last executing test programs: 8.333734636s ago: executing program 3 (id=1058): getpid() r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000005c0)=0x169, 0x4) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000100), 0x4) connect$inet(r0, &(0x7f0000000340)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000080), 0x4) bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0) sendmmsg$inet(r0, &(0x7f00000049c0)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000003c0)="9fa6cc9078a4d4a74e98d287c82caac53eda90e60c94d8da181892a7fa8fcbf0a1a98fb726569e8de0fce82b0f4a9b678c48928ed16d705fe347d32b7e8183555a571c77fb079c50623893fbba9aa3502809442cae6f4e79b4bd150c1b3f6276774a21f40912a9036ad47ec13a4a4172bc9438e51f94cd8b75beaf584ce4a0ea9c3a339671483b828200980907e55efc3d526e041937e61b08f80f8419dc7f66872128a2491f35b47dbd3ed988", 0xad}, {&(0x7f0000001580)="a94392d6d86d71c32ee3db308f08fab8b2b5bb6e44c2c7f2058d9b82bbe0b6ff12925020aec66f94f0c40d36e24c9a190eeeb0791dc591141200a457549d475f6fc2e257d8f8ef2432595ba14e712a19fb90b8969c7477336357790ae522bfa09918eca0bece80411a03750ec63f684dd2545eef4c6bb7b650d259b27724bb2d40ba28ca29af18b8124192506f", 0x8d}, {&(0x7f0000000180)="66b1cc2d9ebcf7e42d4ecbb2f1605698caeb4f2bad0678374f64923db176b5899a26ae2c0a5bcc7fe8066549f82d7c2b", 0x30}, {&(0x7f0000001640)="c47bffece7719a411b2828ca2c3491987974e325d38356b11f05ea9671deb6ad9f896e3027ba2d6ac57424c324782eb3e96f0417ead9332193088d03b7c02c4259ed6005da3cc649541aac1aa70ce8fa92a5e837001576503ee133204faac3c2c3942ba847f94a0bb301367b648a38a4efa0598ccb6f186b90f63dcf15336f14ef7ec60511e94a226c14eb6288d79c40a3ee4f1e8fc14c", 0x97}], 0x4}}, {{0x0, 0x0, &(0x7f0000002b80)=[{&(0x7f0000001880)="68cd6415d798c355832795c900ee87dc29e27296af5d91a8ffc1e25df7b4edcbf0df6e62d772ece8185858e9ec0d1bec890f98ce42940b1421ddf4189e3a892c9017fe0e03cca86ecd9ddbdb638d223683793db857f9f96179b124dc780533440e1db50acc8432bd39a604c43fa6bd55af2d336db1a32a327910008756687b4b7e003d263d6ebd62639d3281ddc7d1580abf512ef46ebd9fe0c9bbd1a343d22ede1c156f1a21976207235d8ee8fa6265e4cf516cbea0351adba71b448ab31c5b179b157b9d474bd1b4f4c998e077609a2fff7db539d3c3d94ffd8ea7327719863803ed496c77437dc2062beaac648f8c9e80dfb152187b2882545e5fec6df2dc918e9faeeb6ead8661b727b26f178e946d4768a186ed2f742194abb31cde2818ee08019b6b2032b78a7b43e6b4daed626aaa65c64d27926f01e47d620738deb6993c8e30cda77b6270b38054da666e4a0d7a2813ca9c8c0588fd6bb53a8656ac2847416646c78ae14faea16edf0c067d7be51ccaa3144f1686bd92c43f7c468cdd88d507deebec1aed4ca73769b6c5c29313e819ed9daa4c34f7b97e82dc5cc0d7bac965b9a6062361b944d549e465afd0d6f6dd41227a96bcb38c5040e8a2d46fe7c1c8ec4bc2fca23f1dff70746305a9d8f70b6d5ef7cfe3f921da416c8cdb810dc76db80d34de50e6bf3079ecac544c97c4721f3572a6071bb070c7bd012453fe0986acd094a84f2372b263236408cb385870b5b48cb91c0afbb1ef8e871f4b1b29cd8471fac6ad9fd7797453436d4642efbfec549e0b40f8ae634b3dd8a07ce004b7c4bd31a18fe07f7f033e8db16e2ab50afc018cfb3ccc1eb355fd0ed718718f00ab8ef10f2c1ec76ba3c263808f9bdef1c4d76f8aa3320c9922cdd8f65ce948f43d90fc676fdea77fd25b69cf9b7656179be9000ef8e1654671f3e255d99222ece5950c78e90fd21c0ba513e0391472215fb30780d58696bcda7d2973cc85e1c26174e0b43cc178cbf7fd3e5102a254736b167e3c0da2c67468ecbfe106e6ff34792bc15b6d157bffa212c5979ad33bbcdc75ac14a70cb762744c1a8a716207df93b79779ca64a9986a2922e5f3a56bc826e2eb70506a68fc66807e7ba4e1b3f5b8008540ade5a2dc295029b61fc8d062a0474b4ac33c460af08dd97c70338b5b362fd260116be35ac7dbca76205b9157d03fe6b3f5ed406cedf51b1e400ed8a078a987edb2637f8dcbe4917c1f801316eedb0313a3d7d2e34acbda518891374912f68ffa06e718c1730f2f42a0c2af951bcffffd4cec41afb8b011030c2aa624be164c71c278363face03df0cf02a5ed88729b957655c50da362513c277b7bb8e8e994572e76f475c9e1faa559e94f85d6b08a6771cf85b8483d891bdad7aa335f57316b89b4da302a2dae53f5ee00ecd12377f5522694fddcfed29d516339f462e2990dceebe10147d9fbeb61673f48010d4e542d56b5e9810dfd92cdb56d5813e9df8daf6e6ad870c98627549bec2053b0d0693acfbfe448b62babc4e736886fd4259c30836dc0f79de1261335a5ab91a9d6d97bc2dcaa17c9ff1e752ae23e2765e835d7679fa39051fee656987e8e540563a3f8ae156f1c5303dd97484d9788e8a1b1b27b5146378d3820947750239eb002d0f2b44a64ff4cb0ac23a57974534c708edecc6c44ed45617f2dc134a2254b12883ee02c8c3dbab756615f02517b7a82c7b33dc169cf07e2e1d8056d3f905874388a3b0f1643a1d7578ea1dd8c15d318f946194f5713b20d259231ef451c6066294deffa4b230d8287e517dae682de9c61042543a0a3efdf0cb1c48499a86a626e9365a8bc7e714dc8704229a0bce2c18b15a522ade7c05e00342229d96f9126ec3075e3d3c430ab8c0e53cf654b150b3d7fb5ce62f60e4ec57fffa312fe1ce9cda8e8e6e10c112752881b1438632922a03e255a47d33aaff3c3e1f2092013d539a03f6405240ecda2c80a8e378eda4611889b8a3ebf450a23a668aaeddfd33265eef98642d3110aa95420d387537010143cd60f123fc9c3d107b5fc4ab43900667c1e395a3a0863a28d0661ad4cad39c5ecbd6df870cf37d6d77476f02c7e8e259f86210b35aa586a720f4f7f361f527a1fa3fc832673e478193e37f95c14d165e687c8070824b519503855ae5c69d128a2832ea72b60fd52898a0563581d7312b6ca32e702f42c07872d7d6d833dc191e487da719d7816a6b1bfc800514749335b9a5e6aeb71dc39d7de558831a0fdafa10aa50d007383a07b0f40a189c30a5d6313b3aa61c9aca029b8f406f5972ab8b989e92dba08fc89b9c7641645b17d50f6f40edc54d1cd7da9313906f2ffa084a70b17d5cfaa36213eb42be2e75e4380e0487fd3f5eaf1ce0adcf11ac2057063e85bb97de0b5371edef9cb6430294a8cd6188026db3fe739fbeaf324af9c6fd7ce1bc2c9ab38efba3a0c95b6b3af503174012d894c74accf1e240bffd8ce3041a1f1cc58996ecbede2c233ed2f39ef442e6907fbd0d71f071d93b38b46cda3af3152ccb54c6aa4e3da85db7bf96ff10f08cf106c62e3b75fb28cdc80dedae4274f773302eee5d6040df46d0ec5f7754cccf49e1e1374d0a5488f4cddd36941904caaf2711cf8976e6ac72472e897c94a9e9c56c81b83fa69b856f5c28025250f83a7b3569940d55d65ae529c715806bd1d6245679e07d16dcce36821f9073d92f618a1f69cb3d1019fd20aa89819ecd1f98adedc057a3744750d1a76f7f29cc336aeab75e243b070cdaeefef37acd2184bce3cc68f0707c039f3322f8e53ca89b1315f54618b32ab1aeef3143785d50f163221e6d779dbb7c4c9432390f9c1d9cdff40edcf56985237c912ebd20b331e3a2733a069a4171f0db64a875e404d2b1a3d7c47c493a827bc19dd67c446341fcd6aac06beb00c31ea3c3327283235ddcd76c7803b99b98ed3287c08ff6c0084ad708368ac474f48145c73a32d187194efc977c591f7ece9e38088a9f1a4ce271714b2fa96d212e7a6c07581dbbabf6bcecd43812919d684f3bdba4ddff337dbd9b68eb54bc6475c8be31cd5d933e9ea45f8d3e2e0b5ae822c94e3b968433a982d54838c6878eca9e0f55b3b4995c98ddb9e98df4f891bb353b5afa33a024f00d6e9580c3f8ee3da29c1b5e48761648ca135fcf6ce8c91c1889d0978e00ba3c17dc00db4252e08dcdc54f4e614d8097d1a2e07f1910e9a196befab2a82d479a1224cd236d8c125a22f29e4d5f0426f1c79f3a51355a1c2f619d91a7ab1a8cd24449b645887accda311b03d8d03341e023b8f33583fad6b463e7ff2e6d77864a9dffb0014f5e868d8b3df2755d62fada27579c91dd67834320b474aa3dc1d5da0fef7c4479cb0ff097c960bcf769553007ae4caff643ab5ed6d813b6ef1cdcac83ade3aa565e0788810cf3e9827c41a87530cb87d9a21ca5450f8f1e1cc4e7fb6dfe416e656b05af7127971b623a9d3864220c6a085ffe65770056744d213e068293167b3624af2d40949772fc95f11d3a78940f24d14ec49887b5e263d8d1f82eee79d9bfe9ff95da5f1bf037f1d9e9ada1eb6a967f730a7aee6fd8d0000a90208f90b0d6bc85310278566a31c1e97af4fcdc2b5798931f3511e191c81c35bbbeab5b9341b5d62fbe94b08a8ce7b317e55a3efc6e3ba57e79105c47412d94435345d760bd11b64301081a382df985232a820e8cf6b8d3ba0a2c5cafa610a4ee7c9a91933c1ed9742e855cfa8e42a4978de7b3f89db44d7bc235afed016aab5216a27eb88af716c9f29a0a963a126ab973e025e763e1f6e4bb18dd83e042849c8f7d77465c4ea69deb1c49b1ffa3ee36e7f56aaa7dd439a3e779b22635bf2d1ea9bf41b5c7297e78d17e68743fe927eae366db390cd38cfe692c4965723003bea89353f8bb89470772ca45037592778657ac2c97e50ad2226f288aa2746b9b6cbee5dab1e2154a1119c09214623c98d85a1a0d85b96877ba7c5d729a1a56c1e6d99a8da01435d635bb50703a07de64ffcf0e7ac88c0ad1feb99f3c4e9b4723caf3f625815f5eb96333c86ecd84d1b575f633b4e07196c35d01fbbab25575839747f7b56c09090306ac9879bba3dd026c7db6fbd6fd483e4b11c03d08051b14e8d1343d3c635a8e8e96c60e7010434adf0b19e802b351bb8aa1f1b8680dc06cf8a923e17545ea7f7212bd9e2af6eb2cabe41c1f54bddf91c7526fb68783c57dfe265449e4758dd4d17d4836a99f8aff24bcf65f480972885540e52557810c85ab98c7012187045c1e0b6d05cbe1c3d888ef742b3daad83e9c16f1d861d86d8de574a90a8202faaa4349f633fced11940f9ecb4fd311e08ab1217044df4590331b7b608543aa5895c85f03d06f200b63fc6f7d99a271530a7ecd6132d412e9d683ee38d82ab28b90bc4dc58f64307520c16cdf50cc00c269344193914ecd9f61e5f586f49bad06c7d5c56865fc844ee0889424130d049c2838189e2a31c7d998b117d95a3d9cc377fcefc24ac9efb8230a431030ab6808d907aee31d5f9db4969e14d28a951469a4bc82bc29e65182e3978ab7b0e82e19a479ae7f5d443b9bc9a94685bf4b739753b05caf6a34da385cfbe5da4cd7a8c2f997171d2548044aed05d73baeea3f103c8aef4b8b5f79ebb6099bcebe65137df91736d8f0f61e7650680666ca777c517619b850b3c805c6a465daef5388664c9e81cd0c2c79ac0a204dbee071170c80595c2f89e474c86d8b167256a9921737570ee4a86952af33ba1c9fc376453bc86a7d391274b8768a603e200ad0bd3584be0fd4c86803dfdbd1efa7479142e14ae38304e3b8037b5677bc00030cadf424c1343337f270434635ca1311c43742eac1d38888d832103cd967bf8291e6386eb2219c2c10e601038316f068918ffa216c0cc00db0a221533a8cd1d9c2fc3be7b6a6b83d7e8f5be52a2b8f4013b9f121104102282af1213df83760325cbc93a1d2657089a76f5fff113e302306a0323741905d258d459b4f19e82fbf3e523bfa9aee7ca7a3892fe6e45f3d7d33f45f92f01bc4c503e7d14b12447415bb78570e28c8896ee8479d83c4caca24d3c9063b1e0bda03a5bc04ab3eed341e288a8984d5aa4144d175715e1923ed737830a67355526bfa745b2677bca980baf1212d6a64717f11845d25f46fe4d73a9ce3a7dfd807f618c5551563db60baf71aa3336bfc04f359c2fda3ae61e32c9556b6f699ed204803a7128bb7429547acc4359a5d599f44cb6ceb1bf6c0b7a097ad5471d91affe71b90416b31d4fff6513492526365bda0615c7e3193392003c665600303bd8c0f1e29f2ce4c6dce5f925d2856296938ef2c69f2dab9ff0000ca6ff9700baec237cb43872772f9544e60ce7eb90b3ef0837a752b0a21ed2ecaaa4442cbe0a71daa968e051c037e7f16ee65521df40cae8b12193f739ae458ca33512f0fbace7567e3a3b27ffa7faaa516fc7c9c0fc235290f4baa06e1b10618e2f8679ac60fc4e5cca44b613767a4f2abe89bbe9f8a8c3b5ce082c176dfc3104b326d7293841cd232e98a13ca6a4ac42ab2f3204661a5042282715f45a19a512c0e17338cb82b8ee7ce9b6b2ec4d449d6276dfe4d98d1c8a166465645c3e268bdf1fffdf4da82a1c973d3658c24e0b27144e2d92fd8ffc85f1f602d4d117c3797a415ed45e67aa16864c7c4a94f493310646984c437e0c3f19e7d49040680e013d9a00317fcf1c1b75e8a2fa411ae82a2a0a868323d3aee48b1549aaa99f9cceff0c8902507ff0", 0x1000}, {&(0x7f0000002880)="67e34aebf089da6703a72875f5b1925e9ea463efdbf2aa856832e450ed6b6133a7d7bd2448b26eff4d0e2104f0f0f52f3a19128afcdbbb73ea3ed902f5ab654e6f910d9d0b54735345235a47c6c9955c4224596952226a0482ebeab5f513f44b1cde3bb53d8cbb3897bab5c0d7bba7a771dd895346fa7f3c93e4e524bb8a9ee971c9e22e5a879a6979c19370970606d4fe97452b257c206cde143a004cc3d0c8cce02ff449d59ef1f6a526649942616a9d7c560fc2b4f54fcc2b127df089db434c408bdcc73423ad771e", 0xca}, {&(0x7f0000002980)="464560866369c7bde89c76b0371f48ff46b142a249ba94e2da45963fd6cb741bd2e927a70e06bb2463ff71271832224567e9a1c866f9a905af172532c05e2b8505aa24e49b764b2756dfdb973e7fe967d851bf42658048e901c52fe7fec67243b30a8fdf46c7be30efb2060008fa4581a42967a76aaf577108c2a7039e2de1399cfd16f08d64fa48af999f114f9435f12ea9e61d7a0c4ad83978", 0x9a}, {&(0x7f0000002a40)="6617a7eb85cb23c859739fac3344a10c3f12f6cfa718d833a4b6c249fc8f0737b5b0453e578dd943bc890d1416dabde1cc624bbce774129455e305db55d6bdfdb61bccfde03adc60f9fdfc751b2ee7f488c8db03a6442003526ee42854324662bf19b0f037a75930ef881697e643a04d9d192ffc1273b0ad641f5f7c5a89c43bd316ab16a6fe87e020c2fa44768c7ef590b3101f7f695d11e339b12d0425a72fa8375deb759a7ebc237ff176f9912708410c51276e79900a7c2e9d7827dbbd8b2980bf264f83cd8e49269bc56167cde28db99b", 0xd3}, {&(0x7f0000000480)="61b0e85bf9388923dba82a0cba731251094c2571154ca9541e1dc57a6765fa3b79", 0x21}, {&(0x7f0000002b40)="179c473ac58ae6838d488a8069e73d82bee0bdc813a23ec84a4ec242ef6c7bc872ecba", 0x23}], 0x6}}, {{0x0, 0x0, &(0x7f0000002d80)=[{&(0x7f0000002c40)="cf652ae49830dc5237702184aa61bf8ee140de65b6bfe788c7408bb310aa66e9db1cf01aecb5359430d0eebeaf2f6f4ce1309767fdd2aa770c395701ec5d0222b919d5b4b78af1905879b43853a3ee2e94579ed629858b3d91958a10ffa3de78f7d5f3d1b5beb4f0ea9cf01838f21dae9bd57920c6d9887d5916a298b8837aaa2b007745f1472d69948d40c44f876cd88ad8404df219a44daf4723bdd2dbc2626f0a18b0698ebdda9b2cdce9b576e042bb8fdc8514", 