last executing test programs: 3.986134357s ago: executing program 3 (id=2311): r0 = syz_open_dev$usbfs(&(0x7f0000000480), 0x76, 0x160341) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r1, 0x29, 0x20, &(0x7f00000000c0)="0bbb268dd6ffa80800000000000000000000210d0000aaa8fa017242ba9380d412000000000000002900000039000000", 0xfe60) ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200)) syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0) ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect) 3.985328602s ago: executing program 3 (id=2312): r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f0000000100)={0x79, 0x0, 0x24a}) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2) r4 = socket$nl_rdma(0x10, 0x3, 0x14) timer_create(0x0, 0x0, 0x0) sendmsg$RDMA_NLDEV_CMD_SYS_SET(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="680000000714010025bd7000ffdbdf25080001000100000008000100000000000900020073797a32000000000900020073797a3000000000050042000100000008000100010000000900020073797a30000000000900020073797a3000000000080001"], 0x68}}, 0x0) 3.85283967s ago: executing program 3 (id=2313): r0 = userfaultfd(0x801) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000001c0)) ioctl$VIDIOC_SUBSCRIBE_EVENT(0xffffffffffffffff, 0x4020565a, &(0x7f0000000080)={0x5, 0x2}) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f0000000900)=ANY=[@ANYBLOB="49552a350e2cc1702e5e0b94a2e20abb7b13663e74b5e1f5a0993d54f54d492dc415d59f3a72e8b803f50547d942ac471917fb77a832e367859caa1f15dd2314602d9a263eaa0bb52bc87a89b987e0b464a8bfc3f2255a5a73e8b4afd0c62443d557bd730b6459ac8f861101c0825a9d51f047429c2e9eb9cf2d59cd68622b0671c0f36564d884a7377cc7504936e754e0dddbba2175a4174b7606643faa98673861c407d4d255f42d310aefc2624773ae4469acb38ba42e5ddd5dfbb6fc52a63a580bb9026f179daf7d3d8a7cd040fd0ecb1cd262c75656f20a0f1ab66c436571b87f6f0c661136043dafdaaca2a134a1768e6dd8a006f33ec13265ac149b863d25b2fb2339dfb828f82e7ed718879350c399237d49123639a5475a8ed03a3dedd90f7c09996bfc06f8bee8aaa634b279d52ff1c5b3e108c3fbf947eee9bdcb6076a0def2265ea561b421d9c5bbb2d11fc62f4c4d2badf445e50b23d4ee3d657caa4d6b41f88f8e7dd6f1170c5fd27fd70127b2b2a25667e961d83ef72b0a04707ed0724000793486fcb3a3ed4f6282188c34523e654a735e9306fd56e43a7d91ab70d26510acb91232554a9d262bf8ed5d9ffcc3ff3366ee133db32eee2e9fc47cf895331298530a52a7534ce963fbfbeb15bc4793a90ca08fe079cdab81988964bbc1c6afbae0c3f107ff8692728a8e658f820b53722bfe84fb1fefcf6ee64df7d4b09d78ea69e1935ba66eecf38b01a45d8a9d9f19d05ae613cf9ad8a9e798f1e07cef713a475ba9add36d5cd39774f519a366f723ccc9794439fc77c56eca401fa6872ad9712631a97392a7cbd90f1823fa53c7497aafd6e8ee42aaf1fc264afc3d790f9cdb535079ae06dfa9b879e2e9c12022ee2f27ba2be764568c9794ada061249a5b595ceea9b281a472241c6bf578a52368ffd1311bc8811063c3b0b3b372fc491a753bd91cc08536989e25506f63f7c06b1fa1c7e22510c2690150abd0aa611dabc3ec0014fe36888c808f0cbe95c3d1cb6881631f10b678f0d4bbef517a94cb3ae18967df29b0b4006276651edd376ac70556c95546aa1ef9aaec536c63546148a05d0973bd8237421c2ab7a3883b42a747473e8f12a2c0932ee30d5e60fab53dc94d9870909fdbd5b8b3b5c4434345c82c516ac36440b1c2444ff464260a772e270a7953f1db9dac66e558aef7478d1e1733599656882e2e09ffc113463333807173dd54bf07ca3e42c0c06d79868b45d6819baa087f411c9792895ff35b8c1ef428e5a3d68d9909056cc49e661506a31f545636989b3e6fd39bbc49e79f04c9c9b3f30be18333e1838adfff019eaa3e5f5a47fdf1aec29c144973bcb05b874ee8f693deee84e3424103785d824db7849525c53e0c2a418dfcfe5f7fff963d06526434070c5f19fb0861ef418fdfde3e99748f65350dea31910ee73784eee324d937ab14f26dd517e6078b50306387c736b39abda2acb1d60799234cd79ad496b299ee92dcfb05bc8f1af9c9a5f3a4c1dd582d123e3c21745f1c6e778af2fd258b1d586949f6b23c50a9df7670797ca32dac059943c04a84f95eba094b7031f7ffab8fff04427cb930ae5c4cb1e64c03db5786acef97b0b2d633a13c5deac1d2a1802e6e186552d9918cab2cc5eb7e59e86e6c1f9f4d5308d3468b6b2591ee78ca51fec9c83f67177febbfb69dafe97e789f9ce24e8b752f08cd861d78103b8691afd4f504d0587b16f63335ddd349b676a3217a4345117ad6eea3da811ca911e183ce77bfb09c65a968f3d82423fe3dd78480fd881cc3dcabbb15623dd9f9547a729050eb6ca68957e27d4a2f455903c6a11ad125b5d7d76791d836b14d0e4ab436c799f42b3831661357b910a8663c1715b8fe4854ecda777e6b735d702e854a453757c2f23c83ebc43b4caef5b9037c55739f1368ef5c28a41543cbd1c11d003620c31b7b0367aeb00242448e18793e3e3ba1a2c5d5aa9c3d0cbc466623155074c8174cca6d68658cf8e480a2b3ee240b4392aec927962986f1d1363d19a66361c25efb3df9b9ed2cf483b2b3af06ac23e85452f66e701640ff06e9d1305af156f35be918cab7f0c83bffa4045612072d5add7546edef0da056269069f23ede5c46f708dc4e16e69b8d0aef88c0c96637b96613fe206f0166b1da7828ecc8f1cb906180bcfe47668bbb1601e81858aec16f81ffae09bad2ca9e2ea6b69442f95980085508f718dae0ee5b8469d2a36f7a75d3c335b8352fc592564f4eaeb8a14c1dc55e614ff43c67bffb523bafc7fadaaa6d65ad23cd92d2fcc03a921a933a2869660ce97fd564b3f446a65299f8d09bf4c370cd510a00d1fdd9dd1824ca122dd0179da88264c49506b1b0eb28016e7d8706536d3ecc85d30382d77ec83e0b7c758d886006783f09fd614ab3e1465369fa051f46c1f318a83540f3e4aaafb23b23ec96ceaf9e1e738db1ec36d40bb17803e3f399caa1eb910498ea65d7f892369b7342c71f7e7cb9cc1b120fc3daad4b7be6455be5215d7207b39bdd008a1a640182a67b169f5bc01d4f8a61a765678daddeedf6ec0614eca934273d6eaa0883b77352582a1fb106ff7b01f06d0ae51bd4c34e6682ce067eba70782d7ab4273ef23584609b629d229eb67a4e8b863d2149a6e2213efbb051cafdd54b8f2a3a8b2b95da0b367baf101c2c059395e03554f98f1be3c1e7673de9a594b59d4e2e9735e8eea9feb71d588b0d8243553ce0cb2c196b8982f9e230086322de707346a6d549f88ff12a91c11fb178918145947f1c89f578bd2e1c554cc8320cd0e27d742d158122ae6fa41aea7ace0b5de9eeedddc5b26c784cdb2a30d4180f4c25807a8f4fad6102302de375853b9d54fb03d6c9493d6a5d49046d8b03592bb6263b6faa77233f15d34e52f5b9664ae3acad02b8537814ec2ce05ac60620babb98bb5be996f7b7addcce50ec4e387e5076d762602cb93f4838c0072d90e5f42f4c672c12dda09c7d696a9488a9f838f6e0ebe1a40633a4d09cc94ffd16df66167d51cd82ca62e068a5876b67cce5eda33eeca90d2b44e3c509464e3ec2e29ad68f3ab55d4f9713fc9cc755986e0e66590dc8a46bf91ea7de2e7dafafda5c31fcf788fd918a7bbb7ebe61a22c5a9fd1a66b4df0133af61c5d83fc8d825a439225bc6dfee52872754d22e1109bf31bcc04a17d72379de3d22daf41a1f3c892f3d67017bf047b6d34d03de2e1dce0bf4010baa30780e3bcec2d880330664d0304dc5f78786452aa43e39c5202ced6b73a7209903575c9bee4322d7b8393e99d11fa95e8d1ef4f2228b20aa06e0bb23df5c66d11be3edc30c258996dd3e8d7b40f76e2ac72d5a3f4d9bec4f18c233f9fa8cedc97e313583985bedbdc71472387f9c21144ed634a8149442b5de69e877787cc7e0affac6fc04fe67d92319f8f0a5498abc2a41d5f836e03770f45c940b350a5bcaa0f79abb61ae1021b82c6109b891a814bbbd9ef59ba0a7b511b662929e8b73918d2a373acbab62f0f2b9f01a52ffbe0f67986ed452d970d9319b988edd9735a11678d010c345cb55fcbb62fa9b81a3339b35b2646e18a4a07ccaf760be830b63b43d87005f02eb36eea45febe30b3576078517972ad16bf4a23e1dfde844971df94025aca687100f19fca01e2881cf07dbd4bf6ec6c54d64866fd62f4fafbe883c697a2bb9a758e35d04223c2891b46e7a10eec3d33f2857de3582474080a79b976bc130e5122c3317c907c6a56cf094b425a36974e580c2ed22aad6e6ba66f13fd41dc5f6d76258523edbf41332088d9f395a3276e2bb5ce7e7fd80d5aca6f0e23d1d69fcca6c37f3cd6af34e29c0ce8bdec194834844b96a32cbf4892690662f0c10d942956d4ca4e324690406509079b9d0653155f3e9a77f785ef496ee78903a4cad10b36dd5bd2db9c22c368ad0f6eb6251408d0230af839c59602c6e3d7a4ac79cd240f07fab6a70ba708dfb9b3cdcd542c84ae8f569a45e5cf649b014774b24895d031134ccc7d25720340b76fc4bd74cf188b53108d93e5cde7299a62b55b2ec8191b95783c2e9055ca6a12a7884204d78cd8577011b00164d344bf4e6884cad86bbcf6b5e3305b28516883f21ec86756f1ed75c5005247b6dd5f5f3fc00b181bca7cd390c1bbc8bf69018f41024c63041178169391d62ab407a1314718d0c6667f089988b75533e8833d77e2e4c6c5af5d909750a27b765803be34effc15259f071060bcdec7b3b80aa4aef4c63a4356d955b4ba69d5aacd5cbe7008b30b5e553992f16f3a0602d987f5308ba6622738d482462325128eecc78013bc881a6d3ff60beba5d108d54eb184119eb1940533d8a0602361e0d0f45e41f88c57407a0ee3b3bebbf69beb15cb45917ace62f8752dddc42c06556bffe55d511efcc5c9a92ccdeb1fc6bc3c9ee81a624dbddba1105364226228b239798681a65680f948f505404642b5106f32172aa4389fe1f778ef2a061a97c20ee072c24717f57893d0c7f1df158f0135d0d3cddd1d8ab6f7856fa1c43a8d23afc2ba528455d8a408fe799faee7d5b598b3d04e89d255040ef95805857de0dbca3cf3fdf7ed9ff7d516d220c214e01ee6cc270d09764932ad74f7133e32e78b361f5f7ab7ab35a299b1cdfedad7a82817ddede497649e5732cc81ef6070ee13135ca4f603535d7d02f4de980183fad4477189d369d0a9a263a1c341a28fd2905068b7b8e70160be282f8aac6aaf55a8701059684893295e948f6e214e35b37b8b3583b3ce951e993403ac0b389708a2772f68926dc0d421dad17950d8e3598c533f64cbf207f936a9c6205b5fd909345942583f357324d425cca49596e0879bdfd4cd197219ebe877c7a90277d397bd34122129310cd46a48ab5c1a026ca875cf1cf96d2f9278b97f11a0051900681e797a2dcdfa0d98dd7b95d6d10fbf98d7196cf88f9df2571fdd7ab64fba68ad3c041ca476f015b6074dc70448e5c36728d5c32c874cc982624e77f0cba3ffedaf4b9f20eebbbaf898a7ab29e4916cadd2dd1f7f1f2bb03464bdb2d51b7717c622fb979a1bd9e71a222d5f8576e8a4ff702c4a2fbdc365e6ce416ab124fe805785495b0d66acad3ca31502843e67d385ff76cdcfc970fc9f87b4ce216090893cb555122ab33f75f846d20885f22f5daa978f3faf7b4ff5db4261d0dd65f5a9eb2fda04c3766aa39bff6a8166807fc0b9da28b88351cb8db49ee3087f62508c7c73b0ab195f93417ce35da4a46e2e7d2903bc1a6f72472ed19e137479473ac929e413b8375cbaec6e19c9d275c36742b2a297fffbd4237a06e0d281d51d13c5d0080931979dc73dd34e97cca5bc69522bbc1c76deeb8de58d49d715b9e35d75c59cf8a89009a4d7807ae8bd18b40531229d7205f1a544935f0196214bd8cc67214686ad6e09f181b4435e16b75a9858f3915eee95910978dfef380080488bc9c2e53d545738340d989342387eef57e60c8da4a8d5c411e14fd654e3005f160ffc9cdd63b2672e0e53d15436bd82d07f9c5011f9092d079cf2fa3ab1a187762932f1081813184cf8973fe324127ff4c7393c9792bcaa78ca62c42ef52ed130d4692aeb8220cce5f4eb482d5129ce98030807a8335ee8f4b2dab0e60ab0dd053620a13325addc331c50ac708dc4512a93557d2478842963b42317e0e92ed59d70760be4f03e3048474f2bac76166cfd9a61afdcd64a09b6b2254a1640ce1c90010f60ce3d9f10f7624fd5f53330bb5005ea95b9f216c09c1c90ff8b88c332b46e"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xc5, &(0x7f0000001900)=""/197, 0x41000, 0x45, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x5}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x101) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs={0x1, 0x0, 0x4e23}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="34000000100001f8ffffff000000000000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000000c002b8008000100", @ANYRES32=r2, @ANYBLOB="08001b"], 0x34}}, 0x4004010) r6 = socket(0x2, 0x3, 0x6) bind$inet(r6, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10) mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x8) recvmsg$unix(r6, &(0x7f0000000140)={&(0x7f00000000c0)=@abs, 0x6e, &(0x7f0000000040)=[{&(0x7f0000000280)=""/199, 0xc7}], 0x1, &(0x7f0000000380)=[@cred={{0x18}}, @cred={{0x18}}, @rights={{0x10, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x18}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x70}, 0x40) write$RDMA_USER_CM_CMD_JOIN_MCAST(0xffffffffffffffff, &(0x7f0000000180)={0x16, 0x98, 0xfa00, {0x0, 0x3, 0xffffffffffffffff, 0x30, 0x0, @ib={0x1b, 0x0, 0xb, {"a881791b230000000600"}, 0xffffffffffffa3cf, 0x5, 0x81}}}, 0xa0) write$RDMA_USER_CM_CMD_QUERY_ROUTE(r7, &(0x7f0000000600)={0x5, 0x10, 0xfa00, {&(0x7f0000000400)}}, 0x18) rmdir(&(0x7f00000001c0)='./cgroup/../file0\x00') openat$rdma_cm(0xffffff9c, &(0x7f0000000680), 0x2, 0x0) io_setup(0x400, &(0x7f0000000780)=0x0) io_destroy(r8) io_destroy(r8) 3.013393602s ago: executing program 1 (id=2316): socket$inet_udp(0x2, 0x2, 0x0) socket$key(0xf, 0x3, 0x2) socket$inet_udp(0x2, 0x2, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000140), 0x8800, 0x0) dup(r0) socket$nl_route(0x10, 0x3, 0x0) syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)) syz_open_dev$ndb(&(0x7f00000000c0), 0x0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000008c0)=ANY=[@ANYBLOB="6c0000001000010400d201000072f60000020000", @ANYRES32=r1, @ANYBLOB="0524060000000000300012800b0001006272696467650000200002800c002e00fffff6ffffffffff050007001f"], 0x6c}}, 0x0) r2 = socket(0x10, 0x3, 0x0) sendmmsg$alg(r2, &(0x7f0000000140), 0x4924b68, 0x0) close(0xffffffffffffffff) socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000011c0)=[{&(0x7f0000000140)="5c00000011006bcc9e3be35c6e17aa31076b876c1d0000007ea60864160af36514001ac004000202080002000300010004000400eab556a705251e618294ff0051f60a84c9f4d4938037e786a6d0001000000e4509c5bbcd72c6c953", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x200000000000011, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x20, 0x10, 0x403, 0x700, 0x0, {0x0, 0x0, 0x74, r5, 0x0, 0x11203}}, 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x0) 2.891121931s ago: executing program 1 (id=2317): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0xffffffffffffff7c, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f00000007c0)={0x3, 0x0, [{0x3000, 0xe1, &(0x7f0000000580)=""/225}, {0xd000, 0x0, 0x0}, {0x1, 0x8a, &(0x7f0000000700)=""/138}]}) fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x501483, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r5 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000180), 0xffffffffffffffff) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) r6 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r6, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000000c0)={'erspan0\x00', 0x0}) sendto$packet(r6, &(0x7f0000000180)="0b031200e0ff64000200475400f6a13bb10088a8086086dd4803", 0x100a6, 0x0, &(0x7f0000000140)={0x11, 0x8100, r7}, 0x14) sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="74010000", @ANYRES16=r5, @ANYBLOB="11060000000000000000010000000800050001000000200108803c0000801400040002000000ac1e00010000000000000000240001000000000000000000000000000000000000000000000000000000000000000000e0000080a400098028000080060001000a0000001400020020010000000000000000000000000001050003000100000028000080060001000a00000014000200ff010000000000000000000000000001050003000100000028000080060001000a00000014000200ff010000000000000000000000000001050003000300000028020080060001000a00000014000200ff0100000000000000000000000000010500030000000000240001000000000000000000000000000000000000000000000000000000000000000000140004000200000000000000000000000000000024000300000000000000000000000000000000000000000000000000000000000000000014000200776731"], 0x174}}, 0x0) r8 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x205000, 0x0) fchown(r8, 0x0, 0xee01) syz_open_dev$ttys(0xc, 0x2, 0x1) syz_open_dev$tty1(0xc, 0x4, 0x1) 2.540729227s ago: executing program 0 (id=2318): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x80680, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) socket$unix(0x1, 0x5, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000180)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd28, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x5, 0x7}, {}, {0xa, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x200c0e9}, 0x20000004) r2 = socket(0x400000000010, 0x3, 0x0) r3 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000001c0)=@newtfilter={0x24, 0x2c, 0xd27, 0x70bd2c, 0x8000, {0x0, 0x0, 0x0, r4, {0x5, 0xffff}, {}, {0xa, 0x2}}}, 0x24}, 0x1, 0x0, 0x0, 0x22044028}, 0x84) 2.452204629s ago: executing program 0 (id=2320): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10) (async) r2 = getpid() syz_open_procfs(r2, &(0x7f0000001040)='oom_score\x00') r3 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'wlan1\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000001540)=@newqdisc={0x40, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}, {0x9}}, [@qdisc_kind_options=@q_etf={{0x8}, {0x14, 0x2, @TCA_ETF_PARMS={0x6, 0x1, {0xf1ffffff, 0x7, 0x2}}}}]}, 0x40}}, 0x0) (async) r5 = syz_open_dev$tty1(0xc, 0x4, 0x3) r6 = dup(r5) write$UHID_INPUT(r6, &(0x7f0000000000)={0xe, {"a2e3ad21ed0d52f90b9b39094bf70e06d038e7ff7fc6e5539b324b298b089b0732376d090890e0878f0e1ac6e7049b334a959bfc9a240d2567f3988f7ef319520100ffe8d1780700523c921b1b9b31070d315d0936cd3b78130daa61f94b61404d64aec1b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb056d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498be0800000000000000f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c088215ec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6f44ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d208001349b41db6efcffac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ec126c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b8247068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2a15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee53259289d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c1980778efa5ea567b7b7430acc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a0700d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8440daaa69bf5c8f4350aeae9ca1207e76061b28f27da19acc7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211c7847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7beddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c5409711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e781171e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e24919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b906ce2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf3f2aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11ee9afb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e75c40e42e07b34449e15e065cc7348663a52190202c7ae288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f00000000000000000000b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289d8523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c78e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d53588a0f9455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d664130bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7899484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e7c7b2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df06720ba2b26bbfcc807c8aabb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db38b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ea4cd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f031755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb24ee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) (async) r7 = socket$nl_route(0x10, 0x3, 0x0) (async) r8 = socket(0x1, 0x803, 0x0) getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_XFRM_IF_ID={0x8, 0x2, 0x3}]}}}, @IFLA_WEIGHT={0x8, 0xf, 0x8}]}, 0x44}, 0x1, 0x8}, 0x0) 2.385344364s ago: executing program 0 (id=2321): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2) r4 = socket$nl_rdma(0x10, 0x3, 0x14) timer_create(0x0, 0x0, 0x0) sendmsg$RDMA_NLDEV_CMD_SYS_SET(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="680000000714010025bd7000ffdbdf25080001000100000008000100000000000900020073797a32000000000900020073797a3000000000050042000100000008000100010000000900020073797a30000000000900020073797a3000000000080001"], 0x68}}, 0x0) 2.385063975s ago: executing program 3 (id=2322): r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25SCALLUSERDATA(r0, 0x89e7, &(0x7f0000000000)={0x0, "7b0110ad63302cd5c640570ea644076350928a799f88cf6ec4a9920bfdf36262b67bb982476f31948197c179787aec9a5a9ba2cb1a48a73cf3af32999ff2d49d532793c612906506c0e4199e822a075db1851429f4c22521af00054c68da7de0408429f725e554b3bcbb335cec314794110db46b11298e1b7ba7d0604b3be480"}) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, 0x0, 0x0, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0) ioctl$TCSETS(r2, 0x404c4701, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x400000, 0x14, "3eccd8000000000000000010000000040100"}) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r4 = dup(r3) write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c) r5 = socket$inet_udp(0x2, 0x2, 0x0) r6 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="fc0000001900010000000000fcdbdf2500000000000000000000000000000000fe8000000000000000000000000000bb00000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000040000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000010000004400050000000000000000000000000000000000000000022b0000000a000000fe8000000000000000000000000000aa0000000004000000000000000000000000000000c6d6eac3624ce3cd3a1301d696468ff5bb8ab14d7f3ca4d28916cbf3f884ae1ea97f19ea656b3ff7b72d6cebffa7d6d14d358f53e8daf4cf3dcba452f82ae0bdeff0b5df5b8e2d84ae497edf8d"], 0xfc}, 0x1, 0x0, 0x0, 0x20008000}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) unshare(0x8010800) socket$nl_route(0x10, 0x3, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) r8 = socket$nl_route(0x10, 0x3, 0x0) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040f0200f80d20"], 0x7) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r7, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', 0x0}) syz_init_net_socket$ax25(0x3, 0x3, 0xcf) sendmsg$nl_route(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="200000006800e978000000a86cc650dbdf250a00000000000000080005005549db38b1aa6eeb5f2c5a33686694f44a3fe5ead1629cd5213587d3f2a2d2ad33f2e32b16f1a88c00439618f796415a8ebcad5df04632ee57621bc67085fc4d9b721405f68ea6583e0a5c2ce09b88401abe75191b43b4770867ac1da76259e4e8be7513b37f39b4e71a346964f5599d", @ANYRES32=r9, @ANYBLOB], 0x20}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB="380000006800010003001000fdffff7f0000006a9fbe7f679991c3000000150000000c000c8006000100d43f00000600030001000000"], 0x38}, 0x1, 0x0, 0x0, 0x4008018}, 0x4000080) bind$inet(r5, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x17}}, 0x10) setsockopt$sock_int(r5, 0x1, 0x6, &(0x7f0000000000)=0x4, 