 253.012328][ T9554] slcan: can't register candev [ 253.014625][ T9554] Falling back ldisc for ttyprintk. [ 253.772384][ T9564] netlink: 'syz.1.1157': attribute type 10 has an invalid length. [ 253.776074][ T9564] netlink: 2 bytes leftover after parsing attributes in process `syz.1.1157'. [ 253.794725][ T9580] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue [ 253.810421][ T9580] syzkaller0: entered promiscuous mode [ 253.813372][ T9580] syzkaller0: entered allmulticast mode [ 253.915152][ T9589] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1162'. [ 255.478175][ T9616] bond0: (slave bond_slave_0): Releasing backup interface [ 255.482681][ T9616] bond_slave_0: left promiscuous mode [ 255.485570][ T9616] bond_slave_0: left allmulticast mode [ 256.013608][ T1417] usb 7-1: new high-speed USB device number 14 using dummy_hcd [ 256.218982][ T1417] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 256.233627][ T1417] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 256.239068][ T1417] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 256.244116][ T1417] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 256.255764][ T9632] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 256.267999][ T1417] usb 7-1: Quirk or no altset; falling back to MIDI 1.0 [ 256.472696][ T1417] usb 7-1: USB disconnect, device number 14 [ 256.485718][ T8] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 256.680191][ T9645] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1175'. [ 256.766050][ T8] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 256.772111][ T8] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 256.796591][ T8] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 256.802333][ T8] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 256.823322][ T8] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 256.831748][ T8] usb 6-1: config 0 descriptor?? [ 257.926292][ T9656] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 258.140707][ T9678] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 258.293808][ T5373] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 258.489699][ T8] usbhid 6-1:0.0: can't add hid device: -71 [ 258.501516][ T8] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 258.520763][ T8] usb 6-1: USB disconnect, device number 9 [ 258.533024][ T5373] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 258.553748][ T5373] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 258.558588][ T5373] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 258.562554][ T5373] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 258.589829][ T9675] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 258.596281][ T5373] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 258.671707][ T9694] netlink: 'syz.1.1189': attribute type 10 has an invalid length. [ 258.674831][ T9694] netlink: 2 bytes leftover after parsing attributes in process `syz.1.1189'. [ 258.689044][ T9694] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1189'. [ 258.808172][ T35] usb 5-1: USB disconnect, device number 13 [ 258.925405][ T9701] can0: slcan on ttyprintk. [ 259.600913][ T9719] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 260.155396][ T9698] can0 (unregistered): slcan off ttyprintk. [ 260.681306][ T9754] netlink: 'syz.2.1203': attribute type 10 has an invalid length. [ 260.684994][ T9754] netlink: 2 bytes leftover after parsing attributes in process `syz.2.1203'. [ 260.703922][ T9756] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1204'. [ 260.706761][ T9754] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1203'. [ 260.803618][ T5376] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 260.883625][ T1292] usb 8-1: new high-speed USB device number 12 using dummy_hcd [ 260.992076][ T1376] ieee802154 phy0 wpan0: encryption failed: -22 [ 260.995569][ T1376] ieee802154 phy1 wpan1: encryption failed: -22 [ 261.010802][ T5376] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 261.025817][ T5376] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 261.030738][ T5376] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 261.036004][ T5376] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 261.042174][ T9743] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 261.049374][ T5376] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 261.089967][ T1292] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 261.102585][ T1292] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 261.117120][ T1292] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 261.133204][ T1292] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 261.141350][ T1292] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 261.152970][ T1292] usb 8-1: config 0 descriptor?? [ 261.255984][ T5376] usb 5-1: USB disconnect, device number 14 [ 261.490249][ T9769] libceph: resolve '. [ 261.490249][ T9769] #)|.زf͹Dza×ïÅ2sˆoÖw¿úÕ?£'Ê%ÐKAq‰f»CÖê¨Âz¿e­Sb3L)Hyúo¤¶ÿÿÿÿÿÿÿ÷ǤÜYšM¤¨ìó¤h‡E$ [ 261.490249][ T9769] ' (ret=-3): failed [ 261.647612][ T9775] autofs: Unknown parameter 'ÁÊ£‘Œµü}ééñCCª!}[Ð^: [ 261.647612][ T9775] )­Pm°üØ×gIXÒ(.À|i:Ð' [ 261.685774][ T9776] can0: slcan on ttyprintk. [ 262.331232][ T1292] usbhid 8-1:0.0: can't add hid device: -71 [ 262.335015][ T1292] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 262.342528][ T1292] usb 8-1: USB disconnect, device number 12 [ 262.557122][ T9771] can0 (unregistered): slcan off ttyprintk. [ 263.206809][ T9813] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 263.317737][ T9825] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117 [ 263.321857][ T9825] PKCS7: Only support pkcs7_signedData type [ 263.546167][ T9834] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1218'. [ 264.050870][ T9842] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1220'. [ 264.198757][ T13] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 264.342690][ T13] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 264.459690][ T13] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 264.596128][ T5335] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 264.602779][ T5335] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 264.613855][ T5335] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 264.627355][ T5335] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 264.629385][ T13] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 264.636133][ T5335] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 264.640528][ T5335] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 264.655993][ T66] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 264.664384][ T66] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 264.676449][ T66] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 264.685562][ T66] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 264.690004][ T66] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 264.701111][ T66] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 264.851789][ T13] bond0: left allmulticast mode [ 264.857262][ T13] bond_slave_1: left allmulticast mode [ 264.861361][ T13] bridge0: port 3(bond0) entered disabled state [ 264.866689][ T13] bridge_slave_1: left allmulticast mode [ 264.869098][ T13] bridge_slave_1: left promiscuous mode [ 264.871603][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 264.879575][ T13] bridge_slave_0: left allmulticast mode [ 264.882317][ T13] bridge_slave_0: left promiscuous mode [ 264.887095][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 265.298110][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 265.303056][ T13] bond_slave_1: left promiscuous mode [ 265.325623][ T13] bond0 (unregistering): Released all slaves [ 265.521256][ T9853] chnl_net:caif_netlink_parms(): no params data found [ 265.739334][ T9853] bridge0: port 1(bridge_slave_0) entered blocking state [ 265.749716][ T9853] bridge0: port 1(bridge_slave_0) entered disabled state [ 265.753866][ T9853] bridge_slave_0: entered allmulticast mode [ 265.757792][ T9853] bridge_slave_0: entered promiscuous mode [ 265.783615][ T13] hsr_slave_0: left promiscuous mode [ 265.786757][ T13] hsr_slave_1: left promiscuous mode [ 265.789735][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 265.792465][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 265.797348][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 265.800136][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 265.839989][ T13] veth1_macvtap: left promiscuous mode [ 265.841940][ T13] veth0_macvtap: left promiscuous mode [ 265.845319][ T13] veth1_vlan: left promiscuous mode [ 265.847475][ T13] veth0_vlan: left promiscuous mode [ 266.129953][ T9884] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3) [ 266.132634][ T9884] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 266.164085][ T9884] vhci_hcd vhci_hcd.0: Device attached [ 266.383558][ T1292] vhci_hcd: vhci_device speed not set [ 266.453670][ T1292] usb 15-1: new full-speed USB device number 2 using vhci_hcd [ 266.759844][ T66] Bluetooth: hci1: command tx timeout [ 267.104238][ T13] team0 (unregistering): Port device team_slave_1 removed [ 267.213722][ T13] team0 (unregistering): Port device team_slave_0 removed [ 267.282741][ T9885] vhci_hcd: connection reset by peer [ 267.286645][ T40] vhci_hcd: stop threads [ 267.288669][ T40] vhci_hcd: release socket [ 267.290995][ T40] vhci_hcd: disconnect device [ 267.891355][ T9853] bridge0: port 2(bridge_slave_1) entered blocking state [ 267.897313][ T9853] bridge0: port 2(bridge_slave_1) entered disabled state [ 267.900635][ T9853] bridge_slave_1: entered allmulticast mode [ 267.905034][ T9853] bridge_slave_1: entered promiscuous mode [ 267.924457][ T9889] netlink: 'syz.2.1231': attribute type 20 has an invalid length. [ 268.012606][ T9853] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 268.020710][ T9853] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 268.096919][ T9853] team0: Port device team_slave_0 added [ 268.106594][ T9853] team0: Port device team_slave_1 added [ 268.177416][ T9853] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 268.180415][ T9853] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 268.192502][ T9853] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 268.202552][ T9853] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 268.205810][ T9853] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 268.216049][ T9853] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 268.287032][ T9853] hsr_slave_0: entered promiscuous mode [ 268.298184][ T9853] hsr_slave_1: entered promiscuous mode [ 268.670408][ T13] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 268.778750][ T5335] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 268.786278][ T5335] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 268.790353][ T5335] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 268.795742][ T5335] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 268.801909][ T5335] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 268.813283][ T5335] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 268.823732][ T66] Bluetooth: hci1: command tx timeout [ 268.831229][ T13] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 268.950115][ T13] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 269.081993][ T13] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 269.255527][ T9853] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 269.296784][ T9853] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 269.311860][ T9853] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 269.324320][ T9853] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 269.339065][ T9920] chnl_net:caif_netlink_parms(): no params data found [ 269.478899][ T13] bond0: left allmulticast mode [ 269.481425][ T13] bridge0: port 1(bond0) entered disabled state [ 269.921576][ T13] bond0 (unregistering): Released all slaves [ 270.166314][ T9920] bridge0: port 1(bridge_slave_0) entered blocking state [ 270.174905][ T9920] bridge0: port 1(bridge_slave_0) entered disabled state [ 270.178147][ T9920] bridge_slave_0: entered allmulticast mode [ 270.182317][ T9920] bridge_slave_0: entered promiscuous mode [ 270.191385][ T9920] bridge0: port 2(bridge_slave_1) entered blocking state [ 270.198988][ T9920] bridge0: port 2(bridge_slave_1) entered disabled state [ 270.203382][ T9920] bridge_slave_1: entered allmulticast mode [ 270.218184][ T9920] bridge_slave_1: entered promiscuous mode [ 270.448781][ T9920] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 270.456156][ T9920] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 270.468421][ T13] hsr_slave_0: left promiscuous mode [ 270.478899][ T13] hsr_slave_1: left promiscuous mode [ 270.525732][ T13] veth1_macvtap: left promiscuous mode [ 270.528524][ T13] veth0_macvtap: left promiscuous mode [ 270.531165][ T13] veth1_vlan: left promiscuous mode [ 270.533802][ T13] veth0_vlan: left promiscuous mode [ 270.905144][ T66] Bluetooth: hci2: command tx timeout [ 270.905153][ T5335] Bluetooth: hci1: command tx timeout [ 271.553826][ T1292] vhci_hcd: vhci_device speed not set [ 271.746472][ T9953] tls_set_device_offload: netdev not found [ 272.789144][ T9920] team0: Port device team_slave_0 added [ 272.843182][ T9920] team0: Port device team_slave_1 added [ 272.947077][ T9965] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1250'. [ 272.998191][ T66] Bluetooth: hci1: command tx timeout [ 272.998693][ T5335] Bluetooth: hci2: command tx timeout [ 273.078898][ T9920] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 273.082522][ T9920] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 273.102484][ T9920] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 273.138650][ T9853] 8021q: adding VLAN 0 to HW filter on device bond0 [ 273.150524][ T9920] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 273.159379][ T9920] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 273.188305][ T9920] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 273.395155][ T9853] 8021q: adding VLAN 0 to HW filter on device team0 [ 273.403454][ T9920] hsr_slave_0: entered promiscuous mode [ 273.418779][ T9920] hsr_slave_1: entered promiscuous mode [ 273.422204][ T9920] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 273.429934][ T9920] Cannot create hsr debugfs directory [ 273.611537][ T6553] bridge0: port 1(bridge_slave_0) entered blocking state [ 273.614605][ T6553] bridge0: port 1(bridge_slave_0) entered forwarding state [ 273.786979][ T6553] bridge0: port 2(bridge_slave_1) entered blocking state [ 273.790076][ T6553] bridge0: port 2(bridge_slave_1) entered forwarding state [ 274.005962][ T9984] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1251'. [ 274.322661][ T9853] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 274.434575][ T9853] veth0_vlan: entered promiscuous mode [ 274.450711][ T9853] veth1_vlan: entered promiscuous mode [ 274.488235][ T9853] veth0_macvtap: entered promiscuous mode [ 274.506625][ T9853] veth1_macvtap: entered promiscuous mode [ 274.564282][ T9853] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 274.573800][ T9853] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 274.577871][ T9853] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 274.581895][ T9853] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 274.591810][ T9853] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 274.625246][ T9853] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 274.636666][ T9853] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 274.641297][ T9853] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 274.646786][ T9853] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 274.652755][ T9853] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 274.657150][ T9920] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 274.663671][ T9920] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 274.669745][ T9920] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 274.687357][ T9920] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 274.702986][ T9853] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 274.707847][ T9853] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 274.711698][ T9853] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 274.718067][ T9853] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 274.822420][ T83] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 274.829624][ T83] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 274.911272][ T40] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 274.914820][ T40] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 274.920828][ T9920] 8021q: adding VLAN 0 to HW filter on device bond0 [ 274.947807][ T9920] 8021q: adding VLAN 0 to HW filter on device team0 [ 274.958383][ T57] bridge0: port 1(bridge_slave_0) entered blocking state [ 274.961486][ T57] bridge0: port 1(bridge_slave_0) entered forwarding state [ 274.972504][ T1417] bridge0: port 2(bridge_slave_1) entered blocking state [ 274.975707][ T1417] bridge0: port 2(bridge_slave_1) entered forwarding state [ 274.982253][T10002] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1252'. [ 275.075174][ T5335] Bluetooth: hci2: command tx timeout [ 275.232822][ T9920] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 275.275200][ T9920] veth0_vlan: entered promiscuous mode [ 275.281469][ T9920] veth1_vlan: entered promiscuous mode [ 275.309095][ T9920] veth0_macvtap: entered promiscuous mode [ 275.316173][ T9920] veth1_macvtap: entered promiscuous mode [ 275.334492][ T9920] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 275.338573][ T9920] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 275.342237][ T9920] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 275.347424][ T9920] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 275.351841][ T9920] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 275.357964][ T9920] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 275.364866][ T9920] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 275.381957][T10016] can0: slcan on ttyprintk. [ 275.384185][ T9920] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 275.388199][ T9920] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 275.391824][ T9920] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 275.396582][ T9920] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 275.400484][ T9920] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 275.404507][ T9920] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 275.411550][ T9920] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 275.437497][ T9920] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 275.442292][ T9920] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 275.446828][ T9920] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 275.450385][ T9920] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 275.557145][ T40] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 275.560527][ T40] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 275.598168][ T83] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 275.601700][ T83] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 275.754409][T10027] FAULT_INJECTION: forcing a failure. [ 275.754409][T10027] name failslab, interval 1, probability 0, space 0, times 0 [ 275.763810][T10027] CPU: 1 UID: 0 PID: 10027 Comm: syz.3.1237 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 275.768439][T10027] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 275.773260][T10027] Call Trace: [ 275.774797][T10027] [ 275.776132][T10027] dump_stack_lvl+0x16c/0x1f0 [ 275.778071][T10027] should_fail_ex+0x497/0x5b0 [ 275.779957][T10027] ? fs_reclaim_acquire+0xae/0x160 [ 275.782044][T10027] should_failslab+0xc2/0x120 [ 275.783728][T10027] __kmalloc_cache_node_noprof+0x6e/0x360 [ 275.786194][T10027] ? __get_vm_area_node+0xe1/0x2d0 [ 275.788479][T10027] __get_vm_area_node+0xe1/0x2d0 [ 275.790743][T10027] __vmalloc_node_range_noprof+0x276/0x1520 [ 275.793365][T10027] ? bpf_check+0x1fa/0xb3f0 [ 275.795441][T10027] ? find_held_lock+0x2d/0x110 [ 275.797654][T10027] ? bpf_check+0x1fa/0xb3f0 [ 275.799545][T10027] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 275.802411][T10027] ? ___kmalloc_large_node+0x127/0x1a0 [ 275.805289][T10027] ? lockdep_hardirqs_on+0x7c/0x110 [ 275.808216][T10027] ? bpf_check+0x1fa/0xb3f0 [ 275.810448][T10027] vzalloc_noprof+0x6b/0x90 [ 275.812518][T10027] ? bpf_check+0x1fa/0xb3f0 [ 275.814720][T10027] bpf_check+0x1fa/0xb3f0 [ 275.816585][T10027] ? __pfx___lock_acquire+0x10/0x10 [ 275.818681][T10027] ? __pfx_bpf_check+0x10/0x10 [ 275.820847][T10027] ? ktime_get_with_offset+0x13a/0x240 [ 275.822787][T10027] ? __pfx_lock_release+0x10/0x10 [ 275.824693][T10027] ? find_held_lock+0x2d/0x110 [ 275.826765][T10027] ? timekeeping_debug_get_ns+0x3e0/0x5b0 [ 275.830063][T10027] ? lockdep_hardirqs_on+0x7c/0x110 [ 275.832413][T10027] ? read_tsc+0x9/0x20 [ 275.834171][T10027] ? timekeeping_debug_get_ns+0x334/0x5b0 [ 275.836613][T10027] ? bpf_obj_name_cpy+0x156/0x1b0 [ 275.838884][T10027] bpf_prog_load+0xe3f/0x2670 [ 275.840978][T10027] ? __pfx_bpf_prog_load+0x10/0x10 [ 275.843187][T10027] ? find_held_lock+0x2d/0x110 [ 275.846587][T10027] ? security_bpf+0x8c/0xc0 [ 275.849017][T10027] __sys_bpf+0x9e0/0x5600 [ 275.850931][T10027] ? __pfx___sys_bpf+0x10/0x10 [ 275.853047][T10027] ? ksys_write+0x12f/0x260 [ 275.855069][T10027] ? find_held_lock+0x2d/0x110 [ 275.857164][T10027] ? ksys_write+0x21c/0x260 [ 275.859218][T10027] ? __pfx_lock_release+0x10/0x10 [ 275.861427][T10027] ? vfs_write+0x14d/0x1140 [ 275.863469][T10027] ? __mutex_unlock_slowpath+0x164/0x650 [ 275.865972][T10027] ? fput+0x32/0x390 [ 275.867624][T10027] ? ksys_write+0x1ab/0x260 [ 275.869615][T10027] ? __pfx_ksys_write+0x10/0x10 [ 275.871461][T10027] __ia32_sys_bpf+0x76/0xe0 [ 275.873297][T10027] __do_fast_syscall_32+0x73/0x120 [ 275.875532][T10027] do_fast_syscall_32+0x32/0x80 [ 275.877699][T10027] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 275.880284][T10027] RIP: 0023:0xf7f11579 [ 275.881831][T10027] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 275.889927][T10027] RSP: 002b:00000000f56c657c EFLAGS: 00000292 ORIG_RAX: 0000000000000165 [ 275.893608][T10027] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000840 [ 275.896751][T10027] RDX: 0000000000000090 RSI: 0000000000000000 RDI: 0000000000000000 [ 275.899967][T10027] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 