0xb5}, {&(0x7f0000002d00)="50bc46210f13ad83d90cfb0ffc3d96480c077fa4226f9e4b017186a0ab62feafdb", 0x21}, {&(0x7f0000002d40)="633842cfad0bc852e902b1a6df833b575649572a948a00205b2dce73f5b49ac936269ce89b981115ddd1072c", 0x2c}], 0x3}}, {{0x0, 0x0, &(0x7f0000002fc0)=[{&(0x7f0000002e80)="f3ba2f61e1144e92402ccba1beb3d435edceb234cf1ed29178e013f5c4f2bcd9cc8eab01dcb09f7862b16974b251853167ce08de13ac34dadedd7f837f4b3b85a56c5295ffd67483f6d37ef16961f7ea387264d333661a216d9dc59660ac19a1c0bec516d146f8ebee586dff231d58c81e8eedb38fd93410c0b074970dc4917b03cf48db268b99524dad235e92537a9a127884c7120ead66c911f1f6e14bf63ae97c55665896d05dc4d6f19aae3aa5e53786f21db18069d27c4600452c2abc88e297acce162867578c96409bd35c71d5c7385c1008945f1f53bb1506592ea46b601201781cbf2163da6312d8", 0xec}, {&(0x7f0000002f80)="8e729c466da27c9a10", 0x9}], 0x2}}, {{0x0, 0x0, &(0x7f00000040c0)=[{&(0x7f00000030c0)="a2034664a00d9041a85060d6f48a23d79f39220e1608a165bfb48b2ecb2739e8f1c098368d606d2e82cbad18d7e911af2af88f26946185829ab2f6e93e55c8a0f72754bed057335a5fbb733136263a6899464370e7e990a471d2172a24959eba65bc56471d1af85f481c4c22e505df6e1d73958b6daf5625287085ce9c6b2b03a0365e633eea971b40f234b270287b4ed14977b714dcf16dd8847474ba35b4e1741d3b2ab8000df4ece54c479db15d3345955baadd4b93ba", 0xb8}], 0x1}}], 0x5, 0x44084) ppoll(&(0x7f0000000000)=[{r0}], 0x1, &(0x7f0000000040)={0x0, 0x989680}, 0x0, 0x0) 7.395571987s ago: executing program 3 (id=1061): mkdir(&(0x7f0000000180)='./file0\x00', 0x0) r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_STATUS32(r0, 0xc0f85403, 0x0) r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x2, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000002000000000000000002000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70300000000000085000000ad000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000000c0)={r2, 0xffffffffffffffff, 0x0, 0x0, @void}, 0x10) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)) r3 = syz_open_dev$admmidi(&(0x7f0000000140), 0x20, 0x0) read$midi(r3, 0x0, 0x49) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100), 0xac041, 0x0) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001200)='syzkaller\x00'}, 0x80) r5 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0) r6 = fsmount(r5, 0x0, 0x0) r7 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000003c0)={r4, r6}, 0x10) bpf$ITER_CREATE(0x22, &(0x7f0000000040)={r7}, 0x8) bpf$LINK_DETACH(0xf, &(0x7f0000000080)=r7, 0x4) connect$inet(0xffffffffffffffff, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) listen(0xffffffffffffffff, 0x100000001) socket$inet6_sctp(0xa, 0x0, 0x84) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) 6.504585711s ago: executing program 3 (id=1062): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000f52b1475aabc1d00000000000000000000000095c0ec790b24d1a8e5992c709d2ca8426721b4865b605ae69313dadedf2ca399076716b0ba4ebc9791bd184a22f09afda5b48653887608467868793eee923efeea8add8d9d2a352ae9fc2f484ffccc7adfd9"], &(0x7f0000000000)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) r3 = socket$pppl2tp(0x18, 0x1, 0x1) r4 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r3, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r4, {0x2, 0x0, @multicast2}, 0x2}}, 0x2e) r5 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r5, &(0x7f0000000080)=@pppol2tpv3={0x18, 0x1, {0x3, 0xffffffffffffffff, {0x2, 0x0, @multicast2}, 0x2, 0xffffffff}}, 0x2e) setsockopt$pppl2tp_PPPOL2TP_SO_DEBUG(r5, 0x111, 0x3, 0x20000000, 0x4) r6 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r6, 0x4008ae90, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000000000001000000000000b320a2cd0000000000e7000000ffff00e700000007"]) r7 = syz_open_dev$ndb(&(0x7f0000000080), 0x0, 0x0) ioctl$NBD_SET_BLKSIZE(r7, 0xab01, 0xef1) r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r8, 0x5423, &(0x7f00000002c0)=0x16) r9 = openat$nvme_fabrics(0xffffff9c, &(0x7f0000001140), 0x20402, 0x0) write$P9_RXATTRCREATE(r9, 0x0, 0x12) r10 = openat$ppp(0xffffff9c, &(0x7f0000000180), 0xc0000, 0x0) ioctl$PPPIOCCONNECT(r10, 0x4004743a, &(0x7f00000001c0)=0x4) r11 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f000905", @ANYRES64], 0x0) syz_usb_control_io$hid(r11, 0x0, 0x0) syz_usb_control_io(r11, &(0x7f0000000780)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="00000f00000009003d140f3c369197d09647190890"], 0x0, 0x0, 0x0, 0x0}, 0x0) r12 = syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x800) ioctl$HIDIOCGUSAGE(r12, 0x4018480c, &(0x7f00000000c0)={0x2}) ioctl$TIOCSTI(r9, 0x5412, &(0x7f00000003c0)=0x8) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r13 = getpgid(0x0) syz_pidfd_open(r13, 0x0) 4.2994401s ago: executing program 3 (id=1070): socket$l2tp(0x2, 0x2, 0x73) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4) creat(0x0, 0x0) io_setup(0x1, &(0x7f0000000200)) syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff) syz_open_dev$tty1(0xc, 0x4, 0x1) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000180)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x0, 0x3}, 0x8, 0x10, &(0x7f0000000000)={0x3}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = getpid() process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x8042, 0x0) fcntl$setlease(r2, 0x400, 0x1) fcntl$setlease(r2, 0x8, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x183203, 0x0) fcntl$setlease(r2, 0x400, 0x1) r3 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r3, &(0x7f0000000380)={0x2, 0x0, @dev}, 0x10) sendmmsg(r3, &(0x7f0000007fc0), 0x800001d, 0x810) pipe2(&(0x7f0000000140), 0x8880) openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) r4 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0) ioctl$UI_DEV_SETUP(r4, 0x405c5503, &(0x7f00000009c0)={{}, 'syz0\x00', 0x15}) io_setup(0x4e6, &(0x7f0000004200)=0x0) io_submit(r5, 0x3db, &(0x7f0000000480)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x0, r4, 0x0}]) ioctl$UI_DEV_SETUP(r4, 0x5501, 0x0) 4.234473125s ago: executing program 0 (id=1071): pipe2$watch_queue(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) getsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0x7, &(0x7f00000004c0)=0x1, &(0x7f0000000500)=0x4) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001040), 0x2, 0x0) lstat(&(0x7f00000000c0)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0xc1000, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',cache=loose,privport,cache=fscache,fscache,access=user,noextend,access=client,posixacl,version=9p2000.L,subj_user=\x00,subj_user=\x00,fscontext=staff_u,smackfstransmute=\x00,fowner=', @ANYRESDEC=r2, @ANYBLOB="2c7065726d69745f640100056374696f2c00"]) move_mount(r1, &(0x7f0000000140)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x45) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f00000000c0)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f0000000440), r4, 0x0, 0x2, 0x4}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r3, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{}, {0xa, 0x0, 0x0, @mcast2}, r4}}, 0x48) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x64, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x4}, [@IPSET_ATTR_TYPENAME={0x12, 0x3, 'bitmap:ip,mac\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0x18, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x0}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8}}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x64}}, 0x0) r6 = io_uring_setup(0x53d6, &(0x7f0000000240)={0x0, 0xfb9, 0x2, 0x2, 0x107}) io_uring_enter(r6, 0x59b6, 0x944e, 0x12, &(0x7f0000000080)={[0x10d00000000000]}, 0x8) r7 = socket$nl_route(0x10, 0x3, 0x0) r8 = socket$inet_udplite(0x2, 0x2, 0x88) r9 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x10}]}, @NFT_MSG_NEWSETELEM={0x4c, 0xe, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x20, 0x3, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0x18, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x14, 0x1, "8c7457ff8f99b8233ba7d81496e1da69"}]}]}]}]}], {0x14, 0x10}}, 0xd0}}, 0x0) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000080)={'syz_tun\x00', 0x0}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000000)={'veth1_to_hsr\x00', 0x0}) sendmsg$nl_route(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x5c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x8}, @IFLA_MACVLAN_FLAGS={0x6, 0x2, 0x1}, @IFLA_MACVLAN_FLAGS={0x6}]}}}, @IFLA_LINK={0x8, 0x5, r12}, @IFLA_MASTER={0x8, 0xa, r10}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4}, 0xc010) write$RDMA_USER_CM_CMD_LISTEN(r1, &(0x7f00000003c0)={0x7, 0x8, 0xfa00, {r4, 0x6}}, 0x10) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080)={0xffffffffffffffff}, 0x106}}, 0x20) write$RDMA_USER_CM_CMD_MIGRATE_ID(r1, &(0x7f0000000180)={0x12, 0x10, 0xfa00, {0x0, r13, r1}}, 0x18) 4.233540007s ago: executing program 1 (id=1072): socket$l2tp(0x2, 0x2, 0x73) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4) creat(0x0, 0x0) io_setup(0x1, &(0x7f0000000200)) syz_open_dev$tty1(0xc, 0x4, 0x1) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000180)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x0, 0x3}, 0x8, 0x10, &(0x7f0000000000)={0x3}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = getpid() process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x8042, 0x0) fcntl$setlease(r2, 0x400, 0x1) fcntl$setlease(r2, 0x8, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x183203, 0x0) fcntl$setlease(r2, 0x400, 0x1) r3 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r3, &(0x7f0000000380)={0x2, 0x0, @dev}, 0x10) sendmmsg(r3, &(0x7f0000007fc0), 0x800001d, 0x810) pipe2(&(0x7f0000000140), 0x8880) openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) r4 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0) ioctl$UI_DEV_SETUP(r4, 0x405c5503, &(0x7f00000009c0)={{}, 'syz0\x00', 0x15}) io_setup(0x4e6, &(0x7f0000004200)=0x0) io_submit(r5, 0x3db, &(0x7f0000000480)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x0, r4, 0x0}]) ioctl$UI_DEV_SETUP(r4, 0x5501, 0x0) 4.102513027s ago: executing program 2 (id=1073): unshare(0x68060200) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x400000a, 0x10, 0xffffffffffffffff, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x82, &(0x7f00000000c0)={'nat\x00', 0x1000000, 0x0, 0x0, [], 0x0, 0x0, 0x0}, &(0x7f0000000000)=0x78) 4.026357809s ago: executing program 0 (id=1074): socket$l2tp(0x2, 0x2, 0x73) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4) creat(0x0, 0x0) io_setup(0x1, &(0x7f0000000200)) syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000180)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x0, 0x3}, 0x8, 0x10, &(0x7f0000000000)={0x3}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = getpid() process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x8042, 0x0) fcntl$setlease(r2, 0x400, 0x1) fcntl$setlease(r2, 0x8, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x183203, 0x0) fcntl$setlease(r2, 0x400, 0x1) r3 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r3, &(0x7f0000000380)={0x2, 0x0, @dev}, 0x10) sendmmsg(r3, &(0x7f0000007fc0), 0x800001d, 0x810) pipe2(&(0x7f0000000140), 0x8880) openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) r4 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0) ioctl$UI_DEV_SETUP(r4, 0x405c5503, &(0x7f00000009c0)={{}, 'syz0\x00', 0x15}) io_setup(0x4e6, &(0x7f0000004200)=0x0) io_submit(r5, 