0x4) connect$inet(r5, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10) sendmmsg$inet(r5, &(0x7f0000004d00)=[{{0x0, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x30000}}], 0x300, 0xf00) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f00000000c0)) 1.690301925s ago: executing program 0 (id=2323): socket$inet_udp(0x2, 0x2, 0x0) socket$key(0xf, 0x3, 0x2) socket$inet_udp(0x2, 0x2, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000140), 0x8800, 0x0) dup(r0) socket$nl_route(0x10, 0x3, 0x0) syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)) syz_open_dev$ndb(&(0x7f00000000c0), 0x0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000008c0)=ANY=[@ANYBLOB="6c0000001000010400d201000072f60000020000", @ANYRES32=r1, @ANYBLOB="0524060000000000300012800b0001006272696467650000200002800c002e00fffff6ffffffffff050007001f"], 0x6c}}, 0x0) r2 = socket(0x10, 0x3, 0x0) sendmmsg$alg(r2, &(0x7f0000000140), 0x4924b68, 0x0) close(0xffffffffffffffff) socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000011c0)=[{&(0x7f0000000140)="5c00000011006bcc9e3be35c6e17aa31076b876c1d0000007ea60864160af36514001ac004000202080002000300010004000400eab556a705251e618294ff0051f60a84c9f4d4938037e786a6d0001000000e4509c5bbcd72c6c953", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x200000000000011, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x20, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x74, r5, 0x0, 0x11203}}, 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x0) (fail_nth: 9) 1.452518431s ago: executing program 1 (id=2324): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0xffffffffffffff7c, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f00000007c0)={0x3, 0x0, [{0x3000, 0xe1, &(0x7f0000000580)=""/225}, {0xd000, 0x0, 0x0}, {0x1, 0x8a, &(0x7f0000000700)=""/138}]}) fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x501483, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r5 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000180), 0xffffffffffffffff) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) r6 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r6, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000000c0)={'erspan0\x00', 0x0}) sendto$packet(r6, &(0x7f0000000180)="0b031200e0ff64000200475400f6a13bb10088a8086086dd4803", 0x100a6, 0x0, &(0x7f0000000140)={0x11, 0x8100, r7}, 0x14) sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="74010000", @ANYRES16=r5, @ANYBLOB="11060000000000000000010000000800050001000000200108803c0000801400040002000000ac1e00010000000000000000240001000000000000000000000000000000000000000000000000000000000000000000e0000080a400098028000080060001000a0000001400020020010000000000000000000000000001050003000100000028000080060001000a00000014000200ff010000000000000000000000000001050003000100000028000080060001000a00000014000200ff010000000000000000000000000001050003000300000028020080060001000a00000014000200ff0100000000000000000000000000010500030000000000240001000000000000000000000000000000000000000000000000000000000000000000140004000200000000000000000000000000000024000300000000000000000000000000000000000000000000000000000000000000000014000200776731"], 0x174}}, 0x0) r8 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x205000, 0x0) fchown(r8, 0x0, 0xee01) r9 = syz_open_dev$ttys(0xc, 0x2, 0x1) fcntl$dupfd(r9, 0x0, 0xffffffffffffffff) 1.422083097s ago: executing program 3 (id=2325): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0xffffffffffffff7c, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f00000007c0)={0x3, 0x0, [{0x3000, 0xe1, &(0x7f0000000580)=""/225}, {0xd000, 0x0, 0x0}, {0x1, 0x8a, &(0x7f0000000700)=""/138}]}) fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x501483, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r5 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000180), 0xffffffffffffffff) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) r6 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r6, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000000c0)={'erspan0\x00', 0x0}) sendto$packet(r6, &(0x7f0000000180)="0b031200e0ff64000200475400f6a13bb10088a8086086dd4803", 0x100a6, 0x0, &(0x7f0000000140)={0x11, 0x8100, r7}, 0x14) sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="74010000", @ANYRES16=r5, @ANYBLOB="11060000000000000000010000000800050001000000200108803c0000801400040002000000ac1e00010000000000000000240001000000000000000000000000000000000000000000000000000000000000000000e0000080a400098028000080060001000a0000001400020020010000000000000000000000000001050003000100000028000080060001000a00000014000200ff010000000000000000000000000001050003000100000028000080060001000a00000014000200ff010000000000000000000000000001050003000300000028020080060001000a00000014000200ff0100000000000000000000000000010500030000000000240001000000000000000000000000000000000000000000000000000000000000000000140004000200000000000000000000000000000024000300000000000000000000000000000000000000000000000000000000000000000014000200776731"], 0x174}}, 0x0) r8 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x205000, 0x0) fchown(r8, 0x0, 0xee01) syz_open_dev$ttys(0xc, 0x2, 0x1) syz_open_dev$tty1(0xc, 0x4, 0x1) 1.286512248s ago: executing program 0 (id=2326): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000400}, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000280)='/dev/bsg/2:0:0:0\x00', 0x0, 0x0) ioctl$SG_SET_COMMAND_Q(r1, 0x2271, &(0x7f00000002c0)) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0) r3 = openat$pmem0(0xffffffffffffff9c, 0x0, 0x80d01, 0x0) ioctl$BLKPG(r3, 0x1269, &(0x7f00000001c0)={0x1, 0x0, 0x98, &(0x7f00000000c0)={0x400, 0x1000, 0xd}}) sendfile(0xffffffffffffffff, r2, &(0x7f00000000c0)=0x8b, 0x100000500) r4 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10) connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) sendto$inet(r4, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0) recvfrom$inet(r4, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25) 1.28576564s ago: executing program 2 (id=2327): sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x8010) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="020e000010000000000000000004830008001200000001000000ff000000400000001ea0abff7f00000000000000d41f9ab9000100700000ebdf000008000000c4fc0000100000000000e2ffff1c004f030006000020080002000080f5008e24ce6e4ae300a5000003000500001e001e02"], 0x80}}, 0x4814) r0 = socket$key(0xf, 0x3, 0x2) sendmmsg(r0, &(0x7f0000000180), 0x229ffa1c4ce5369, 0x0) (fail_nth: 8) 1.090530011s ago: executing program 2 (id=2328): r0 = syz_open_dev$video(&(0x7f0000000000), 0x3ff, 0x20040) pread64(r0, &(0x7f0000000040)=""/4096, 0x1000, 0x6) (async) r1 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TLS_TX(r1, 0x6, 0x1, &(0x7f0000001040)=@gcm_256={{0x303}, "d47f44e5edc45c7f", "00bef616a9945d7d7c116f8a5071fa3cbac686c48da4263e772a549d6aa4b9e3", "c8a04626", "959b70bd98ae40f3"}, 0x38) (async) r2 = openat$ttynull(0xffffff9c, &(0x7f0000001080), 0x80000, 0x0) ioctl$TCXONC(r2, 0x540a, 0x3) (async) r3 = openat$comedi(0xffffff9c, &(0x7f00000010c0)='/dev/comedi1\x00', 0x82380, 0x0) r4 = syz_open_dev$tty1(0xc, 0x4, 0x1) (async) clock_gettime(0x0, &(0x7f0000001140)={0x0, 0x0}) ppoll(&(0x7f0000001100)=[{r4, 0x1080}, {r3, 0x4000}, {r0, 0x14031}, {r1, 0x1242}], 0x4, &(0x7f0000001180)={r5, r6+60000000}, &(0x7f00000011c0)={[0xc, 0x1]}, 0x8) (async) ioctl$TIOCSRS485(r2, 0x542f, &(0x7f0000001200)={0x1, 0x0, 0xa}) syz_emit_ethernet(0x22, &(0x7f0000001240)={@remote, @broadcast, @val={@val={0x88a8, 0x1, 0x1, 0x4}, {0x8100, 0x4, 0x0, 0x4}}, {@llc={0x4, {@snap={0xff, 0x1fe, "92d3", "2dbbbc", 0x9300, "fedf89"}}}}}, &(0x7f0000001280)={0x0, 0x1, [0x45d, 0x6d, 0x5fa, 0x8a0]}) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000001300)=@filter={'filter\x00', 0xe, 0x4, 0x438, 0xffffffff, 0x0, 0x21c, 0x21c, 0xffffffff, 0xffffffff, 0x370, 0x370, 0x370, 0xffffffff, 0x4, &(0x7f00000012c0), {[{{@ipv6={@ipv4={'\x00', '\xff\xff', @loopback}, @mcast1, [0xff000000, 0x0, 0xffffffff], [0x0, 0xff000000, 0xff0000ff, 0xffffffff], 'pimreg\x00', 'vlan1\x00', {}, {0xff}, 0x62, 0xc6, 0x0, 0x73}, 0x0, 0xd4, 0xfc, 0x0, {}, [@common=@frag={{0x30}, {[0x2], 0x7f, 0x36, 0x447778ba9fa05336}}]}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0xff8e, 0x3, 0x5}}}, {{@uncond, 0x0, 0xf8, 0x120, 0x0, {}, [@common=@frag={{0x30}, {[0x0, 0x8], 0x47, 0x12, 0x1}}, @common=@hl={{0x24}, {0x1}}]}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x7, 0x0, 0x2}}}, {{@uncond, 0x0, 0xf8, 0x154, 0x0, {}, [@common=@mh={{0x24}, {"824b"}}, @common=@frag={{0x30}, {[0x7, 0xbd3], 0x2, 0x0, 0x1}}]}, @common=@inet=@HMARK={0x5c, 'HMARK\x00', 0x0, {@ipv4=@broadcast, [0x0, 0xff, 0xff000000, 0xff000000], 0x4e24, 0x4e20, 0x4e22, 0x4e23, 0xf3, 0x5, 0x9, 0x9, 0xffffffff}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x494) (async) write$tun(0xffffffffffffffff, &(0x7f00000017c0)={@val, @val={0x1, 0x3, 0x10, 0x1, 0x800, 0x611}, @llc={@snap={0xab, 0xaa, "be", "e605fa", 0x22eb, "aad7087337a56366bee8d31c6735275a7f38c310976d7fbb86a4d3639c36b0b0140c26a5dc961108b7bef348559d8dc425af61465481aa34cab007cb63e3a20acaefc38fe58772bd78369d66450b2aa9b4616ef3a12d68e697b6b2d45a13c09c3313b3ab8472bb233d5f626fed7668fe8b0099358f4c99f0d58dc09d5fdadb0e015e3ea2ae5ebefd15d346c15abf491f5b78460fefe0926f4669f072a7f6b755dbb98fad496f425ed2d940fdc6d31717404c4572cfa528c14273de8b12b79c2c35bc042f361a2588cda22e427b5d1ddeb837f6f26ddccfb166b67866fddbd67089a0ccc25bbc659226eb2136f97e52e4cef70b8bb1cc49"}}}, 0x10d) (async) r7 = bpf$ITER_CREATE(0x21, &(0x7f0000001900)={r1}, 0x8) ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, &(0x7f0000001940)={'wg1\x00', 0x0}) setsockopt$inet6_IPV6_PKTINFO(r7, 0x29, 0x32, &(0x7f0000001980)={@remote, r8}, 0x14) (async) write$P9_RFSYNC(0xffffffffffffffff, &(0x7f00000019c0)={0x7, 0x33, 0x2}, 0x7) sendto$inet6(r7, &(0x7f0000001a00)="b082cdc854ce345454885b4898297daf504179", 0x13, 0x804, &(0x7f0000001a40)={0xa, 0x4e20, 0x7fffffff, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}, 0x8}, 0x1c) (async) socket$can_bcm(0x1d, 0x2, 0x2) (async) eventfd(0x2) (async) r9 = openat$mice(0xffffff9c, &(0x7f0000001a80), 0x120400) r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001b00), 0xffffffffffffffff) sendmsg$NL80211_CMD_DISASSOCIATE(r9, &(0x7f0000001c00)={&(0x7f0000001ac0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000001bc0)={&(0x7f0000001b40)={0x50, r10, 0x0, 0x70bd27, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x7f, 0x34}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @random="955cd33841a5"}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x2}, @NL80211_ATTR_LOCAL_STATE_CHANGE={0x4}, @NL80211_ATTR_LOCAL_STATE_CHANGE={0x4}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac=@device_b}]}, 0x50}, 0x1, 0x0, 0x0, 0x4000020}, 0x4041) (async) ioctl$SCSI_IOCTL_TEST_UNIT_READY(r7, 0x2) r11 = accept4$unix(r7, &(0x7f0000001c40)=@abs, &(0x7f0000001cc0)=0x6e, 0x0) connect$unix(r11, &(0x7f0000001d00)=@file={0x0, './file0\x00'}, 0x6e) (async) getsockopt$llc_int(r7, 0x10c, 0x4, &(0x7f0000001d80), &(0x7f0000001dc0)=0x4) ioctl$IOMMU_IOAS_ALLOC(r7, 0x3b81, &(0x7f0000001e00)={0xc, 0x0, 0x0}) ioctl$IOMMU_IOAS_UNMAP$ALL(r7, 0x3b86, &(0x7f0000001e40)={0x18, r12}) 995.393273ms ago: executing program 2 (id=2329): sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x8010) r0 = socket$key(0xf, 0x3, 0x2) r1 = socket$inet_sctp(0x2, 0x1, 0x84) getsockname$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000080)=0x14) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f00000001c0)={{{@in=@remote, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@loopback}, 0x0, @in6=@private1}}, &(0x7f00000000c0)=0xe4) setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@mcast1, @in=@multicast2, 0x4e22, 0x2, 0x4e21, 0x0, 0x2, 0xa0, 0xa0, 0x33, r2, r3}, {0x0, 0x5, 0xec2a, 0x6, 0xb, 0x100000000, 0x10, 0xd}, {0x7fffffff, 0x200, 0xffffffffffff0000, 0x200}, 0x97c, 0x0, 0x0, 0x0, 0x1, 0x2}, {{@in6=@loopback, 0x4d3, 0xff}, 0x2, @in6=@dev={0xfe, 0x80, '\x00', 0x42}, 0x3506, 0x2, 0x2, 0x6, 0x16e, 0xcb, 0x8}}, 0xe4) sendmmsg(r0, &(0x7f0000000180), 0x229ffa1c4ce5369, 0x0) 994.769568ms ago: executing program 2 (id=2330): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000940)=ANY=[@ANYBLOB="9feb01001800000000000000240000009b641bf21070435b080000000200000f050000000100000000000000000000001ef26e630ce0a32a99260000000000002e00"], 0x0, 0x46, 0x0, 0x6}, 0x28) r0 = syz_init_net_socket$llc(0x1a, 0x801, 0x0) prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffc000/0x4000)=nil, 0x4000, &(0x7f0000000780)='\xef~\r\x8c\x93NT\x1b\x0e\xc0o\xe1V\xbbEZ\xf2\x1d\xba\xe3\xf7te\x96Y\xc6d\x1f\xbc\x05\x0f\xa7hh^\x97\x96!d;n5\xfc\xae\x9fZ\xd8\xa8A\xfc\xab\xa5\x01\x8a\x8a\xe2I,\xe0\x97\x9e\xf5g\xa3\x19^\xc4oR\a\r\'#(\x9d\x1dKp!\xa8\xc2\xe3\xb8\x8et\xa8\x0fh\x88\xfc\xe2\x13\xdbe0\x99\xcf<\xdf\f\xa6\x02\xaafT\xc5(\a\x85\x8e\xdbn\xd7\x8f)\xads\xda\xbbZm D\x9ej\x18\xae\x94\x13\'\xa5\xa9\xfa\xaa~\x1d\xb32\\ \x98\xfd\xc5i\xfc\xf5g\xac3K\x82cD:\xe8\xcdz:\xe9Y\xef\x0e\xcb\x03\xe7R\xdd.\xa0\xb0W\xf9Q\xcc\x7f7\b\xfe\xd7\x8a\x12\x94H\xc4&\x962\x93\xcfhE\xa5\x11&H\xe3\x95\x98\x84\x90\xf3l\xc1\x95\xbf3|z\xc2\x95j\x04\xd2\x87\xc9c\x94ky\xc7\xfaL\xd0\x9bP\xd59/\x1b\x10\x18\xdd\xa0\xcdw\xa5\xe8\xda[\x86\xd6\xab0x0}) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r2, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) bind$llc(r0, &(0x7f0000000000)={0x1a, 0x0, 0xfb, 0x0, 0x0, 0xfd, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x25}}, 0x10) 918.340519ms ago: executing program 2 (id=2331): openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c) bind$inet6(r0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x0, 0x0, &(0x7f0000000080)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94) setfsuid(0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[], 0x104}}, 0x0) getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x6, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000240), 0x80200, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r3 = socket$phonet_pipe(0x23, 0x5, 0x2) r4 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$IP_VS_SO_SET_STARTDAEMON(r4, 0x0, 0x48b, &(0x7f0000000100)={0x1, 'geneve0\x00', 0x2a32}, 0x18) getsockopt$IP_VS_SO_GET_DAEMON(r4, 0x0, 0x487, 0x0, &(0x7f0000000200)) connect$phonet_pipe(r3, 0x0, 0x0) r5 = socket$key(0xf, 0x3, 0x2) getpeername(r5, 0x0, 0x0) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) sendmsg$tipc(0xffffffffffffffff, 0x0, 0x20040010) r6 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r6, 0xc02064b2, &(0x7f0000000380)={0x7af3, 0x8, 0x4, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_DESTROY_DUMB(r6, 0xc00464b4, &(0x7f0000000180)={r7}) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000040)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x4, 0x3}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0xd, &(0x7f0000000240)=@framed={{0x18, 0x2}, [@map_idx={0x18, 0x1, 0x5, 0x0, 0x1}, @printk={@lld, {0x3, 0x3, 0x6, 0xa, 0x1, 0xfff8, 0x41}, {0x5}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3a, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 515.829698ms ago: executing program 1 (id=2332): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) r1 = socket$inet(0xa, 0x801, 0x84) connect$inet(r1, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) listen(r1, 0x8) r2 = accept4(r1, 0x0, 0x0, 0x0) sendto$inet(r2, &(0x7f0000000240)="2a89", 0x2, 0xc090, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x22, &(0x7f0000000000)={0x2, 0x0, 0x6, 0xffffffff}, 0x10) mount_setattr(0xffffffffffffffff, 0x0, 0x8080, 0x0, 0x0) sendto$inet6(r2, &(0x7f0000000200)='x', 0x1, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, &(0x7f0000000100)={0x0, 0x2}, 0x8) close_range(r0, 0xffffffffffffffff, 0x0) 450.724222ms ago: executing program 0 (id=2333): r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25SCALLUSERDATA(r0, 0x89e7, &(0x7f0000000000)={0x0, "7b0110ad63302cd5c640570ea644076350928a799f88cf6ec4a9920bfdf36262b67bb982476f31948197c179787aec9a5a9ba2cb1a48a73cf3af32999ff2d49d532793c612906506c0e4199e822a075db1851429f4c22521af00054c68da7de0408429f725e554b3bcbb335cec314794110db46b11298e1b7ba7d0604b3be480"}) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, 0x0, 0x0, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0) ioctl$TCSETS(r2, 0x404c4701, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x400000, 0x14, "3eccd8000000000000000010000000040100"}) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r4 = dup(r3) write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c) r5 = socket$inet_udp(0x2, 0x2, 0x0) r6 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="fc0000001900010000000000fcdbdf2500000000000000000000000000000000fe8000000000000000000000000000bb00000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000040000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000010000004400050000000000000000000000000000000000000000022b0000000a000000fe8000000000000000000000000000aa0000000004000000000000000000000000000000c6d6eac3624ce3cd3a1301d696468ff5bb8ab14d7f3ca4d28916cbf3f884ae1ea97f19ea656b3ff7b72d6cebffa7d6d14d358f53e8daf4cf3dcba452f82ae0bdeff0b5df5b8e2d84ae497edf8d"], 0xfc}, 0x1, 0x0, 0x0, 0x20008000}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) unshare(0x8010800) socket$nl_route(0x10, 0x3, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040f0200f80d20"], 0x7) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r7, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'}) syz_init_net_socket$ax25(0x3, 0x3, 0xcf) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB="380000006800010003001000fdffff7f0000006a9fbe7f679991c3000000150000000c000c8006000100d43f00000600030001000000"], 0x38}, 0x1, 0x0, 0x0, 0x4008018}, 0x4000080) bind$inet(r5, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x17}}, 0x10) setsockopt$sock_int(r5, 0x1, 0x6, &(0x7f0000000000)=0x4, 0x4) connect$inet(r5, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10) sendmmsg$inet(r5, &(0x7f0000004d00)=[{{0x0, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x30000}}], 0x300, 0xf00) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f00000000c0)) 297.272203ms ago: executing program 3 (id=2334): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000000)=@req3={0x8000, 0x200, 0x80, 0x20000}, 0x1c) r1 = openat$hwrng(0xffffff9c, 0x0, 0x202, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0xe, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x0, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x3}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0xffffffffffffffff, 0x4}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) setsockopt$IP_VS_SO_SET_STOPDAEMON(r1, 0x0, 0x48c, &(0x7f0000000000)={0x2, 'macsec0\x00', 0x2}, 0x18) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$kcm(0x10, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x2000000000000371, 0x0, &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0xc2d41, 0x0) (fail_nth: 9) 67.192101ms ago: executing program 1 (id=2335): syz_emit_ethernet(0x36, &(0x7f0000000240)={@local, @dev, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x2, 0x13, 0x0, 0x0, 0x0, 0x6, 0x0, @private=0xa210104, @local}, {{0x0, 0x400, 0x41424344, 0x41424344, 0x0, 0x6, 0x5}}}}}}, 0x0) 362.288µs ago: executing program 2 (id=2336): r0 = socket$packet(0x11, 0x2, 0x300) socket$packet(0x11, 0x2, 0x300) r1 = socket$kcm(0x21, 0x2, 0xa) sendmsg$kcm(r1, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in6={0x21, 0xfffc, 0x2, 0x1c, {0xa, 0xfffc, 0x4, @dev}}, 0x80, 0x0, 0x0, &(0x7f00000000c0)=[{0xc, 0x110, 0x1}], 0xc}, 0xfc00) socket$inet_tcp(0x2, 0x1, 0x0) socket$vsock_stream(0x28, 0x1, 0x0) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x4, 0xfffffffffffffffd, 0x9323, 0xfffffffffffffffe, 0x7ff, 0x2}, 0x0, &(0x7f0000000240)={0x3ff, 0x0, 0x0, 0x9, 0x1, 0xb, 0x7fffffff, 0x2}, 0x0, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000100)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) 0s ago: executing program 1 (id=2337): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000005c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66a99f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca20508011132153c528f7bca92980a3223c5b9cdddedb0a14adddf9a6e70a26b5c0ee0879c349814bee9d96d8bd23db4e801d49201ae84090455682794098afa42"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) io_setup(0x23, &(0x7f00000001c0)=0x0) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder1\x00', 0x0, 0x0) io_submit(r2, 0x1, &(0x7f0000000700)=[&(0x7f00000002c0)={0x0, 0x0, 0x0, 0x5, 0x0, r3, 0x0}]) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000850000000500000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10) ioctl$BINDER_WRITE_READ(r3, 0x40046208, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000640)=@filter={'filter\x00', 0x2, 0x4, 0x5b0, 0xffffffff, 0x0, 0x2e8, 0xc8, 0xfeffffff, 0xffffffff, 0x4e8, 0x4e8, 0x4e8, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@dev, @mcast1, [], [0x0, 0x0, 0xff, 0xffffff00], 'macsec0\x00', 'rose0\x00'}, 0x2f2, 0xa4, 0xc8}, @REJECT={0x24}}, {{@uncond, 0x0, 0x1fc, 0x220, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'\x00', {0x4000000000004, 0x0, 