275.903131][T10027] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 275.906173][T10027] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 275.909385][T10027] [ 275.915057][T10027] syz.3.1237: vmalloc error: size 1080, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz3,mems_allowed=0-1 [ 275.942491][T10027] CPU: 0 UID: 0 PID: 10027 Comm: syz.3.1237 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 275.946397][T10027] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 275.950825][T10027] Call Trace: [ 275.952316][T10027] [ 275.953587][T10027] dump_stack_lvl+0x16c/0x1f0 [ 275.955329][T10027] warn_alloc+0x24d/0x3a0 [ 275.957086][T10027] ? __pfx_warn_alloc+0x10/0x10 [ 275.958754][T10027] ? fs_reclaim_acquire+0xae/0x160 [ 275.960908][T10027] ? trace_kmalloc+0x2d/0xe0 [ 275.962606][T10033] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1255'. [ 275.962959][T10027] ? __kasan_kmalloc+0x8a/0xb0 [ 275.968794][T10027] ? __get_vm_area_node+0x1bc/0x2d0 [ 275.971161][T10027] __vmalloc_node_range_noprof+0xc1e/0x1520 [ 275.973840][T10027] ? find_held_lock+0x2d/0x110 [ 275.975870][T10027] ? bpf_check+0x1fa/0xb3f0 [ 275.977606][T10027] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 275.979896][T10027] ? ___kmalloc_large_node+0x127/0x1a0 [ 275.981749][T10033] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 275.982198][T10027] ? lockdep_hardirqs_on+0x7c/0x110 [ 275.982230][T10027] ? bpf_check+0x1fa/0xb3f0 [ 275.987717][T10033] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1255'. [ 275.988585][T10027] vzalloc_noprof+0x6b/0x90 [ 275.988613][T10027] ? bpf_check+0x1fa/0xb3f0 [ 275.998326][T10027] bpf_check+0x1fa/0xb3f0 [ 276.000327][T10027] ? __pfx___lock_acquire+0x10/0x10 [ 276.002402][T10027] ? __pfx_bpf_check+0x10/0x10 [ 276.004035][T10027] ? ktime_get_with_offset+0x13a/0x240 [ 276.005888][T10027] ? __pfx_lock_release+0x10/0x10 [ 276.007703][T10027] ? find_held_lock+0x2d/0x110 [ 276.009563][T10027] ? timekeeping_debug_get_ns+0x3e0/0x5b0 [ 276.012392][T10027] ? lockdep_hardirqs_on+0x7c/0x110 [ 276.014705][T10027] ? read_tsc+0x9/0x20 [ 276.016525][T10027] ? timekeeping_debug_get_ns+0x334/0x5b0 [ 276.019213][T10027] ? bpf_obj_name_cpy+0x156/0x1b0 [ 276.021423][T10027] bpf_prog_load+0xe3f/0x2670 [ 276.023487][T10027] ? __pfx_bpf_prog_load+0x10/0x10 [ 276.025734][T10027] ? find_held_lock+0x2d/0x110 [ 276.027855][T10027] ? security_bpf+0x8c/0xc0 [ 276.029877][T10027] __sys_bpf+0x9e0/0x5600 [ 276.031805][T10027] ? __pfx___sys_bpf+0x10/0x10 [ 276.033953][T10027] ? ksys_write+0x12f/0x260 [ 276.035980][T10027] ? find_held_lock+0x2d/0x110 [ 276.038071][T10027] ? ksys_write+0x21c/0x260 [ 276.040084][T10027] ? __pfx_lock_release+0x10/0x10 [ 276.042390][T10027] ? vfs_write+0x14d/0x1140 [ 276.044394][T10027] ? __mutex_unlock_slowpath+0x164/0x650 [ 276.047017][T10027] ? fput+0x32/0x390 [ 276.048798][T10027] ? ksys_write+0x1ab/0x260 [ 276.050925][T10027] ? __pfx_ksys_write+0x10/0x10 [ 276.053083][T10027] __ia32_sys_bpf+0x76/0xe0 [ 276.055100][T10027] __do_fast_syscall_32+0x73/0x120 [ 276.057348][T10027] do_fast_syscall_32+0x32/0x80 [ 276.059480][T10027] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 276.062220][T10027] RIP: 0023:0xf7f11579 [ 276.063833][T10027] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 276.071295][T10027] RSP: 002b:00000000f56c657c EFLAGS: 00000292 ORIG_RAX: 0000000000000165 [ 276.074806][T10027] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000840 [ 276.078252][T10027] RDX: 0000000000000090 RSI: 0000000000000000 RDI: 0000000000000000 [ 276.081717][T10027] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 276.085155][T10027] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 276.088329][T10027] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 276.091477][T10027] [ 276.092627][ C0] vkms_vblank_simulate: vblank timer overrun [ 276.116329][T10035] syzkaller0: entered allmulticast mode [ 276.129250][T10035] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue [ 276.142240][T10035] syzkaller0: entered promiscuous mode [ 276.158825][T10027] Mem-Info: [ 276.163963][T10027] active_anon:3915 inactive_anon:932 isolated_anon:0 [ 276.163963][T10027] active_file:15438 inactive_file:725 isolated_file:0 [ 276.163963][T10027] unevictable:768 dirty:389 writeback:0 [ 276.163963][T10027] slab_reclaimable:4747 slab_unreclaimable:52060 [ 276.163963][T10027] mapped:17263 shmem:805 pagetables:768 [ 276.163963][T10027] sec_pagetables:331 bounce:0 [ 276.163963][T10027] kernel_misc_reclaimable:0 [ 276.163963][T10027] free:143721 free_pcp:996 free_cma:0 [ 276.213708][T10027] Node 0 active_anon:492kB inactive_anon:3272kB active_file:152kB inactive_file:704kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:8268kB dirty:372kB writeback:0kB shmem:6124kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10468kB pagetables:2280kB sec_pagetables:1280kB all_unreclaimable? no [ 276.233591][T10027] Node 1 active_anon:15136kB inactive_anon:572kB active_file:61372kB inactive_file:2424kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:60784kB dirty:1184kB writeback:0kB shmem:0kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:980kB pagetables:792kB sec_pagetables:44kB all_unreclaimable? no [ 276.270455][ C0] vkms_vblank_simulate: vblank timer overrun [ 276.283991][T10027] Node 0 DMA free:888kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB active_anon:32kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:84kB local_pcp:16kB free_cma:0kB [ 276.323057][T10027] lowmem_reserve[]: 0 369 0 0 0 [ 276.333275][T10027] Node 0 DMA32 free:27236kB boost:0kB min:18816kB low:23520kB high:28224kB reserved_highatomic:4096KB active_anon:2944kB inactive_anon:980kB active_file:384kB inactive_file:472kB unevictable:1536kB writepending:372kB present:1032192kB managed:405708kB mlocked:0kB bounce:0kB free_pcp:1752kB local_pcp:596kB free_cma:0kB [ 276.349818][T10027] lowmem_reserve[]: 0 0 0 0 0 [ 276.352110][T10027] Node 1 DMA32 free:545212kB boost:0kB min:47052kB low:58812kB high:70572kB reserved_highatomic:0KB active_anon:15336kB inactive_anon:572kB active_file:61372kB inactive_file:2424kB unevictable:1536kB writepending:1184kB present:1048436kB managed:946208kB mlocked:0kB bounce:0kB free_pcp:3180kB local_pcp:232kB free_cma:0kB [ 276.378787][T10014] can0 (unregistered): slcan off ttyprintk. [ 276.384714][T10027] lowmem_reserve[]: 0 0 0 0 0 [ 276.386894][T10027] Node 0 DMA: 30*4kB (U) 21*8kB (U) 10*16kB (U) 18*32kB (U) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 1024kB [ 276.424041][T10027] Node 0 DMA32: 137*4kB (UMEH) 83*8kB (UMEH) 39*16kB (UMEH) 173*32kB (UMEH) 63*64kB (UME) 23*128kB (ME) 4*256kB (ME) 3*512kB (M) 2*1024kB (M) 2*2048kB (UM) 1*4096kB (M) = 27148kB [ 276.443562][T10027] Node 1 DMA32: 3*4kB (UME) 260*8kB (ME) 454*16kB (UME) 351*32kB (UME) 229*64kB (ME) 48*128kB (UME) 51*256kB (UM) 33*512kB (UM) 35*1024kB (UM) 15*2048kB (UME) 99*4096kB (UM) = 543404kB [ 276.457620][T10027] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 276.461960][T10027] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 276.473389][T10027] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 276.477930][T10027] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 276.481976][T10027] 17804 total pagecache pages [ 276.490612][T10027] 836 pages in swap cache [ 276.492724][T10027] Free swap = 109180kB [ 276.500325][T10027] Total swap = 124996kB [ 276.501871][T10027] 524155 pages RAM [ 276.503357][T10027] 0 pages HighMem/MovableOnly [ 276.506602][T10027] 182336 pages reserved [ 276.508230][T10027] 0 pages cma reserved [ 276.763360][T10048] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1258'. [ 277.153888][ T5335] Bluetooth: hci2: command tx timeout [ 279.226505][T10045] netlink: 'syz.3.1258': attribute type 10 has an invalid length. [ 279.230181][T10045] netlink: 2 bytes leftover after parsing attributes in process `syz.3.1258'. [ 279.234515][T10045] bond0: entered promiscuous mode [ 279.236301][T10045] bond_slave_0: entered promiscuous mode [ 279.238784][T10045] bond_slave_1: entered promiscuous mode [ 279.241262][T10045] bridge0: port 3(bond0) entered blocking state [ 279.244970][T10045] bridge0: port 3(bond0) entered disabled state [ 279.247574][T10045] bond0: entered allmulticast mode [ 279.249926][T10045] bond_slave_0: entered allmulticast mode [ 279.252320][T10045] bond_slave_1: entered allmulticast mode [ 279.257263][T10045] bridge0: port 3(bond0) entered blocking state [ 279.259627][T10045] bridge0: port 3(bond0) entered forwarding state [ 279.453775][T10054] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue [ 279.474002][T10054] syzkaller0: entered promiscuous mode [ 279.476683][T10054] syzkaller0: entered allmulticast mode [ 281.550922][T10087] FAULT_INJECTION: forcing a failure. [ 281.550922][T10087] name failslab, interval 1, probability 0, space 0, times 0 [ 281.558199][T10087] CPU: 2 UID: 0 PID: 10087 Comm: syz.0.1270 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 281.562660][T10087] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 281.569138][T10087] Call Trace: [ 281.570594][T10087] [ 281.571947][T10087] dump_stack_lvl+0x16c/0x1f0 [ 281.574036][T10087] should_fail_ex+0x497/0x5b0 [ 281.576137][T10087] ? fs_reclaim_acquire+0xae/0x160 [ 281.582184][T10087] should_failslab+0xc2/0x120 [ 281.584211][T10087] __kmalloc_noprof+0xcb/0x410 [ 281.586071][T10087] ? rhashtable_init_noprof+0x57f/0x7d0 [ 281.593464][T10087] nft_trans_alloc_gfp+0x26/0x2e0 [ 281.595355][T10087] nf_tables_newtable+0x139b/0x1b20 [ 281.597518][T10087] ? net_generic+0xea/0x2a0 [ 281.599425][T10087] ? __pfx_nf_tables_newtable+0x10/0x10 [ 281.601783][T10087] ? __nla_parse+0x40/0x60 [ 281.603828][T10087] nfnetlink_rcv_batch+0x1a19/0x24e0 [ 281.606177][T10087] ? __pfx_nfnetlink_rcv_batch+0x10/0x10 [ 281.608667][T10087] ? __pfx_lock_release+0x10/0x10 [ 281.610920][T10087] ? __local_bh_enable_ip+0xa4/0x120 [ 281.612930][T10087] ? lockdep_hardirqs_on+0x7c/0x110 [ 281.615011][T10087] ? __pfx___dev_queue_xmit+0x10/0x10 [ 281.617307][T10087] ? bpf_lsm_capable+0x9/0x10 [ 281.619388][T10087] ? __nla_parse+0x40/0x60 [ 281.621338][T10087] nfnetlink_rcv+0x3c3/0x430 [ 281.623329][T10087] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 281.625535][T10087] netlink_unicast+0x544/0x830 [ 281.627656][T10087] ? __pfx_netlink_unicast+0x10/0x10 [ 281.629981][T10087] ? __phys_addr_symbol+0x30/0x80 [ 281.632025][T10087] ? __check_object_size+0x497/0x720 [ 281.634152][T10087] netlink_sendmsg+0x8b8/0xd70 [ 281.636039][T10087] ? __pfx_netlink_sendmsg+0x10/0x10 [ 281.638339][T10087] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 281.640418][T10087] ____sys_sendmsg+0x9b4/0xb50 [ 281.642339][T10087] ? __pfx_____sys_sendmsg+0x10/0x10 [ 281.644652][T10087] ? get_compat_msghdr+0x11b/0x170 [ 281.646970][T10087] ? __pfx___lock_acquire+0x10/0x10 [ 281.649283][T10087] ___sys_sendmsg+0x135/0x1e0 [ 281.651373][T10087] ? __pfx____sys_sendmsg+0x10/0x10 [ 281.653662][T10087] ? ksys_write+0x21c/0x260 [ 281.655725][T10087] ? __fget_light+0x173/0x210 [ 281.657777][T10087] __sys_sendmsg+0x117/0x1f0 [ 281.659878][T10087] ? __pfx___sys_sendmsg+0x10/0x10 [ 281.662126][T10087] __do_fast_syscall_32+0x73/0x120 [ 281.664284][T10087] do_fast_syscall_32+0x32/0x80 [ 281.666181][T10087] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 