0x3db, &(0x7f0000000480)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x0, r4, 0x0}]) ioctl$UI_DEV_SETUP(r4, 0x5501, 0x0) 3.834359679s ago: executing program 2 (id=1075): mkdir(&(0x7f0000000180)='./file0\x00', 0x0) r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_STATUS32(r0, 0xc0f85403, 0x0) r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x2, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000002000000000000000002000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70300000000000085000000ad000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = socket$inet(0xa, 0x801, 0x84) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)) r3 = syz_open_dev$admmidi(&(0x7f0000000140), 0x20, 0x0) read$midi(r3, 0x0, 0x49) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100), 0xac041, 0x0) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001200)='syzkaller\x00'}, 0x80) r5 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0) r6 = fsmount(r5, 0x0, 0x0) r7 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000003c0)={r4, r6}, 0x10) bpf$ITER_CREATE(0x22, &(0x7f0000000040)={r7}, 0x8) bpf$LINK_DETACH(0xf, &(0x7f0000000080)=r7, 0x4) connect$inet(r2, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) listen(r2, 0x100000001) socket$inet6_sctp(0xa, 0x0, 0x84) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) 3.115739833s ago: executing program 3 (id=1076): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={0x0, r0}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) socket(0x40000000002, 0x3, 0x2) socket(0x40000000002, 0x3, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='net/raw\x00') r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) getsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f00000000c0)=0x101, &(0x7f0000000240)=0x2) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000140), 0x4) bind$inet(0xffffffffffffffff, 0x0, 0x0) open(0x0, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x41, 0x0) io_uring_setup(0x664c, &(0x7f0000000480)={0x0, 0x0, 0x1880, 0x8000002, 0xffffffff}) r3 = socket(0x40000000015, 0x0, 0x0) connect$inet(r3, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10) setsockopt$SO_RDS_TRANSPORT(r3, 0x114, 0x8, &(0x7f00000008c0)=0x1, 0x4) bind$inet(0xffffffffffffffff, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57) sendmsg$xdp(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f00000003c0)}, {&(0x7f0000000900)="1eac4d20f8509e2139d2842c8faedef008bcac1025cbc63d2bfe0c7bbe51c5bf73985d5106bf5b5e7e5761716e35b468ea79633c916c4a8026f9408d056b8977df67c0e6fd0b1b3da5de5d003382ac95eade5dadad870ce3749452d2c1c3651ffff244be3078fdbfeb97d093bba60131e733d91c4ad38e7b52aa7afa9cb8e2351bd3f8a7a2a0425b071f6790992b8c2a51d944b0161c5c97fcdc19c2ef7c66ccc23c77a28a34b216c429444343ea056f171399dc03d56a1131ba74d31fc1012d3deff0e43309fc9e3b88bec90a7680aa74ccd581e02eb436a0009fa62097513d0c9533256d81978fae39288edcb833739d2988ccf5a564bc00edd1ab0853b873cbab3ef227f11325d72dbe2f435351610d01d0f74e180df6eaa94651336e7713414e499586edd5693e587a186fcb68a973e823e61a072aaa4fb9e3a03ff4c17c9e343684255efba0d1b149b22c2d81f1ac5eaccaab01ab108178e97eb8a45d5d6cdeca0d6b9af9f88cfee58935be6902ac7c6915d60548367d164990b142d472b9b5700191b1f978fb36bcde646385dcf5cb7adf1ec70baef4061d2da93d2f5eefae1081374d58ab54532755c1b8bf303584296145e9aad2e3ccef93f30da9c102db5cfe346baba2fd3f157cb6e825e607365ff8c6187e216dc4072e582874ce63166405e21644015f99d5713165a377bfdc3143928e8469b4e312ce1f9dff83fe7c8d9fca791af2b46f1650e3937c9ab589d5f93fb578503aa64042c66571649844d93257489c1b658140e4c194c329a1a2c0117d123a45b213a118dd608bd6bdb2e0a6782f785321ff48eac4158ad9efb3737a6cfbb21d0dba732558493aa09dfa7fa41b4922e4e205a4792c9694661a18eff0d932d824f6987aa3dafa7ddc9b0acd70d43263c78dde88b7c665abbeec1cf1016ddc321f713cc3c149eeda6443b5b278eb3a05b08d510650b055d3193c4d5bbe084431cc40a626e81827d8bf2379435ada42a99569b35faa3af53f90f4dcf7a7d1c2e6fe4d7739b135981d40ba00de019909748640d554a159e552c6a7a7c77b213fad40dd785cc4ee983266b3377fbc7845a44992f82656b8240c169697599074348a4bac29423612e4c0ba89a66d08033b54b4d8f8704ab9470fe6316dc6ba610b7f3c1b0428607b13d2cfbed5c82d9214a1e97edaa27ed011d42800467fd54cddec7841f2aa513e7c8956842ea69b6b80208a4acbe9b678a9ab48a26df1cebd283f0d8e2956d8e8a4aad5b563ae75ddaf9b167d70b0e96f42a4f1c5bef1e777fedcb380707fc7ac87e249f322a01660687c04d1bbeeefeecadf86c3ef805d79964a862877cfbff40eb340f7065bc759013cbdcb25305ba6812a853b8d8e1960227826acb24311ed0e67f84565dd8858ca3be23409569e15ba75120c35dffdc8a4b7688d5d02fedf88434274b828fec979ea029405cd1e7cadc867ebdc98c4a523178715828c1a6361e60ff1f2968efc20d6888ac2a6f81e37cbc7f1e89f3421825cc278df26c8722e", 0x43e}], 0x2}, 0x8050) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x0, 0x0, 0x0, 0x8000}, 0x48) r4 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) io_uring_setup(0x5357, &(0x7f0000000240)) ioctl$SNDRV_TIMER_IOCTL_SELECT(r4, 0x40345410, &(0x7f00000083c0)={{0x1}}) readv(r4, &(0x7f0000000180)=[{&(0x7f0000000400)=""/68}], 0x32) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r4, 0x54a2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00'}, 0x10) 3.00324106s ago: executing program 1 (id=1077): madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) mremap(&(0x7f00002d7000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil) get_mempolicy(0x0, 0x0, 0x0, &(0x7f0000a88000/0x2000)=nil, 0x3) ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000400)={&(0x7f0000b36000/0x12000)=nil, &(0x7f0000841000/0x4000)=nil, 0x12000}) syz_io_uring_setup(0x6866, &(0x7f00000003c0)={0x0, 0x0, 0x4}, &(0x7f0000000440), &(0x7f0000000480)) (fail_nth: 8) 2.864364405s ago: executing program 2 (id=1078): openat$dsp(0xffffffffffffff9c, &(0x7f00000003c0), 0x101a02, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f0000000200)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r0 = getpid() process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0) r2 = eventfd(0x0) ioctl$VHOST_SET_VRING_BASE(r1, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f}) ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r2) ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x1, r2}) ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000700)=""/75, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74}) rt_sigaction(0xd, &(0x7f0000000500)={&(0x7f0000000000)="ca0000c441f96ec80fc4c60066400fe2def3ad46c7045300101000f00fc01ec422e10399c5c1202066410f6f15040000000000e1f563df", 0x0, 0x0, {[0x9]}}, 0x0, 0x8, &(0x7f0000000300)) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000680)) ioctl$VHOST_SET_VRING_ERR(r1, 0x4008af22, &(0x7f00000002c0)={0x1, r2}) ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x1) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x52, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xf}, 0x90) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) r4 = socket$can_j1939(0x1d, 0x2, 0x7) setsockopt$SO_J1939_ERRQUEUE(r4, 0x6b, 0x4, &(0x7f0000000540)=0x1, 0xffffffaf) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x90) syz_open_dev$usbfs(0x0, 0x7, 0x581803) bpf$MAP_CREATE(0x0, &(0x7f0000000680)=@bloom_filter={0x1e, 0xfffffffc, 0x7, 0x8, 0x80, 0x1, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x4, 0x4, 0x3}, 0x48) ioctl$USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0185500, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}) sendmsg$SMC_PNETID_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0xfffffffffffffff4, &(0x7f00000001c0)={0x0, 0xfffffffffffffd44}, 0x1, 0x0, 0x0, 0x800}, 0x20004051) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000800)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB], 0x38}}, 0x0) 2.827250735s ago: executing program 0 (id=1079): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x4, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000000080)=0xa, 0x4) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000003c0)={'wlan0\x00', 0x0}) sendto$packet(r3, &(0x7f0000000180)="0b031000e0ff030002004788aa96a13bb1000000000008000500", 0x10000, 0x0, &(0x7f0000000140)={0x11, 0x0, r4}, 0x14) socket$nl_generic(0x10, 0x3, 0x10) r5 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001400)=ANY=[@ANYBLOB="1c0000005e0021a5553f8c6b23cbff070000f3373526a01e35"], 0x1c}}, 0x0) socket$nl_route(0x10, 0x3, 0x0) r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r9 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0) fsconfig$FSCONFIG_SET_FD(r9, 0x5, &(0x7f00000005c0)='fd', 0x0, r8) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_TDLS_CHANNEL_SWITCH(r5, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000340)={&(0x7f0000000600)={0x130, 0x0, 0x400, 0x70bd2b, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_OPER_CLASS={0x5, 0xd6, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @chandef_params=[@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x21}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x4}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x366}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x4}], @NL80211_ATTR_MAC={0xa}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x1f2}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x27}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x1}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x9}], @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_OPER_CLASS={0x5, 0xd6, 0xf7}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x1ff}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x9}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x411c635c}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x3dd}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x12}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x6000000}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x800}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x1}], @NL80211_ATTR_OPER_CLASS={0x5}, @chandef_params=[@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x6}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x5}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x7}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x15f4}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x35}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0xff}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xe}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x27e}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x815d}]]}, 0x130}, 0x1, 0x0, 0x0, 0x40080}, 0x44000) r11 = socket$inet_sctp(0x2, 0x1, 0x84) ioctl$sock_SIOCETHTOOL(r11, 0x8946, &(0x7f0000000040)={'netdevsim0\x00', &(0x7f0000000080)=@ethtool_test={0xf, 0x0, 0x0, 0xa, [0x0, 0x8000000000000000, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0xabca, 0x9]}}) fsconfig$FSCONFIG_CMD_CREATE(r9, 0x6, 0x0, 0x0, 0x0) close_range(r6, 0xffffffffffffffff, 0x0) r12 = syz_open_procfs(0x0, &(0x7f0000000080)='coredump_filter\x00') prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) syz_emit_ethernet(0x4e, &(0x7f00000001c0)={@local, @remote, @val={@void, {0x8100, 0x6, 0x0, 0x3}}, {@ipv6={0x86dd, @tcp={0x0, 0x6, "f11b8c", 0x14, 0x6, 0x0, @loopback, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) preadv(r12, &(0x7f0000000000), 0xc, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x6, &(0x7f0000000000)=[{0x4, 0xd6, 0x5, 0xa}, {0x3, 0x2, 0x0, 0x8}, {0x1, 0x1, 0x6, 0x2}, {0x5, 0x2f, 0x1f}, {0x4, 0x0, 0x3, 0x3}, {0x6, 0x0, 0x2b, 0x6}]}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r12, 0xc0182101, &(0x7f0000000000)={0x0, 0x2332, 0x1}) 2.744161307s ago: executing program 1 (id=1080): socket$nl_netfilter(0x10, 