0x40, 0x0, 0x0, 0xf8e74ba, 0xfe8c, 0x0, 0xb440adbb44d53f72}, {0x40}}}]}, @common=@unspec=@CONNSECMARK={0x24}}, {{@ipv6={@mcast1, @loopback, [0xff000000, 0xff, 0xff, 0xff000000], [0x0, 0xffffff00, 0xff000000, 0xffffff00], 'veth1_vlan\x00', 'erspan0\x00', {}, {}, 0x88, 0x0, 0x4, 0x8}, 0x0, 0x1dc, 0x200, 0x0, {}, [@common=@rt={{0x138}, {0x6, [], 0x0, 0x0, 0x0, [@local, @remote, @initdev={0xfe, 0x88, '\x00', 0xfc, 0x0}, @local, @private1, @empty, @mcast1, @mcast1, @dev={0xfe, 0x80, '\x00', 0x3b}, @remote, @local, @dev={0xfe, 0x80, '\x00', 0x26}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2]}}]}, @REJECT={0x24, 'REJECT\x00', 0x0, {0x2}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x60c) r5 = socket$nl_route(0x10, 0x3, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x0, 0x0, 0xd, 0x1, 0x200, 0xffffffffffffffff, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x1}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3b}}, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) sendto$inet6(0xffffffffffffffff, &(0x7f0000000500), 0x0, 0x48004, &(0x7f0000000180)={0xa, 0x4e20, 0xc, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x7}, 0x1c) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r6 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r7, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r8, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r6, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0) lseek(0xffffffffffffffff, 0x9, 0x0) mkdirat(0xffffffffffffff9c, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x1d, 0x4, 0x2, 0x0, 0x201, 0xffffffffffffffff, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2}, 0x50) sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x3c, 0x10, 0x44b, 0x0, 0x100, {0x7a, 0x0, 0x0, 0x0, 0x41002, 0x408}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_HELLO_TIME={0x8, 0x2, 0x2}]}}}]}, 0x3c}}, 0x0) kernel console output (not intermixed with test programs): 7 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 471.349232][T13630] RSP: 002b:00000000f502655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 471.349242][T13630] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000004b72 [ 471.349249][T13630] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000 [ 471.349255][T13630] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 471.349262][T13630] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 471.349268][T13630] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 471.349281][T13630] [ 471.349291][T13630] ERROR: Out of memory at tomoyo_realpath_from_path. [ 471.941832][T13644] FAULT_INJECTION: forcing a failure. [ 471.941832][T13644] name failslab, interval 1, probability 0, space 0, times 0 [ 471.945783][T13644] CPU: 2 UID: 0 PID: 13644 Comm: syz.2.1917 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 471.945798][T13644] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 471.945805][T13644] Call Trace: [ 471.945809][T13644] [ 471.945814][T13644] dump_stack_lvl+0x16c/0x1f0 [ 471.945834][T13644] should_fail_ex+0x512/0x640 [ 471.945867][T13644] ? fs_reclaim_acquire+0xae/0x150 [ 471.945889][T13644] ? tomoyo_encode2+0x100/0x3e0 [ 471.945907][T13644] should_failslab+0xc2/0x120 [ 471.945919][T13644] __kmalloc_noprof+0xd2/0x510 [ 471.945937][T13644] ? d_absolute_path+0x136/0x1a0 [ 471.945951][T13644] tomoyo_encode2+0x100/0x3e0 [ 471.945967][T13644] tomoyo_encode+0x29/0x50 [ 471.945982][T13644] tomoyo_realpath_from_path+0x18f/0x6e0 [ 471.946001][T13644] tomoyo_path_number_perm+0x245/0x580 [ 471.946015][T13644] ? tomoyo_path_number_perm+0x237/0x580 [ 471.946040][T13644] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 471.946073][T13644] ? find_held_lock+0x2b/0x80 [ 471.946085][T13644] ? hook_file_ioctl_common+0x145/0x410 [ 471.946101][T13644] ? __fget_files+0x20e/0x3c0 [ 471.946115][T13644] ? fput+0x20/0xf0 [ 471.946127][T13644] security_file_ioctl_compat+0x9b/0x240 [ 471.946143][T13644] __ia32_compat_sys_ioctl+0xc3/0x370 [ 471.946158][T13644] __do_fast_syscall_32+0x7c/0x3a0 [ 471.946177][T13644] do_fast_syscall_32+0x32/0x80 [ 471.946194][T13644] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 471.946207][T13644] RIP: 0023:0xf7fc5579 [ 471.946216][T13644] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 471.946227][T13644] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 471.946237][T13644] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000040946400 [ 471.946244][T13644] RDX: 00000000800004c0 RSI: 0000000000000000 RDI: 0000000000000000 [ 471.946251][T13644] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 471.946256][T13644] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 471.946263][T13644] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 471.946276][T13644] [ 472.016440][ C2] vkms_vblank_simulate: vblank timer overrun [ 472.022130][T13644] ERROR: Out of memory at tomoyo_realpath_from_path. [ 472.024887][T13644] comedi comedi2: multiq3: I/O port conflict (0x4,16) [ 472.073278][T13646] comedi comedi2: multiq3: I/O port conflict (0x4,16) [ 472.409976][T13656] fuse: Unknown parameter '0x0000000000000008' [ 472.710283][T13675] netlink: 'syz.1.1929': attribute type 10 has an invalid length. [ 472.722576][T13675] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 472.814708][T13679] FAULT_INJECTION: forcing a failure. [ 472.814708][T13679] name failslab, interval 1, probability 0, space 0, times 0 [ 472.818457][T13679] CPU: 2 UID: 0 PID: 13679 Comm: syz.1.1931 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 472.818480][T13679] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 472.818490][T13679] Call Trace: [ 472.818496][T13679] [ 472.818502][T13679] dump_stack_lvl+0x16c/0x1f0 [ 472.818529][T13679] should_fail_ex+0x512/0x640 [ 472.818553][T13679] ? fs_reclaim_acquire+0xae/0x150 [ 472.818575][T13679] ? tomoyo_encode2+0x100/0x3e0 [ 472.818595][T13679] should_failslab+0xc2/0x120 [ 472.818609][T13679] __kmalloc_noprof+0xd2/0x510 [ 472.818639][T13679] tomoyo_encode2+0x100/0x3e0 [ 472.818664][T13679] tomoyo_encode+0x29/0x50 [ 472.818685][T13679] tomoyo_realpath_from_path+0x18f/0x6e0 [ 472.818709][T13679] ? tomoyo_profile+0x47/0x60 [ 472.818737][T13679] tomoyo_path_number_perm+0x245/0x580 [ 472.818755][T13679] ? tomoyo_path_number_perm+0x237/0x580 [ 472.818775][T13679] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 472.818820][T13679] ? find_held_lock+0x2b/0x80 [ 472.818836][T13679] ? hook_file_ioctl_common+0x145/0x410 [ 472.818859][T13679] ? __fget_files+0x20e/0x3c0 [ 472.818881][T13679] ? fput+0x20/0xf0 [ 472.818920][T13679] security_file_ioctl_compat+0x9b/0x240 [ 472.818944][T13679] __ia32_compat_sys_ioctl+0xc3/0x370 [ 472.818970][T13679] __do_fast_syscall_32+0x7c/0x3a0 [ 472.818998][T13679] do_fast_syscall_32+0x32/0x80 [ 472.819024][T13679] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 472.819045][T13679] RIP: 0023:0xf7fb7579 [ 472.819065][T13679] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 472.819081][T13679] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 472.819097][T13679] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000c048aeca [ 472.819108][T13679] RDX: 0000000080000080 RSI: 0000000000000000 RDI: 0000000000000000 [ 472.819118][T13679] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 472.819128][T13679] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 472.819139][T13679] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 472.819162][T13679] [ 472.819181][T13679] ERROR: Out of memory at tomoyo_realpath_from_path. [ 473.604558][T13695] FAULT_INJECTION: forcing a failure. [ 473.604558][T13695] name failslab, interval 1, probability 0, space 0, times 0 [ 473.608510][T13695] CPU: 3 UID: 0 PID: 13695 Comm: syz.0.1934 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 473.608537][T13695] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 473.608544][T13695] Call Trace: [ 473.608548][T13695] [ 473.608552][T13695] dump_stack_lvl+0x16c/0x1f0 [ 473.608572][T13695] should_fail_ex+0x512/0x640 [ 473.608589][T13695] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 473.608609][T13695] should_failslab+0xc2/0x120 [ 473.608620][T13695] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 473.608637][T13695] ? __alloc_skb+0x2b2/0x380 [ 473.608655][T13695] __alloc_skb+0x2b2/0x380 [ 473.608671][T13695] ? __pfx___alloc_skb+0x10/0x10 [ 473.608687][T13695] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 473.608702][T13695] netlink_alloc_large_skb+0x69/0x130 [ 473.608714][T13695] netlink_sendmsg+0x6a1/0xdd0 [ 473.608728][T13695] ? __pfx_netlink_sendmsg+0x10/0x10 [ 473.608740][T13695] ? __import_iovec+0x1dd/0x650 [ 473.608754][T13695] ____sys_sendmsg+0xa95/0xc70 [ 473.608768][T13695] ? __pfx_____sys_sendmsg+0x10/0x10 [ 473.608780][T13695] ? get_compat_msghdr+0x11a/0x170 [ 473.608803][T13695] ___sys_sendmsg+0x134/0x1d0 [ 473.608820][T13695] ? __pfx____sys_sendmsg+0x10/0x10 [ 473.608843][T13695] ? find_held_lock+0x2b/0x80 [ 473.608864][T13695] __sys_sendmsg+0x16d/0x220 [ 473.608881][T13695] ? __pfx___sys_sendmsg+0x10/0x10 [ 473.608903][T13695] ? rcu_is_watching+0x12/0xc0 [ 473.608917][T13695] __do_fast_syscall_32+0x7c/0x3a0 [ 473.608936][T13695] do_fast_syscall_32+0x32/0x80 [ 473.608953][T13695] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 473.608967][T13695] RIP: 0023:0xf7f03579 [ 473.608976][T13695] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 473.608987][T13695] RSP: 002b:00000000f502655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 473.608998][T13695] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800002c0 [ 473.609005][T13695] RDX: 0000000000000080 RSI: 0000000000000000 RDI: 0000000000000000 [ 473.609011][T13695] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 473.609017][T13695] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 473.609023][T13695] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 473.609036][T13695] [ 473.733706][T13697] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 473.829230][T13697] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 473.902221][T13697] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 474.038706][T13697] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 474.166402][T13697] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 474.177462][T13697] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 474.189217][T13697] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 474.202947][T13697] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 474.301336][T13715] FAULT_INJECTION: forcing a failure. [ 474.301336][T13715] name failslab, interval 1, probability 0, space 0, times 0 [ 474.305301][T13715] CPU: 1 UID: 0 PID: 13715 Comm: syz.3.1941 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 474.305317][T13715] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 474.305324][T13715] Call Trace: [ 474.305328][T13715] [ 474.305333][T13715] dump_stack_lvl+0x16c/0x1f0 [ 474.305353][T13715] should_fail_ex+0x512/0x640 [ 474.305370][T13715] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 474.305389][T13715] should_failslab+0xc2/0x120 [ 474.305400][T13715] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 474.305417][T13715] ? sock_alloc_inode+0x25/0x1c0 [ 474.305431][T13715] ? __pfx_sock_alloc_inode+0x10/0x10 [ 474.305441][T13715] sock_alloc_inode+0x25/0x1c0 [ 474.305452][T13715] alloc_inode+0x61/0x240 [ 474.305463][T13715] sock_alloc+0x40/0x280 [ 474.305474][T13715] __sock_create+0xc1/0x8d0 [ 474.305488][T13715] mptcp_subflow_create_socket+0xf5/0xed0 [ 474.305502][T13715] ? aa_label_sk_perm+0x19b/0x5a0 [ 474.305516][T13715] ? __pfx_mptcp_subflow_create_socket+0x10/0x10 [ 474.305530][T13715] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 474.305544][T13715] __mptcp_nmpc_sk+0x182/0x7d0 [ 474.305558][T13715] ? __pfx___mptcp_nmpc_sk+0x10/0x10 [ 474.305571][T13715] ? register_lock_class+0x41/0x4c0 [ 474.305591][T13715] mptcp_connect+0x7d/0xc00 [ 474.305606][T13715] __inet_stream_connect+0x3c5/0x1020 [ 474.305624][T13715] ? __pfx___inet_stream_connect+0x10/0x10 [ 474.305639][T13715] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 474.305658][T13715] ? __pfx_inet_stream_connect+0x10/0x10 [ 474.305673][T13715] ? __local_bh_enable_ip+0xa4/0x120 [ 474.305692][T13715] ? __pfx_inet_stream_connect+0x10/0x10 [ 474.305707][T13715] inet_stream_connect+0x57/0xa0 [ 474.305722][T13715] __sys_connect_file+0x141/0x1a0 [ 474.305737][T13715] __sys_connect+0x13b/0x160 [ 474.305751][T13715] ? __pfx___sys_connect+0x10/0x10 [ 474.305764][T13715] ? handle_mm_fault+0x240/0xd10 [ 474.305784][T13715] ? __pfx_ksys_write+0x10/0x10 [ 474.305802][T13715] __ia32_sys_connect+0x71/0xb0 [ 474.305816][T13715] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 474.305856][T13715] __do_fast_syscall_32+0x7c/0x3a0 [ 474.305881][T13715] do_fast_syscall_32+0x32/0x80 [ 474.305899][T13715] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 474.305913][T13715] RIP: 0023:0xf7f06579 [ 474.305926][T13715] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 474.305937][T13715] RSP: 002b:00000000f502655c EFLAGS: 00000296 ORIG_RAX: 000000000000016a [ 474.305947][T13715] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000000 [ 474.305954][T13715] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000000 [ 474.305960][T13715] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 474.305966][T13715] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 474.305972][T13715] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 474.305985][T13715] [ 474.305991][T13715] socket: no more sockets [ 474.489658][T13719] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1942'. [ 474.498332][T13719] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1942'. [ 474.507976][T13719] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1942'. [ 474.517393][T13719] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 474.522604][T13719] batadv_slave_0: entered promiscuous mode [ 474.577071][ T40] audit: type=1804 audit(1752818865.103:778): pid=13721 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1943" name="/newroot/482/file0/file0" dev="9p" ino=36047741 res=1 errno=0 [ 474.592570][T13721] 9pnet_virtio: no channels available for device syz [ 475.137896][T13731] fuse: Bad value for 'fd' [ 475.302621][T13732] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(13) [ 475.304716][T13732] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 475.307171][T13732] vhci_hcd vhci_hcd.0: Device attached [ 475.485242][T13739] lo speed is unknown, defaulting to 1000 [ 475.490311][T13739] wlan0 speed is unknown, defaulting to 1000 [ 475.737096][ T6042] usb 43-1: new high-speed USB device number 4 using vhci_hcd [ 475.987482][T13737] vhci_hcd: connection reset by peer [ 475.990151][ T1138] vhci_hcd: stop threads [ 475.991816][ T1138] vhci_hcd: release socket [ 475.993335][ T1138] vhci_hcd: disconnect device [ 476.332628][T13760] fuse: Bad value for 'fd' [ 476.443459][T13768] FAULT_INJECTION: forcing a failure. [ 476.443459][T13768] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 476.447382][T13768] CPU: 0 UID: 0 PID: 13768 Comm: syz.2.1958 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 476.447397][T13768] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 476.447404][T13768] Call Trace: [ 476.447408][T13768] [ 476.447412][T13768] dump_stack_lvl+0x16c/0x1f0 [ 476.447432][T13768] should_fail_ex+0x512/0x640 [ 476.447451][T13768] _copy_from_user+0x2e/0xd0 [ 476.447469][T13768] bpf_prog_get_info_by_fd+0x241/0x2dd0 [ 476.447488][T13768] ? rcu_is_watching+0x12/0xc0 [ 476.447501][T13768] ? trace_mm_page_alloc+0x11f/0x1a0 [ 476.447515][T13768] ? __alloc_frozen_pages_noprof+0x294/0x23f0 [ 476.447535][T13768] ? __pfx_bpf_prog_get_info_by_fd+0x10/0x10 [ 476.447563][T13768] ? __fget_files+0x20e/0x3c0 [ 476.447582][T13768] bpf_obj_get_info_by_fd+0x53d/0xcc0 [ 476.447599][T13768] ? __pfx_bpf_obj_get_info_by_fd+0x10/0x10 [ 476.447619][T13768] ? find_held_lock+0x2b/0x80 [ 476.447631][T13768] ? __might_fault+0xe3/0x190 [ 476.447646][T13768] ? __might_fault+0xe3/0x190 [ 476.447661][T13768] ? __might_fault+0x13b/0x190 [ 476.447682][T13768] __sys_bpf+0x18ae/0x4d80 [ 476.447694][T13768] ? __pfx___sys_bpf+0x10/0x10 [ 476.447704][T13768] ? ksys_write+0x190/0x250 [ 476.447722][T13768] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 476.447747][T13768] ? fput+0x70/0xf0 [ 476.447758][T13768] ? ksys_write+0x1ac/0x250 [ 476.447773][T13768] ? __pfx_ksys_write+0x10/0x10 [ 476.447791][T13768] __ia32_sys_bpf+0x76/0xe0 [ 476.447803][T13768] __do_fast_syscall_32+0x7c/0x3a0 [ 476.447821][T13768] do_fast_syscall_32+0x32/0x80 [ 476.447838][T13768] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 476.447853][T13768] RIP: 0023:0xf7fc5579 [ 476.447865][T13768] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 476.447881][T13768] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 476.447896][T13768] RAX: ffffffffffffffda RBX: 000000000000000f RCX: 0000000080000a00 [ 476.447905][T13768] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000000 [ 476.447914][T13768] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 476.447921][T13768] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 476.447929][T13768] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 476.447948][T13768] [ 477.258393][T13781] FAULT_INJECTION: forcing a failure. [ 477.258393][T13781] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 477.263679][T13781] CPU: 3 UID: 0 PID: 13781 Comm: syz.3.1962 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 477.263695][T13781] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 477.263703][T13781] Call Trace: [ 477.263706][T13781] [ 477.263711][T13781] dump_stack_lvl+0x16c/0x1f0 [ 477.263732][T13781] should_fail_ex+0x512/0x640 [ 477.263750][T13781] _copy_from_user+0x2e/0xd0 [ 477.263768][T13781] move_addr_to_kernel+0x65/0x170 [ 477.263783][T13781] __get_compat_msghdr+0x3f1/0x4d0 [ 477.263802][T13781] get_compat_msghdr+0xd2/0x170 [ 477.263819][T13781] ? __pfx_get_compat_msghdr+0x10/0x10 [ 477.263837][T13781] ? __pfx__kstrtoull+0x10/0x10 [ 477.263853][T13781] ___sys_sendmsg+0x1ae/0x1d0 [ 477.263870][T13781] ? __pfx____sys_sendmsg+0x10/0x10 [ 477.263885][T13781] ? __lock_acquire+0x622/0x1c90 [ 477.263917][T13781] __sys_sendmmsg+0x2f9/0x420 [ 477.263935][T13781] ? __pfx___sys_sendmmsg+0x10/0x10 [ 477.263956][T13781] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 477.263979][T13781] ? fput+0x70/0xf0 [ 477.263990][T13781] ? ksys_write+0x1ac/0x250 [ 477.264009][T13781] ? __pfx_ksys_write+0x10/0x10 [ 477.264027][T13781] __ia32_compat_sys_sendmmsg+0x9d/0x100 [ 477.264045][T13781] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 477.264063][T13781] __do_fast_syscall_32+0x7c/0x3a0 [ 477.264081][T13781] do_fast_syscall_32+0x32/0x80 [ 477.264098][T13781] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 477.264112][T13781] RIP: 0023:0xf7f06579 [ 477.264121][T13781] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 477.264131][T13781] RSP: 002b:00000000f502655c EFLAGS: 00000296 ORIG_RAX: 0000000000000159 [ 477.264142][T13781] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000ac0 [ 477.264148][T13781] RDX: 0000000000000001 RSI: 0000000020080058 RDI: 0000000000000000 [ 477.264154][T13781] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 477.264160][T13781] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 477.264166][T13781] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 477.264179][T13781] [ 477.391870][T13786] hugetlbfs: syz.3.1964 (13786): Using mlock ulimits for SHM_HUGETLB is obsolete [ 477.862131][T13798] lo speed is unknown, defaulting to 1000 [ 477.867544][T13798] wlan0 speed is unknown, defaulting to 1000 [ 478.057915][T13803] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(13) [ 478.060376][T13803] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 478.063808][T13803] vhci_hcd vhci_hcd.0: Device attached [ 478.134819][T13807] vhci_hcd: connection closed [ 478.134975][ T88] vhci_hcd: stop threads [ 478.134986][ T88] vhci_hcd: release socket [ 478.134994][ T88] vhci_hcd: disconnect device [ 478.492655][T13813] tipc: Enabling of bearer rejected, already enabled [ 478.495985][T13813] tipc: Enabling of bearer rejected, already enabled [ 478.602422][T13818] FAULT_INJECTION: forcing a failure. [ 478.602422][T13818] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 478.607619][T13818] CPU: 0 UID: 0 PID: 13818 Comm: syz.3.1971 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 478.607634][T13818] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 478.607641][T13818] Call Trace: [ 478.607645][T13818] [ 478.607650][T13818] dump_stack_lvl+0x16c/0x1f0 [ 478.607670][T13818] should_fail_ex+0x512/0x640 [ 478.607690][T13818] strncpy_from_user+0x3b/0x2e0 [ 478.607706][T13818] bpf_raw_tp_link_attach+0x114/0x600 [ 478.607719][T13818] ? __pfx_bpf_raw_tp_link_attach+0x10/0x10 [ 478.607729][T13818] ? find_held_lock+0x2b/0x80 [ 478.607741][T13818] ? __fget_files+0x204/0x3c0 [ 478.607762][T13818] ? fput+0x70/0xf0 [ 478.607774][T13818] ? __bpf_prog_get+0x97/0x2a0 [ 478.607789][T13818] __sys_bpf+0x3b4/0x4d80 [ 