281.668919][T10087] RIP: 0023:0xf73ce579 [ 281.670511][T10087] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 281.678455][T10087] RSP: 002b:00000000f56e657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 281.682101][T10087] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 281.685556][T10087] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 281.688837][T10087] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 281.692149][T10087] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 281.695618][T10087] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 281.699115][T10087] [ 282.452864][T10112] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22 [ 282.472573][T10112] netdevsim netdevsim1: Direct firmware load for . failed with error -22 [ 282.475987][T10112] netdevsim netdevsim1: Falling back to sysfs fallback for: . [ 282.727941][T10124] FAULT_INJECTION: forcing a failure. [ 282.727941][T10124] name failslab, interval 1, probability 0, space 0, times 0 [ 282.733086][T10124] CPU: 2 UID: 0 PID: 10124 Comm: syz.2.1283 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 282.737629][T10124] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 282.742112][T10124] Call Trace: [ 282.743504][T10124] [ 282.744725][T10124] dump_stack_lvl+0x16c/0x1f0 [ 282.746732][T10124] should_fail_ex+0x497/0x5b0 [ 282.748984][T10124] ? fs_reclaim_acquire+0xae/0x160 [ 282.751214][T10124] should_failslab+0xc2/0x120 [ 282.753507][T10124] __kmalloc_node_noprof+0xd1/0x440 [ 282.755738][T10124] ? crypto_alloc_tfmmem.isra.0+0x38/0x110 [ 282.758332][T10124] ? __pfx_crypto_alg_extsize+0x10/0x10 [ 282.760789][T10124] crypto_alloc_tfmmem.isra.0+0x38/0x110 [ 282.763082][T10124] crypto_create_tfm_node+0x83/0x320 [ 282.765308][T10124] crypto_alloc_tfm_node+0x102/0x260 [ 282.767705][T10124] ? crypto_dh_encode_key+0x4a6/0x560 [ 282.769643][T10124] __keyctl_dh_compute+0x45b/0xf50 [ 282.771404][T10124] ? __pfx___lock_acquire+0x10/0x10 [ 282.773614][T10124] ? __pfx_lock_release+0x10/0x10 [ 282.775802][T10124] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 282.778106][T10124] ? __pfx___keyctl_dh_compute+0x10/0x10 [ 282.780476][T10124] ? __pfx_lock_release+0x10/0x10 [ 282.782577][T10124] compat_keyctl_dh_compute+0x161/0x1d0 [ 282.785231][T10124] ? __pfx_compat_keyctl_dh_compute+0x10/0x10 [ 282.788243][T10124] ? ksys_write+0x1ab/0x260 [ 282.790352][T10124] ? __pfx_ksys_write+0x10/0x10 [ 282.792631][T10124] __do_compat_sys_keyctl+0x27b/0x440 [ 282.794862][T10124] __do_fast_syscall_32+0x73/0x120 [ 282.796911][T10124] do_fast_syscall_32+0x32/0x80 [ 282.798843][T10124] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 282.801105][T10124] RIP: 0023:0xf73be579 [ 282.802712][T10124] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 282.810072][T10124] RSP: 002b:00000000f56d657c EFLAGS: 00000292 ORIG_RAX: 0000000000000120 [ 282.813821][T10124] RAX: ffffffffffffffda RBX: 0000000000000017 RCX: 0000000020001800 [ 282.817063][T10124] RDX: 0000000020001840 RSI: 0000000000000034 RDI: 0000000020001900 [ 282.820479][T10124] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 282.823908][T10124] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 282.827408][T10124] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 282.830921][T10124] [ 282.973852][T10136] syzkaller0: entered allmulticast mode [ 282.988409][T10136] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue [ 283.002681][T10136] syzkaller0: entered promiscuous mode [ 284.903475][T10147] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22 [ 284.907585][T10147] netdevsim netdevsim1: Direct firmware load for . failed with error -22 [ 284.911234][T10147] netdevsim netdevsim1: Falling back to sysfs fallback for: . [ 285.713744][T10189] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 286.521112][T10225] VFS: could not find a valid V7 on nullb0. [ 288.341480][T10231] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1317'. [ 288.346992][T10232] netlink: 'syz.3.1317': attribute type 17 has an invalid length. [ 288.350922][T10232] netlink: 152 bytes leftover after parsing attributes in process `syz.3.1317'. [ 288.364743][T10236] syzkaller0: entered promiscuous mode [ 288.367162][T10236] syzkaller0: entered allmulticast mode [ 288.666857][T10264] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1325'. [ 288.871749][ T66] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 288.882843][ T66] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 288.890078][ T66] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 288.894587][ T66] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 288.898150][ T66] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 288.901612][ T66] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 289.143264][T10274] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1329'. [ 289.160782][T10274] netlink: 'syz.0.1329': attribute type 17 has an invalid length. [ 289.164748][T10274] netlink: 152 bytes leftover after parsing attributes in process `syz.0.1329'. [ 289.200785][T10266] chnl_net:caif_netlink_parms(): no params data found [ 289.386302][T10266] bridge0: port 1(bridge_slave_0) entered blocking state [ 289.389984][T10266] bridge0: port 1(bridge_slave_0) entered disabled state [ 289.394003][T10266] bridge_slave_0: entered allmulticast mode [ 289.402328][T10266] bridge_slave_0: entered promiscuous mode [ 289.414141][T10266] bridge0: port 2(bridge_slave_1) entered blocking state [ 289.417487][T10266] bridge0: port 2(bridge_slave_1) entered disabled state [ 289.421615][T10266] bridge_slave_1: entered allmulticast mode [ 289.432557][T10266] bridge_slave_1: entered promiscuous mode [ 289.436733][T10289] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1331'. [ 289.468621][T10289] Êü: entered promiscuous mode [ 289.643686][T10295] usb usb5: usbfs: process 10295 (syz.3.1334) did not claim interface 0 before use [ 289.720513][T10266] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 289.738734][T10266] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 289.854960][T10266] team0: Port device team_slave_0 added [ 289.865117][T10266] team0: Port device team_slave_1 added [ 290.032216][T10266] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 290.036685][T10266] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 290.048036][T10266] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 290.058274][T10266] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 290.061416][T10266] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 290.073168][T10266] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 290.191764][T10303] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1336'. [ 290.303298][T10266] hsr_slave_0: entered promiscuous mode [ 290.308035][T10266] hsr_slave_1: entered promiscuous mode [ 290.312036][T10266] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 290.316546][T10266] Cannot create hsr debugfs directory [ 290.512576][ T13] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 290.679760][ T13] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 290.841694][ T13] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 290.986461][ T66] Bluetooth: hci4: command tx timeout [ 291.035461][ T13] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 291.345587][T10325] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1341'. [ 291.352203][ T13] bond0: left allmulticast mode [ 291.360540][ T13] bond_slave_0: left allmulticast mode [ 291.365515][ T13] bond_slave_1: left allmulticast mode [ 291.373087][ T13] bridge0: port 3(bond0) entered disabled state [ 291.383337][ T13] bridge_slave_1: left allmulticast mode [ 291.393718][ T13] bridge_slave_1: left promiscuous mode [ 291.397576][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 291.424674][ T13] bridge_slave_0: left allmulticast mode [ 291.437484][ T13] bridge_slave_0: left promiscuous mode [ 291.439843][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 291.996561][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 292.000940][ T13] bond_slave_0: left promiscuous mode [ 292.008138][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 292.012661][ T13] bond_slave_1: left promiscuous mode [ 292.018067][ T13] bond0 (unregistering): Released all slaves [ 292.027537][ T13] bond1 (unregistering): Released all slaves [ 292.169492][ T13] tipc: Disabling bearer [ 292.172786][ T13] tipc: Left network mode [ 292.205658][T10336] usb usb5: usbfs: process 10336 (syz.0.1342) did not claim interface 0 before use [ 292.357009][ T13] IPVS: stopping backup sync thread 5964 ... [ 292.599257][T10266] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 292.611812][T10266] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 292.620121][T10266] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 292.642411][ T13] hsr_slave_0: left promiscuous mode [ 292.648470][ T13] hsr_slave_1: left promiscuous mode [ 292.654324][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 292.657552][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 292.661243][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 292.665306][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 292.707378][T10356] FAULT_INJECTION: forcing a failure. [ 292.707378][T10356] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 292.713357][T10356] CPU: 0 UID: 0 PID: 10356 Comm: syz.0.1344 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 292.714187][ T13] veth1_macvtap: left promiscuous mode [ 292.718328][T10356] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 292.720979][ T13] veth0_macvtap: left promiscuous mode [ 292.725548][T10356] Call Trace: [ 292.725558][T10356] [ 292.725567][T10356] dump_stack_lvl+0x16c/0x1f0 [ 292.725596][T10356] should_fail_ex+0x497/0x5b0 [ 292.725619][T10356] _copy_to_user+0x30/0xc0 [ 292.725639][T10356] simple_read_from_buffer+0xd0/0x160 [ 292.729738][ T13] veth1_vlan: left promiscuous mode [ 292.730377][T10356] proc_fail_nth_read+0x1b0/0x290 [ 292.731841][ T13] veth0_vlan: left promiscuous mode [ 292.733770][T10356] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 292.733805][T10356] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 292.733831][T10356] vfs_read+0x1d4/0xbd0 [ 292.752747][T10356] ? __fdget_pos+0xeb/0x180 [ 292.754600][T10356] ? __pfx_vfs_read+0x10/0x10 [ 292.756573][T10356] ? __pfx___mutex_lock+0x10/0x10 [ 292.758685][T10356] ? __fget_files+0x256/0x400 [ 292.760486][T10356] ksys_read+0x12f/0x260 [ 292.762185][T10356] ? __pfx_ksys_read+0x10/0x10 [ 292.764234][T10356] __do_fast_syscall_32+0x73/0x120 [ 292.766441][T10356] do_fast_syscall_32+0x32/0x80 [ 292.768689][T10356] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 292.771401][T10356] RIP: 0023:0xf73ce579 [ 292.772839][T10356] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 292.780031][T10356] RSP: 002b:00000000f56a45b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 292.783076][T10356] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f56a4630 [ 292.786438][T10356] RDX: 000000000000000f RSI: 00000000f73bcff4 RDI: 0000000000000000 [ 292.789909][T10356] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 292.793005][T10356] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 