0x3, 0xc) syz_emit_vhci(0x0, 0x1d) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) syz_open_dev$media(&(0x7f0000000000), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) socket$nl_route(0x10, 0x3, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x3, 0x4, 0x0, 0x0}, 0x90) timer_create(0x0, 0x0, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0) syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x191102) r1 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_ADD_MFC_PROXY(r1, 0x29, 0xd2, &(0x7f0000000300)={{0xa, 0x4e20, 0x0, @local}, {0xa, 0x4e24, 0x0, @empty}, 0x0, {[0xfffffffc]}}, 0x5c) setsockopt$MRT6_ADD_MFC_PROXY(r1, 0x29, 0xcd, &(0x7f0000000400)={{0xa, 0x8004, 0x0, @private0, 0x1}, {0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @broadcast}}, 0x1}, 0x5c) fsopen(&(0x7f0000000140)='erofs\x00', 0x0) r2 = socket$inet6(0xa, 0x6, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r3 = socket$inet_dccp(0x2, 0x6, 0x0) dup2(r2, r3) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) openat$full(0xffffff9c, &(0x7f0000000080), 0x80000, 0x0) ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000000)=0x15) ioctl$KDFONTOP_GET(0xffffffffffffffff, 0x560f, &(0x7f0000000000)={0x1, 0x2, 0x15, 0x0, 0x1, 0x0}) ioctl$TCFLSH(r4, 0x40384708, 0x20000000) socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000380)={'wlan0\x00'}) socket$nl_route(0x10, 0x3, 0x0) socket(0x10, 0x803, 0x0) 2.585380409s ago: executing program 2 (id=1081): openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) syz_open_dev$vim2m(&(0x7f00000001c0), 0x7, 0x2) prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000500)='tlb_flush\x00', r2}, 0x10) process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, 0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000180), 0x48) r3 = socket$inet6(0xa, 0x2, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[], 0x0) connect$inet6(r3, &(0x7f00000002c0), 0x1c) sendmmsg(r3, &(0x7f00000092c0), 0x4ff, 0x80fe) sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) ioctl$SG_NEXT_CMD_LEN(0xffffffffffffffff, 0x2283, 0x0) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xd, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4050000000000007911c00000000000850000008e00000095000000f8000000"], &(0x7f00000000c0)='syzkaller\x00', 0x5, 0xe4, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x50}, 0x90) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) clock_getres(0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, 0x0) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x11, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000008000000000000000000000095"], &(0x7f0000000440)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00', r4}, 0x10) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NBD_CMD_CONNECT(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)={0x14, r6, 0x1, 0x0, 0x0, {0x5}}, 0x14}}, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000240)=[{0x0}], 0x1, 0x0, 0x0) 2.325982687s ago: executing program 2 (id=1082): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8}, 0x48) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev, 0xa}, 0x1c) r1 = syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a82300000904000002ca744d00", @ANYRES32], &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]}) r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) read$char_usb(r2, &(0x7f0000000280)=""/239, 0xef) write$char_usb(r2, &(0x7f0000000240)="96", 0x1) read$char_usb(r2, 0x0, 0x0) write$char_usb(r2, 0x0, 0x0) syz_usb_disconnect(r1) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CHANNEL_SWITCH(r3, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)={0x28, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0x8}, @chandef_params, @NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}]}, 0x28}}, 0x0) socket$rds(0x15, 0x5, 0x0) syz_80211_inject_frame(&(0x7f0000000100)=@device_b, &(0x7f0000000140)=ANY=[@ANYBLOB="8080000008021100000100021100000150505050505020000000000000000000000000006400000001"], 0x7b) r7 = openat$fuse(0xffffff9c, &(0x7f00000003c0), 0x2, 0x0) write$FUSE_NOTIFY_DELETE(r7, &(0x7f0000000400)={0x2a, 0x6, 0x0, {0x5, 0x2, 0x1, 0x0, '\x00'}}, 0x2a) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'wlan1\x00', 0x0}) getsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x14, 0x0, &(0x7f0000000300)=0xa) sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f00000002c0)={0x1c, 0x0, 0x303, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}}, 0x1c}}, 0x0) 2.205990331s ago: executing program 3 (id=1083): openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) setsockopt$bt_l2cap_L2CAP_LM(r0, 0x6, 0x3, &(0x7f0000000040)=0xb6, 0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000000300)=""/102400, 0x19000) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100), 0x141a42, 0x0) mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0) execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x0, 0x0, 0x0) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/block/loop0', 0x48000, 0x0) symlinkat(&(0x7f0000000280)='./file2\x00', r2, &(0x7f0000000100)='./file2\x00') lsm_set_self_attr(0x65, &(0x7f0000000240)=ANY=[@ANYRESDEC=r2], 0x20, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000019340)={0x8, 0x5, &(0x7f0000000080)=ANY=[@ANYBLOB="01000000003000000000950050aaf926c15d00"/40], &(0x7f0000000000)='syzkaller\x00'}, 0x90) ioctl$FAT_IOCTL_SET_ATTRIBUTES(0xffffffffffffffff, 0x40047211, &(0x7f0000000180)=0x2) r3 = syz_open_dev$tty1(0xc, 0x4, 0x4) ioctl$VT_RELDISP(r3, 0x5605) r4 = socket$inet(0x2, 0x0, 0x2) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) r6 = dup(r5) write$dsp(r6, &(0x7f0000000440)="ed", 0x1) write$UHID_INPUT(r6, &(0x7f00000029c0)={0xc, {"a2e3ad214fc752f91b25470987f70e06d038e7ff7fc6e5539b3264078b089b3b083468060890e0878f0e1ac6e70a9b3368959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31350d095d0636cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4040d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a4d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0xf13) r7 = syz_open_dev$usbfs(&(0x7f0000000100), 0x74, 0x40001) setsockopt$inet_msfilter(r4, 0x0, 0x29, &(0x7f0000019300)=ANY=[@ANYRESHEX=r7], 0x10) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000080)) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000140)='contention_end\x00'}, 0x10) 1.892515644s ago: executing program 0 (id=1084): r0 = timerfd_create(0x7, 0x0) timerfd_settime(r0, 0x3, &(0x7f0000000240)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$HIDIOCSFEATURE(0xffffffffffffffff, 0xc0404806, 0x0) io_submit(0x0, 0x0, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10) r2 = getpid() process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) unshare(0x22020400) r3 = socket(0x11, 0x800000003, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000600)) r4 = socket$inet6_sctp(0xa, 0x1, 0x84) shutdown(r4, 0x0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x32}, 0x9c) r5 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f0000000080)={0x0, @loopback, 0x2000, 0x0, 'sh\x00', 0x0, 0x0, 0x24}, 0x2c) setsockopt$IP_VS_SO_SET_FLUSH(r5, 0x0, 0x485, 0x0, 0x0) socket$nl_rdma(0x10, 0x3, 0x14) setsockopt$MRT_FLUSH(0xffffffffffffffff, 0x0, 0xd1, 0x0, 0x0) r6 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x5cb820, 0x0) preadv(r6, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0x18ff2}], 0x1, 0x0, 0x0) r7 = socket(0x28, 0x1, 0x0) connect$vsock_stream(r7, &(0x7f0000000300)={0x28, 0x0, 0x0, @my=0x1}, 0x10) connect$vsock_stream(r7, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x2, &(0x7f0000000140)=[{0x16}, {0x6}]}) 1.495859088s ago: executing program 1 (id=1085): socket$l2tp(0x2, 0x2, 0x73) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4) creat(0x0, 0x0) io_setup(0x1, &(0x7f0000000200)) syz_open_dev$tty1(0xc, 0x4, 0x1) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000180)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x0, 0x3}, 0x8, 0x10, &(0x7f0000000000)={0x3}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = getpid() process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x8042, 0x0) fcntl$setlease(r2, 0x400, 0x1) fcntl$setlease(r2, 0x8, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x183203, 0x0) fcntl$setlease(r2, 0x400, 0x1) r3 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r3, &(0x7f0000000380)={0x2, 0x0, @dev}, 0x10) sendmmsg(r3, &(0x7f0000007fc0), 0x800001d, 0x810) pipe2(&(0x7f0000000140), 0x8880) openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) r4 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0) ioctl$UI_DEV_SETUP(r4, 0x405c5503, &(0x7f00000009c0)={{}, 'syz0\x00', 0x15}) io_setup(0x4e6, &(0x7f0000004200)=0x0) io_submit(r5, 0x3db, &(0x7f0000000480)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x0, r4, 0x0}]) ioctl$UI_DEV_SETUP(r4, 0x5501, 0x0) 936.744832ms ago: executing program 0 (id=1086): mkdir(&(0x7f0000000180)='./file0\x00', 0x0) r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_STATUS32(r0, 0xc0f85403, 0x0) r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x2, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000002000000000000000002000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70300000000000085000000ad000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = socket$inet(0xa, 0x801, 0x84) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)) r3 = syz_open_dev$admmidi(&(0x7f0000000140), 0x20, 0x0) read$midi(r3, 0x0, 0x49) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100), 0xac041, 0x0) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001200)='syzkaller\x00'}, 0x80) r5 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0) r6 = fsmount(r5, 0x0, 0x0) r7 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000003c0)={r4, r6}, 0x10) bpf$ITER_CREATE(0x22, &(0x7f0000000040)={r7}, 0x8) bpf$LINK_DETACH(0xf, &(0x7f0000000080)=r7, 0x4) connect$inet(r2, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) listen(r2, 0x100000001) socket$inet6_sctp(0xa, 0x0, 0x84) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) 735.961397ms ago: executing program 2 (id=1087): r0 = socket$rds(0x15, 0x5, 0x0) mknod(&(0x7f0000000140)='./file0\x00', 0x8001420, 0x4) r1 = open$dir(&(0x7f0000000100)='./file0\x00', 0x2, 0x0) splice(r0, 0x0, r1, 0x0, 0x7, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x8, 0x0, 0x0}, 0x90) r2 = socket$inet_udp(0x2, 0x2, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000100)='net/ip_vs\x00') read$FUSE(r3, &(0x7f0000006040)={0x2020}, 0x8f5) recvmmsg(r2, &(0x7f0000000080)=[{{0x0, 0x0, 0x0}}], 0x40000000000012d, 0x0, 0x0) r4 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$CAPI_GET_SERIAL(r4, 0xc0044308, &(0x7f0000000240)=0x5) setsockopt$inet_int(r2, 0x0, 0x7, &(0x7f0000000180)=0x6, 0x4) socket(0x10, 0x80002, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r5 = socket$kcm(0x21, 0x2, 0x2) sendmsg$kcm(r5, &(0x7f0000000080)={&(0x7f0000000000)=@xdp={0x2c, 0x4, 0x0, 0x3d}, 0x80, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYRES64], 0x10}, 0x8000) r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r6, 0xc0502100, &(0x7f0000000340)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r6, 0xc0182101, &(0x7f0000000180)={r7}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r6, 0xc0502100, &(0x7f0000002780)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r6, 0x40182103, &(0x7f0000000080)={r8, 0x3, r6, 0x5}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) socket$l2tp(0x2, 