478.607800][T13818] ? __pfx___sys_bpf+0x10/0x10 [ 478.607810][T13818] ? ksys_write+0x190/0x250 [ 478.607828][T13818] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 478.607853][T13818] ? fput+0x70/0xf0 [ 478.607863][T13818] ? ksys_write+0x1ac/0x250 [ 478.607879][T13818] ? __pfx_ksys_write+0x10/0x10 [ 478.607897][T13818] __ia32_sys_bpf+0x76/0xe0 [ 478.607908][T13818] __do_fast_syscall_32+0x7c/0x3a0 [ 478.607927][T13818] do_fast_syscall_32+0x32/0x80 [ 478.607944][T13818] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 478.607958][T13818] RIP: 0023:0xf7f06579 [ 478.607967][T13818] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 478.607979][T13818] RSP: 002b:00000000f502655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 478.607989][T13818] RAX: ffffffffffffffda RBX: 0000000000000011 RCX: 0000000080000080 [ 478.607996][T13818] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000000 [ 478.608002][T13818] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 478.608008][T13818] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 478.608015][T13818] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 478.608028][T13818] [ 479.581341][T13833] lo speed is unknown, defaulting to 1000 [ 479.586017][T13833] wlan0 speed is unknown, defaulting to 1000 [ 479.609089][ T40] audit: type=1326 audit(1752818870.383:779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13836 comm="syz.2.1977" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5579 code=0x7ffc0000 [ 479.618098][ T40] audit: type=1326 audit(1752818870.383:780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13836 comm="syz.2.1977" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5579 code=0x7ffc0000 [ 479.633573][ T40] audit: type=1326 audit(1752818870.394:781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13836 comm="syz.2.1977" exe="/syz-executor" sig=0 arch=40000003 syscall=30 compat=1 ip=0xf7fc5579 code=0x7ffc0000 [ 479.640028][ T40] audit: type=1326 audit(1752818870.394:782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13836 comm="syz.2.1977" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5579 code=0x7ffc0000 [ 479.646622][ T40] audit: type=1326 audit(1752818870.394:783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13836 comm="syz.2.1977" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5579 code=0x7ffc0000 [ 479.653375][ T40] audit: type=1326 audit(1752818870.394:784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13836 comm="syz.2.1977" exe="/syz-executor" sig=0 arch=40000003 syscall=224 compat=1 ip=0xf7fc5579 code=0x7ffc0000 [ 479.660285][ T40] audit: type=1326 audit(1752818870.394:785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13836 comm="syz.2.1977" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5579 code=0x7ffc0000 [ 479.667002][ T40] audit: type=1326 audit(1752818870.394:786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13836 comm="syz.2.1977" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5579 code=0x7ffc0000 [ 479.674446][ T40] audit: type=1326 audit(1752818870.394:787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13836 comm="syz.2.1977" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf7fc5579 code=0x7ffc0000 [ 479.681271][ T40] audit: type=1326 audit(1752818870.394:788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13836 comm="syz.2.1977" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5579 code=0x7ffc0000 [ 480.465876][T13846] tipc: Enabling of bearer rejected, already enabled [ 480.469003][T13846] tipc: Enabling of bearer rejected, already enabled [ 480.614187][ T6042] vhci_hcd: vhci_device speed not set [ 480.825787][T13858] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(12) [ 480.827932][T13858] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 480.830569][T13858] vhci_hcd vhci_hcd.0: Device attached [ 480.872867][T13861] vhci_hcd: connection closed [ 480.873299][ T46] vhci_hcd: stop threads [ 480.876341][ T46] vhci_hcd: release socket [ 480.876369][ T46] vhci_hcd: disconnect device [ 481.082011][T13866] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1984'. [ 481.097599][T13866] dlm: non-version read from control device 36 [ 482.073315][T13875] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 482.076994][T13875] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 482.080840][T13875] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 482.084092][T13875] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 482.089366][T13875] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 482.093833][T13875] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 482.096884][T13875] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 482.099939][T13875] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 482.103207][T13875] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 482.106343][T13875] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 482.110008][T13875] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 482.113109][T13875] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 482.116949][T13875] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 482.120185][T13875] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 482.123305][T13875] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 482.126418][T13875] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 482.130120][T13875] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 482.134327][T13875] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 482.137315][T13875] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 482.141186][T13875] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 482.144272][T13875] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 482.147276][T13875] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 482.150479][T13875] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 482.153804][T13875] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 482.156724][T13875] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 482.159841][T13875] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 482.163362][T13875] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 482.166450][T13875] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 482.169850][T13875] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 482.173587][T13875] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 482.177062][T13875] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 482.182906][T13875] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 482.968111][T13897] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1992'. [ 483.000436][T13892] tipc: Enabling of bearer rejected, already enabled [ 483.004343][T13892] tipc: Enabling of bearer rejected, already enabled [ 483.194572][T13900] FAULT_INJECTION: forcing a failure. [ 483.194572][T13900] name failslab, interval 1, probability 0, space 0, times 0 [ 483.198993][T13900] CPU: 3 UID: 0 PID: 13900 Comm: syz.1.1993 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 483.199016][T13900] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 483.199022][T13900] Call Trace: [ 483.199026][T13900] [ 483.199030][T13900] dump_stack_lvl+0x16c/0x1f0 [ 483.199051][T13900] should_fail_ex+0x512/0x640 [ 483.199068][T13900] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 483.199088][T13900] should_failslab+0xc2/0x120 [ 483.199099][T13900] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 483.199116][T13900] ? __alloc_skb+0x2b2/0x380 [ 483.199134][T13900] __alloc_skb+0x2b2/0x380 [ 483.199149][T13900] ? __pfx___alloc_skb+0x10/0x10 [ 483.199166][T13900] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 483.199180][T13900] netlink_alloc_large_skb+0x69/0x130 [ 483.199193][T13900] netlink_sendmsg+0x6a1/0xdd0 [ 483.199206][T13900] ? __pfx_netlink_sendmsg+0x10/0x10 [ 483.199218][T13900] ? __import_iovec+0x1dd/0x650 [ 483.199232][T13900] ____sys_sendmsg+0xa95/0xc70 [ 483.199246][T13900] ? __pfx_____sys_sendmsg+0x10/0x10 [ 483.199257][T13900] ? get_compat_msghdr+0x11a/0x170 [ 483.199281][T13900] ___sys_sendmsg+0x134/0x1d0 [ 483.199298][T13900] ? __pfx____sys_sendmsg+0x10/0x10 [ 483.199320][T13900] ? find_held_lock+0x2b/0x80 [ 483.199340][T13900] __sys_sendmsg+0x16d/0x220 [ 483.199357][T13900] ? __pfx___sys_sendmsg+0x10/0x10 [ 483.199379][T13900] ? rcu_is_watching+0x12/0xc0 [ 483.199393][T13900] __do_fast_syscall_32+0x7c/0x3a0 [ 483.199411][T13900] do_fast_syscall_32+0x32/0x80 [ 483.199428][T13900] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 483.199442][T13900] RIP: 0023:0xf7fb7579 [ 483.199451][T13900] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 483.199462][T13900] RSP: 002b:00000000f50b555c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 483.199472][T13900] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000080000080 [ 483.199479][T13900] RDX: 0000000000040080 RSI: 0000000000000000 RDI: 0000000000000000 [ 483.199485][T13900] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 483.199491][T13900] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 483.199498][T13900] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 483.199511][T13900] [ 483.523406][T13907] FAULT_INJECTION: forcing a failure. [ 483.523406][T13907] name failslab, interval 1, probability 0, space 0, times 0 [ 483.527657][T13907] CPU: 0 UID: 0 PID: 13907 Comm: syz.1.1995 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 483.527673][T13907] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 483.527691][T13907] Call Trace: [ 483.527696][T13907] [ 483.527700][T13907] dump_stack_lvl+0x16c/0x1f0 [ 483.527721][T13907] should_fail_ex+0x512/0x640 [ 483.527738][T13907] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 483.527757][T13907] should_failslab+0xc2/0x120 [ 483.527768][T13907] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 483.527785][T13907] ? __alloc_skb+0x2b2/0x380 [ 483.527803][T13907] __alloc_skb+0x2b2/0x380 [ 483.527818][T13907] ? __pfx___alloc_skb+0x10/0x10 [ 483.527839][T13907] netlink_alloc_large_skb+0x69/0x130 [ 483.527852][T13907] netlink_sendmsg+0x6a1/0xdd0 [ 483.527866][T13907] ? __pfx_netlink_sendmsg+0x10/0x10 [ 483.527878][T13907] ? __import_iovec+0x1dd/0x650 [ 483.527891][T13907] ____sys_sendmsg+0xa95/0xc70 [ 483.527906][T13907] ? __pfx_____sys_sendmsg+0x10/0x10 [ 483.527917][T13907] ? get_compat_msghdr+0x11a/0x170 [ 483.527940][T13907] ___sys_sendmsg+0x134/0x1d0 [ 483.527958][T13907] ? __pfx____sys_sendmsg+0x10/0x10 [ 483.527986][T13907] ? find_held_lock+0x2b/0x80 [ 483.528007][T13907] __sys_sendmsg+0x16d/0x220 [ 483.528024][T13907] ? __pfx___sys_sendmsg+0x10/0x10 [ 483.528046][T13907] ? rcu_is_watching+0x12/0xc0 [ 483.528060][T13907] __do_fast_syscall_32+0x7c/0x3a0 [ 483.528079][T13907] do_fast_syscall_32+0x32/0x80 [ 483.528096][T13907] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 483.528110][T13907] RIP: 0023:0xf7fb7579 [ 483.528119][T13907] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 483.528130][T13907] RSP: 002b:00000000f50b555c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 483.528141][T13907] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000040 [ 483.528147][T13907] RDX: 0000000000048004 RSI: 0000000000000000 RDI: 0000000000000000 [ 483.528154][T13907] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 483.528160][T13907] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 483.528166][T13907] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 483.528179][T13907] [ 484.172925][T13918] FAULT_INJECTION: forcing a failure. [ 484.172925][T13918] name failslab, interval 1, probability 0, space 0, times 0 [ 484.176532][T13918] CPU: 1 UID: 0 PID: 13918 Comm: syz.2.1999 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 484.176547][T13918] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 484.176553][T13918] Call Trace: [ 484.176557][T13918] [ 484.176562][T13918] dump_stack_lvl+0x16c/0x1f0 [ 484.176582][T13918] should_fail_ex+0x512/0x640 [ 484.176599][T13918] ? __kmalloc_noprof+0xbf/0x510 [ 484.176617][T13918] ? lsm_blob_alloc+0x68/0x90 [ 484.176634][T13918] should_failslab+0xc2/0x120 [ 484.176644][T13918] __kmalloc_noprof+0xd2/0x510 [ 484.176664][T13918] lsm_blob_alloc+0x68/0x90 [ 484.176681][T13918] security_prepare_creds+0x30/0x270 [ 484.176698][T13918] prepare_creds+0x56f/0x7d0 [ 484.176716][T13918] __do_sys_landlock_restrict_self+0x13e/0x910 [ 484.176733][T13918] ? rcu_is_watching+0x12/0xc0 [ 484.176747][T13918] __do_fast_syscall_32+0x7c/0x3a0 [ 484.176765][T13918] do_fast_syscall_32+0x32/0x80 [ 484.176783][T13918] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 484.176797][T13918] RIP: 0023:0xf7fc5579 [ 484.176805][T13918] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 484.176816][T13918] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 00000000000001be [ 484.176826][T13918] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000000000 [ 484.176833][T13918] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 484.176839][T13918] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 484.176845][T13918] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 484.176851][T13918] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 484.176864][T13918] [ 484.745767][T13940] FAULT_INJECTION: forcing a failure. [ 484.745767][T13940] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 484.749986][T13940] CPU: 3 UID: 0 PID: 13940 Comm: syz.1.2005 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 484.750001][T13940] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 484.750008][T13940] Call Trace: [ 484.750012][T13940] [ 484.750016][T13940] dump_stack_lvl+0x16c/0x1f0 [ 484.750036][T13940] should_fail_ex+0x512/0x640 [ 484.750055][T13940] _copy_from_iter+0x29f/0x16f0 [ 484.750075][T13940] ? __pfx__copy_from_iter+0x10/0x10 [ 484.750092][T13940] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 484.750109][T13940] copy_page_from_iter+0xde/0x180 [ 484.750128][T13940] tun_build_skb.constprop.0+0x2e8/0x14f0 [ 484.750145][T13940] ? __pfx_tun_build_skb.constprop.0+0x10/0x10 [ 484.750158][T13940] ? __lock_acquire+0x622/0x1c90 [ 484.750180][T13940] ? find_held_lock+0x2b/0x80 [ 484.750193][T13940] tun_get_user+0x165f/0x3b80 [ 484.750208][T13940] ? __pfx_tun_get_user+0x10/0x10 [ 484.750223][T13940] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 484.750244][T13940] ? find_held_lock+0x2b/0x80 [ 484.750255][T13940] ? tun_get+0x191/0x370 [ 484.750275][T13940] tun_chr_write_iter+0xdc/0x210 [ 484.750287][T13940] vfs_write+0x6c4/0x1150 [ 484.750303][T13940] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 484.750315][T13940] ? __pfx_vfs_write+0x10/0x10 [ 484.750329][T13940] ? find_held_lock+0x2b/0x80 [ 484.750348][T13940] ksys_write+0x12a/0x250 [ 484.750363][T13940] ? __pfx_ksys_write+0x10/0x10 [ 484.750380][T13940] ? rcu_is_watching+0x12/0xc0 [ 484.750394][T13940] __do_fast_syscall_32+0x7c/0x3a0 [ 484.750412][T13940] do_fast_syscall_32+0x32/0x80 [ 484.750429][T13940] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 484.750443][T13940] RIP: 0023:0xf7fb7579 [ 484.750452][T13940] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 484.750463][T13940] RSP: 002b:00000000f50d6520 EFLAGS: 00000293 ORIG_RAX: 0000000000000004 [ 484.750473][T13940] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080000140 [ 484.750479][T13940] RDX: 000000000000003e RSI: 00000000f7444ff4 RDI: 0000000000000000 [ 484.750486][T13940] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 484.750492][T13940] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 484.750498][T13940] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 484.750511][T13940] [ 485.226544][T13933] tipc: Enabling of bearer rejected, already enabled [ 485.231118][T13933] tipc: Enabling of bearer rejected, failed to enable media [ 485.358514][T13952] wireguard0: entered promiscuous mode [ 485.360356][T13952] wireguard0: entered allmulticast mode [ 485.703804][T13960] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 485.706535][T13960] UDF-fs: Scanning with blocksize 2048 failed [ 485.709280][T13960] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 485.711973][T13960] UDF-fs: Scanning with blocksize 4096 failed [ 488.256130][T13985] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2017'. [ 488.259403][T13985] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2017'. [ 488.262382][T13980] lo speed is unknown, defaulting to 1000 [ 488.262677][T13985] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2017'. [ 488.267927][T13980] wlan0 speed is unknown, defaulting to 1000 [ 489.716702][T14021] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2026'. [ 489.797836][T14023] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2027'. [ 489.810297][T14023] vlan2: entered allmulticast mode [ 489.812083][T14023] bridge3: entered allmulticast mode [ 490.192015][T14034] FAULT_INJECTION: forcing a failure. [ 490.192015][T14034] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 490.196975][T14034] CPU: 0 UID: 0 PID: 14034 Comm: syz.1.2030 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 490.196997][T14034] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 490.197007][T14034] Call Trace: [ 490.197012][T14034] [ 490.197016][T14034] dump_stack_lvl+0x16c/0x1f0 [ 490.197037][T14034] should_fail_ex+0x512/0x640 [ 490.197056][T14034] _copy_from_user+0x2e/0xd0 [ 490.197074][T14034] get_compat_msghdr+0xa7/0x170 [ 490.197092][T14034] ? __pfx_get_compat_msghdr+0x10/0x10 [ 490.197114][T14034] ___sys_sendmsg+0x1ae/0x1d0 [ 490.197132][T14034] ? __pfx____sys_sendmsg+0x10/0x10 [ 490.197157][T14034] ? find_held_lock+0x2b/0x80 [ 490.197177][T14034] __sys_sendmsg+0x16d/0x220 [ 490.197194][T14034] ? __pfx___sys_sendmsg+0x10/0x10 [ 490.197216][T14034] ? rcu_is_watching+0x12/0xc0 [ 490.197229][T14034] __do_fast_syscall_32+0x7c/0x3a0 [ 490.197248][T14034] do_fast_syscall_32+0x32/0x80 [ 490.197265][T14034] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 490.197279][T14034] RIP: 0023:0xf7fb7579 [ 490.197288][T14034] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 490.197311][T14034] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 490.197322][T14034] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000040 [ 490.197329][T14034] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 490.197335][T14034] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 490.197341][T14034] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 490.197347][T14034] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 490.197360][T14034] [ 490.641973][T14040] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2032'. [ 490.646676][T14040] netlink: 'syz.1.2032': attribute type 14 has an invalid length. [ 491.330728][ T6042] usb 7-1: new high-speed USB device number 14 using dummy_hcd [ 491.540327][ T6042] usb 7-1: Using ep0 maxpacket: 32 [ 491.550845][ T6042] usb 7-1: config index 0 descriptor too short (expected 156, got 27) [ 491.554812][ T6042] usb 7-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 491.565398][ T6042] usb 7-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 491.592872][ T6042] usb 7-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 491.626726][ T6042] usb 7-1: config 0 interface 0 has no altsetting 0 [ 491.651095][ T6042] usb 7-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 491.661128][ T6042] usb 7-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 491.682494][ T6042] usb 7-1: Product: syz [ 491.694947][ T6042] usb 7-1: Manufacturer: syz [ 491.711769][ T6042] usb 7-1: SerialNumber: syz [ 491.779443][ T6042] usb 7-1: config 0 descriptor?? [ 491.852204][ T6042] ldusb 7-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 491.887597][ T6042] ldusb 7-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 492.255064][ T6039] usb 7-1: USB disconnect, device number 14 [ 492.255107][ C0] ldusb 7-1:0.0: usb_submit_urb failed (-19) [ 492.261516][T14050] ldusb 7-1:0.0: Couldn't submit HID_REQ_SET_REPORT -71 [ 492.274731][T14062] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(13) [ 492.277524][T14062] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 492.280848][T14062] vhci_hcd vhci_hcd.0: Device attached [ 492.285369][ T6039] ldusb 7-1:0.0: LD USB Device #0 now disconnected [ 492.368829][T14066] vhci_hcd: connection closed [ 492.381841][ T1138] vhci_hcd: stop threads [ 492.385444][ T1138] vhci_hcd: release socket [ 492.424620][ T1138] vhci_hcd: disconnect device [ 492.440720][T14072] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2040'. [ 492.481254][T11161] vhci_hcd: vhci_device speed not set [ 493.245598][ T6039] usb 7-1: new high-speed USB device number 15 using dummy_hcd [ 493.363461][T14078] tipc: Enabling of bearer rejected, already enabled [ 493.436090][ T6039] usb 7-1: Using ep0 maxpacket: 32 [ 493.483775][T14078] tipc: Enabling of bearer rejected, already enabled [ 493.529410][ T6039] usb 7-1: config index 0 descriptor too short (expected 156, got 27) [ 493.532927][ T6039] usb 7-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 493.536443][ T6039] usb 7-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 493.539981][ T6039] usb 7-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 493.544393][ T6039] usb 7-1: config 0 interface 0 has no altsetting 0 [ 493.548416][ T6039] usb 7-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 493.552364][ T6039] usb 7-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 493.555275][ T6039] usb 7-1: Product: syz [ 493.557073][ T6039] usb 7-1: Manufacturer: syz [ 493.559128][ T6039] usb 7-1: SerialNumber: syz [ 493.564454][ T6039] usb 7-1: config 0 descriptor?? [ 493.569375][ T6039] ldusb 7-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 493.575707][ T6039] ldusb 7-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 493.772852][ T24] usb 7-1: USB disconnect, device number 15 [ 493.777725][ T24] ldusb 7-1:0.0: LD USB Device #0 now disconnected [ 494.754365][T14098] rdma_rxe: rxe_newlink: rxe creation allowed on top of a real device only [ 494.795784][T14098] veth1_to_bond: entered allmulticast mode [ 494.821284][T14097] veth1_to_bond: left allmulticast mode [ 495.069199][T14108] hub 8-0:1.0: USB hub found [ 495.079849][T14108] hub 8-0:1.0: 1 port detected [ 495.457344][T14115] lo speed is unknown, defaulting to 1000 [ 495.462212][T14115] wlan0 speed is unknown, defaulting to 1000 [ 495.718079][T14116] lo speed is unknown, defaulting to 1000 [ 495.727338][T14116] wlan0 speed is unknown, defaulting to 1000 [ 496.833610][T14132] lo speed is unknown, defaulting to 1000 [ 496.838327][T14132] wlan0 speed is unknown, defaulting to 1000 [ 497.044308][T14131] tipc: Enabling of bearer rejected, already enabled [ 497.059112][T14131] tipc: Enabling of bearer rejected, already enabled [ 497.302127][T14139] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2058'. [ 497.311864][T14139] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2058'. [ 497.328106][T14139] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2058'. [ 497.337929][T14139] batadv_slave_0: entered promiscuous mode [ 497.631066][T14137] syzkaller0: entered promiscuous mode [ 497.632851][T14137] syzkaller0: entered allmulticast mode [ 497.635641][ T1139] syzkaller0: tun_net_xmit 48 [ 498.984849][T14167] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2065'. [ 498.994279][T14167] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2065'. [ 499.003744][T14167] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2065'. [ 499.037331][T14167] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 499.041116][T14167] batadv_slave_0: entered promiscuous mode [ 499.205120][T14171] lo speed is unknown, defaulting to 1000 [ 499.210079][T14171] wlan0 speed is unknown, defaulting to 1000 [ 499.929087][T14187] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2072'. [ 499.931796][T14186] tipc: Enabling of bearer rejected, already enabled [ 499.943837][T14187] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2072'. [ 499.949699][T14187] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2072'. [ 499.984216][T14186] tipc: Enabling of bearer rejected, already enabled [ 500.294476][T14185] sp0: Synchronizing with TNC [ 500.538463][T14201] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9) [ 500.541035][T14201] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 500.544328][T14201] vhci_hcd vhci_hcd.0: Device attached [ 500.563940][T14201] 9pnet_fd: Insufficient options for proto=fd [ 500.798970][ T5826] usb 39-1: new high-speed USB device number 4 using vhci_hcd [ 500.903827][ T34] usb 7-1: new high-speed USB device number 16 using dummy_hcd [ 501.353729][T14202] vhci_hcd: connection reset by peer [ 501.356393][ T59] vhci_hcd: stop threads [ 501.358457][ T59] vhci_hcd: release socket [ 501.359958][ T59] vhci_hcd: disconnect device [ 501.821955][ T34] usb 7-1: Using ep0 maxpacket: 32 [ 501.851957][ T34] usb 7-1: config 0 has an invalid interface number: 61 but max is 0 [ 501.855318][ T34] usb 7-1: config 0 has no interface number 0 [ 501.860299][ T34] usb 7-1: New USB device found, idVendor=2058, idProduct=1005, bcdDevice=b5.f6 [ 501.862569][T14215] lo speed is unknown, defaulting to 1000 [ 501.864449][ T34] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 501.868431][T14215] wlan0 speed is unknown, defaulting to 1000 [ 501.870862][ T34] usb 7-1: Product: syz [ 501.875341][ T34] usb 7-1: Manufacturer: syz [ 501.877407][ T34] usb 7-1: SerialNumber: syz [ 501.885279][ T34] usb 7-1: config 0 descriptor?? [ 501.992392][ T34] viperboard 7-1:0.61: version 0.00 found at bus 007 address 016 [ 502.010523][ T34] viperboard-i2c viperboard-i2c.3.auto: error -EIO: failure setting i2c_bus_freq to 100 [ 502.015215][ T34] viperboard-i2c viperboard-i2c.3.auto: probe with driver viperboard-i2c failed with error -5 [ 502.083698][T14193] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2075'. [ 502.094061][T14193] batadv0: entered promiscuous mode [ 502.099866][T14193] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 502.104136][T14193] batadv0: left promiscuous mode [ 502.147661][T14223] JFS: discard option not supported on device [ 502.150683][T14223] Mount JFS Failure: -22 [ 502.152143][T14223] jfs_mount failed w/return code = -22 [ 502.348258][T14226] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(13) [ 502.350370][T14226] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 502.352980][T14226] vhci_hcd vhci_hcd.0: Device attached [ 502.364091][ T34] usb 7-1: USB disconnect, device number 16 [ 502.379497][T14230] vhci_hcd: connection closed [ 502.392946][ T88] vhci_hcd: stop threads [ 502.396093][ T88] vhci_hcd: release socket [ 502.397514][ T88] vhci_hcd: disconnect device [ 503.247629][T14245] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 503.250363][T14245] IPv6: NLM_F_CREATE should be set when creating new route [ 503.253146][T14245] IPv6: NLM_F_CREATE should be set when creating new route [ 503.255583][T14245] IPv6: NLM_F_CREATE should be set when creating new route [ 503.664696][T14256] FAULT_INJECTION: forcing a failure. [ 503.664696][T14256] name failslab, interval 1, probability 0, space 0, times 0 [ 503.668979][T14256] CPU: 1 UID: 0 PID: 14256 Comm: syz.2.2090 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 503.669005][T14256] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 503.669011][T14256] Call Trace: [ 503.669016][T14256] [ 503.669020][T14256] dump_stack_lvl+0x16c/0x1f0 [ 503.669041][T14256] should_fail_ex+0x512/0x640 [ 503.669058][T14256] ? __kmalloc_node_noprof+0xc5/0x500 [ 503.669077][T14256] should_failslab+0xc2/0x120 [ 503.669088][T14256] __kmalloc_node_noprof+0xd8/0x500 [ 503.669105][T14256] ? alloc_slab_obj_exts+0x41/0xa0 [ 503.669121][T14256] alloc_slab_obj_exts+0x41/0xa0 [ 503.669136][T14256] __memcg_slab_post_alloc_hook+0x255/0x960 [ 503.669151][T14256] ? kasan_save_track+0x14/0x30 [ 503.669169][T14256] kmem_cache_alloc_node_noprof+0x312/0x3b0 [ 503.669185][T14256] ? kasan_save_track+0x14/0x30 [ 503.669201][T14256] ? __alloc_skb+0x2b2/0x380 [ 503.669220][T14256] __alloc_skb+0x2b2/0x380 [ 503.669235][T14256] ? __pfx___alloc_skb+0x10/0x10 [ 503.669252][T14256] ? lock_acquire+0x179/0x350 [ 503.669270][T14256] alloc_skb_with_frags+0xe0/0x860 [ 503.669281][T14256] ? rcu_is_watching+0x12/0xc0 [ 503.669293][T14256] ? lockdep_hardirqs_on+0x7c/0x110 [ 503.669311][T14256] sock_alloc_send_pskb+0x7fb/0x990 [ 503.669326][T14256] ? trace_sched_exit_tp+0xde/0x130 [ 503.669345][T14256] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 503.669360][T14256] ? kmem_cache_free+0x2d1/0x4d0 [ 503.669379][T14256] ? __pfx___schedule+0x10/0x10 [ 503.669395][T14256] unix_dgram_sendmsg+0x41a/0x1840 [ 503.669413][T14256] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 503.669432][T14256] ? __pfx_unix_dgram_sendmsg+0x10/0x10 [ 503.669447][T14256] ? irqentry_exit+0x3b/0x90 [ 503.669469][T14256] unix_seqpacket_sendmsg+0x12a/0x1c0 [ 503.669487][T14256] ____sys_sendmsg+0xa95/0xc70 [ 503.669500][T14256] ? __pfx_____sys_sendmsg+0x10/0x10 [ 503.669512][T14256] ? get_compat_msghdr+0x11a/0x170 [ 503.669532][T14256] ? __pfx__kstrtoull+0x10/0x10 [ 503.669548][T14256] ___sys_sendmsg+0x134/0x1d0 [ 503.669581][T14256] ? __pfx____sys_sendmsg+0x10/0x10 [ 503.669597][T14256] ? __lock_acquire+0x622/0x1c90 [ 503.669625][T14256] ? __pfx___might_resched+0x10/0x10 [ 503.669640][T14256] __sys_sendmmsg+0x2f9/0x420 [ 503.669658][T14256] ? __pfx___sys_sendmmsg+0x10/0x10 [ 503.669685][T14256] ? fput+0x70/0xf0 [ 503.669696][T14256] ? ksys_write+0x1ac/0x250 [ 503.669715][T14256] __ia32_compat_sys_sendmmsg+0x9d/0x100 [ 503.669734][T14256] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 503.669752][T14256] __do_fast_syscall_32+0x7c/0x3a0 [ 503.669774][T14256] do_fast_syscall_32+0x32/0x80 [ 503.669791][T14256] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 503.669805][T14256] RIP: 0023:0xf7fc5579 [ 503.669814][T14256] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 503.669825][T14256] RSP: 002b:00000000f50a455c EFLAGS: 00000296 ORIG_RAX: 0000000000000159 [ 503.669835][T14256] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000080001c00 [ 503.669843][T14256] RDX: 0000000000000159 RSI: 0000000000040840 RDI: 0000000000000000 [ 503.669849][T14256] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 503.669856][T14256] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 503.669862][T14256] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 503.669876][T14256] [ 504.639618][T14281] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2101'. [ 504.647077][T14281] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2101'. [ 505.662383][T14304] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 505.686227][ T5826] vhci_hcd: vhci_device speed not set [ 505.829974][T14311] FAULT_INJECTION: forcing a failure. [ 505.829974][T14311] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 505.834639][T14311] CPU: 1 UID: 0 PID: 14311 Comm: syz.0.2108 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 505.834655][T14311] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 505.834662][T14311] Call Trace: [ 505.834667][T14311] [ 505.834671][T14311] dump_stack_lvl+0x16c/0x1f0 [ 505.834704][T14311] should_fail_ex+0x512/0x640 [ 505.834724][T14311] _copy_to_user+0x32/0xd0 [ 505.834742][T14311] environ_read+0x287/0x450 [ 505.834765][T14311] ? __pfx_environ_read+0x10/0x10 [ 505.834776][T14311] vfs_readv+0x5be/0x8b0 [ 505.834795][T14311] ? __pfx_vfs_readv+0x10/0x10 [ 505.834809][T14311] ? trace_sched_exit_tp+0xde/0x130 [ 505.834824][T14311] ? __schedule+0x1181/0x5de0 [ 505.834847][T14311] ? __fget_files+0x20e/0x3c0 [ 505.834866][T14311] ? do_preadv+0x1a6/0x270 [ 505.834880][T14311] do_preadv+0x1a6/0x270 [ 505.834895][T14311] ? __pfx_do_preadv+0x10/0x10 [ 505.834911][T14311] ? rcu_is_watching+0x12/0xc0 [ 505.834925][T14311] __do_fast_syscall_32+0x7c/0x3a0 [ 505.834944][T14311] do_fast_syscall_32+0x32/0x80 [ 505.834962][T14311] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 505.834976][T14311] RIP: 0023:0xf7f03579 [ 505.834985][T14311] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 505.834996][T14311] RSP: 002b:00000000f4fe455c EFLAGS: 00000296 ORIG_RAX: 000000000000014d [ 505.835008][T14311] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080001400 [ 505.835015][T14311] RDX: 0000000000000001 RSI: 0000000000c002a0 RDI: 0000000000000000 [ 505.835022][T14311] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 505.835028][T14311] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 505.835034][T14311] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 505.835048][T14311] [ 506.194855][T14320] overlayfs: overlapping lowerdir path [ 506.908001][T14334] netlink: 'syz.2.2114': attribute type 10 has an invalid length. [ 506.911616][T14333] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 507.015274][T14341] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(13) [ 507.015316][T14341] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 507.015622][T14341] vhci_hcd vhci_hcd.0: Device attached [ 507.075454][T14343] vhci_hcd: connection closed [ 507.075736][ T12] vhci_hcd: stop threads [ 507.075753][ T12] vhci_hcd: release socket [ 507.075761][ T12] vhci_hcd: disconnect device [ 509.182843][T14392] bridge2: entered promiscuous mode [ 509.184713][T14392] bridge2: entered allmulticast mode [ 509.288836][T14404] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 510.331487][T14433] FAULT_INJECTION: forcing a failure. [ 510.331487][T14433] name failslab, interval 1, probability 0, space 0, times 0 [ 510.336887][T14433] CPU: 3 UID: 0 PID: 14433 Comm: syz.2.2141 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 510.336903][T14433] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 510.336911][T14433] Call Trace: [ 510.336914][T14433] [ 510.336919][T14433] dump_stack_lvl+0x16c/0x1f0 [ 510.336940][T14433] should_fail_ex+0x512/0x640 [ 510.336960][T14433] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 510.336986][T14433] should_failslab+0xc2/0x120 [ 510.337003][T14433] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 510.337020][T14433] ? __alloc_skb+0x2b2/0x380 [ 510.337038][T14433] __alloc_skb+0x2b2/0x380 [ 510.337057][T14433] ? __pfx___alloc_skb+0x10/0x10 [ 510.337079][T14433] ? genl_rcv_msg+0x470/0x800 [ 510.337094][T14433] ? genl_rcv_msg+0x4bb/0x800 [ 510.337111][T14433] netlink_ack+0x15d/0xb80 [ 510.337127][T14433] netlink_rcv_skb+0x332/0x420 [ 510.337141][T14433] ? __pfx_genl_rcv_msg+0x10/0x10 [ 510.337161][T14433] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 510.337184][T14433] ? netlink_deliver_tap+0x1ae/0xd30 [ 510.337204][T14433] genl_rcv+0x28/0x40 [ 510.337216][T14433] netlink_unicast+0x58d/0x850 [ 510.337229][T14433] ? __pfx_netlink_unicast+0x10/0x10 [ 510.337248][T14433] netlink_sendmsg+0x8d1/0xdd0 [ 510.337269][T14433] ? __pfx_netlink_sendmsg+0x10/0x10 [ 510.337289][T14433] ? __import_iovec+0x1dd/0x650 [ 510.337313][T14433] ____sys_sendmsg+0xa95/0xc70 [ 510.337336][T14433] ? __pfx_____sys_sendmsg+0x10/0x10 [ 510.337355][T14433] ? get_compat_msghdr+0x11a/0x170 [ 510.337394][T14433] ___sys_sendmsg+0x134/0x1d0 [ 510.337420][T14433] ? __pfx____sys_sendmsg+0x10/0x10 [ 510.337448][T14433] ? find_held_lock+0x2b/0x80 [ 510.337469][T14433] __sys_sendmsg+0x16d/0x220 [ 510.337487][T14433] ? __pfx___sys_sendmsg+0x10/0x10 [ 510.337541][T14433] ? rcu_is_watching+0x12/0xc0 [ 510.337563][T14433] __do_fast_syscall_32+0x7c/0x3a0 [ 510.337586][T14433] do_fast_syscall_32+0x32/0x80 [ 510.337604][T14433] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 510.337618][T14433] RIP: 0023:0xf7fc5579 [ 510.337628][T14433] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 510.337639][T14433] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 510.337650][T14433] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080006000 [ 510.337657][T14433] RDX: 0000000000028000 RSI: 0000000000000000 RDI: 0000000000000000 [ 510.337664][T14433] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 510.337670][T14433] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 510.337676][T14433] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 510.337690][T14433] [ 511.392564][T14453] tipc: Enabling of bearer rejected, already enabled [ 511.398786][T14453] tipc: Enabling of bearer rejected, failed to enable media [ 511.986185][T14470] F2FS-fs (loop7): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 511.989295][T14470] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock [ 511.992706][T14470] F2FS-fs (loop7): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 511.995930][T14470] F2FS-fs (loop7): Can't find valid F2FS filesystem in 2th superblock [ 512.002623][T14470] F2FS-fs (loop7): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 512.005687][T14470] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock [ 512.009148][T14470] F2FS-fs (loop7): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 512.012114][T14470] F2FS-fs (loop7): Can't find valid F2FS filesystem in 2th superblock [ 512.552557][T14489] lo speed is unknown, defaulting to 1000 [ 512.558226][T14489] wlan0 speed is unknown, defaulting to 1000 [ 513.345850][T14500] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2161'. [ 513.360592][T14500] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2161'. [ 513.365126][T14500] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2161'. [ 513.713556][T14507] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2163'. [ 513.721551][T14507] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2163'. [ 513.726826][T14507] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2163'. [ 514.975557][T14523] 9pnet_fd: Insufficient options for proto=fd [ 515.457027][T14527] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2170'. [ 515.869731][T14540] FAULT_INJECTION: forcing a failure. [ 515.869731][T14540] name failslab, interval 1, probability 0, space 0, times 0 [ 515.874994][T14540] CPU: 3 UID: 0 PID: 14540 Comm: syz.2.2174 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 515.875017][T14540] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 515.875028][T14540] Call Trace: [ 515.875035][T14540] [ 515.875042][T14540] dump_stack_lvl+0x16c/0x1f0 [ 515.875071][T14540] should_fail_ex+0x512/0x640 [ 515.875095][T14540] ? __kmalloc_noprof+0xbf/0x510 [ 515.875121][T14540] ? bpf_test_init.isra.0+0x9e/0x140 [ 515.875144][T14540] should_failslab+0xc2/0x120 [ 515.875161][T14540] __kmalloc_noprof+0xd2/0x510 [ 515.875184][T14540] ? __lock_acquire+0x622/0x1c90 [ 515.875211][T14540] bpf_test_init.isra.0+0x9e/0x140 [ 515.875238][T14540] bpf_prog_test_run_xdp+0x4f0/0x1590 [ 515.875259][T14540] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 515.875275][T14540] ? __might_fault+0xd0/0x190 [ 515.875304][T14540] ? fput+0x70/0xf0 [ 515.875322][T14540] ? __bpf_prog_get+0x97/0x2a0 [ 515.875346][T14540] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 515.875363][T14540] __sys_bpf+0x1488/0x4d80 [ 515.875384][T14540] ? __pfx___sys_bpf+0x10/0x10 [ 515.875399][T14540] ? ksys_write+0x190/0x250 [ 515.875425][T14540] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 515.875461][T14540] ? fput+0x70/0xf0 [ 515.875478][T14540] ? ksys_write+0x1ac/0x250 [ 515.875503][T14540] ? __pfx_ksys_write+0x10/0x10 [ 515.875534][T14540] __ia32_sys_bpf+0x76/0xe0 [ 515.875552][T14540] __do_fast_syscall_32+0x7c/0x3a0 [ 515.875580][T14540] do_fast_syscall_32+0x32/0x80 [ 515.875604][T14540] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 515.875626][T14540] RIP: 0023:0xf7fc5579 [ 515.875641][T14540] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 515.875658][T14540] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 515.875677][T14540] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000600 [ 515.875699][T14540] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000 [ 515.875713][T14540] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 515.875724][T14540] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 515.875736][T14540] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 515.875761][T14540] [ 516.066452][T14545] FAULT_INJECTION: forcing a failure. [ 516.066452][T14545] name fail_futex, interval 1, probability 0, space 0, times 1 [ 516.074404][T14545] CPU: 2 UID: 0 PID: 14545 Comm: syz.2.2176 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 516.074421][T14545] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 516.074429][T14545] Call Trace: [ 516.074433][T14545] [ 516.074438][T14545] dump_stack_lvl+0x16c/0x1f0 [ 516.074459][T14545] should_fail_ex+0x512/0x640 [ 516.074486][T14545] get_futex_key+0x293/0x1540 [ 516.074510][T14545] ? __pfx_get_futex_key+0x10/0x10 [ 516.074535][T14545] ? _kstrtoull+0x145/0x200 [ 516.074559][T14545] futex_wait_requeue_pi+0x1f6/0x850 [ 516.074581][T14545] ? __pfx_futex_wait_requeue_pi+0x10/0x10 [ 516.074612][T14545] ? __pfx_futex_wake_mark+0x10/0x10 [ 516.074631][T14545] ? find_held_lock+0x2b/0x80 [ 516.074644][T14545] ? ksys_write+0x190/0x250 [ 516.074663][T14545] do_futex+0x2ae/0x350 [ 516.074677][T14545] ? __pfx_do_futex+0x10/0x10 [ 516.074697][T14545] __ia32_sys_futex_time32+0x1d9/0x460 [ 516.074718][T14545] ? fput+0x70/0xf0 [ 516.074732][T14545] ? __pfx___ia32_sys_futex_time32+0x10/0x10 [ 516.074756][T14545] ? ksys_write+0x1ac/0x250 [ 516.074780][T14545] ? __pfx_ksys_write+0x10/0x10 [ 516.074805][T14545] ? rcu_is_watching+0x12/0xc0 [ 516.074824][T14545] __do_fast_syscall_32+0x7c/0x3a0 [ 516.074843][T14545] do_fast_syscall_32+0x32/0x80 [ 516.074860][T14545] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 516.074875][T14545] RIP: 0023:0xf7fc5579 [ 516.074883][T14545] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 516.074895][T14545] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 00000000000000f0 [ 516.074906][T14545] RAX: ffffffffffffffda RBX: 000000008000cffc RCX: 000000000000000b [ 516.074913][T14545] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000080048000 [ 516.074919][T14545] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 516.074926][T14545] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 516.074933][T14545] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 516.074951][T14545] [ 516.418964][T14542] 8021q: adding VLAN 0 to HW filter on device bond4 [ 516.422362][T14542] bridge0: port 4(bond4) entered blocking state [ 516.424570][T14542] bridge0: port 4(bond4) entered disabled state [ 516.426606][T14542] bond4: entered allmulticast mode [ 516.429187][T14542] bond4: entered promiscuous mode [ 516.431241][T14542] bridge0: port 4(bond4) entered blocking state [ 516.434165][T14542] bridge0: port 4(bond4) entered forwarding state [ 516.439612][ T88] bridge0: port 4(bond4) entered disabled state [ 516.757187][T14559] F2FS-fs (loop7): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 516.760483][T14559] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock [ 516.763952][T14559] F2FS-fs (loop7): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 516.779880][T14559] F2FS-fs (loop7): Can't find valid F2FS filesystem in 2th superblock [ 516.785371][T14559] F2FS-fs (loop7): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 516.787854][T14559] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock [ 516.790523][T14559] F2FS-fs (loop7): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 516.794372][T14559] F2FS-fs (loop7): Can't find valid F2FS filesystem in 2th superblock [ 517.438649][T14573] tipc: Enabling of bearer rejected, already enabled [ 517.456388][T14573] tipc: Enabling of bearer rejected, already enabled [ 517.760817][T14580] xt_NFQUEUE: number of total queues is 0 [ 518.236293][T14592] 9pnet: Unknown protocol version 9p200 [ 518.958580][T14605] 9p: Unknown access argument 00000000000000000000+: -22 [ 518.997334][T14589] Process accounting resumed [ 519.350899][T14616] FAULT_INJECTION: forcing a failure. [ 519.350899][T14616] name failslab, interval 1, probability 0, space 0, times 0 [ 519.355033][T14616] CPU: 1 UID: 0 PID: 14616 Comm: syz.1.2195 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 519.355061][T14616] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 519.355067][T14616] Call Trace: [ 519.355072][T14616] [ 519.355077][T14616] dump_stack_lvl+0x16c/0x1f0 [ 519.355098][T14616] should_fail_ex+0x512/0x640 [ 519.355115][T14616] ? __kvmalloc_node_noprof+0x124/0x620 [ 519.355144][T14616] should_failslab+0xc2/0x120 [ 519.355157][T14616] __kvmalloc_node_noprof+0x137/0x620 [ 519.355174][T14616] ? trace_kmem_cache_alloc+0x28/0xc0 [ 519.355185][T14616] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 519.355201][T14616] ? ceph_msg_new2+0x2a1/0x4f0 [ 519.355217][T14616] ? ceph_msg_new2+0x2a1/0x4f0 [ 519.355229][T14616] ceph_msg_new2+0x2a1/0x4f0 [ 519.355255][T14616] ceph_monc_init+0x62e/0xc80 [ 519.355278][T14616] ceph_create_client+0x25b/0x370 [ 519.355291][T14616] ceph_get_tree+0x1ac/0x1ec0 [ 519.355305][T14616] ? security_capable+0x7e/0x260 [ 519.355317][T14616] vfs_get_tree+0x8e/0x340 [ 519.355331][T14616] vfs_cmd_create+0xd7/0x2a0 [ 519.355343][T14616] __do_sys_fsconfig+0x7b8/0xbe0 [ 519.355355][T14616] ? __pfx___do_sys_fsconfig+0x10/0x10 [ 519.355365][T14616] ? fput+0x70/0xf0 [ 519.355378][T14616] ? rcu_is_watching+0x12/0xc0 [ 519.355392][T14616] __do_fast_syscall_32+0x7c/0x3a0 [ 519.355411][T14616] do_fast_syscall_32+0x32/0x80 [ 519.355429][T14616] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 519.355443][T14616] RIP: 0023:0xf7fb7579 [ 519.355452][T14616] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 519.355463][T14616] RSP: 002b:00000000f509455c EFLAGS: 00000296 ORIG_RAX: 00000000000001af [ 519.355473][T14616] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000000000006 [ 519.355480][T14616] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 519.355486][T14616] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 519.355493][T14616] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 519.355499][T14616] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 519.355513][T14616] [ 519.474873][T14618] F2FS-fs (loop7): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 519.477342][T14618] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock [ 519.481275][T14618] F2FS-fs (loop7): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 519.483751][T14618] F2FS-fs (loop7): Can't find valid F2FS filesystem in 2th superblock [ 519.489752][T14618] F2FS-fs (loop7): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 519.492156][T14618] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock [ 519.494732][T14618] F2FS-fs (loop7): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 519.497227][T14618] F2FS-fs (loop7): Can't find valid F2FS filesystem in 2th superblock [ 519.597742][T14622] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2197'. [ 519.612816][T14622] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2197'. [ 519.618184][T14622] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2197'. [ 519.923922][ T837] IPVS: starting estimator thread 0... [ 519.978922][T14628] 9pnet: Unknown protocol version 9p2000. [ 520.012221][T14626] IPVS: using max 42 ests per chain, 100800 per kthread [ 520.398480][T14635] FAULT_INJECTION: forcing a failure. [ 520.398480][T14635] name failslab, interval 1, probability 0, space 0, times 0 [ 520.402391][T14635] CPU: 2 UID: 0 PID: 14635 Comm: syz.0.2201 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 520.402406][T14635] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 520.402413][T14635] Call Trace: [ 520.402418][T14635] [ 520.402422][T14635] dump_stack_lvl+0x16c/0x1f0 [ 520.402442][T14635] should_fail_ex+0x512/0x640 [ 520.402459][T14635] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 520.402476][T14635] should_failslab+0xc2/0x120 [ 520.402487][T14635] __kmalloc_cache_noprof+0x6a/0x3e0 [ 520.402502][T14635] ? __asan_memset+0x23/0x50 [ 520.402516][T14635] ? alloc_netdev_mqs+0xece/0x1570 [ 520.402534][T14635] ? __xdp_rxq_info_reg+0x14e/0x2d0 [ 520.402548][T14635] alloc_netdev_mqs+0xece/0x1570 [ 520.402568][T14635] ipip6_tunnel_locate+0x47d/0x8b0 [ 520.402586][T14635] ? __pfx_ipip6_tunnel_locate+0x10/0x10 [ 520.402601][T14635] ? bpf_lsm_capable+0x9/0x10 [ 520.402629][T14635] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 520.402653][T14635] ipip6_tunnel_ctl+0x44b/0x780 [ 520.402669][T14635] ip_tunnel_siocdevprivate+0x109/0x1b0 [ 520.402684][T14635] ? __pfx_ip_tunnel_siocdevprivate+0x10/0x10 [ 520.402711][T14635] ? __lock_acquire+0xb8a/0x1c90 [ 520.402731][T14635] ipip6_tunnel_siocdevprivate+0x3b8/0x16f0 [ 520.402749][T14635] ? __pfx_ipip6_tunnel_siocdevprivate+0x10/0x10 [ 520.402770][T14635] ? __mutex_trylock_common+0xe9/0x250 [ 520.402787][T14635] ? __pfx___mutex_trylock_common+0x10/0x10 [ 520.402803][T14635] ? full_name_hash+0xbc/0x110 [ 520.402817][T14635] ? dev_ifsioc+0x8ee/0x1ee0 [ 520.402832][T14635] dev_ifsioc+0x8ee/0x1ee0 [ 520.402848][T14635] ? __pfx_dev_ifsioc+0x10/0x10 [ 520.402864][T14635] ? __pfx___mutex_lock+0x10/0x10 [ 520.402886][T14635] ? dev_load+0x8e/0x240 [ 520.402903][T14635] dev_ioctl+0x1b2/0x1060 [ 520.402920][T14635] sock_ioctl+0x5b3/0x6b0 [ 520.402934][T14635] ? __pfx_sock_ioctl+0x10/0x10 [ 520.402945][T14635] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 520.402966][T14635] compat_sock_ioctl+0x58b/0x730 [ 520.402981][T14635] ? __pfx_compat_sock_ioctl+0x10/0x10 [ 520.402993][T14635] ? hook_file_ioctl_common+0x145/0x410 [ 520.403009][T14635] ? __fget_files+0x20e/0x3c0 [ 520.403024][T14635] ? fput+0x20/0xf0 [ 520.403037][T14635] ? __pfx_compat_sock_ioctl+0x10/0x10 [ 520.403050][T14635] __ia32_compat_sys_ioctl+0x242/0x370 [ 520.403065][T14635] __do_fast_syscall_32+0x7c/0x3a0 [ 520.403085][T14635] do_fast_syscall_32+0x32/0x80 [ 520.403102][T14635] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 520.403116][T14635] RIP: 0023:0xf7f03579 [ 520.403125][T14635] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 520.403136][T14635] RSP: 002b:00000000f502655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 520.403147][T14635] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 00000000000089f1 [ 520.403154][T14635] RDX: 0000000080000440 RSI: 0000000000000000 RDI: 0000000000000000 [ 520.403160][T14635] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 520.403167][T14635] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 520.403173][T14635] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 520.403187][T14635] [ 521.082361][T11161] libceph: connect (1)[c::]:6789 error -101 [ 521.084303][T11161] libceph: mon0 (1)[c::]:6789 connect error [ 521.114471][T14640] ceph: No mds server is up or the cluster is laggy [ 521.198161][T14642] vxfs: WRONG superblock magic 00000000 at 1 [ 521.204850][T14642] vxfs: WRONG superblock magic 00000000 at 8 [ 521.207517][T14642] vxfs: can't find superblock. [ 521.401651][T14651] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9) [ 521.403830][T14651] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 521.406414][T14651] vhci_hcd vhci_hcd.0: Device attached [ 521.414361][T14651] FAULT_INJECTION: forcing a failure. [ 521.414361][T14651] name failslab, interval 1, probability 0, space 0, times 0 [ 521.419736][T14651] CPU: 0 UID: 0 PID: 14651 Comm: syz.3.2205 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 521.419774][T14651] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 521.419786][T14651] Call Trace: [ 521.419793][T14651] [ 521.419801][T14651] dump_stack_lvl+0x16c/0x1f0 [ 521.419830][T14651] should_fail_ex+0x512/0x640 [ 521.419854][T14651] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 521.419883][T14651] should_failslab+0xc2/0x120 [ 521.419902][T14651] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 521.419928][T14651] ? proc_alloc_inode+0x25/0x200 [ 521.419958][T14651] ? __pfx_proc_alloc_inode+0x10/0x10 [ 521.419980][T14651] proc_alloc_inode+0x25/0x200 [ 521.420003][T14651] alloc_inode+0x61/0x240 [ 521.420023][T14651] new_inode+0x22/0x1c0 [ 521.420044][T14651] proc_pid_make_inode+0x22/0x160 [ 521.420068][T14651] proc_pident_instantiate+0x85/0x320 [ 521.420096][T14651] proc_pident_lookup+0x21d/0x290 [ 521.420126][T14651] __lookup_slow+0x24e/0x460 [ 521.420147][T14651] ? __pfx___lookup_slow+0x10/0x10 [ 521.420183][T14651] ? lookup_fast+0x156/0x610 [ 521.420209][T14651] walk_component+0x353/0x5b0 [ 521.420234][T14651] link_path_walk+0x627/0xe20 [ 521.420266][T14651] path_openat+0x1b0/0x2cb0 [ 521.420289][T14651] ? do_fast_syscall_32+0x32/0x80 [ 521.420314][T14651] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 521.420345][T14651] ? __pfx_path_openat+0x10/0x10 [ 521.420377][T14651] do_filp_open+0x20b/0x470 [ 521.420402][T14651] ? __pfx_do_filp_open+0x10/0x10 [ 521.420436][T14651] ? __pfx_kfree_link+0x10/0x10 [ 521.420464][T14651] ? _raw_spin_unlock+0x28/0x50 [ 521.420486][T14651] ? alloc_fd+0x471/0x7d0 [ 521.420516][T14651] do_sys_openat2+0x11b/0x1d0 [ 521.420537][T14651] ? __pfx_do_sys_openat2+0x10/0x10 [ 521.420560][T14651] ? __fget_files+0x20e/0x3c0 [ 521.420594][T14651] __ia32_compat_sys_openat+0x16d/0x210 [ 521.420617][T14651] ? __pfx___ia32_compat_sys_openat+0x10/0x10 [ 521.420638][T14651] ? ksys_write+0x1ac/0x250 [ 521.420667][T14651] ? rcu_is_watching+0x12/0xc0 [ 521.420690][T14651] __do_fast_syscall_32+0x7c/0x3a0 [ 521.420718][T14651] do_fast_syscall_32+0x32/0x80 [ 521.420745][T14651] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 521.420766][T14651] RIP: 0023:0xf7f06579 [ 521.420781][T14651] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 521.420797][T14651] RSP: 002b:00000000f5005490 EFLAGS: 00000293 ORIG_RAX: 0000000000000127 [ 521.420814][T14651] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000f50054e0 [ 521.420826][T14651] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 00000000f7394ff4 [ 521.420835][T14651] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000 [ 521.420846][T14651] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 521.420856][T14651] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 521.420880][T14651] [ 521.538038][T14657] 9pnet_fd: Insufficient options for proto=fd [ 521.611413][T14652] vhci_hcd: connection closed [ 521.617469][ T88] vhci_hcd: stop threads [ 521.620698][ T88] vhci_hcd: release socket [ 521.624184][ T88] vhci_hcd: disconnect device [ 521.679532][ T837] usb 43-1: new high-speed USB device number 5 using vhci_hcd [ 521.682625][ T837] usb 43-1: enqueue for inactive port 0 [ 521.774507][ T837] vhci_hcd: vhci_device speed not set [ 522.256096][T14668] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2209'. [ 522.264156][T14668] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2209'. [ 522.268301][T14668] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2209'. [ 522.675604][T14679] 9pnet: Unknown protocol version 9p2000. [ 523.222542][T14691] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2217'. [ 523.265012][T14691] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2217'. [ 523.509771][T14695] hub 8-0:1.0: USB hub found [ 523.511510][T14695] FAULT_INJECTION: forcing a failure. [ 523.511510][T14695] name failslab, interval 1, probability 0, space 0, times 0 [ 523.515461][T14695] CPU: 0 UID: 0 PID: 14695 Comm: syz.3.2218 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 523.515476][T14695] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 523.515483][T14695] Call Trace: [ 523.515488][T14695] [ 523.515493][T14695] dump_stack_lvl+0x16c/0x1f0 [ 523.515525][T14695] should_fail_ex+0x512/0x640 [ 523.515542][T14695] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 523.515559][T14695] should_failslab+0xc2/0x120 [ 523.515571][T14695] __kmalloc_cache_noprof+0x6a/0x3e0 [ 523.515587][T14695] ? hub_probe+0xe01/0x3480 [ 523.515604][T14695] hub_probe+0xe01/0x3480 [ 523.515625][T14695] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 523.515644][T14695] ? __pfx_hub_probe+0x10/0x10 [ 523.515659][T14695] ? force_disable_hpet_msi+0x10/0x50 [ 523.515678][T14695] ? find_held_lock+0x2b/0x80 [ 523.515691][T14695] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 523.515709][T14695] usb_probe_interface+0x303/0x9c0 [ 523.515728][T14695] ? __pfx_usb_probe_interface+0x10/0x10 [ 523.515746][T14695] really_probe+0x23e/0xa90 [ 523.515765][T14695] __driver_probe_device+0x1de/0x440 [ 523.515784][T14695] driver_probe_device+0x4c/0x1b0 [ 523.515802][T14695] __device_attach_driver+0x1df/0x310 [ 523.515820][T14695] ? __pfx___device_attach_driver+0x10/0x10 [ 523.515837][T14695] bus_for_each_drv+0x156/0x1e0 [ 523.515852][T14695] ? __pfx_bus_for_each_drv+0x10/0x10 [ 523.515867][T14695] ? lockdep_hardirqs_on+0x7c/0x110 [ 523.515883][T14695] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 523.515900][T14695] __device_attach+0x1e4/0x4b0 [ 523.515918][T14695] ? __pfx___device_attach+0x10/0x10 [ 523.515936][T14695] ? __might_fault+0xe3/0x190 [ 523.515952][T14695] ? __might_fault+0x13b/0x190 [ 523.515968][T14695] ? usb_ifnum_to_if+0x16f/0x1d0 [ 523.515986][T14695] proc_ioctl+0x58e/0x6c0 [ 523.516006][T14695] usbdev_ioctl+0x1773/0x4070 [ 523.516026][T14695] ? __pfx_usbdev_ioctl+0x10/0x10 [ 523.516040][T14695] ? update_curr+0x5af/0x800 [ 523.516061][T14695] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 523.516086][T14695] ? do_vfs_ioctl+0x523/0x1a60 [ 523.516108][T14695] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 523.516141][T14695] ? find_held_lock+0x2b/0x80 [ 523.516159][T14695] ? hook_file_ioctl_common+0x145/0x410 [ 523.516185][T14695] ? __fget_files+0x20e/0x3c0 [ 523.516205][T14695] ? __pfx_usbdev_ioctl+0x10/0x10 [ 523.516217][T14695] compat_ptr_ioctl+0x6b/0xa0 [ 523.516229][T14695] ? __pfx_compat_ptr_ioctl+0x10/0x10 [ 523.516242][T14695] __ia32_compat_sys_ioctl+0x242/0x370 [ 523.516257][T14695] __do_fast_syscall_32+0x7c/0x3a0 [ 523.516276][T14695] do_fast_syscall_32+0x32/0x80 [ 523.516293][T14695] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 523.516307][T14695] RIP: 0023:0xf7f06579 [ 523.516316][T14695] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 523.516327][T14695] RSP: 002b:00000000f502655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 523.516338][T14695] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0105512 [ 523.516345][T14695] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 523.516352][T14695] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 523.516358][T14695] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 523.516365][T14695] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 523.516378][T14695] [ 523.516399][T14695] hub 8-0:1.0: config failed, out of memory (err -12) [ 524.181242][T14711] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(13) [ 524.183271][T14711] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 524.185702][T14711] vhci_hcd vhci_hcd.0: Device attached [ 524.362964][T14712] vhci_hcd: connection closed [ 524.363965][ T88] vhci_hcd: stop threads [ 524.367139][ T88] vhci_hcd: release socket [ 524.368702][ T88] vhci_hcd: disconnect device [ 524.422751][ T5826] vhci_hcd: vhci_device speed not set [ 524.628754][T14730] lo speed is unknown, defaulting to 1000 [ 524.639056][T14730] wlan0 speed is unknown, defaulting to 1000 [ 524.910785][T14733] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(10) [ 524.913593][T14733] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 524.916843][T14733] vhci_hcd vhci_hcd.0: Device attached [ 525.514226][T14734] vhci_hcd: connection closed [ 525.516077][ T12] vhci_hcd: stop threads [ 525.519096][ T12] vhci_hcd: release socket [ 525.520909][ T12] vhci_hcd: disconnect device [ 525.575788][ T6021] vhci_hcd: vhci_device speed not set [ 526.351486][T14750] ceph: No mds server is up or the cluster is laggy [ 526.389929][T14753] vxfs: WRONG superblock magic 00000000 at 1 [ 526.392590][T14753] vxfs: WRONG superblock magic 00000000 at 8 [ 526.394575][T14753] vxfs: can't find superblock. [ 526.406286][ T6039] libceph: connect (1)[c::]:6789 error -101 [ 526.410953][ T6039] libceph: mon0 (1)[c::]:6789 connect error [ 526.682303][ T6039] libceph: connect (1)[c::]:6789 error -101 [ 526.686212][ T6039] libceph: mon0 (1)[c::]:6789 connect error [ 527.147802][T14757] tipc: Enabling of bearer rejected, already enabled [ 527.155847][T14757] tipc: Enabling of bearer rejected, already enabled [ 527.176775][ T6021] libceph: connect (1)[c::]:6789 error -101 [ 527.179344][ T6021] libceph: mon0 (1)[c::]:6789 connect error [ 527.952062][T14777] lo speed is unknown, defaulting to 1000 [ 527.958137][T14777] wlan0 speed is unknown, defaulting to 1000 [ 528.834079][T14800] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9) [ 528.836271][T14800] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 528.839066][T14800] vhci_hcd vhci_hcd.0: Device attached [ 528.839280][T14801] Cannot find del_set index 3 as target [ 528.846631][T14800] FAULT_INJECTION: forcing a failure. [ 528.846631][T14800] name failslab, interval 1, probability 0, space 0, times 0 [ 528.850636][T14800] CPU: 2 UID: 0 PID: 14800 Comm: syz.1.2245 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 528.850663][T14800] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 528.850671][T14800] Call Trace: [ 528.850676][T14800] [ 528.850680][T14800] dump_stack_lvl+0x16c/0x1f0 [ 528.850713][T14800] should_fail_ex+0x512/0x640 [ 528.850730][T14800] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 528.850749][T14800] should_failslab+0xc2/0x120 [ 528.850761][T14800] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 528.850778][T14800] ? __alloc_skb+0x2b2/0x380 [ 528.850796][T14800] __alloc_skb+0x2b2/0x380 [ 528.850812][T14800] ? __pfx___alloc_skb+0x10/0x10 [ 528.850829][T14800] ? __nla_validate_parse+0x600/0x2880 [ 528.850846][T14800] ovs_dp_cmd_new+0x167/0xe60 [ 528.850866][T14800] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 528.850885][T14800] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 528.850901][T14800] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 528.850918][T14800] genl_family_rcv_msg_doit+0x206/0x2f0 [ 528.850933][T14800] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 528.850948][T14800] ? trace_cap_capable+0x18d/0x200 [ 528.850963][T14800] ? bpf_lsm_capable+0x9/0x10 [ 528.850977][T14800] ? security_capable+0x7e/0x260 [ 528.850989][T14800] ? ns_capable+0xd7/0x110 [ 528.851002][T14800] genl_rcv_msg+0x55c/0x800 [ 528.851017][T14800] ? __pfx_genl_rcv_msg+0x10/0x10 [ 528.851031][T14800] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 528.851052][T14800] netlink_rcv_skb+0x155/0x420 [ 528.851064][T14800] ? __pfx_genl_rcv_msg+0x10/0x10 [ 528.851079][T14800] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 528.851112][T14800] genl_rcv+0x28/0x40 [ 528.851132][T14800] netlink_unicast+0x58d/0x850 [ 528.851155][T14800] ? __pfx_netlink_unicast+0x10/0x10 [ 528.851182][T14800] netlink_sendmsg+0x8d1/0xdd0 [ 528.851197][T14800] ? __pfx_netlink_sendmsg+0x10/0x10 [ 528.851210][T14800] ? __import_iovec+0x1dd/0x650 [ 528.851224][T14800] ____sys_sendmsg+0xa95/0xc70 [ 528.851238][T14800] ? __pfx_____sys_sendmsg+0x10/0x10 [ 528.851250][T14800] ? get_compat_msghdr+0x11a/0x170 [ 528.851274][T14800] ___sys_sendmsg+0x134/0x1d0 [ 528.851292][T14800] ? __pfx____sys_sendmsg+0x10/0x10 [ 528.851315][T14800] ? find_held_lock+0x2b/0x80 [ 528.851336][T14800] __sys_sendmsg+0x16d/0x220 [ 528.851353][T14800] ? __pfx___sys_sendmsg+0x10/0x10 [ 528.851376][T14800] ? rcu_is_watching+0x12/0xc0 [ 528.851391][T14800] __do_fast_syscall_32+0x7c/0x3a0 [ 528.851410][T14800] do_fast_syscall_32+0x32/0x80 [ 528.851427][T14800] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 