292.795735][T10356] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 292.798461][T10356] [ 293.039856][ T25] hid-generic 0000:0000:0000.0005: unexpected long global item [ 293.044036][ T25] hid-generic 0000:0000:0000.0005: probe with driver hid-generic failed with error -22 [ 293.073884][ T66] Bluetooth: hci4: command tx timeout [ 293.348240][ T13] team0 (unregistering): Port device virt_wifi0 removed [ 293.795455][T10368] input: syz1 as /devices/virtual/input/input19 [ 293.822890][T10368] FAULT_INJECTION: forcing a failure. [ 293.822890][T10368] name failslab, interval 1, probability 0, space 0, times 0 [ 293.837359][T10368] CPU: 3 UID: 0 PID: 10368 Comm: syz.1.1349 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 293.843354][T10368] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 293.848496][T10368] Call Trace: [ 293.850260][T10368] [ 293.851613][T10368] dump_stack_lvl+0x16c/0x1f0 [ 293.853707][T10368] should_fail_ex+0x497/0x5b0 [ 293.855823][T10368] ? fs_reclaim_acquire+0xae/0x160 [ 293.858115][T10368] should_failslab+0xc2/0x120 [ 293.860291][T10368] __kmalloc_node_track_caller_noprof+0xcf/0x440 [ 293.863107][T10368] ? __pfx_mark_lock+0x10/0x10 [ 293.865229][T10368] ? kasprintf+0xc8/0x100 [ 293.867246][T10368] kvasprintf+0xbd/0x160 [ 293.869132][T10368] ? __pfx_kvasprintf+0x10/0x10 [ 293.871286][T10368] ? kernfs_put.part.0+0x176/0x3a0 [ 293.873626][T10368] ? hlock_class+0x4e/0x130 [ 293.875977][T10368] ? __lock_acquire+0x1620/0x3cb0 [ 293.878239][T10368] kasprintf+0xc8/0x100 [ 293.880198][T10368] ? __pfx_kasprintf+0x10/0x10 [ 293.882303][T10368] ? __pfx___lock_acquire+0x10/0x10 [ 293.884578][T10368] ? __pfx_input_devnode+0x10/0x10 [ 293.886875][T10368] device_get_devnode+0x163/0x2c0 [ 293.889066][T10368] devtmpfs_delete_node+0xc6/0x160 [ 293.891316][T10368] ? __pfx_devtmpfs_delete_node+0x10/0x10 [ 293.893800][T10368] ? find_held_lock+0x2d/0x110 [ 293.895924][T10368] ? kobject_put+0xbe/0x5b0 [ 293.897938][T10368] ? __pfx_klist_children_put+0x10/0x10 [ 293.900407][T10368] ? klist_children_put+0x44/0x60 [ 293.902695][T10368] ? klist_put+0x113/0x1d0 [ 293.904667][T10368] device_del+0x735/0x9f0 [ 293.906603][T10368] ? __pfx_device_del+0x10/0x10 [ 293.908710][T10368] ? kfree+0x12a/0x3b0 [ 293.910698][T10368] ? kfree_const+0x55/0x60 [ 293.912667][T10368] cdev_device_del+0x1d/0x110 [ 293.914641][T10368] evdev_disconnect+0x40/0xb0 [ 293.916582][T10368] __input_unregister_device+0x1d5/0x450 [ 293.918933][T10368] input_unregister_device+0xb9/0x100 [ 293.920920][T10368] uinput_destroy_device+0x1f4/0x260 [ 293.922875][T10368] uinput_ioctl_handler.isra.0+0x888/0x1d70 [ 293.925391][T10368] ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10 [ 293.928154][T10368] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 293.930735][T10368] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 293.933225][T10368] ? __pfx_uinput_compat_ioctl+0x10/0x10 [ 293.935621][T10368] __do_compat_sys_ioctl+0x2c3/0x330 [ 293.937678][T10368] __do_fast_syscall_32+0x73/0x120 [ 293.939437][T10368] do_fast_syscall_32+0x32/0x80 [ 293.941484][T10368] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 293.944138][T10368] RIP: 0023:0xf7f57579 [ 293.945871][T10368] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 293.953666][T10368] RSP: 002b:00000000f570657c EFLAGS: 00000292 ORIG_RAX: 0000000000000036 [ 293.957254][T10368] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000005502 [ 293.960517][T10368] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 293.963553][T10368] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 293.966579][T10368] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 293.969363][T10368] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 293.973197][T10368] [ 293.974417][ C3] vkms_vblank_simulate: vblank timer overrun [ 294.238182][ T13] team0 (unregistering): Port device team_slave_1 removed [ 294.260642][T10372] usb usb5: usbfs: process 10372 (syz.1.1351) did not claim interface 0 before use [ 294.362377][ T13] team0 (unregistering): Port device team_slave_0 removed [ 295.144166][ T66] Bluetooth: hci4: command tx timeout [ 295.218615][T10266] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 295.231914][T10363] FAULT_INJECTION: forcing a failure. [ 295.231914][T10363] name failslab, interval 1, probability 0, space 0, times 0 [ 295.237673][T10363] CPU: 1 UID: 0 PID: 10363 Comm: syz.3.1347 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 295.242239][T10363] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 295.246754][T10363] Call Trace: [ 295.248235][T10363] [ 295.249556][T10363] dump_stack_lvl+0x16c/0x1f0 [ 295.252159][T10363] should_fail_ex+0x497/0x5b0 [ 295.254227][T10363] ? fs_reclaim_acquire+0xae/0x160 [ 295.256428][T10363] should_failslab+0xc2/0x120 [ 295.258467][T10363] __kmalloc_cache_noprof+0x6b/0x310 [ 295.260736][T10363] ? rtnl_newlink+0x49/0xa0 [ 295.262759][T10363] rtnl_newlink+0x49/0xa0 [ 295.264551][T10363] ? __pfx_rtnl_newlink+0x10/0x10 [ 295.266575][T10363] rtnetlink_rcv_msg+0x3c7/0xea0 [ 295.268726][T10363] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 295.271194][T10363] ? __pfx___dev_queue_xmit+0x10/0x10 [ 295.273580][T10363] netlink_rcv_skb+0x165/0x410 [ 295.275396][T10363] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 295.277440][T10363] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 295.279549][T10363] ? netlink_deliver_tap+0x1ae/0xcf0 [ 295.281988][T10363] netlink_unicast+0x544/0x830 [ 295.284082][T10363] ? __pfx_netlink_unicast+0x10/0x10 [ 295.286402][T10363] ? __phys_addr_symbol+0x30/0x80 [ 295.288611][T10363] ? __check_object_size+0x497/0x720 [ 295.290955][T10363] netlink_sendmsg+0x8b8/0xd70 [ 295.293075][T10363] ? __pfx_netlink_sendmsg+0x10/0x10 [ 295.295219][T10363] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 295.297473][T10363] ____sys_sendmsg+0x9b4/0xb50 [ 295.299554][T10363] ? __pfx_____sys_sendmsg+0x10/0x10 [ 295.301804][T10363] ? get_compat_msghdr+0x11b/0x170 [ 295.303912][T10363] ? __pfx___lock_acquire+0x10/0x10 [ 295.305997][T10363] ___sys_sendmsg+0x135/0x1e0 [ 295.308108][T10363] ? __pfx____sys_sendmsg+0x10/0x10 [ 295.310354][T10363] ? ksys_write+0x21c/0x260 [ 295.312218][T10363] ? __fget_light+0x173/0x210 [ 295.314224][T10363] __sys_sendmsg+0x117/0x1f0 [ 295.316254][T10363] ? __pfx___sys_sendmsg+0x10/0x10 [ 295.318511][T10363] __do_fast_syscall_32+0x73/0x120 [ 295.320722][T10363] do_fast_syscall_32+0x32/0x80 [ 295.322971][T10363] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 295.325646][T10363] RIP: 0023:0xf7f11579 [ 295.327444][T10363] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 295.335643][T10363] RSP: 002b:00000000f56c657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 295.339273][T10363] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000280 [ 295.342735][T10363] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 295.346127][T10363] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 295.349558][T10363] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 295.352605][T10363] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 295.355642][T10363] [ 295.455547][T10266] 8021q: adding VLAN 0 to HW filter on device bond0 [ 295.479722][T10266] 8021q: adding VLAN 0 to HW filter on device team0 [ 295.491527][ T25] bridge0: port 1(bridge_slave_0) entered blocking state [ 295.495082][ T25] bridge0: port 1(bridge_slave_0) entered forwarding state [ 295.515287][ T25] bridge0: port 2(bridge_slave_1) entered blocking state [ 295.518412][ T25] bridge0: port 2(bridge_slave_1) entered forwarding state [ 295.785866][T10266] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 295.861809][T10266] veth0_vlan: entered promiscuous mode [ 295.874039][T10266] veth1_vlan: entered promiscuous mode [ 295.878847][ T13] IPVS: stop unused estimator thread 0... [ 295.900355][T10266] veth0_macvtap: entered promiscuous mode [ 295.907040][T10266] veth1_macvtap: entered promiscuous mode [ 295.931967][T10266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 295.941614][T10266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 295.949183][T10266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 295.953852][T10266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 295.958501][T10266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 295.962791][T10266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 295.979019][T10266] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 295.986167][T10266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 295.990646][T10266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 295.995139][T10266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 296.000096][T10266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 296.005738][T10266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 296.011690][T10266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 296.016392][ T1163] usb 8-1: new high-speed USB device number 13 using dummy_hcd [ 296.021388][T10266] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 296.035114][T10266] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 296.039238][T10266] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 296.043149][T10266] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 296.047549][T10266] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 296.112862][ T1101] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 296.121080][ T1101] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 296.123407][T10449] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1369'. [ 296.130415][T10449] netlink: 'syz.0.1369': attribute type 3 has an invalid length. [ 296.148385][ T1101] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 296.151800][ T1101] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 296.195480][ T1163] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 296.200223][ T1163] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 296.212845][ T1163] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 296.217642][ T1163] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 296.225333][T10416] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 296.231844][ T1163] usb 8-1: Quirk or no altset; falling back to MIDI 1.0 [ 296.245634][T10462] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1372'. [ 296.292071][T10464] FAULT_INJECTION: forcing a failure. [ 296.292071][T10464] name failslab, interval 1, probability 0, space 0, times 0 [ 296.297119][T10464] CPU: 3 UID: 0 PID: 10464 Comm: syz.0.1373 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 296.301147][T10464] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 296.305392][T10464] Call Trace: [ 296.306914][T10464] [ 296.308155][T10464] dump_stack_lvl+0x16c/0x1f0 [ 296.310333][T10464] should_fail_ex+0x497/0x5b0 [ 296.312355][T10464] ? fs_reclaim_acquire+0xae/0x160 [ 296.314472][T10464] should_failslab+0xc2/0x120 [ 296.316185][T10464] kmem_cache_alloc_node_noprof+0x71/0x310 [ 296.319060][T10464] ? __alloc_skb+0x2b3/0x380 [ 296.321390][T10464] __alloc_skb+0x2b3/0x380 [ 296.323682][T10464] ? __pfx___alloc_skb+0x10/0x10 [ 296.326772][T10464] ? __pfx___might_resched+0x10/0x10 [ 296.329975][T10464] netlink_alloc_large_skb+0x69/0x130 [ 296.332411][T10464] netlink_sendmsg+0x689/0xd70 [ 