0x2, 0x73) syz_emit_ethernet(0xfdef, &(0x7f0000000280)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff08004500002800000000003c907800"/38, @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5000000290780000"], 0x0) r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000d0000000008000850000"], &(0x7f0000000100)='GPL\x00', 0x81, 0x0, 0x0, 0x40f00, 0x17, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x46}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000280)='netlink_extack\x00', r9}, 0x10) socket(0x10, 0x3, 0x0) 355.959057ms ago: executing program 1 (id=1088): mkdirat(0xffffffffffffff9c, 0x0, 0x0) r0 = openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) syz_open_dev$dri(&(0x7f0000000100), 0x0, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, 0x0) ioctl$DRM_IOCTL_MODE_GETCRTC(0xffffffffffffffff, 0xc06864a1, &(0x7f00000002c0)={0x0}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, 0x0) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_NEW_SERVICE(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000880)={0x4c, r1, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_SERVICE={0x38, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_FWMARK={0x8}, @IPVS_SVC_ATTR_FLAGS={0xc}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x71}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'dh\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8}]}]}, 0x4c}}, 0x0) 272.987644ms ago: executing program 1 (id=1089): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x2e) fsmount(0xffffffffffffffff, 0x0, 0x0) openat$cgroup_pressure(0xffffffffffffffff, 0x0, 0x2, 0x0) creat(0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x6) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x200000b, 0x10, r0, 0x0) syz_usbip_server_init(0x4) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2) r2 = userfaultfd(0x801) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000576000/0xd000)=nil, 0xd000}}) write$binfmt_aout(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="03040000b500000000000000feefffff"], 0xc8) unlinkat(0xffffffffffffff9c, 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000600)={0xffffffffffffffff}, 0x106}}, 0x20) write$RDMA_USER_CM_CMD_LISTEN(0xffffffffffffffff, &(0x7f0000000280)={0x7, 0x8, 0xfa00, {r3}}, 0x10) write$RDMA_USER_CM_CMD_DESTROY_ID(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x10, 0xfa00, {0x0}}, 0x18) socket$nl_generic(0x10, 0x3, 0x10) r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r4, 0xc058534f, &(0x7f0000000200)={{}, 0xbf}) r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) write$binfmt_aout(r5, &(0x7f0000000240)=ANY=[], 0xff2e) r6 = syz_open_pts(r5, 0x0) r7 = dup3(r6, r5, 0x0) ioctl$TIOCSTI(r7, 0x5412, &(0x7f0000000000)=0x17) 0s ago: executing program 0 (id=1090): r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x6, 0x3, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2d}, 0x90) r1 = socket$packet(0x11, 0x2, 0x300) connect(r1, &(0x7f0000000380)=@caif=@dgm={0x25, 0x8, 0xd}, 0x80) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'syz_tun\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r0, r2}, 0x40) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000e80)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000400000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d77d551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba05c001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5b0384222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09b15c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d5264cb454df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c56f273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56070049d9ea955a5f0dec1b3ccd35364600000000000000000032100000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc201cd07af1491ef060cd4403a099f32448f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c49fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86ecb838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd1119b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65af167f8f13cd0fdbca9c645989c7be25679a34ba2850fe18990087360185f89c7911765497d0f919aeddefde84c13174b679a2e6ae991b6658d204f743b89eb5d580f6ac5a7f255cb8205a32b2bf38d144a6bdd3c72d403bfa7b103b418a540b1329b2b5d8fef2fc8c6634aeecb5614495b450a8fd510f06416fb0cfe99e47c52371055b9a0800805aea58d352e0a1da7b774f4af58837fe71371a6ca1b62898f454090772be7b18bd606f46ec1a04ce219cee23e6cf325df46f7d64a4099119997112c32ccbe59c5455f45f7f028a600421fe7443b96d699b50a981bdc3aa4e9e628eae35d6c064abe0445afc0ec479231c940e874b597a22bd3f4ed3141b5c2c98513ea39ed73b83db70216dc4847ad52ae91eb73ef98c504c230359a4c281ed94fa6ab5f0c140c20e8b30fdff2cb51"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', r2, 0x34, 0xffffffffffffffff, 0x8, 0x0, 0xfffffffffffffd03}, 0x90) syz_emit_ethernet(0x11dc0, &(0x7f0000000a00)=ANY=[@ANYBLOB="aaaaaaaaaaaaaf5c520a041c86dd60"], 0x0) kernel console output (not intermixed with test programs): ][ T4646] Bluetooth: hci4: command 0x0405 tx timeout [ 149.287497][ T6828] FAULT_INJECTION: forcing a failure. [ 149.287497][ T6828] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 149.296299][ T6828] CPU: 2 PID: 6828 Comm: syz.0.477 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0 [ 149.301242][ T6828] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 149.308272][ T6828] Call Trace: [ 149.310046][ T6828] [ 149.311384][ T6828] dump_stack_lvl+0x16c/0x1f0 [ 149.313246][ T6828] should_fail_ex+0x497/0x5b0 [ 149.315546][ T6828] _copy_to_user+0x30/0xc0 [ 149.317712][ T6828] bpf_test_finish.isra.0+0x5b6/0x6b0 [ 149.320238][ T6828] ? find_held_lock+0x2d/0x110 [ 149.322405][ T6828] ? __pfx_bpf_test_finish.isra.0+0x10/0x10 [ 149.324839][ T6828] ? bpf_test_timer_leave+0xb3/0x170 [ 149.327017][ T6828] ? ktime_get+0xfb/0x1a0 [ 149.329768][ T6828] bpf_prog_test_run_sk_lookup+0xa9e/0xcf0 [ 149.332411][ T6828] ? __pfx_bpf_prog_test_run_sk_lookup+0x10/0x10 [ 149.335169][ T6828] ? fput+0x32/0x390 [ 149.337006][ T6828] ? __bpf_prog_get+0xa0/0x2f0 [ 149.339174][ T6828] ? __pfx_bpf_prog_test_run_sk_lookup+0x10/0x10 [ 149.341700][ T6828] __sys_bpf+0x141f/0x5600 [ 149.343529][ T6828] ? __pfx___sys_bpf+0x10/0x10 [ 149.345638][ T6828] ? ksys_write+0x12f/0x260 [ 149.347616][ T6828] ? find_held_lock+0x2d/0x110 [ 149.349759][ T6828] ? ksys_write+0x21c/0x260 [ 149.351756][ T6828] ? __pfx_lock_release+0x10/0x10 [ 149.353809][ T6828] ? vfs_write+0x14d/0x1140 [ 149.356036][ T4646] Bluetooth: hci2: ACL packet for unknown connection handle 3287 [ 149.356883][ T6828] ? __mutex_unlock_slowpath+0x164/0x650 [ 149.360327][ T4646] Bluetooth: Unexpected start frame (len 12) [ 149.362625][ T6828] ? fput+0x32/0x390 [ 149.367039][ T6828] ? ksys_write+0x1ab/0x260 [ 149.368895][ T6828] ? __pfx_ksys_write+0x10/0x10 [ 149.371128][ T6828] __ia32_sys_bpf+0x76/0xe0 [ 149.373156][ T6828] __do_fast_syscall_32+0x73/0x120 [ 149.375458][ T6828] do_fast_syscall_32+0x32/0x80 [ 149.377422][ T6828] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 149.380358][ T6828] RIP: 0023:0xf741e579 [ 149.382181][ T6828] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 149.390771][ T6828] RSP: 002b:00000000f5d3656c EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 149.394028][ T6828] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000020000440 [ 149.397378][ T6828] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000 [ 149.401006][ T6828] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 149.404903][ T6828] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 149.408258][ T6828] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 149.411856][ T6828] [ 149.414299][ C2] hpet: Lost 7 RTC interrupts [ 149.807460][ T5218] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 149.997846][ T5218] usb 5-1: Using ep0 maxpacket: 8 [ 150.002383][ T5218] usb 5-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 150.007336][ T5218] usb 5-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 150.022437][ T5218] usb 5-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 150.034085][ T5218] usb 5-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 150.057478][ T5218] usb 5-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 150.062930][ T5218] usb 5-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 150.080964][ T5218] usb 5-1: string descriptor 0 read error: -22 [ 150.094264][ T5218] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 150.119279][ T5218] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 150.140582][ T5218] adutux 5-1:168.0: interrupt endpoints not found [ 150.346265][ T5218] usb 5-1: USB disconnect, device number 18 [ 150.559129][ T6834] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 150.827476][ T30] usb 8-1: new high-speed USB device number 15 using dummy_hcd [ 150.939440][ T6860] x_tables: duplicate underflow at hook 1 [ 151.007586][ T30] usb 8-1: Using ep0 maxpacket: 16 [ 151.014432][ T30] usb 8-1: config 1 has an invalid descriptor of length 115, skipping remainder of the config [ 151.019278][ T30] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 151.023613][ T30] usb 8-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 151.033316][ T30] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 151.037693][ T30] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 151.041734][ T30] usb 8-1: Product: syz [ 151.043968][ T30] usb 8-1: Manufacturer: syz [ 151.046251][ T30] usb 8-1: SerialNumber: syz [ 151.060866][ T30] cdc_ncm 8-1:1.0: NCM or ECM functional descriptors missing [ 151.064468][ T30] cdc_ncm 8-1:1.0: bind() failure [ 151.268873][ T6846] netlink: 'syz.3.482': attribute type 10 has an invalid length. [ 151.296182][ T6846] batman_adv: batadv0: Adding interface: team0 [ 151.299305][ T6846] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 151.311393][ T6846] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 151.317545][ T6849] netlink: 'syz.3.482': attribute type 10 has an invalid length. [ 151.321298][ T6849] netlink: 2 bytes leftover after parsing attributes in process `syz.3.482'. [ 151.325415][ T6849] team0: entered promiscuous mode [ 151.327910][ T6849] team_slave_0: entered promiscuous mode [ 151.330823][ T6849] team_slave_1: entered promiscuous mode [ 151.337987][ T6849] 8021q: adding VLAN 0 to HW filter on device team0 [ 151.342536][ T6849] batman_adv: batadv0: Interface activated: team0 [ 151.346149][ T6849] batman_adv: batadv0: Interface deactivated: team0 [ 151.349359][ T6849] batman_adv: batadv0: Removing interface: team0 [ 151.354432][ T6849] bridge0: port 3(team0) entered blocking state [ 151.358810][ T6849] bridge0: port 3(team0) entered disabled state [ 151.364330][ T6849] team0: entered allmulticast mode [ 151.366519][ T6849] team_slave_0: entered allmulticast mode [ 151.369331][ T6849] team_slave_1: entered allmulticast mode [ 151.376757][ T6849] bridge0: port 3(team0) entered blocking state [ 151.380565][ T6849] bridge0: port 3(team0) entered forwarding state [ 151.394180][ T969] usb 8-1: USB disconnect, device number 15 [ 151.499347][ T5258] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 151.697609][ T5258] usb 5-1: Using ep0 maxpacket: 32 [ 151.710968][ T5258] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 151.715620][ T5258] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 151.720124][ T5258] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0 [ 151.725084][ T5258] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0 [ 151.730384][ T5258] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0 [ 151.740775][ T5258] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 151.745278][ T5258] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 151.749231][ T5258] usb 5-1: Product: syz [ 151.751336][ T5258] usb 5-1: Manufacturer: syz [ 151.753235][ T5258] usb 5-1: SerialNumber: syz [ 151.986726][ T5258] cdc_ncm 5-1:1.0: bind() failure [ 152.011629][ T5258] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found [ 152.014359][ T5258] cdc_ncm 5-1:1.1: bind() failure [ 152.027280][ T5258] usb 5-1: USB disconnect, device number 19 [ 152.373481][ T6875] input: syz0 as /devices/virtual/input/input20 [ 152.790277][ T6885] kcapi: manufacturer command 14 unknown. [ 152.958771][ T6891] x_tables: duplicate underflow at hook 1 [ 153.461067][ T6899] nft_compat: unsupported protocol 5 [ 153.595231][ C2] hpet: Lost 1 RTC interrupts [ 153.997664][ T5218] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 154.193725][ T5218] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 154.198961][ T5218] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 154.203447][ T5218] usb 6-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 154.208279][ T5218] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 154.213899][ T5218] usb 6-1: config 0 descriptor?? [ 154.639845][ T5218] keytouch 0003:0926:3333.0006: fixing up Keytouch IEC report descriptor [ 154.666381][ T5218] input: HID 0926:3333 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/0003:0926:3333.0006/input/input21 [ 154.825012][ T5218] keytouch 0003:0926:3333.0006: input,hidraw1: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.1-1/input0 [ 154.856000][ T6914] x_tables: ip6_tables: socket match: used from hooks FORWARD, but only valid from PREROUTING/INPUT [ 154.878605][ T5218] usb 6-1: USB disconnect, device number 9 [ 156.197894][ T6944] FAULT_INJECTION: forcing a failure. [ 156.197894][ T6944] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 156.206089][ T6944] CPU: 2 PID: 6944 Comm: syz.0.510 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0 [ 156.210304][ T6944] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 156.214924][ T6944] Call Trace: [ 156.216390][ T6944] [ 156.217707][ T6944] dump_stack_lvl+0x16c/0x1f0 [ 156.219856][ T6944] should_fail_ex+0x497/0x5b0 [ 156.221947][ T6944] _copy_from_user+0x30/0xf0 [ 156.224061][ T6944] vhost_net_ioctl+0x47e/0x16f0 [ 156.226229][ T6944] ? __pfx_vhost_net_ioctl+0x10/0x10 [ 156.228362][ T6944] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 156.230642][ T6944] ? __fget_files+0x256/0x400 [ 156.232586][ T6944] ? __pfx_vhost_net_ioctl+0x10/0x10 [ 156.234695][ T6944] compat_ptr_ioctl+0x71/0xb0 [ 156.236741][ T6944] ? __pfx_compat_ptr_ioctl+0x10/0x10 [ 156.239015][ T6944] __do_compat_sys_ioctl+0x2c3/0x330 [ 156.241282][ T6944] __do_fast_syscall_32+0x73/0x120 [ 156.243460][ T6944] do_fast_syscall_32+0x32/0x80 [ 156.245559][ T6944] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 156.248195][ T6944] RIP: 0023:0xf741e579 [ 156.249914][ T6944] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 156.257917][ T6944] RSP: 002b:00000000f5d3656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 156.261424][ T6944] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 000000004008af30 [ 156.264796][ T6944] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 0000000000000000 [ 156.268167][ T6944] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 156.271521][ T6944] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 156.274810][ T6944] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 156.278194][ T6944] [ 156.280038][ C2] hpet: Lost 3 RTC interrupts [ 156.867144][ T6958] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4) [ 156.870501][ T6958] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 156.879260][ T6958] vhci_hcd vhci_hcd.0: Device attached [ 157.097591][ T5218] vhci_hcd: vhci_device speed not set [ 157.167506][ T5218] usb 15-1: new full-speed USB device number 2 using vhci_hcd [ 157.691986][ T6959] vhci_hcd: connection reset by peer [ 157.697712][ T105] vhci_hcd: stop threads [ 157.700179][ T105] vhci_hcd: release socket [ 157.723562][ T105] vhci_hcd: disconnect device [ 158.051169][ T6980] input: syz0 as /devices/virtual/input/input22 [ 159.733005][ T7015] FAULT_INJECTION: forcing a failure. [ 159.733005][ T7015] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 159.747628][ T7015] CPU: 0 PID: 7015 Comm: syz.0.527 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0 [ 159.751804][ T7015] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 159.756550][ T7015] Call Trace: [ 159.758111][ T7015] [ 159.759516][ T7015] dump_stack_lvl+0x16c/0x1f0 [ 159.761694][ T7015] should_fail_ex+0x497/0x5b0 [ 159.763802][ T7015] _copy_from_user+0x30/0xf0 [ 159.765912][ T7015] get_compat_msghdr+0xa8/0x170 [ 159.768012][ T7015] ? __pfx_get_compat_msghdr+0x10/0x10 [ 159.770557][ T7015] ? kfree+0x245/0x3b0 [ 159.772328][ T7015] ___sys_sendmsg+0x1b0/0x1e0 [ 159.774424][ T7015] ? __pfx____sys_sendmsg+0x10/0x10 [ 159.776540][ T7015] ? __pfx_lock_release+0x10/0x10 [ 159.778439][ T7015] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 159.780988][ T7015] ? __pfx___might_resched+0x10/0x10 [ 159.783230][ T7015] ? __fget_light+0x173/0x210 [ 159.785242][ T7015] __sys_sendmmsg+0x2a5/0x450 [ 159.787709][ T7015] ? __pfx___sys_sendmmsg+0x10/0x10 [ 159.790071][ T7015] ? vfs_write+0x14d/0x1140 [ 159.792059][ T7015] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 159.794662][ T7015] ? fput+0x32/0x390 [ 159.796455][ T7015] ? ksys_write+0x1ab/0x260 [ 159.798260][ T7015] ? __pfx_ksys_write+0x10/0x10 [ 159.800211][ T7015] __ia32_compat_sys_sendmmsg+0x9d/0x100 [ 159.802431][ T7015] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 159.805035][ T7015] __do_fast_syscall_32+0x73/0x120 [ 159.807021][ T7015] do_fast_syscall_32+0x32/0x80 [ 159.809304][ T7015] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 159.812139][ T7015] RIP: 0023:0xf741e579 [ 159.813895][ T7015] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 159.821556][ T7015] RSP: 002b:00000000f5d1556c EFLAGS: 00000296 ORIG_RAX: 0000000000000159 [ 159.824997][ T7015] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200038c0 [ 159.827670][ T7015] RDX: 00000000ffffff06 RSI: 0000000000000000 RDI: 0000000000000000 [ 159.831394][ T7015] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 159.835557][ T7015] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 159.840480][ T7015] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 159.845399][ T7015] [ 160.131864][ T7022] Driver unsupported XDP return value 0 on prog (id 207) dev N/A, expect packet loss! [ 161.103227][ T7048] input: syz0 as /devices/virtual/input/input23 [ 162.277520][ T5218] vhci_hcd: vhci_device speed not set [ 162.397673][ T59] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 162.619424][ T59] usb 5-1: config index 0 descriptor too short (expected 23569, got 27) [ 162.624883][ T59] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 162.633694][ T59] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 162.639411][ T59] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 162.643078][ T59] usb 5-1: Manufacturer: syz [ 162.648476][ T59] usb 5-1: config 0 descriptor?? [ 162.694874][ T39] audit: type=1326 audit(1721402595.082:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7013 comm="syz.2.528" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f47579 code=0x7fc00000 [ 162.728648][ T59] rc_core: IR keymap rc-hauppauge not found [ 162.732213][ T59] Registered IR keymap rc-empty [ 162.748270][ T59] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0 [ 162.757289][ T59] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0/input24 [ 162.873430][ T5000] usb 5-1: USB disconnect, device number 20 [ 163.460180][ T7087] input: syz0 as /devices/virtual/input/input25 [ 164.802170][ T7112] netlink: 'syz.3.558': attribute type 2 has an invalid length. [ 164.805722][ T7112] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.558'. [ 164.814534][ T4646] Bluetooth: hci2: Malformed Event: 0x02 [ 165.050801][ T7119] netlink: 32 bytes leftover after parsing attributes in process `syz.0.560'. [ 165.271108][ T39] audit: type=1326 audit(1721402597.662:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7122 comm="syz.0.561" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000 [ 165.279574][ T39] audit: type=1326 audit(1721402597.662:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7122 comm="syz.0.561" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000 [ 165.288668][ T39] audit: type=1326 audit(1721402597.662:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7122 comm="syz.0.561" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf741e579 code=0x7ffc0000 [ 165.296745][ T39] audit: type=1326 audit(1721402597.662:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7122 comm="syz.0.561" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000 [ 165.305019][ T39] audit: type=1326 audit(1721402597.662:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7122 comm="syz.0.561" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf741e579 code=0x7ffc0000 [ 165.312608][ T39] audit: type=1326 audit(1721402597.662:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7122 comm="syz.0.561" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000 [ 165.320612][ T39] audit: type=1326 audit(1721402597.662:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7122 comm="syz.0.561" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf741e579 code=0x7ffc0000 [ 165.329359][ T39] audit: type=1326 audit(1721402597.662:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7122 comm="syz.0.561" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000 [ 165.337265][ T39] audit: type=1326 audit(1721402597.662:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7122 comm="syz.0.561" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000 [ 165.705412][ T7136] input: syz0 as /devices/virtual/input/input27 [ 165.829650][ T7138] input: syz0 as /devices/virtual/input/input28 [ 167.030584][ T7163] fuse: Bad value for 'group_id' [ 167.032913][ T7163] fuse: Bad value for 'group_id' [ 167.747676][ T5218] usb 8-1: new high-speed USB device number 16 using dummy_hcd [ 167.949877][ T5218] usb 8-1: config 0 has no interfaces? [ 167.954007][ T5218] usb 8-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 167.958039][ T5218] usb 8-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 167.961454][ T5218] usb 8-1: Manufacturer: syz [ 167.968941][ T5218] usb 8-1: config 0 descriptor?? [ 168.096033][ T7184] input: syz0 as /devices/virtual/input/input30 [ 168.222009][ T5218] usb 8-1: USB disconnect, device number 16 [ 168.817661][ T5218] usb 8-1: new high-speed USB device number 17 using dummy_hcd [ 169.028467][ T5218] usb 8-1: Using ep0 maxpacket: 16 [ 169.034527][ T5218] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 169.039761][ T5218] usb 8-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 169.047618][ T5218] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 169.056021][ T5218] usb 8-1: config 0 descriptor?? [ 169.065312][ T5211] kernel write not supported for file /stat (pid: 5211 comm: kworker/1:3) [ 169.065438][ T5218] input: bcm5974 as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/input/input31 [ 169.139491][ T7212] input: syz0 as /devices/virtual/input/input32 [ 169.318828][ T4686] bcm5974 8-1:0.0: could not read from device [ 169.334527][ T7169] bcm5974 