528.851442][T14800] RIP: 0023:0xf7fb7579 [ 528.851451][T14800] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 528.851462][T14800] RSP: 002b:00000000f50b555c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 528.851472][T14800] RAX: ffffffffffffffda RBX: 000000000000000c RCX: 0000000080000040 [ 528.851479][T14800] RDX: 000000000000c010 RSI: 0000000000000000 RDI: 0000000000000000 [ 528.851486][T14800] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 528.851492][T14800] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 528.851498][T14800] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 528.851512][T14800] [ 528.965304][T14804] 9pnet_fd: Insufficient options for proto=fd [ 529.046857][T14802] vhci_hcd: connection closed [ 529.047078][ T59] vhci_hcd: stop threads [ 529.049959][ T59] vhci_hcd: release socket [ 529.051361][ T59] vhci_hcd: disconnect device [ 529.631803][T14819] lo speed is unknown, defaulting to 1000 [ 529.640902][T14819] wlan0 speed is unknown, defaulting to 1000 [ 529.908225][T14818] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(13) [ 529.910925][T14818] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 529.916675][T14818] vhci_hcd vhci_hcd.0: Device attached [ 530.125951][T14824] vhci_hcd: connection closed [ 530.158358][ T59] vhci_hcd: stop threads [ 530.162714][ T59] vhci_hcd: release socket [ 530.164851][ T59] vhci_hcd: disconnect device [ 530.195126][ T6021] usb 43-1: new high-speed USB device number 7 using vhci_hcd [ 530.197668][ T6021] usb 43-1: enqueue for inactive port 0 [ 530.263213][ T6021] vhci_hcd: vhci_device speed not set [ 530.642328][T14841] lo speed is unknown, defaulting to 1000 [ 530.727103][T14841] wlan0 speed is unknown, defaulting to 1000 [ 531.343307][T14864] lo speed is unknown, defaulting to 1000 [ 531.349818][T14864] wlan0 speed is unknown, defaulting to 1000 [ 532.270478][T14887] FAULT_INJECTION: forcing a failure. [ 532.270478][T14887] name failslab, interval 1, probability 0, space 0, times 0 [ 532.278668][T14887] CPU: 0 UID: 0 PID: 14887 Comm: syz.0.2264 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 532.278695][T14887] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 532.278702][T14887] Call Trace: [ 532.278707][T14887] [ 532.278711][T14887] dump_stack_lvl+0x16c/0x1f0 [ 532.278732][T14887] should_fail_ex+0x512/0x640 [ 532.278748][T14887] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 532.278768][T14887] should_failslab+0xc2/0x120 [ 532.278779][T14887] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 532.278795][T14887] ? bpf_ksym_find+0x124/0x1c0 [ 532.278811][T14887] ? fuse_request_alloc+0x22/0x200 [ 532.278823][T14887] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 532.278839][T14887] fuse_request_alloc+0x22/0x200 [ 532.278850][T14887] fuse_get_req+0x748/0xfd0 [ 532.278865][T14887] ? __pfx_fuse_get_req+0x10/0x10 [ 532.278880][T14887] ? stack_trace_save+0x8e/0xc0 [ 532.278892][T14887] ? __pfx_stack_trace_save+0x10/0x10 [ 532.278905][T14887] ? stack_depot_save_flags+0x28/0xa40 [ 532.278923][T14887] __fuse_simple_request+0xb8/0xcb0 [ 532.278939][T14887] fuse_do_getattr+0x281/0x540 [ 532.278955][T14887] ? ___sys_sendmsg+0x134/0x1d0 [ 532.278972][T14887] ? __pfx_fuse_do_getattr+0x10/0x10 [ 532.278987][T14887] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 532.279015][T14887] ? rcu_is_watching+0x12/0xc0 [ 532.279027][T14887] ? kasan_quarantine_put+0x10a/0x240 [ 532.279044][T14887] ? lockdep_hardirqs_on+0x7c/0x110 [ 532.279060][T14887] ? make_vfsgid+0xf1/0x140 [ 532.279074][T14887] fuse_permission+0x4eb/0x670 [ 532.279092][T14887] ? __pfx_fuse_permission+0x10/0x10 [ 532.279108][T14887] inode_permission+0x377/0x630 [ 532.279123][T14887] unix_find_other+0x68f/0xb50 [ 532.279140][T14887] ? __pfx_unix_find_other+0x10/0x10 [ 532.279161][T14887] unix_dgram_sendmsg+0x67b/0x1840 [ 532.279179][T14887] ? aa_sk_perm+0x2f4/0xb10 [ 532.279193][T14887] ? __pfx_unix_dgram_sendmsg+0x10/0x10 [ 532.279209][T14887] ? __pfx_aa_sk_perm+0x10/0x10 [ 532.279223][T14887] ? __import_iovec+0x1dd/0x650 [ 532.279236][T14887] ____sys_sendmsg+0xa95/0xc70 [ 532.279250][T14887] ? __pfx_____sys_sendmsg+0x10/0x10 [ 532.279262][T14887] ? get_compat_msghdr+0x11a/0x170 [ 532.279282][T14887] ? __pfx__kstrtoull+0x10/0x10 [ 532.279298][T14887] ___sys_sendmsg+0x134/0x1d0 [ 532.279315][T14887] ? __pfx____sys_sendmsg+0x10/0x10 [ 532.279331][T14887] ? __lock_acquire+0x622/0x1c90 [ 532.279359][T14887] ? __pfx___might_resched+0x10/0x10 [ 532.279376][T14887] __sys_sendmmsg+0x2f9/0x420 [ 532.279394][T14887] ? __pfx___sys_sendmmsg+0x10/0x10 [ 532.279415][T14887] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 532.279439][T14887] ? fput+0x70/0xf0 [ 532.279450][T14887] ? ksys_write+0x1ac/0x250 [ 532.279465][T14887] ? __pfx_ksys_write+0x10/0x10 [ 532.279484][T14887] __ia32_compat_sys_sendmmsg+0x9d/0x100 [ 532.279502][T14887] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 532.279520][T14887] __do_fast_syscall_32+0x7c/0x3a0 [ 532.279539][T14887] do_fast_syscall_32+0x32/0x80 [ 532.279557][T14887] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 532.279570][T14887] RIP: 0023:0xf7f03579 [ 532.279579][T14887] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 532.279591][T14887] RSP: 002b:00000000f502655c EFLAGS: 00000296 ORIG_RAX: 0000000000000159 [ 532.279602][T14887] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000800001c0 [ 532.279609][T14887] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 532.279615][T14887] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 532.279621][T14887] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 532.279628][T14887] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 532.279641][T14887] [ 532.351739][T14895] vxfs: WRONG superblock magic 00000000 at 1 [ 532.422067][T14895] vxfs: WRONG superblock magic 00000000 at 8 [ 532.422089][T14895] vxfs: can't find superblock. [ 533.081776][T14914] FAULT_INJECTION: forcing a failure. [ 533.081776][T14914] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 533.085888][T14914] CPU: 3 UID: 0 PID: 14914 Comm: syz.1.2272 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 533.085903][T14914] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 533.085911][T14914] Call Trace: [ 533.085915][T14914] [ 533.085920][T14914] dump_stack_lvl+0x16c/0x1f0 [ 533.085941][T14914] should_fail_ex+0x512/0x640 [ 533.085960][T14914] _copy_from_user+0x2e/0xd0 [ 533.085978][T14914] get_compat_msghdr+0xa7/0x170 [ 533.085996][T14914] ? __pfx_get_compat_msghdr+0x10/0x10 [ 533.086015][T14914] ? __pfx__kstrtoull+0x10/0x10 [ 533.086031][T14914] ___sys_sendmsg+0x1ae/0x1d0 [ 533.086049][T14914] ? __pfx____sys_sendmsg+0x10/0x10 [ 533.086064][T14914] ? __lock_acquire+0x622/0x1c90 [ 533.086092][T14914] ? __pfx___might_resched+0x10/0x10 [ 533.086108][T14914] __sys_sendmmsg+0x2f9/0x420 [ 533.086126][T14914] ? __pfx___sys_sendmmsg+0x10/0x10 [ 533.086148][T14914] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 533.086171][T14914] ? fput+0x70/0xf0 [ 533.086182][T14914] ? ksys_write+0x1ac/0x250 [ 533.086198][T14914] ? __pfx_ksys_write+0x10/0x10 [ 533.086216][T14914] __ia32_compat_sys_sendmmsg+0x9d/0x100 [ 533.086235][T14914] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 533.086253][T14914] __do_fast_syscall_32+0x7c/0x3a0 [ 533.086271][T14914] do_fast_syscall_32+0x32/0x80 [ 533.086289][T14914] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 533.086303][T14914] RIP: 0023:0xf7fb7579 [ 533.086312][T14914] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 533.086324][T14914] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000159 [ 533.086334][T14914] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800020c0 [ 533.086341][T14914] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000000 [ 533.086348][T14914] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 533.086355][T14914] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 533.086361][T14914] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 533.086374][T14914] [ 533.348043][T14924] team0: Port device . removed [ 533.351336][T14924] bridge0: port 3(dummy0) entered disabled state [ 533.357001][T14924] bridge_slave_0: left allmulticast mode [ 533.359670][T14924] bridge0: port 1(bridge_slave_0) entered disabled state [ 533.364912][T14924] bridge_slave_1: left allmulticast mode [ 533.366722][T14924] bridge_slave_1: left promiscuous mode [ 533.370433][T14924] bridge0: port 2(bridge_slave_1) entered disabled state [ 533.378336][T14924] .: (slave bond_slave_0): Releasing backup interface [ 533.391945][T14924] .: (slave bond_slave_1): Releasing backup interface [ 533.401885][T14925] netlink: 'syz.3.2275': attribute type 10 has an invalid length. [ 533.420683][T14924] team0: Port device team_slave_0 removed [ 533.434093][T14924] team0: Port device team_slave_1 removed [ 533.439548][T14924] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 533.450029][T14924] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 533.459049][T14924] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 533.483104][T14933] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(13) [ 533.485836][T14933] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 533.489378][T14933] vhci_hcd vhci_hcd.0: Device attached [ 533.516505][T14937] netlink: 'syz.2.2278': attribute type 5 has an invalid length. [ 533.559435][T14934] vhci_hcd: connection closed [ 533.567640][ T13] vhci_hcd: stop threads [ 533.570516][ T13] vhci_hcd: release socket [ 533.571917][ T13] vhci_hcd: disconnect device [ 534.496521][T14925] 8021q: adding VLAN 0 to HW filter on device . [ 534.499824][T14925] team0: Port device . added [ 534.554110][T14946] FAULT_INJECTION: forcing a failure. [ 534.554110][T14946] name failslab, interval 1, probability 0, space 0, times 0 [ 534.558692][T14946] CPU: 2 UID: 0 PID: 14946 Comm: syz.1.2282 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 534.558708][T14946] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 534.558715][T14946] Call Trace: [ 534.558719][T14946] [ 534.558723][T14946] dump_stack_lvl+0x16c/0x1f0 [ 534.558743][T14946] should_fail_ex+0x512/0x640 [ 534.558763][T14946] should_failslab+0xc2/0x120 [ 534.558775][T14946] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 534.558793][T14946] ? skb_clone+0x190/0x3f0 [ 534.558812][T14946] skb_clone+0x190/0x3f0 [ 534.558835][T14946] netlink_deliver_tap+0xabd/0xd30 [ 534.558856][T14946] netlink_unicast+0x702/0x850 [ 534.558870][T14946] ? __pfx_netlink_unicast+0x10/0x10 [ 534.558881][T14946] ? genl_rcv_msg+0x4bb/0x800 [ 534.558898][T14946] netlink_ack+0x696/0xb80 [ 534.558913][T14946] netlink_rcv_skb+0x332/0x420 [ 534.558925][T14946] ? __pfx_genl_rcv_msg+0x10/0x10 [ 534.558939][T14946] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 534.558956][T14946] ? netlink_deliver_tap+0x1ae/0xd30 [ 534.558977][T14946] genl_rcv+0x28/0x40 [ 534.558989][T14946] netlink_unicast+0x58d/0x850 [ 534.559002][T14946] ? __pfx_netlink_unicast+0x10/0x10 [ 534.559018][T14946] netlink_sendmsg+0x8d1/0xdd0 [ 534.559032][T14946] ? __pfx_netlink_sendmsg+0x10/0x10 [ 534.559045][T14946] ? __import_iovec+0x1dd/0x650 [ 534.559059][T14946] ____sys_sendmsg+0xa95/0xc70 [ 534.559072][T14946] ? __pfx_____sys_sendmsg+0x10/0x10 [ 534.559084][T14946] ? get_compat_msghdr+0x11a/0x170 [ 534.559109][T14946] ___sys_sendmsg+0x134/0x1d0 [ 534.559126][T14946] ? __pfx____sys_sendmsg+0x10/0x10 [ 534.559150][T14946] ? find_held_lock+0x2b/0x80 [ 534.559171][T14946] __sys_sendmsg+0x16d/0x220 [ 534.559188][T14946] ? __pfx___sys_sendmsg+0x10/0x10 [ 534.559211][T14946] ? rcu_is_watching+0x12/0xc0 [ 534.559225][T14946] __do_fast_syscall_32+0x7c/0x3a0 [ 534.559244][T14946] do_fast_syscall_32+0x32/0x80 [ 534.559261][T14946] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 534.559276][T14946] RIP: 0023:0xf7fb7579 [ 534.559285][T14946] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 534.559295][T14946] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 534.559306][T14946] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000280 [ 534.559313][T14946] RDX: 0000000000008000 RSI: 0000000000000000 RDI: 0000000000000000 [ 534.559319][T14946] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 534.559325][T14946] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 534.559332][T14946] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 534.559346][T14946] [ 535.343312][T14963] netlink: 'syz.0.2285': attribute type 4 has an invalid length. [ 535.392660][T14964] netlink: 'syz.0.2285': attribute type 4 has an invalid length. [ 535.676811][T14977] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2290'. [ 535.988538][T14983] lo speed is unknown, defaulting to 1000 [ 535.991178][T14983] wlan0 speed is unknown, defaulting to 1000 [ 536.488083][T14991] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2294'. [ 536.518448][T14991] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2294'. [ 536.547979][ T40] kauditd_printk_skb: 143 callbacks suppressed [ 536.547990][ T40] audit: type=1326 audit(1752818930.148:932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14992 comm="syz.1.2295" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000 [ 536.724241][ T40] audit: type=1326 audit(1752818930.169:933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14992 comm="syz.1.2295" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000 [ 536.731175][ T40] audit: type=1326 audit(1752818930.180:934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14992 comm="syz.1.2295" exe="/syz-executor" sig=0 arch=40000003 syscall=164 compat=1 ip=0xf7fb7579 code=0x7ffc0000 [ 536.738422][ T40] audit: type=1326 audit(1752818930.180:935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14992 comm="syz.1.2295" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000 [ 536.746690][ T40] audit: type=1326 audit(1752818930.180:936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14992 comm="syz.1.2295" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000 [ 536.754811][ T40] audit: type=1326 audit(1752818930.180:937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14992 comm="syz.1.2295" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf7fb7579 code=0x7ffc0000 [ 536.764912][ T40] audit: type=1326 audit(1752818930.180:938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14992 comm="syz.1.2295" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000 [ 536.773833][ T40] audit: type=1326 audit(1752818930.180:939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14992 comm="syz.1.2295" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000 [ 536.799878][ T40] audit: type=1326 audit(1752818930.180:940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14992 comm="syz.1.2295" exe="/syz-executor" sig=0 arch=40000003 syscall=260 compat=1 ip=0xf7fb7579 code=0x7ffc0000 [ 536.830964][ T40] audit: type=1326 audit(1752818930.180:941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14992 comm="syz.1.2295" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000 [ 537.158177][T15009] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2298'. [ 537.161033][T15009] netlink: 'syz.0.2298': attribute type 5 has an invalid length. [ 537.163456][T15009] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2298'. [ 537.169013][T15009] netdevsim netdevsim0 eth0: set [1, 1] type 2 family 0 port 256 - 0 [ 537.171522][T15009] netdevsim netdevsim0 eth1: set [1, 1] type 2 family 0 port 256 - 0 [ 537.174067][T15009] netdevsim netdevsim0 eth2: set [1, 1] type 2 family 0 port 256 - 0 [ 537.176494][T15009] netdevsim netdevsim0 eth3: set [1, 1] type 2 family 0 port 256 - 0 [ 537.179124][T15009] geneve2: entered promiscuous mode [ 537.180750][T15009] geneve2: entered allmulticast mode [ 537.831175][T15030] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2308'. [ 537.834322][T15030] FAULT_INJECTION: forcing a failure. [ 537.834322][T15030] name failslab, interval 1, probability 0, space 0, times 0 [ 537.840373][T15030] CPU: 0 UID: 0 PID: 15030 Comm: syz.1.2308 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 537.840388][T15030] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 537.840396][T15030] Call Trace: [ 537.840400][T15030] [ 537.840404][T15030] dump_stack_lvl+0x16c/0x1f0 [ 537.840424][T15030] should_fail_ex+0x512/0x640 [ 537.840444][T15030] should_failslab+0xc2/0x120 [ 537.840455][T15030] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 537.840473][T15030] ? skb_clone+0x190/0x3f0 [ 537.840493][T15030] skb_clone+0x190/0x3f0 [ 537.840510][T15030] netlink_deliver_tap+0xabd/0xd30 [ 537.840532][T15030] netlink_unicast+0x702/0x850 [ 537.840551][T15030] ? __pfx_netlink_unicast+0x10/0x10 [ 537.840562][T15030] ? genl_rcv_msg+0x4bb/0x800 [ 537.840579][T15030] netlink_ack+0x696/0xb80 [ 537.840595][T15030] netlink_rcv_skb+0x332/0x420 [ 537.840606][T15030] ? __pfx_genl_rcv_msg+0x10/0x10 [ 537.840620][T15030] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 537.840638][T15030] ? netlink_deliver_tap+0x1ae/0xd30 [ 537.840659][T15030] genl_rcv+0x28/0x40 [ 537.840671][T15030] netlink_unicast+0x58d/0x850 [ 537.840684][T15030] ? __pfx_netlink_unicast+0x10/0x10 [ 537.840700][T15030] netlink_sendmsg+0x8d1/0xdd0 [ 537.840714][T15030] ? __pfx_netlink_sendmsg+0x10/0x10 [ 537.840727][T15030] ? __import_iovec+0x1dd/0x650 [ 537.840741][T15030] ____sys_sendmsg+0xa95/0xc70 [ 537.840756][T15030] ? __pfx_____sys_sendmsg+0x10/0x10 [ 537.840768][T15030] ? get_compat_msghdr+0x11a/0x170 [ 537.840792][T15030] ___sys_sendmsg+0x134/0x1d0 [ 537.840810][T15030] ? __pfx____sys_sendmsg+0x10/0x10 [ 537.840833][T15030] ? find_held_lock+0x2b/0x80 [ 537.840856][T15030] __sys_sendmsg+0x16d/0x220 [ 537.840872][T15030] ? __pfx___sys_sendmsg+0x10/0x10 [ 537.840895][T15030] ? rcu_is_watching+0x12/0xc0 [ 537.840909][T15030] __do_fast_syscall_32+0x7c/0x3a0 [ 537.840928][T15030] do_fast_syscall_32+0x32/0x80 [ 537.840946][T15030] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 537.840960][T15030] RIP: 0023:0xf7fb7579 [ 537.840970][T15030] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 537.840981][T15030] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 537.840992][T15030] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080000440 [ 537.840999][T15030] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 537.841005][T15030] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 537.841011][T15030] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 537.841017][T15030] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 537.841031][T15030] [ 538.112470][T15040] hub 8-0:1.0: USB hub found [ 538.114972][T15040] hub 8-0:1.0: 1 port detected [ 538.266813][T15046] tipc: Enabling of bearer rejected, already enabled [ 538.458790][T15049] FAULT_INJECTION: forcing a failure. [ 538.458790][T15049] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 538.463049][T15049] CPU: 0 UID: 0 PID: 15049 Comm: syz.2.2314 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 538.463075][T15049] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 538.463082][T15049] Call Trace: [ 538.463087][T15049] [ 538.463091][T15049] dump_stack_lvl+0x16c/0x1f0 [ 538.463111][T15049] should_fail_ex+0x512/0x640 [ 538.463130][T15049] _copy_from_user+0x2e/0xd0 [ 538.463149][T15049] get_compat_msghdr+0xa7/0x170 [ 538.463167][T15049] ? __pfx_get_compat_msghdr+0x10/0x10 [ 538.463190][T15049] ___sys_sendmsg+0x1ae/0x1d0 [ 538.463208][T15049] ? __pfx____sys_sendmsg+0x10/0x10 [ 538.463224][T15049] ? lockdep_hardirqs_on+0x7c/0x110 [ 538.463254][T15049] ? __pfx___might_resched+0x10/0x10 [ 538.463268][T15049] ? __sys_sendmmsg+0x30d/0x420 [ 538.463286][T15049] __sys_sendmmsg+0x2f9/0x420 [ 538.463305][T15049] ? __pfx___sys_sendmmsg+0x10/0x10 [ 538.463326][T15049] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 538.463350][T15049] ? fput+0x70/0xf0 [ 538.463361][T15049] ? ksys_write+0x1ac/0x250 [ 538.463377][T15049] ? __pfx_ksys_write+0x10/0x10 [ 538.463396][T15049] __ia32_compat_sys_sendmmsg+0x9d/0x100 [ 538.463414][T15049] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 538.463432][T15049] __do_fast_syscall_32+0x7c/0x3a0 [ 538.463451][T15049] do_fast_syscall_32+0x32/0x80 [ 538.463468][T15049] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 538.463483][T15049] RIP: 0023:0xf7fc5579 [ 538.463492][T15049] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 538.463503][T15049] RSP: 002b:00000000f50c555c EFLAGS: 00000296 ORIG_RAX: 0000000000000159 [ 538.463514][T15049] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000080000480 [ 538.463521][T15049] RDX: 00000000000002e9 RSI: 000000000000ffe0 RDI: 0000000000000000 [ 538.463528][T15049] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 538.463534][T15049] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 538.463540][T15049] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 538.463554][T15049] [ 539.124819][T15057] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2316'. [ 539.128502][T15057] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2316'. [ 539.980994][T15080] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2322'. [ 