296.334510][T10464] ? __pfx_netlink_sendmsg+0x10/0x10 [ 296.337008][T10464] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 296.340263][T10464] ____sys_sendmsg+0x9b4/0xb50 [ 296.342438][T10464] ? __pfx_____sys_sendmsg+0x10/0x10 [ 296.345595][T10464] ? get_compat_msghdr+0x11b/0x170 [ 296.350660][T10464] ? __pfx___lock_acquire+0x10/0x10 [ 296.354029][T10464] ___sys_sendmsg+0x135/0x1e0 [ 296.356555][T10464] ? __pfx____sys_sendmsg+0x10/0x10 [ 296.359135][T10464] ? ksys_write+0x21c/0x260 [ 296.361601][T10464] ? __fget_light+0x173/0x210 [ 296.363755][T10464] __sys_sendmsg+0x117/0x1f0 [ 296.365561][T10464] ? __pfx___sys_sendmsg+0x10/0x10 [ 296.367575][T10464] __do_fast_syscall_32+0x73/0x120 [ 296.369567][T10464] do_fast_syscall_32+0x32/0x80 [ 296.371474][T10464] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 296.373892][T10464] RIP: 0023:0xf73ce579 [ 296.375773][T10464] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 296.386983][T10464] RSP: 002b:00000000f56e657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 296.390679][T10464] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000180 [ 296.394701][T10464] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 296.398391][T10464] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 296.401921][T10464] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 296.405388][T10464] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 296.409114][T10464] [ 296.467805][ T1163] usb 8-1: USB disconnect, device number 13 [ 296.545920][T10467] trusted_key: syz.0.1374 sent an empty control message without MSG_MORE. [ 297.030446][T10490] netlink: 9412 bytes leftover after parsing attributes in process `syz.3.1381'. [ 297.159566][T10492] netlink: 'syz.0.1382': attribute type 10 has an invalid length. [ 297.163070][T10492] netlink: 2 bytes leftover after parsing attributes in process `syz.0.1382'. [ 297.190104][T10492] bond0: entered promiscuous mode [ 297.192338][T10492] bond_slave_0: entered promiscuous mode [ 297.202325][T10492] bond_slave_1: entered promiscuous mode [ 297.205624][T10492] bridge0: port 3(bond0) entered blocking state [ 297.209967][T10492] bridge0: port 3(bond0) entered disabled state [ 297.213169][T10492] bond0: entered allmulticast mode [ 297.217579][T10492] bond_slave_0: entered allmulticast mode [ 297.220090][T10492] bond_slave_1: entered allmulticast mode [ 297.224514][ T66] Bluetooth: hci4: command tx timeout [ 297.230173][T10492] bridge0: port 3(bond0) entered blocking state [ 297.233180][T10492] bridge0: port 3(bond0) entered forwarding state [ 297.234835][T10494] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1382'. [ 297.271959][T10495] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1383'. [ 297.533840][ T25] usb 7-1: new high-speed USB device number 15 using dummy_hcd [ 297.739109][ T25] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 297.759190][ T25] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 297.764763][ T25] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 297.769004][ T25] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 297.778964][T10498] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 297.787374][ T25] usb 7-1: Quirk or no altset; falling back to MIDI 1.0 [ 297.792141][T10501] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1385'. [ 298.034185][ T57] usb 7-1: USB disconnect, device number 15 [ 298.705373][T10521] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1391'. [ 299.843623][ T25] usb 7-1: new high-speed USB device number 16 using dummy_hcd [ 300.035859][ T25] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 300.041063][ T25] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 300.045604][ T25] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 300.049970][ T25] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 300.062480][T10538] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 300.072103][ T25] usb 7-1: Quirk or no altset; falling back to MIDI 1.0 [ 300.274915][ T56] usb 7-1: USB disconnect, device number 16 [ 300.458650][ T39] kauditd_printk_skb: 64 callbacks suppressed [ 300.458666][ T39] audit: type=1326 audit(1722463228.078:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10552 comm="syz.0.1401" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf73ce579 code=0x0 [ 301.016114][T10562] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1403'. [ 301.029021][T10562] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1403'. [ 301.169455][T10566] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1404'. [ 301.479711][T10576] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1407'. [ 301.544548][ C0] vkms_vblank_simulate: vblank timer overrun [ 301.581906][ C0] vkms_vblank_simulate: vblank timer overrun [ 302.200480][T10583] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 302.216793][T10583] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 302.272305][T10549] syzkaller0: entered promiscuous mode [ 302.274817][T10549] syzkaller0: entered allmulticast mode [ 303.224554][T10592] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1412'. [ 303.228648][T10592] FAULT_INJECTION: forcing a failure. [ 303.228648][T10592] name failslab, interval 1, probability 0, space 0, times 0 [ 303.235081][T10592] CPU: 1 UID: 0 PID: 10592 Comm: syz.3.1412 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 303.239224][T10592] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 303.243520][T10592] Call Trace: [ 303.245002][T10592] [ 303.246075][T10592] dump_stack_lvl+0x16c/0x1f0 [ 303.247963][T10592] should_fail_ex+0x497/0x5b0 [ 303.249930][T10592] ? fs_reclaim_acquire+0xae/0x160 [ 303.252106][T10592] should_failslab+0xc2/0x120 [ 303.254191][T10592] kmem_cache_alloc_node_noprof+0x71/0x310 [ 303.256918][T10592] ? __alloc_skb+0x2b3/0x380 [ 303.259074][T10592] __alloc_skb+0x2b3/0x380 [ 303.261022][T10592] ? __pfx___alloc_skb+0x10/0x10 [ 303.262906][T10592] ? genl_rcv_msg+0x520/0x800 [ 303.264797][T10592] ? genl_rcv_msg+0x4bd/0x800 [ 303.266773][T10592] netlink_ack+0x164/0xb20 [ 303.268582][T10592] netlink_rcv_skb+0x327/0x410 [ 303.270506][T10592] ? __pfx_genl_rcv_msg+0x10/0x10 [ 303.272657][T10592] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 303.274933][T10592] ? down_read+0xc9/0x330 [ 303.276790][T10592] ? __pfx_down_read+0x10/0x10 [ 303.278605][T10592] ? netlink_deliver_tap+0x1ae/0xcf0 [ 303.280441][T10592] genl_rcv+0x28/0x40 [ 303.281896][T10592] netlink_unicast+0x544/0x830 [ 303.283917][T10592] ? __pfx_netlink_unicast+0x10/0x10 [ 303.286203][T10592] ? __phys_addr_symbol+0x30/0x80 [ 303.288088][T10592] ? __check_object_size+0x497/0x720 [ 303.290071][T10592] netlink_sendmsg+0x8b8/0xd70 [ 303.291969][T10592] ? __pfx_netlink_sendmsg+0x10/0x10 [ 303.294176][T10592] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 303.296308][T10592] ____sys_sendmsg+0x9b4/0xb50 [ 303.298353][T10592] ? __pfx_____sys_sendmsg+0x10/0x10 [ 303.300402][T10592] ? get_compat_msghdr+0x11b/0x170 [ 303.302202][T10592] ? __pfx___lock_acquire+0x10/0x10 [ 303.304172][T10592] ___sys_sendmsg+0x135/0x1e0 [ 303.306206][T10592] ? __pfx____sys_sendmsg+0x10/0x10 [ 303.308544][T10592] ? ksys_write+0x21c/0x260 [ 303.310599][T10592] ? __fget_light+0x173/0x210 [ 303.312370][T10592] __sys_sendmsg+0x117/0x1f0 [ 303.314168][T10592] ? __pfx___sys_sendmsg+0x10/0x10 [ 303.316144][T10592] __do_fast_syscall_32+0x73/0x120 [ 303.317929][T10592] do_fast_syscall_32+0x32/0x80 [ 303.319751][T10592] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 303.322159][T10592] RIP: 0023:0xf7f11579 [ 303.323724][T10592] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 303.331969][T10592] RSP: 002b:00000000f56c657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 303.335549][T10592] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000100 [ 303.338981][T10592] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 303.342312][T10592] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 303.345315][T10592] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 303.348675][T10592] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 303.352147][T10592] [ 303.643038][T10604] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1416'. [ 304.733918][T10628] openvswitch: netlink: Missing key (keys=40, expected=200000) [ 304.737187][T10628] FAULT_INJECTION: forcing a failure. [ 304.737187][T10628] name failslab, interval 1, probability 0, space 0, times 0 [ 304.742845][T10628] CPU: 3 UID: 0 PID: 10628 Comm: syz.1.1423 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 304.747343][T10628] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 304.751869][T10628] Call Trace: [ 304.753298][T10628] [ 304.754732][T10628] dump_stack_lvl+0x16c/0x1f0 [ 304.756797][T10628] should_fail_ex+0x497/0x5b0 [ 304.758731][T10628] should_failslab+0xc2/0x120 [ 304.760669][T10628] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 304.762739][T10628] ? skb_clone+0x190/0x3f0 [ 304.764725][T10628] skb_clone+0x190/0x3f0 [ 304.766548][T10628] netlink_deliver_tap+0xb26/0xcf0 [ 304.768763][T10628] netlink_unicast+0x6c2/0x830 [ 304.770859][T10628] ? __pfx_netlink_unicast+0x10/0x10 [ 304.773048][T10628] ? genl_rcv_msg+0x4bd/0x800 [ 304.774847][T10628] netlink_ack+0x6a5/0xb20 [ 304.776524][T10628] netlink_rcv_skb+0x327/0x410 [ 304.778156][T10628] ? __pfx_genl_rcv_msg+0x10/0x10 [ 304.780001][T10628] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 304.781711][T10628] ? down_read+0xc9/0x330 [ 304.783468][T10628] ? __pfx_down_read+0x10/0x10 [ 304.785456][T10628] ? netlink_deliver_tap+0x1ae/0xcf0 [ 304.787741][T10628] genl_rcv+0x28/0x40 [ 304.789373][T10628] netlink_unicast+0x544/0x830 [ 304.791303][T10628] ? __pfx_netlink_unicast+0x10/0x10 [ 304.793415][T10628] ? __phys_addr_symbol+0x30/0x80 [ 304.795051][T10628] ? __check_object_size+0x497/0x720 [ 304.797213][T10628] netlink_sendmsg+0x8b8/0xd70 [ 304.799055][T10628] ? __pfx_netlink_sendmsg+0x10/0x10 [ 304.801401][T10628] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 304.803762][T10628] ____sys_sendmsg+0x9b4/0xb50 [ 304.805959][T10628] ? __pfx_____sys_sendmsg+0x10/0x10 [ 304.808575][T10628] ? get_compat_msghdr+0x11b/0x170 [ 304.810764][T10628] ? __pfx___lock_acquire+0x10/0x10 [ 304.813036][T10628] ___sys_sendmsg+0x135/0x1e0 [ 304.815178][T10628] ? __pfx____sys_sendmsg+0x10/0x10 [ 304.817513][T10628] ? ksys_write+0x21c/0x260 [ 304.819387][T10628] ? __fget_light+0x173/0x210 [ 304.821242][T10628] __sys_sendmsg+0x117/0x1f0 [ 304.823210][T10628] ? __pfx___sys_sendmsg+0x10/0x10 [ 304.825885][T10628] __do_fast_syscall_32+0x73/0x120 [ 304.828463][T10628] do_fast_syscall_32+0x32/0x80 [ 304.830568][T10628] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 304.833295][T10628] RIP: 0023:0xf7f57579 [ 304.835102][T10628] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 304.843305][T10628] RSP: 002b:00000000f570657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 304.847191][T10628] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000100 [ 304.850583][T10628] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 304.854636][T10628] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 304.857950][T10628] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 304.861333][T10628] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 304.864644][T10628] [ 305.696249][T10645] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1428'. [ 306.286408][T10655] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1433'. [ 306.308690][T10659] tipc: Started in network mode [ 306.310995][T10659] tipc: Node identity e27bf964aa54, cluster identity 4711 [ 306.314348][T10659] tipc: Enabled bearer , priority 0 [ 306.377887][T10659] syzkaller0: entered promiscuous mode [ 306.380561][T10659] syzkaller0: entered allmulticast mode [ 306.384953][T10659] tipc: Resetting bearer [ 306.408189][T10659] syz.0.1434[10659] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 306.408332][T10659] syz.0.1434[10659] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 306.428724][T10658] tipc: Resetting bearer [ 307.417146][ T5397] tipc: Node number set to 1211103588 [ 308.395183][T10658] tipc: Disabling bearer [ 308.463931][ T57] usb 8-1: new high-speed USB device number 14 using dummy_hcd [ 308.485883][T10696] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1444'. [ 308.497401][T10697] FAULT_INJECTION: forcing a failure. [ 308.497401][T10697] name failslab, interval 1, probability 0, space 0, times 0 [ 308.504551][T10697] CPU: 1 UID: 0 PID: 10697 Comm: syz.2.1443 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 308.507829][T10697] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 308.511309][T10697] Call Trace: [ 308.512541][T10697] [ 308.513661][T10697] dump_stack_lvl+0x16c/0x1f0 [ 308.515407][T10697] should_fail_ex+0x497/0x5b0 [ 308.517202][T10697] ? fs_reclaim_acquire+0xae/0x160 [ 308.519250][T10697] should_failslab+0xc2/0x120 [ 308.521018][T10697] kmem_cache_alloc_lru_noprof+0x72/0x2f0 [ 308.523544][T10697] ? hugetlbfs_alloc_inode+0x8c/0x1d0 [ 308.525706][T10697] hugetlbfs_alloc_inode+0x8c/0x1d0 [ 308.527781][T10697] ? __pfx_hugetlbfs_alloc_inode+0x10/0x10 [ 308.530124][T10697] alloc_inode+0x5d/0x230 [ 308.531719][T10697] new_inode+0x22/0x210 [ 308.533339][T10697] hugetlbfs_get_inode+0x2d5/0x540 [ 308.535366][T10697] hugetlb_file_setup+0x15b/0x620 [ 308.537327][T10697] ksys_mmap_pgoff+0x189/0x5d0 [ 308.539177][T10697] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 308.541242][T10697] __do_fast_syscall_32+0x73/0x120 [ 308.543350][T10697] do_fast_syscall_32+0x32/0x80 [ 308.545458][T10697] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 308.548187][T10697] RIP: 0023:0xf744e579 [ 308.549655][T10697] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 308.557103][T10697] RSP: 002b:00000000f574557c EFLAGS: 00000292 ORIG_RAX: 00000000000000c0 [ 308.560727][T10697] RAX: ffffffffffffffda RBX: 0000000020ffc000 RCX: 0000000000002000 [ 308.564097][T10697] RDX: 0000000000000004 RSI: 000000005465c2b2 RDI: 00000000ffffffff [ 308.567559][T10697] RBP: 0000000000001000 R08: 0000000000000000 R09: 0000000000000000 [ 308.571791][T10697] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 308.575478][T10697] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 308.579242][T10697] [ 308.583844][T10697] xt_hashlimit: size too large, truncated to 1048576 [ 308.592928][T10697] xt_hashlimit: overflow, try lower: 0/0 [ 308.641534][ T39] audit: type=1326 audit(1722463236.258:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10701 comm="syz.0.1446" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 308.649135][T10702] 9pnet_fd: Insufficient options for proto=fd [ 308.651897][ T39] audit: type=1326 audit(1722463236.258:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10701 comm="syz.0.1446" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 308.686641][ T39] audit: type=1326 audit(1722463236.268:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10701 comm="syz.0.1446" exe="/syz-executor" sig=0 arch=40000003 syscall=296 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 308.695878][ T39] audit: type=1326 audit(1722463236.268:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10701 comm="syz.0.1446" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 308.722529][ T39] audit: type=1326 audit(1722463236.268:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10701 comm="syz.0.1446" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 308.723239][ T57] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 308.735393][ T39] audit: type=1326 audit(1722463236.268:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10701 comm="syz.0.1446" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 308.735443][ T39] audit: type=1326 audit(1722463236.268:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10701 comm="syz.0.1446" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 308.735484][ T39] audit: type=1326 audit(1722463236.268:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10701 comm="syz.0.1446" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 308.735526][ T39] audit: type=1326 audit(1722463236.288:394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10701 comm="syz.0.1446" exe="/syz-executor" sig=0 arch=40000003 syscall=448 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 308.735568][ T39] audit: type=1326 audit(1722463236.288:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10701 comm="syz.0.1446" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 308.799320][ T57] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 308.803785][ T57] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 308.807778][ T57] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 308.816411][T10692] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 308.823244][ T57] usb 8-1: Quirk or no altset; falling back to MIDI 1.0 [ 309.033733][ T25] usb 8-1: USB disconnect, device number 14 [ 309.276846][T10714] FAULT_INJECTION: forcing a failure. [ 309.276846][T10714] name failslab, interval 1, probability 0, space 0, times 0 [ 309.282809][T10714] CPU: 2 UID: 0 PID: 10714 Comm: syz.3.1450 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 309.287054][T10714] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 309.291494][T10714] Call Trace: [ 309.292621][T10714] [ 309.293650][T10714] dump_stack_lvl+0x16c/0x1f0 [ 309.296247][T10714] should_fail_ex+0x497/0x5b0 [ 309.298226][T10714] should_failslab+0xc2/0x120 [ 309.300477][T10714] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 309.302884][T10714] ? __build_skb+0x3f/0x90 [ 309.304609][T10714] __build_skb+0x3f/0x90 [ 309.306476][T10714] netlink_alloc_large_skb+0xb5/0x130 [ 309.308921][T10714] netlink_sendmsg+0x689/0xd70 [ 309.311119][T10714] ? __pfx_netlink_sendmsg+0x10/0x10 [ 309.312914][T10714] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 309.315215][T10714] ____sys_sendmsg+0x9b4/0xb50 [ 309.317247][T10714] ? __pfx_____sys_sendmsg+0x10/0x10 [ 309.319471][T10714] ? get_compat_msghdr+0x11b/0x170 [ 309.321890][T10714] ? __pfx___lock_acquire+0x10/0x10 [ 309.325463][T10714] ___sys_sendmsg+0x135/0x1e0 [ 309.327366][T10714] ? __pfx____sys_sendmsg+0x10/0x10 [ 309.329389][T10714] ? ksys_write+0x21c/0x260 [ 309.331105][T10714] ? __fget_light+0x173/0x210 [ 309.332936][T10714] __sys_sendmsg+0x117/0x1f0 [ 309.334883][T10714] ? __pfx___sys_sendmsg+0x10/0x10 [ 309.337029][T10714] __do_fast_syscall_32+0x73/0x120 [ 309.339235][T10714] do_fast_syscall_32+0x32/0x80 [ 309.341007][T10714] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 309.343701][T10714] RIP: 0023:0xf7f11579 [ 309.345674][T10714] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 309.354665][T10714] RSP: 002b:00000000f56c657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 309.357927][T10714] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000040 [ 309.360980][T10714] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 309.364225][T10714] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 309.367177][T10714] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 309.370839][T10714] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 309.374487][T10714] [ 309.707702][T10723] netlink: 'syz.1.1454': attribute type 10 has an invalid length. [ 309.711997][T10723] netlink: 2 bytes leftover after parsing attributes in process `syz.1.1454'. [ 309.754438][T10723] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1454'. [ 310.502665][T10736] xt_hashlimit: size too large, truncated to 1048576 [ 310.505978][T10736] xt_hashlimit: overflow, try lower: 0/0 [ 310.640682][T10744] FAULT_INJECTION: forcing a failure. [ 310.640682][T10744] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 310.650330][T10744] CPU: 2 UID: 0 PID: 10744 Comm: syz.2.1462 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 310.656145][T10744] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 310.661018][T10744] Call Trace: [ 310.662509][T10744] [ 310.663725][T10744] dump_stack_lvl+0x16c/0x1f0 [ 310.665567][T10744] should_fail_ex+0x497/0x5b0 [ 310.667379][T10744] _copy_from_user+0x30/0xf0 [ 310.669167][T10744] generic_map_update_batch+0x391/0x5f0 [ 310.671592][T10744] ? __pfx_generic_map_update_batch+0x10/0x10 [ 310.674363][T10744] ? __pfx_generic_map_update_batch+0x10/0x10 [ 310.677047][T10744] bpf_map_do_batch+0x615/0x6e0 [ 310.679334][T10744] __sys_bpf+0x1fad/0x5600 [ 310.681306][T10744] ? __pfx___sys_bpf+0x10/0x10 [ 310.683370][T10744] ? ksys_write+0x12f/0x260 [ 310.685191][T10744] ? find_held_lock+0x2d/0x110 [ 310.687048][T10744] ? ksys_write+0x21c/0x260 [ 310.688759][T10744] ? __pfx_lock_release+0x10/0x10 [ 310.690681][T10744] ? vfs_write+0x14d/0x1140 [ 310.692462][T10744] ? __mutex_unlock_slowpath+0x164/0x650 [ 310.694733][T10744] ? fput+0x32/0x390 [ 310.696406][T10744] ? ksys_write+0x1ab/0x260 [ 310.698384][T10744] ? __pfx_ksys_write+0x10/0x10 [ 310.700411][T10744] __ia32_sys_bpf+0x76/0xe0 [ 310.702321][T10744] __do_fast_syscall_32+0x73/0x120 [ 310.704542][T10744] do_fast_syscall_32+0x32/0x80 [ 310.706693][T10744] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 310.709414][T10744] RIP: 0023:0xf744e579 [ 310.711201][T10744] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 310.719295][T10744] RSP: 002b:00000000f576657c EFLAGS: 00000292 ORIG_RAX: 0000000000000165 [ 310.722863][T10744] RAX: ffffffffffffffda RBX: 000000000000001a RCX: 0000000020000400 [ 310.726352][T10744] RDX: 0000000000000038 RSI: 0000000000000000 RDI: 0000000000000000 [ 310.729793][T10744] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 310.733037][T10744] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 310.735751][T10744] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 310.738507][T10744] [ 311.502948][T10765] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1468'. [ 311.582877][T10769] netlink: 'syz.1.1470': attribute type 10 has an invalid length. [ 311.586535][T10769] netlink: 2 bytes leftover after parsing attributes in process `syz.1.1470'. [ 311.621409][T10769] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1470'. [ 312.541226][T10778] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1473'. [ 312.606680][T10781] FAULT_INJECTION: forcing a failure. [ 312.606680][T10781] name failslab, interval 1, probability 0, space 0, times 0 [ 312.633584][T10781] CPU: 3 UID: 0 PID: 10781 Comm: syz.0.1473 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 312.639100][T10781] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 312.644889][T10781] Call Trace: [ 312.646417][T10781] [ 