540.015683][T15080] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2322'. [ 540.532191][T15083] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2323'. [ 540.535012][T15083] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2323'. [ 540.541527][T15083] bridge0: port 3(syz_tun) entered disabled state [ 540.543568][T15083] FAULT_INJECTION: forcing a failure. [ 540.543568][T15083] name failslab, interval 1, probability 0, space 0, times 0 [ 540.547388][T15083] CPU: 1 UID: 0 PID: 15083 Comm: syz.0.2323 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 540.547403][T15083] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 540.547410][T15083] Call Trace: [ 540.547415][T15083] [ 540.547419][T15083] dump_stack_lvl+0x16c/0x1f0 [ 540.547439][T15083] should_fail_ex+0x512/0x640 [ 540.547459][T15083] should_failslab+0xc2/0x120 [ 540.547470][T15083] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 540.547493][T15083] ? __alloc_skb+0x2b2/0x380 [ 540.547512][T15083] __alloc_skb+0x2b2/0x380 [ 540.547527][T15083] ? __pfx___alloc_skb+0x10/0x10 [ 540.547542][T15083] ? do_raw_spin_lock+0x12c/0x2b0 [ 540.547561][T15083] ? __pfx_br_set_state+0x10/0x10 [ 540.547575][T15083] br_info_notify+0x10f/0x2e0 [ 540.547592][T15083] br_stp_disable_port+0xca/0x1d0 [ 540.547605][T15083] br_stp_disable_bridge+0xca/0x180 [ 540.547618][T15083] ? __pfx_br_dev_stop+0x10/0x10 [ 540.547630][T15083] br_dev_stop+0x26/0x1b0 [ 540.547642][T15083] __dev_close_many+0x29b/0x770 [ 540.547656][T15083] ? __pfx___dev_close_many+0x10/0x10 [ 540.547670][T15083] ? __local_bh_enable_ip+0xa4/0x120 [ 540.547686][T15083] __dev_change_flags+0x4d8/0x720 [ 540.547704][T15083] ? __pfx___dev_change_flags+0x10/0x10 [ 540.547719][T15083] ? find_held_lock+0x2b/0x80 [ 540.547732][T15083] ? __pfx_validate_linkmsg+0x10/0x10 [ 540.547751][T15083] netif_change_flags+0x8d/0x160 [ 540.547769][T15083] do_setlink.constprop.0+0xb53/0x4380 [ 540.547791][T15083] ? __pfx_do_setlink.constprop.0+0x10/0x10 [ 540.547810][T15083] ? stack_trace_save+0x8e/0xc0 [ 540.547825][T15083] ? __lock_acquire+0xb8a/0x1c90 [ 540.547842][T15083] ? kasan_save_stack+0x42/0x60 [ 540.547858][T15083] ? kasan_save_track+0x14/0x30 [ 540.547876][T15083] ? __mutex_trylock_common+0xe9/0x250 [ 540.547893][T15083] ? __pfx___mutex_trylock_common+0x10/0x10 [ 540.547909][T15083] ? __pfx___might_resched+0x10/0x10 [ 540.547922][T15083] ? rcu_is_watching+0x12/0xc0 [ 540.547934][T15083] ? trace_contention_end+0xdd/0x130 [ 540.547951][T15083] ? __mutex_lock+0x1ca/0xb90 [ 540.547967][T15083] ? __pfx_aa_get_newest_label+0x10/0x10 [ 540.547980][T15083] ? rcu_is_watching+0x12/0xc0 [ 540.547990][T15083] ? rtnl_newlink+0x600/0x2000 [ 540.548008][T15083] ? __pfx___mutex_lock+0x10/0x10 [ 540.548033][T15083] rtnl_newlink+0x1446/0x2000 [ 540.548054][T15083] ? __pfx_rtnl_newlink+0x10/0x10 [ 540.548074][T15083] ? kmem_cache_free+0x2d1/0x4d0 [ 540.548089][T15083] ? kfree_skbmem+0x1a4/0x1f0 [ 540.548106][T15083] ? __lock_acquire+0x622/0x1c90 [ 540.548123][T15083] ? rcu_is_watching+0x12/0xc0 [ 540.548134][T15083] ? trace_cap_capable+0x18d/0x200 [ 540.548149][T15083] ? find_held_lock+0x2b/0x80 [ 540.548160][T15083] ? __pfx_rtnl_newlink+0x10/0x10 [ 540.548177][T15083] ? __pfx_rtnl_newlink+0x10/0x10 [ 540.548193][T15083] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 540.548211][T15083] ? __pfx_rtnl_newlink+0x10/0x10 [ 540.548229][T15083] rtnetlink_rcv_msg+0x95e/0xe90 [ 540.548247][T15083] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 540.548269][T15083] ? ref_tracker_free+0x37c/0x830 [ 540.548287][T15083] netlink_rcv_skb+0x155/0x420 [ 540.548300][T15083] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 540.548318][T15083] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 540.548334][T15083] ? netlink_deliver_tap+0x1ae/0xd30 [ 540.548355][T15083] netlink_unicast+0x58d/0x850 [ 540.548368][T15083] ? __pfx_netlink_unicast+0x10/0x10 [ 540.548383][T15083] netlink_sendmsg+0x8d1/0xdd0 [ 540.548397][T15083] ? __pfx_netlink_sendmsg+0x10/0x10 [ 540.548409][T15083] ? __import_iovec+0x1dd/0x650 [ 540.548423][T15083] ____sys_sendmsg+0xa95/0xc70 [ 540.548436][T15083] ? __pfx_____sys_sendmsg+0x10/0x10 [ 540.548448][T15083] ? get_compat_msghdr+0x11a/0x170 [ 540.548471][T15083] ___sys_sendmsg+0x134/0x1d0 [ 540.548491][T15083] ? __pfx____sys_sendmsg+0x10/0x10 [ 540.548513][T15083] ? find_held_lock+0x2b/0x80 [ 540.548533][T15083] __sys_sendmsg+0x16d/0x220 [ 540.548549][T15083] ? __pfx___sys_sendmsg+0x10/0x10 [ 540.548571][T15083] ? rcu_is_watching+0x12/0xc0 [ 540.548585][T15083] __do_fast_syscall_32+0x7c/0x3a0 [ 540.548604][T15083] do_fast_syscall_32+0x32/0x80 [ 540.548621][T15083] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 540.548635][T15083] RIP: 0023:0xf7f03579 [ 540.548644][T15083] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 540.548655][T15083] RSP: 002b:00000000f502655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 540.548666][T15083] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000080000280 [ 540.548673][T15083] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 540.548679][T15083] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 540.548686][T15083] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 540.548692][T15083] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 540.548705][T15083] [ 540.548982][T15083] bridge0: port 2(bridge_slave_1) entered disabled state [ 540.710801][T15083] bridge0: port 1(bridge_slave_0) entered disabled state [ 540.819597][T15093] FAULT_INJECTION: forcing a failure. [ 540.819597][T15093] name failslab, interval 1, probability 0, space 0, times 0 [ 540.823892][T15093] CPU: 0 UID: 0 PID: 15093 Comm: syz.2.2327 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 540.823909][T15093] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 540.823916][T15093] Call Trace: [ 540.823920][T15093] [ 540.823925][T15093] dump_stack_lvl+0x16c/0x1f0 [ 540.823945][T15093] should_fail_ex+0x512/0x640 [ 540.823964][T15093] should_failslab+0xc2/0x120 [ 540.823976][T15093] __kmalloc_cache_noprof+0x6a/0x3e0 [ 540.823992][T15093] ? xfrm_policy_inexact_insert_node.constprop.0+0xa03/0xd00 [ 540.824011][T15093] xfrm_policy_inexact_insert_node.constprop.0+0xa03/0xd00 [ 540.824027][T15093] ? lock_acquire+0x179/0x350 [ 540.824049][T15093] xfrm_policy_inexact_alloc_chain.isra.0+0x2ca/0x930 [ 540.824068][T15093] xfrm_policy_inexact_insert+0xa9/0x1a0 [ 540.824085][T15093] xfrm_policy_insert+0x5a0/0x820 [ 540.824103][T15093] pfkey_spdadd+0xff9/0x15d0 [ 540.824122][T15093] ? __pfx_pfkey_spdadd+0x10/0x10 [ 540.824137][T15093] ? kfree_skbmem+0x1a4/0x1f0 [ 540.824152][T15093] ? sk_skb_reason_drop+0x136/0x1a0 [ 540.824171][T15093] ? pfkey_broadcast+0x2af/0x460 [ 540.824189][T15093] ? __pfx_pfkey_spdadd+0x10/0x10 [ 540.824205][T15093] pfkey_process+0x6dc/0x840 [ 540.824224][T15093] ? __pfx_pfkey_process+0x10/0x10 [ 540.824241][T15093] ? trace_contention_end+0xdd/0x130 [ 540.824267][T15093] ? __pfx_aa_sk_perm+0x10/0x10 [ 540.824282][T15093] pfkey_sendmsg+0x435/0x850 [ 540.824302][T15093] ____sys_sendmsg+0xa95/0xc70 [ 540.824316][T15093] ? __pfx_____sys_sendmsg+0x10/0x10 [ 540.824328][T15093] ? get_compat_msghdr+0x11a/0x170 [ 540.824348][T15093] ? __pfx__kstrtoull+0x10/0x10 [ 540.824364][T15093] ___sys_sendmsg+0x134/0x1d0 [ 540.824381][T15093] ? __pfx____sys_sendmsg+0x10/0x10 [ 540.824400][T15093] ? __lock_acquire+0x622/0x1c90 [ 540.824431][T15093] __sys_sendmmsg+0x2f9/0x420 [ 540.824449][T15093] ? __pfx___sys_sendmmsg+0x10/0x10 [ 540.824470][T15093] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 540.824493][T15093] ? fput+0x70/0xf0 [ 540.824504][T15093] ? ksys_write+0x1ac/0x250 [ 540.824520][T15093] ? __pfx_ksys_write+0x10/0x10 [ 540.824538][T15093] __ia32_compat_sys_sendmmsg+0x9d/0x100 [ 540.824557][T15093] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 540.824574][T15093] __do_fast_syscall_32+0x7c/0x3a0 [ 540.824593][T15093] do_fast_syscall_32+0x32/0x80 [ 540.824611][T15093] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 540.824625][T15093] RIP: 0023:0xf7fc5579 [ 540.824634][T15093] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 540.824645][T15093] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000159 [ 540.824660][T15093] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000180 [ 540.824670][T15093] RDX: 00000000c4ce5369 RSI: 0000000000000000 RDI: 0000000000000000 [ 540.824680][T15093] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 540.824690][T15093] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 540.824699][T15093] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 540.824722][T15093] [ 541.738605][T15117] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2333'. [ 542.092731][T15124] random: crng reseeded on system resumption [ 542.099003][T15124] FAULT_INJECTION: forcing a failure. [ 542.099003][T15124] name failslab, interval 1, probability 0, space 0, times 0 [ 542.113608][T15124] CPU: 1 UID: 0 PID: 15124 Comm: syz.3.2334 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 542.113643][T15124] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 542.113652][T15124] Call Trace: [ 542.113658][T15124] [ 542.113662][T15124] dump_stack_lvl+0x16c/0x1f0 [ 542.113683][T15124] should_fail_ex+0x512/0x640 [ 542.113702][T15124] should_failslab+0xc2/0x120 [ 542.113719][T15124] __kmalloc_cache_noprof+0x6a/0x3e0 [ 542.113740][T15124] ? do_raw_spin_lock+0x12c/0x2b0 [ 542.113758][T15124] ? find_held_lock+0x2b/0x80 [ 542.113769][T15124] ? async_schedule_node_domain+0x54/0x120 [ 542.113785][T15124] ? __pfx___async_dev_cache_fw_image+0x10/0x10 [ 542.113801][T15124] async_schedule_node_domain+0x54/0x120 [ 542.113815][T15124] dev_cache_fw_image+0x38e/0x490 [ 542.113831][T15124] ? __pfx_dev_cache_fw_image+0x10/0x10 [ 542.113847][T15124] ? dev_cache_fw_image+0x398/0x490 [ 542.113862][T15124] ? __pfx_dev_cache_fw_image+0x10/0x10 [ 542.113876][T15124] dpm_for_each_dev+0x5a/0xb0 [ 542.113891][T15124] fw_pm_notify+0x81/0x150 [ 542.113903][T15124] notifier_call_chain+0xbc/0x410 [ 542.113917][T15124] ? __pfx_fw_pm_notify+0x10/0x10 [ 542.113934][T15124] blocking_notifier_call_chain_robust+0xc8/0x160 [ 542.113949][T15124] ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10 [ 542.113969][T15124] pm_notifier_call_chain_robust+0x27/0x60 [ 542.113986][T15124] snapshot_open+0x218/0x2b0 [ 542.114000][T15124] ? __pfx_snapshot_open+0x10/0x10 [ 542.114014][T15124] misc_open+0x35d/0x420 [ 542.114029][T15124] ? __pfx_misc_open+0x10/0x10 [ 542.114043][T15124] chrdev_open+0x234/0x6a0 [ 542.114060][T15124] ? __pfx_apparmor_file_open+0x10/0x10 [ 542.114076][T15124] ? __pfx_chrdev_open+0x10/0x10 [ 542.114095][T15124] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 542.114113][T15124] do_dentry_open+0x741/0x1c10 [ 542.114130][T15124] ? __pfx_chrdev_open+0x10/0x10 [ 542.114151][T15124] vfs_open+0x82/0x3f0 [ 542.114165][T15124] path_openat+0x1de4/0x2cb0 [ 542.114187][T15124] ? __pfx_path_openat+0x10/0x10 [ 542.114207][T15124] do_filp_open+0x20b/0x470 [ 542.114224][T15124] ? __pfx_do_filp_open+0x10/0x10 [ 542.114251][T15124] ? _raw_spin_unlock+0x28/0x50 [ 542.114265][T15124] ? alloc_fd+0x471/0x7d0 [ 542.114285][T15124] do_sys_openat2+0x11b/0x1d0 [ 542.114298][T15124] ? __pfx_do_sys_openat2+0x10/0x10 [ 542.114311][T15124] ? __pfx___schedule+0x10/0x10 [ 542.114326][T15124] ? __fget_files+0x20e/0x3c0 [ 542.114340][T15124] ? handle_mm_fault+0x240/0xd10 [ 542.114357][T15124] __ia32_compat_sys_openat+0x16d/0x210 [ 542.114371][T15124] ? __pfx___ia32_compat_sys_openat+0x10/0x10 [ 542.114385][T15124] ? ksys_write+0x1ac/0x250 [ 542.114407][T15124] ? rcu_is_watching+0x12/0xc0 [ 542.114422][T15124] __do_fast_syscall_32+0x7c/0x3a0 [ 542.114440][T15124] do_fast_syscall_32+0x32/0x80 [ 542.114458][T15124] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 542.114472][T15124] RIP: 0023:0xf7f06579 [ 542.114481][T15124] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 542.114492][T15124] RSP: 002b:00000000f4fe455c EFLAGS: 00000296 ORIG_RAX: 0000000000000127 [ 542.114503][T15124] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000800000c0 [ 542.114510][T15124] RDX: 00000000000c2d41 RSI: 0000000000000000 RDI: 0000000000000000 [ 542.114517][T15124] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 542.114523][T15124] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 542.114530][T15124] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 542.114544][T15124] [ 542.370271][T15124] [ 542.371088][T15124] ============================================ [ 542.373021][T15124] WARNING: possible recursive locking detected [ 542.374933][T15124] 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 Not tainted [ 542.377306][T15124] -------------------------------------------- [ 542.380432][T15124] syz.3.2334/15124 is trying to acquire lock: [ 542.382352][T15124] ffffffff8f516be8 (fw_lock){+.+.}-{4:4}, at: assign_fw+0x4e/0x640 [ 542.384767][T15124] [ 542.384767][T15124] but task is already holding lock: [ 542.387060][T15124] ffffffff8f516be8 (fw_lock){+.+.}-{4:4}, at: fw_pm_notify+0x69/0x150 [ 542.389520][T15124] [ 542.389520][T15124] other info that might help us debug this: [ 542.392170][T15124] Possible unsafe locking scenario: [ 542.392170][T15124] [ 542.394518][T15124] CPU0 [ 542.395823][T15124] ---- [ 542.396977][T15124] lock(fw_lock); [ 542.398521][T15124] lock(fw_lock); [ 542.399704][T15124] [ 542.399704][T15124] *** DEADLOCK *** [ 542.399704][T15124] [ 542.402236][T15124] May be due to missing lock nesting notation [ 542.402236][T15124] [ 542.404812][T15124] 5 locks held by syz.3.2334/15124: [ 542.406440][T15124] #0: ffffffff8f3043a8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420 [ 542.409584][T15124] #1: ffffffff8e488228 (system_transition_mutex){+.+.}-{4:4}, at: lock_system_sleep+0x87/0xa0 [ 542.413746][T15124] #2: ffffffff8e4c8910 ((pm_chain_head).rwsem){++++}-{4:4}, at: blocking_notifier_call_chain_robust+0xa8/0x160 [ 542.417969][T15124] #3: ffffffff8f516be8 (fw_lock){+.+.}-{4:4}, at: fw_pm_notify+0x69/0x150 [ 542.421154][T15124] #4: ffffffff8f5115e8 (dpm_list_mtx){+.+.}-{4:4}, at: dpm_for_each_dev+0x2d/0xb0 [ 542.424067][T15124] [ 542.424067][T15124] stack backtrace: [ 542.425934][T15124] CPU: 1 UID: 0 PID: 15124 Comm: syz.3.2334 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 542.425949][T15124] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 542.425957][T15124] Call Trace: [ 542.425961][T15124] [ 542.425966][T15124] dump_stack_lvl+0x116/0x1f0 [ 542.425984][T15124] print_deadlock_bug+0x1e9/0x240 [ 542.426001][T15124] __lock_acquire+0x1106/0x1c90 [ 542.426017][T15124] ? __kasan_slab_free+0x51/0x70 [ 542.426035][T15124] lock_acquire+0x179/0x350 [ 542.426050][T15124] ? assign_fw+0x4e/0x640 [ 542.426064][T15124] ? __pfx___might_resched+0x10/0x10 [ 542.426076][T15124] ? do_sys_openat2+0x11b/0x1d0 [ 542.426088][T15124] ? __ia32_compat_sys_openat+0x16d/0x210 [ 542.426101][T15124] ? __do_fast_syscall_32+0x7c/0x3a0 [ 542.426119][T15124] __mutex_lock+0x199/0xb90 [ 542.426135][T15124] ? assign_fw+0x4e/0x640 [ 542.426149][T15124] ? assign_fw+0x4e/0x640 [ 542.426163][T15124] ? __pfx___mutex_lock+0x10/0x10 [ 542.426182][T15124] ? kasan_quarantine_put+0x10a/0x240 [ 542.426198][T15124] ? lockdep_hardirqs_on+0x7c/0x110 [ 542.426214][T15124] ? assign_fw+0x4e/0x640 [ 542.426227][T15124] assign_fw+0x4e/0x640 [ 542.426240][T15124] ? _request_firmware+0x957/0x1470 [ 542.426256][T15124] _request_firmware+0x988/0x1470 [ 542.426273][T15124] ? __pfx__request_firmware+0x10/0x10 [ 542.426287][T15124] ? dump_stack_lvl+0x197/0x1f0 [ 542.426303][T15124] ? dump_stack_lvl+0x1a3/0x1f0 [ 542.426319][T15124] __async_dev_cache_fw_image+0xb1/0x340 [ 542.426336][T15124] ? __pfx___async_dev_cache_fw_image+0x10/0x10 [ 542.426352][T15124] ? mark_held_locks+0x49/0x80 [ 542.426366][T15124] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 542.426382][T15124] ? __pfx___async_dev_cache_fw_image+0x10/0x10 [ 542.426398][T15124] async_schedule_node_domain+0xd4/0x120 [ 542.426412][T15124] dev_cache_fw_image+0x38e/0x490 [ 542.426427][T15124] ? __pfx_dev_cache_fw_image+0x10/0x10 [ 542.426441][T15124] ? dev_cache_fw_image+0x398/0x490 [ 542.426454][T15124] ? __pfx_dev_cache_fw_image+0x10/0x10 [ 542.426468][T15124] dpm_for_each_dev+0x5a/0xb0 [ 542.426481][T15124] fw_pm_notify+0x81/0x150 [ 542.426494][T15124] notifier_call_chain+0xbc/0x410 [ 542.426508][T15124] ? __pfx_fw_pm_notify+0x10/0x10 [ 542.426522][T15124] blocking_notifier_call_chain_robust+0xc8/0x160 [ 542.426537][T15124] ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10 [ 542.426555][T15124] pm_notifier_call_chain_robust+0x27/0x60 [ 542.426571][T15124] snapshot_open+0x218/0x2b0 [ 542.426584][T15124] ? __pfx_snapshot_open+0x10/0x10 [ 542.426598][T15124] misc_open+0x35d/0x420 [ 542.426612][T15124] ? __pfx_misc_open+0x10/0x10 [ 542.426625][T15124] chrdev_open+0x234/0x6a0 [ 542.426643][T15124] ? __pfx_apparmor_file_open+0x10/0x10 [ 542.426661][T15124] ? __pfx_chrdev_open+0x10/0x10 [ 542.426678][T15124] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 542.426695][T15124] do_dentry_open+0x741/0x1c10 [ 542.426711][T15124] ? __pfx_chrdev_open+0x10/0x10 [ 542.426729][T15124] vfs_open+0x82/0x3f0 [ 542.426741][T15124] path_openat+0x1de4/0x2cb0 [ 542.426759][T15124] ? __pfx_path_openat+0x10/0x10 [ 542.426776][T15124] do_filp_open+0x20b/0x470 [ 542.426792][T15124] ? __pfx_do_filp_open+0x10/0x10 [ 542.426811][T15124] ? _raw_spin_unlock+0x28/0x50 [ 542.426825][T15124] ? alloc_fd+0x471/0x7d0 [ 542.426841][T15124] do_sys_openat2+0x11b/0x1d0 [ 542.426853][T15124] ? __pfx_do_sys_openat2+0x10/0x10 [ 542.426865][T15124] ? __pfx___schedule+0x10/0x10 [ 542.426880][T15124] ? __fget_files+0x20e/0x3c0 [ 542.426894][T15124] ? handle_mm_fault+0x240/0xd10 [ 542.426909][T15124] __ia32_compat_sys_openat+0x16d/0x210 [ 542.426923][T15124] ? __pfx___ia32_compat_sys_openat+0x10/0x10 [ 542.426936][T15124] ? ksys_write+0x1ac/0x250 [ 542.426953][T15124] ? rcu_is_watching+0x12/0xc0 [ 542.426965][T15124] __do_fast_syscall_32+0x7c/0x3a0 [ 542.426983][T15124] do_fast_syscall_32+0x32/0x80 [ 542.427000][T15124] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 542.427014][T15124] RIP: 0023:0xf7f06579 [ 542.427023][T15124] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 542.427034][T15124] RSP: 002b:00000000f4fe455c EFLAGS: 00000296 ORIG_RAX: 0000000000000127 [ 542.427044][T15124] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000800000c0 [ 542.427051][T15124] RDX: 00000000000c2d41 RSI: 0000000000000000 RDI: 0000000000000000 [ 542.427057][T15124] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 542.427064][T15124] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 542.427070][T15124] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 542.427080][T15124] VM DIAGNOSIS: 05:43:04 Registers: info registers vcpu 0 CPU#0 RAX=0000000000bf4854 RBX=0000000000000000 RCX=ffffffff8b849c69 RDX=ffffed1005646646 RSI=ffffffff8c1578e0 RDI=ffffffff819197b1 RBP=fffffbfff1c52ef0 RSP=ffffffff8e207e08 R8 =0000000000000000 R9 =ffffed1005646645 R10=ffff88802b23322b R11=ffffffff9afe87e8 R12=0000000000000000 R13=ffffffff8e297780 R14=ffffffff90a9a650 R15=0000000000000000 RIP=ffffffff8b8487cf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff888097520000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000008084a000 CR3=000000004e7bd000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=000000000000005d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85584815 RDI=ffffffff9b0ac980 RBP=ffffffff9b0ac940 RSP=ffffc90025a0ed00 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d R12=0000000000000000 R13=000000000000005d R14=ffffffff9b0ac940 R15=ffffffff855847b0 RIP=ffffffff8558483f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff888097620000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000008000a01c CR3=0000000079761000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000013400000000 0000000300000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=00000000006269f4 RBX=0000000000000002 RCX=ffffffff8b849c69 RDX=ffffed1005686646 RSI=ffffffff8c1578e0 RDI=ffffffff819197b1 RBP=ffffed1003bdb910 RSP=ffffc9000047fdf8 R8 =0000000000000000 R9 =ffffed1005686645 R10=ffff88802b43322b R11=0000000000000001 R12=0000000000000002 R13=ffff88801dedc880 R14=ffffffff90a9a650 R15=0000000000000000 RIP=ffffffff8b8487cf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff888097720000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000002fefbff8 CR3=000000004e7bd000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=dffffc0000000000 RBX=0000000000000000 RCX=1ffff110049b50ac RDX=1ffff1100943eb57 RSI=0000000000000000 RDI=ffff88806a3b0000 RBP=ffffc9000e2b0000 RSP=ffffc9000e2b7b60 R8 =0000000000000001 R9 =ffffed10049b52b0 R10=ffff888024da9587 R11=0000000000000001 R12=ffff88804a1f5a00 R13=ffff88802afbc880 R14=0000000000000000 R15=000000000e2b0000 RIP=ffffffff816c66b6 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff888097820000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000808c6000 CR3=000000006a3b0000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f7464ff4 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000