312.647837][T10781] dump_stack_lvl+0x16c/0x1f0 [ 312.650158][T10781] should_fail_ex+0x497/0x5b0 [ 312.652489][T10781] ? fs_reclaim_acquire+0xae/0x160 [ 312.655104][T10781] should_failslab+0xc2/0x120 [ 312.657615][T10781] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 312.660252][T10781] ? sk_prot_alloc+0x60/0x2a0 [ 312.662642][T10781] sk_prot_alloc+0x60/0x2a0 [ 312.664981][T10781] sk_alloc+0x36/0xb90 [ 312.666758][T10781] inet6_create+0x380/0x12e0 [ 312.668779][T10781] ? inet6_create+0x5d/0x12e0 [ 312.670856][T10781] __sock_create+0x32e/0x800 [ 312.673147][T10781] smc_create_clcsk+0x39/0x200 [ 312.675228][T10781] ? __pfx_smc_inet_init_sock+0x10/0x10 [ 312.677662][T10781] inet6_create+0xb53/0x12e0 [ 312.679695][T10781] ? inet6_create+0x5d/0x12e0 [ 312.681685][T10781] __sock_create+0x32e/0x800 [ 312.683741][T10781] __sys_socketpair+0x1d9/0x5a0 [ 312.685849][T10781] ? __pfx___sys_socketpair+0x10/0x10 [ 312.688486][T10781] ? fput+0x32/0x390 [ 312.690152][T10781] ? __pfx_ksys_write+0x10/0x10 [ 312.692323][T10781] __ia32_sys_socketpair+0x95/0x100 [ 312.694757][T10781] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 312.697832][T10781] __do_fast_syscall_32+0x73/0x120 [ 312.700141][T10781] do_fast_syscall_32+0x32/0x80 [ 312.702429][T10781] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 312.705180][T10781] RIP: 0023:0xf73ce579 [ 312.706991][T10781] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 312.714771][T10781] RSP: 002b:00000000f56c557c EFLAGS: 00000292 ORIG_RAX: 0000000000000168 [ 312.717893][T10781] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000000000001 [ 312.720887][T10781] RDX: 0000000000000100 RSI: 0000000020000080 RDI: 0000000000000000 [ 312.724404][T10781] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 312.727793][T10781] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 312.730992][T10781] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 312.734642][T10781] [ 312.759414][T10781] ------------[ cut here ]------------ [ 312.762003][T10781] refcount_t: underflow; use-after-free. [ 312.777161][T10781] WARNING: CPU: 2 PID: 10781 at lib/refcount.c:28 refcount_warn_saturate+0x14a/0x210 [ 312.781569][T10781] Modules linked in: [ 312.787064][T10781] CPU: 2 UID: 0 PID: 10781 Comm: syz.0.1473 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 312.791731][T10781] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 312.796119][T10781] RIP: 0010:refcount_warn_saturate+0x14a/0x210 [ 312.797166][T10783] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1475'. [ 312.798952][T10781] Code: ff 89 de e8 c8 54 0c fd 84 db 0f 85 66 ff ff ff e8 1b 5a 0c fd c6 05 93 1a 7b 0b 01 90 48 c7 c7 e0 e6 af 8b e8 c7 0a cf fc 90 <0f> 0b 90 90 e9 43 ff ff ff e8 f8 59 0c fd 0f b6 1d 6e 1a 7b 0b 31 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 312.798966][T10781] RSP: 0018:ffffc9002211fd10 EFLAGS: 00010286 [ 312.798976][T10781] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff814dc409 [ 312.798983][T10781] RDX: ffff8880209c4880 RSI: ffffffff814dc416 RDI: 0000000000000001 [ 312.798990][T10781] RBP: ffff888000cc8b80 R08: 0000000000000001 R09: 0000000000000000 [ 312.798996][T10781] R10: 0000000000000001 R11: 0000000000000000 R12: 00000000ffffffff [ 312.799003][T10781] R13: ffff888000cc8b80 R14: ffff888000cc8b13 R15: ffff888000cc8b0e [ 312.799010][T10781] FS: 0000000000000000(0000) GS:ffff88802c200000(0063) knlGS:00000000f56c5b40 [ 312.837686][T10781] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 312.840562][T10781] CR2: 00000000313e7ff8 CR3: 000000002185e000 CR4: 0000000000350ef0 [ 312.844309][T10781] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 312.847657][T10781] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 312.851185][T10781] Call Trace: [ 312.852720][T10781] [ 312.854227][T10781] ? show_regs+0x8c/0xa0 [ 312.856206][T10781] ? __warn+0xe5/0x3c0 [ 312.858099][T10781] ? refcount_warn_saturate+0x14a/0x210 [ 312.860653][T10781] ? report_bug+0x3c0/0x580 [ 312.862708][T10781] ? handle_bug+0x3d/0x70 [ 312.864924][T10781] ? exc_invalid_op+0x17/0x50 [ 312.867162][T10781] ? asm_exc_invalid_op+0x1a/0x20 [ 312.869544][T10781] ? __warn_printk+0x199/0x350 [ 312.871765][T10781] ? __warn_printk+0x1a6/0x350 [ 312.875242][T10781] ? refcount_warn_saturate+0x14a/0x210 [ 312.877674][T10781] sk_common_release+0x2ec/0x420 [ 312.880053][T10781] ? __pfx_smc_inet_init_sock+0x10/0x10 [ 312.882408][T10781] inet6_create+0xef5/0x12e0 [ 312.884473][T10781] ? inet6_create+0x5d/0x12e0 [ 312.888260][T10781] __sock_create+0x32e/0x800 [ 312.890411][T10781] __sys_socketpair+0x1d9/0x5a0 [ 312.892380][T10781] ? __pfx___sys_socketpair+0x10/0x10 [ 312.894778][T10781] ? fput+0x32/0x390 [ 312.896465][T10781] ? __pfx_ksys_write+0x10/0x10 [ 312.898553][T10781] __ia32_sys_socketpair+0x95/0x100 [ 312.900785][T10781] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 312.904132][T10781] __do_fast_syscall_32+0x73/0x120 [ 312.906573][T10781] do_fast_syscall_32+0x32/0x80 [ 312.908836][T10781] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 312.911689][T10781] RIP: 0023:0xf73ce579 [ 312.913685][T10781] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 312.922461][T10781] RSP: 002b:00000000f56c557c EFLAGS: 00000292 ORIG_RAX: 0000000000000168 [ 312.926363][T10781] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000000000001 [ 312.929917][T10781] RDX: 0000000000000100 RSI: 0000000020000080 RDI: 0000000000000000 [ 312.933578][T10781] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 312.937074][T10781] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 312.940700][T10781] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 312.944912][T10781] [ 312.946345][T10781] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 312.949237][T10781] CPU: 2 UID: 0 PID: 10781 Comm: syz.0.1473 Not tainted 6.11.0-rc1-syzkaller-00062-ge4fc196f5ba3 #0 [ 312.953423][T10781] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 312.957710][T10781] Call Trace: [ 312.959102][T10781] [ 312.960412][T10781] dump_stack_lvl+0x3d/0x1f0 [ 312.962458][T10781] panic+0x6f5/0x7a0 [ 312.964141][T10781] ? __pfx_panic+0x10/0x10 [ 312.966076][T10781] ? show_trace_log_lvl+0x363/0x500 [ 312.968142][T10781] ? check_panic_on_warn+0x1f/0xb0 [ 312.970160][T10781] ? refcount_warn_saturate+0x14a/0x210 [ 312.972435][T10781] check_panic_on_warn+0xab/0xb0 [ 312.974410][T10781] __warn+0xf1/0x3c0 [ 312.976142][T10781] ? refcount_warn_saturate+0x14a/0x210 [ 312.978318][T10781] report_bug+0x3c0/0x580 [ 312.980003][T10781] handle_bug+0x3d/0x70 [ 312.981589][T10781] exc_invalid_op+0x17/0x50 [ 312.983359][T10781] asm_exc_invalid_op+0x1a/0x20 [ 312.985213][T10781] RIP: 0010:refcount_warn_saturate+0x14a/0x210 [ 312.987802][T10781] Code: ff 89 de e8 c8 54 0c fd 84 db 0f 85 66 ff ff ff e8 1b 5a 0c fd c6 05 93 1a 7b 0b 01 90 48 c7 c7 e0 e6 af 8b e8 c7 0a cf fc 90 <0f> 0b 90 90 e9 43 ff ff ff e8 f8 59 0c fd 0f b6 1d 6e 1a 7b 0b 31 [ 312.996029][T10781] RSP: 0018:ffffc9002211fd10 EFLAGS: 00010286 [ 312.998631][T10781] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff814dc409 [ 313.001816][T10781] RDX: ffff8880209c4880 RSI: ffffffff814dc416 RDI: 0000000000000001 [ 313.005334][T10781] RBP: ffff888000cc8b80 R08: 0000000000000001 R09: 0000000000000000 [ 313.008809][T10781] R10: 0000000000000001 R11: 0000000000000000 R12: 00000000ffffffff [ 313.012208][T10781] R13: ffff888000cc8b80 R14: ffff888000cc8b13 R15: ffff888000cc8b0e [ 313.015578][T10781] ? __warn_printk+0x199/0x350 [ 313.017676][T10781] ? __warn_printk+0x1a6/0x350 [ 313.019851][T10781] sk_common_release+0x2ec/0x420 [ 313.021985][T10781] ? __pfx_smc_inet_init_sock+0x10/0x10 [ 313.024420][T10781] inet6_create+0xef5/0x12e0 [ 313.026444][T10781] ? inet6_create+0x5d/0x12e0 [ 313.028563][T10781] __sock_create+0x32e/0x800 [ 313.030619][T10781] __sys_socketpair+0x1d9/0x5a0 [ 313.032745][T10781] ? __pfx___sys_socketpair+0x10/0x10 [ 313.035070][T10781] ? fput+0x32/0x390 [ 313.036731][T10781] ? __pfx_ksys_write+0x10/0x10 [ 313.038794][T10781] __ia32_sys_socketpair+0x95/0x100 [ 313.041005][T10781] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 313.044022][T10781] __do_fast_syscall_32+0x73/0x120 [ 313.046261][T10781] do_fast_syscall_32+0x32/0x80 [ 313.048337][T10781] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 313.051003][T10781] RIP: 0023:0xf73ce579 [ 313.052717][T10781] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 313.060416][T10781] RSP: 002b:00000000f56c557c EFLAGS: 00000292 ORIG_RAX: 0000000000000168 [ 313.063951][T10781] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000000000001 [ 313.067177][T10781] RDX: 0000000000000100 RSI: 0000000020000080 RDI: 0000000000000000 [ 313.070485][T10781] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 313.073786][T10781] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 313.077183][T10781] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 313.080613][T10781] [ 313.082542][T10781] Kernel Offset: disabled [ 313.084456][T10781] Rebooting in 86400 seconds.. VM DIAGNOSIS: 21:52:08 Registers: info registers vcpu 0 CPU#0 RAX=dffffc0000000000 RBX=0000000000000001 RCX=ffffffff81c4bf9a RDX=ffff88801b600000 RSI=ffffffff81c4beec RDI=ffffffff8ddb8b20 RBP=0000000000000001 RSP=ffffc90000e8f378 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000 R12=ffffffff8ddb8b20 R13=0000000000000001 R14=ffffea0000ac5548 R15=dffffc0000000000 RIP=ffffffff8169354a RFL=00000093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c000000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f58f9aa6408 CR3=000000005efb6000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000000 RBX=ffff88802c246560 RCX=ffffffff817ee68b RDX=ffff888060ab0000 RSI=ffffffff817ee665 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc9002187f250 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000 R12=ffffed1005848cad R13=0000000000000001 R14=ffff88802c246568 R15=ffff88802c13ffc0 RIP=ffffffff817ee667 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802c100000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000020586000 CR3=000000002185e000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=000000000000003a RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff84fa2d95 RDI=ffffffff951193c0 RBP=ffffffff95119380 RSP=ffffc9002211f6d0 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000 R12=0000000000000000 R13=000000000000003a R14=ffffffff84fa2d30 R15=0000000000000000 RIP=ffffffff84fa2dbf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802c200000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000313e7ff8 CR3=000000002185e000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000002 RBX=0000000000000001 RCX=dffffc0000000000 RDX=0000000000000000 RSI=ffff8880163b0ac4 RDI=ffff8880163b0ac4 RBP=0000000000000000 RSP=ffffc900003f7958 R8 =ffff8880163b0ae0 R9 =fffffbfff28b64d8 R10=ffffffff945b26c7 R11=0000000000000002 R12=ffff8880163b0ad9 R13=ffff8880163b0b30 R14=dffffc0000000000 R15=ffff8880163b0000 RIP=ffffffff8168f924 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c300000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000203c5000 CR3=0000000024dc0000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000008000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000