8-1:0.0: could not read from device [ 169.336621][ T5218] usb 8-1: USB disconnect, device number 17 [ 169.348775][ T4686] bcm5974 8-1:0.0: could not read from device [ 170.187412][ C2] hpet_rtc_timer_reinit: 15 callbacks suppressed [ 170.187430][ C2] hpet: Lost 1 RTC interrupts [ 170.320696][ T7245] input: syz0 as /devices/virtual/input/input33 [ 170.323341][ T7244] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4) [ 170.326719][ T7244] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 170.349541][ T7244] vhci_hcd vhci_hcd.0: Device attached [ 170.378638][ T7243] FAULT_INJECTION: forcing a failure. [ 170.378638][ T7243] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 170.384577][ T7243] CPU: 3 PID: 7243 Comm: syz.3.607 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0 [ 170.388481][ T7243] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 170.393368][ T7243] Call Trace: [ 170.395673][ T7243] [ 170.397037][ T7243] dump_stack_lvl+0x16c/0x1f0 [ 170.399024][ T7243] should_fail_ex+0x497/0x5b0 [ 170.402950][ T7243] _copy_from_user+0x30/0xf0 [ 170.403621][ T7226] cdrom: dropping to single frame dma [ 170.404788][ T7243] input_event_from_user+0x22d/0x3b0 [ 170.404826][ T7243] ? __pfx_input_event_from_user+0x10/0x10 [ 170.404838][ T7243] ? input_inject_event+0x193/0x370 [ 170.404851][ T7243] evdev_write+0x374/0x750 [ 170.416275][ T7243] ? __pfx_evdev_write+0x10/0x10 [ 170.418530][ T7243] ? bpf_lsm_file_permission+0x9/0x10 [ 170.420826][ T7243] ? security_file_permission+0x98/0xc0 [ 170.423394][ T7243] ? __pfx_evdev_write+0x10/0x10 [ 170.425538][ T7243] vfs_write+0x29a/0x1140 [ 170.426861][ T7243] ? __pfx_vfs_write+0x10/0x10 [ 170.428691][ T7243] ? __fget_files+0x256/0x400 [ 170.430576][ T7243] ? __fget_light+0x173/0x210 [ 170.433110][ T7243] ksys_write+0x1f8/0x260 [ 170.435197][ T7243] ? __pfx_ksys_write+0x10/0x10 [ 170.437518][ T7243] __do_fast_syscall_32+0x73/0x120 [ 170.440033][ T7243] do_fast_syscall_32+0x32/0x80 [ 170.442226][ T7243] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 170.445045][ T7243] RIP: 0023:0xf7f03579 [ 170.446989][ T7243] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 170.454898][ T7243] RSP: 002b:00000000f5cb656c EFLAGS: 00000296 ORIG_RAX: 0000000000000004 [ 170.458386][ T7243] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000040 [ 170.462026][ T7243] RDX: 0000000000001068 RSI: 0000000000000000 RDI: 0000000000000000 [ 170.465895][ T7243] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 170.469591][ T7243] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 170.475017][ T7243] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 170.477733][ T7243] [ 170.479153][ C3] vkms_vblank_simulate: vblank timer overrun [ 170.577786][ T5258] vhci_hcd: vhci_device speed not set [ 170.657481][ T5258] usb 15-1: new full-speed USB device number 3 using vhci_hcd [ 171.120204][ T7246] vhci_hcd: connection reset by peer [ 171.122976][ T45] vhci_hcd: stop threads [ 171.125607][ T45] vhci_hcd: release socket [ 171.128051][ T45] vhci_hcd: disconnect device [ 171.271893][ T7257] input: syz0 as /devices/virtual/input/input34 [ 171.657791][ T10] usb 7-1: new high-speed USB device number 10 using dummy_hcd [ 171.808255][ T10] usb 7-1: device descriptor read/64, error -71 [ 172.038955][ T7262] netlink: 4 bytes leftover after parsing attributes in process `syz.0.613'. [ 172.056309][ T7262] fuse: Unknown parameter '0xffffffffffffffff' [ 172.087640][ T10] usb 7-1: new high-speed USB device number 11 using dummy_hcd [ 172.223872][ T7270] netlink: 'syz.3.616': attribute type 2 has an invalid length. [ 172.228038][ T7270] netlink: 4 bytes leftover after parsing attributes in process `syz.3.616'. [ 172.239207][ T10] usb 7-1: device descriptor read/64, error -71 [ 172.342787][ T7277] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 172.346680][ T7277] overlayfs: failed to set xattr on upper [ 172.353973][ T7277] overlayfs: ...falling back to redirect_dir=nofollow. [ 172.356972][ T7277] overlayfs: ...falling back to index=off. [ 172.358433][ T10] usb usb7-port1: attempt power cycle [ 172.362511][ T7277] overlayfs: ...falling back to uuid=null. [ 172.382049][ T7277] netlink: 240 bytes leftover after parsing attributes in process `syz.3.620'. [ 172.624104][ T7289] delete_channel: no stack [ 172.772533][ T7296] input: syz0 as /devices/virtual/input/input35 [ 172.778931][ T10] usb 7-1: new high-speed USB device number 12 using dummy_hcd [ 172.802119][ T5000] libceph: connect (1)[c::]:6789 error -101 [ 172.819151][ T5000] libceph: mon0 (1)[c::]:6789 connect error [ 172.858613][ T10] usb 7-1: device descriptor read/8, error -71 [ 172.977545][ T7300] netlink: 16 bytes leftover after parsing attributes in process `syz.0.626'. [ 173.059955][ T7299] overlay: ./file0 is not a directory [ 173.079777][ T5000] libceph: connect (1)[c::]:6789 error -101 [ 173.082509][ T5000] libceph: mon0 (1)[c::]:6789 connect error [ 173.187515][ T10] usb 7-1: new high-speed USB device number 13 using dummy_hcd [ 173.219394][ T10] usb 7-1: device descriptor read/8, error -71 [ 173.343608][ T10] usb usb7-port1: unable to enumerate USB device [ 173.560327][ T7292] ceph: No mds server is up or the cluster is laggy [ 173.589528][ T5000] libceph: connect (1)[c::]:6789 error -101 [ 173.593793][ T5000] libceph: mon0 (1)[c::]:6789 connect error [ 173.879287][ T7324] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4) [ 173.881996][ T7324] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 173.893988][ T7324] vhci_hcd vhci_hcd.0: Device attached [ 174.514787][ T7344] input: syz0 as /devices/virtual/input/input36 [ 174.656660][ T7325] vhci_hcd: connection closed [ 174.658572][ T13] vhci_hcd: stop threads [ 174.662158][ T13] vhci_hcd: release socket [ 174.667681][ T13] vhci_hcd: disconnect device [ 174.681847][ T7346] input: syz0 as /devices/virtual/input/input37 [ 175.608249][ T7364] netlink: 48 bytes leftover after parsing attributes in process `syz.3.642'. [ 175.798162][ T5258] vhci_hcd: vhci_device speed not set [ 175.829690][ T7373] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 176.469450][ T7387] netlink: 24 bytes leftover after parsing attributes in process `syz.0.651'. [ 176.600827][ T7392] input: syz0 as /devices/virtual/input/input38 [ 177.292303][ T5218] IPVS: starting estimator thread 0... [ 177.387571][ T7402] IPVS: using max 20 ests per chain, 48000 per kthread [ 177.426669][ T7406] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4) [ 177.429425][ T7406] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 177.433668][ T7406] vhci_hcd vhci_hcd.0: Device attached [ 177.648466][ T5218] vhci_hcd: vhci_device speed not set [ 177.739108][ T5218] usb 15-1: new full-speed USB device number 4 using vhci_hcd [ 178.204786][ T7407] vhci_hcd: connection reset by peer [ 178.213701][ T1148] vhci_hcd: stop threads [ 178.215555][ T1148] vhci_hcd: release socket [ 178.217422][ T1148] vhci_hcd: disconnect device [ 180.105934][ T7438] input: syz0 as /devices/virtual/input/input39 [ 180.299189][ T7440] input: syz0 as /devices/virtual/input/input40 [ 180.863690][ T7448] input: syz0 as /devices/virtual/input/input41 [ 181.077508][ T5210] Bluetooth: hci2: command 0x0406 tx timeout [ 182.043649][ T7464] syzkaller0: entered promiscuous mode [ 182.047061][ T7464] syzkaller0: entered allmulticast mode [ 182.056518][ T7470] fuse: Bad value for 'user_id' [ 182.062847][ T7470] fuse: Bad value for 'user_id' [ 182.081348][ T7470] netlink: 28 bytes leftover after parsing attributes in process `syz.3.673'. [ 182.321250][ T7474] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4) [ 182.324004][ T7474] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 182.330070][ T7474] vhci_hcd vhci_hcd.0: Device attached [ 182.557545][ T5261] vhci_hcd: vhci_device speed not set [ 182.636680][ T5261] usb 19-1: new full-speed USB device number 2 using vhci_hcd [ 182.847889][ T5218] vhci_hcd: vhci_device speed not set [ 183.052316][ T7482] input: syz0 as /devices/virtual/input/input42 [ 183.127148][ T7475] vhci_hcd: connection reset by peer [ 183.137968][ T1148] vhci_hcd: stop threads [ 183.183986][ T1148] vhci_hcd: release socket [ 183.186027][ T1148] vhci_hcd: disconnect device [ 184.035633][ T7491] input: syz0 as /devices/virtual/input/input43 [ 185.762832][ T7524] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4) [ 185.765782][ T7524] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 185.772561][ T7524] vhci_hcd vhci_hcd.0: Device attached [ 185.827478][ T5258] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 186.052441][ T7530] input: syz0 as /devices/virtual/input/input44 [ 186.056127][ T5258] usb 6-1: config 0 has no interfaces? [ 186.067447][ T5258] usb 6-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 186.076445][ T5258] usb 6-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 186.080691][ T5258] usb 6-1: Manufacturer: syz [ 186.089779][ T5258] usb 6-1: config 0 descriptor?? [ 186.363396][ T5258] usb 6-1: USB disconnect, device number 10 [ 186.535271][ T7525] vhci_hcd: connection closed [ 186.547732][ T45] vhci_hcd: stop threads [ 186.551692][ T45] vhci_hcd: release socket [ 186.562930][ T45] vhci_hcd: disconnect device [ 186.772465][ T7535] input: syz0 as /devices/virtual/input/input45 [ 187.200151][ T7540] x_tables: duplicate underflow at hook 1 [ 187.561768][ T7543] x_tables: duplicate underflow at hook 1 [ 187.758798][ T7546] input: syz0 as /devices/virtual/input/input48 [ 187.797523][ T5261] vhci_hcd: vhci_device speed not set [ 188.825290][ T7551] netlink: 8 bytes leftover after parsing attributes in process `syz.2.693'. [ 188.830195][ T7551] FAULT_INJECTION: forcing a failure. [ 188.830195][ T7551] name failslab, interval 1, probability 0, space 0, times 0 [ 188.836292][ T7551] CPU: 1 PID: 7551 Comm: syz.2.693 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0 [ 188.840281][ T7551] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 188.845021][ T7551] Call Trace: [ 188.846480][ T7551] [ 188.847769][ T7551] dump_stack_lvl+0x16c/0x1f0 [ 188.849654][ T7551] should_fail_ex+0x497/0x5b0 [ 188.851614][ T7551] should_failslab+0x9/0x20 [ 188.853538][ T7551] __kmalloc_cache_noprof+0x6b/0x310 [ 188.855805][ T7551] ? alloc_netdev_mqs+0xddb/0x1290 [ 188.857945][ T7551] alloc_netdev_mqs+0xddb/0x1290 [ 188.860073][ T7551] rtnl_create_link+0xbed/0xf10 [ 188.862204][ T7551] __rtnl_newlink+0x10b3/0x1960 [ 188.864356][ T7551] ? __pfx___rtnl_newlink+0x10/0x10 [ 188.866678][ T7551] rtnl_newlink+0x67/0xa0 [ 188.868694][ T7551] ? __pfx_rtnl_newlink+0x10/0x10 [ 188.871124][ T7551] rtnetlink_rcv_msg+0x3c7/0xea0 [ 188.873366][ T7551] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 188.876127][ T7551] ? __pfx___dev_queue_xmit+0x10/0x10 [ 188.878564][ T7551] netlink_rcv_skb+0x165/0x410 [ 188.880626][ T7551] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 188.883122][ T7551] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 188.885496][ T7551] ? netlink_deliver_tap+0x1ae/0xcf0 [ 188.887897][ T7551] netlink_unicast+0x544/0x830 [ 188.890069][ T7551] ? __pfx_netlink_unicast+0x10/0x10 [ 188.892463][ T7551] ? __phys_addr_symbol+0x30/0x80 [ 188.894642][ T7551] ? __check_object_size+0x4a7/0x720 [ 188.896999][ T7551] netlink_sendmsg+0x8b8/0xd70 [ 188.899297][ T7551] ? __pfx_netlink_sendmsg+0x10/0x10 [ 188.902154][ T7551] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 188.904818][ T7551] ____sys_sendmsg+0x9b4/0xb50 [ 188.907095][ T7551] ? __pfx_____sys_sendmsg+0x10/0x10 [ 188.909903][ T7551] ? get_compat_msghdr+0x11b/0x170 [ 188.912307][ T7551] ? __pfx___lock_acquire+0x10/0x10 [ 188.914619][ T7551] ___sys_sendmsg+0x135/0x1e0 [ 188.916422][ T7551] ? __pfx____sys_sendmsg+0x10/0x10 [ 188.918680][ T7551] ? ksys_write+0x21c/0x260 [ 188.920837][ T7551] ? __fget_light+0x173/0x210 [ 188.922942][ T7551] __sys_sendmsg+0x117/0x1f0 [ 188.924748][ T7551] ? __pfx___sys_sendmsg+0x10/0x10 [ 188.926582][ T7551] __do_fast_syscall_32+0x73/0x120 [ 188.928618][ T7551] do_fast_syscall_32+0x32/0x80 [ 188.930701][ T7551] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 188.933404][ T7551] RIP: 0023:0xf7f47579 [ 188.935207][ T7551] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 188.942633][ T7551] RSP: 002b:00000000f5cf656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 188.946081][ T7551] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200002c0 [ 188.949561][ T7551] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 188.953509][ T7551] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 188.957087][ T7551] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 188.960701][ T7551] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 188.963924][ T7551] [ 189.676802][ T7562] netlink: 18 bytes leftover after parsing attributes in process `syz.0.697'. [ 189.696320][ T7563] input: syz0 as /devices/virtual/input/input49 [ 189.696384][ T7562] netlink: 5572 bytes leftover after parsing attributes in process `syz.0.697'. [ 189.704176][ T7562] netlink: 12 bytes leftover after parsing attributes in process `syz.0.697'. [ 189.708674][ T7562] netlink: 12 bytes leftover after parsing attributes in process `syz.0.697'. [ 190.251166][ T7572] input: syz0 as /devices/virtual/input/input50 [ 190.257470][ T5255] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 190.294484][ C2] hpet: Lost 1 RTC interrupts [ 190.461920][ T5255] usb 5-1: config 0 has no interfaces? [ 190.470829][ T5255] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 190.474527][ T5255] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 190.477992][ T5255] usb 5-1: Manufacturer: syz [ 190.488213][ T5255] usb 5-1: config 0 descriptor?? [ 190.758956][ T5218] usb 5-1: USB disconnect, device number 21 [ 190.854871][ T7581] input: syz0 as /devices/virtual/input/input51 [ 190.917938][ T5258] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 191.117551][ T5258] usb 6-1: Using ep0 maxpacket: 8 [ 191.124891][ T5258] usb 6-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 191.133638][ T5258] usb 6-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 191.142858][ T5258] usb 6-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 191.147937][ T5258] usb 6-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 191.155809][ T5258] usb 6-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 191.160845][ T5258] usb 6-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 191.163030][ T7587] x_tables: duplicate underflow at hook 1 [ 191.170125][ T5258] usb 6-1: string descriptor 0 read error: -22 [ 191.173232][ T5258] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 191.177120][ T5258] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 191.195367][ T5258] adutux 6-1:168.0: interrupt endpoints not found [ 191.209341][ C2] hpet: Lost 1 RTC interrupts [ 191.395882][ T5258] usb 6-1: USB disconnect, device number 11 [ 191.616190][ T7578] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 191.954953][ T7592] x_tables: duplicate underflow at hook 1 [ 192.793074][ T7598] x_tables: duplicate underflow at hook 1 [ 193.605784][ T5255] usb 7-1: new high-speed USB device number 14 using dummy_hcd [ 193.810371][ T5255] usb 7-1: config 0 has no interfaces? [ 193.814735][ T5255] usb 7-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 193.821935][ T5255] usb 7-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 193.825377][ T5255] usb 7-1: Manufacturer: syz [ 193.830260][ T5255] usb 7-1: config 0 descriptor?? [ 193.872398][ T7620] input: syz0 as /devices/virtual/input/input55 [ 194.071157][ T5255] usb 7-1: USB disconnect, device number 14 [ 194.834434][ C2] hpet: Lost 1 RTC interrupts [ 195.148054][ T7630] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 195.177544][ T5255] usb 5-1: new high-speed USB device number 22 using dummy_hcd [ 195.247472][ T5000] usb 7-1: new high-speed USB device number 15 using dummy_hcd [ 195.377521][ T5255] usb 5-1: Using ep0 maxpacket: 8 [ 195.384496][ T5255] usb 5-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 195.397513][ T5000] usb 7-1: device descriptor read/64, error -71 [ 195.401499][ T5255] usb 5-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 195.409682][ T5255] usb 5-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 195.415453][ T5255] usb 5-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 195.424209][ T5255] usb 5-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 195.429081][ T5255] usb 5-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 195.444871][ T5255] usb 5-1: string descriptor 0 read error: -22 [ 195.449267][ T5255] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 195.453704][ T5255] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 195.465599][ T5255] adutux 5-1:168.0: interrupt endpoints not found [ 195.542385][ T7636] x_tables: duplicate underflow at hook 1 [ 195.690049][ T5255] usb 5-1: USB disconnect, device number 22 [ 195.692811][ T5000] usb 7-1: new high-speed USB device number 16 using dummy_hcd [ 195.847746][ T5000] usb 7-1: device descriptor read/64, error -71 [ 195.896317][ T7624] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 195.977512][ T5000] usb usb7-port1: attempt power cycle [ 196.203626][ C2] hpet: Lost 1 RTC interrupts [ 196.397531][ T5000] usb 7-1: new high-speed USB device number 17 using dummy_hcd [ 196.428263][ T5000] usb 7-1: device descriptor read/8, error -71 [ 196.521488][ T39] audit: type=1326 audit(1721402628.912:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7648 comm="syz.0.727" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000 [ 196.533332][ T39] audit: type=1326 audit(1721402628.912:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7648 comm="syz.0.727" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000 [ 196.545177][ T39] audit: type=1326 audit(1721402628.912:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7648 comm="syz.0.727" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf741e579 code=0x7ffc0000 [ 196.558458][ T39] audit: type=1326 audit(1721402628.912:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7648 comm="syz.0.727" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000 [ 196.568794][ T39] audit: type=1326 audit(1721402628.912:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7648 comm="syz.0.727" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf741e579 code=0x7ffc0000 [ 196.579423][ T39] audit: type=1326 audit(1721402628.912:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7648 comm="syz.0.727" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000 [ 196.591641][ T39] audit: type=1326 audit(1721402628.912:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7648 comm="syz.0.727" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000 [ 196.603272][ T39] audit: type=1326 audit(1721402628.912:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7648 comm="syz.0.727" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf741e579 code=0x7ffc0000 [ 196.610843][ T7649] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 196.613165][ T39] audit: type=1326 audit(1721402628.912:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7648 comm="syz.0.727" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000 [ 196.642495][ T7649] kvm: pic: non byte read [ 196.646040][ T7649] kvm: pic: level sensitive irq not supported [ 196.647009][ T7649] kvm: pic: non byte read [ 196.651334][ T5252] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 196.657670][ T7649] kvm: pic: level sensitive irq not supported [ 196.658466][ T7649] kvm: pic: non byte read [ 196.666604][ T7649] kvm: pic: level sensitive irq not supported [ 196.667041][ T7649] kvm: pic: non byte read [ 196.707499][ T5000] usb 7-1: new high-speed USB device number 18 using dummy_hcd [ 196.748271][ T5000] usb 7-1: device descriptor read/8, error -71 [ 196.857520][ T5252] usb 6-1: config 0 has no interfaces? [ 196.862188][ T5252] usb 6-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 196.867878][ T5000] usb usb7-port1: unable to enumerate USB device [ 196.877426][ T5252] usb 6-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 196.883893][ T5252] usb 6-1: Manufacturer: syz [ 196.898363][ T5252] usb 6-1: config 0 descriptor?? [ 197.138120][ T5000] usb 6-1: USB disconnect, device number 12 [ 197.415157][ T7660] netlink: 23 bytes leftover after parsing attributes in process `syz.3.730'. [ 197.639458][ T7666] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6) [ 197.642447][ T7666] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 197.650376][ T7667] vhci_hcd vhci_hcd.0: pdev(3) rhport(1) sockfd(9) [ 197.653241][ T7667] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 197.657868][ T7667] vhci_hcd vhci_hcd.0: Device attached [ 197.664575][ T7666] vhci_hcd vhci_hcd.0: Device attached [ 197.681396][ T4646] Bluetooth: hci2: unexpected event for opcode 0x0c22 [ 197.767840][ T5000] usb 6-1: new high-speed USB device number 13 using dummy_hcd [ 197.795766][ T7668] vhci_hcd: connection closed [ 197.798271][ T11] vhci_hcd: stop threads [ 197.802343][ T11] vhci_hcd: release socket [ 197.805309][ T11] vhci_hcd: disconnect device [ 197.808766][ T7669] vhci_hcd: connection closed [ 197.809579][ T13] vhci_hcd: stop threads [ 197.818185][ T13] vhci_hcd: release socket [ 197.820255][ T13] vhci_hcd: disconnect device [ 197.869867][ T5258] vhci_hcd: vhci_device speed not set [ 197.957725][ T5000] usb 6-1: Using ep0 maxpacket: 16 [ 197.965114][ T5000] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 197.971310][ T5000] usb 6-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 197.976759][ T5000] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 198.000483][ T5000] usb 6-1: config 0 descriptor?? [ 198.019947][ T5000] input: bcm5974 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input57 [ 198.284252][ T5255] usb 6-1: USB disconnect, device number 13 [ 198.284955][ T4686] bcm5974 6-1:0.0: could not read from device [ 198.292713][ T6765] bcm5974 6-1:0.0: could not read from device [ 198.478182][ T5000] usb 7-1: new high-speed USB device number 19 using dummy_hcd [ 198.687462][ T5000] usb 7-1: Using ep0 maxpacket: 8 [ 198.692226][ T5000] usb 7-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 198.697028][ T5000] usb 7-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 198.709824][ T5000] usb 7-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 198.714610][ T5000] usb 7-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 198.724541][ T5000] usb 7-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 198.730617][ T5000] usb 7-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 198.742238][ T5000] usb 7-1: string descriptor 0 read error: -22 [ 198.745114][ T5000] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 198.750065][ T5000] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 198.756785][ T5000] adutux 7-1:168.0: interrupt endpoints not found [ 198.971545][ T5255] usb 7-1: USB disconnect, device number 19 [ 199.217498][ T7678] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 199.335314][ T7688] x_tables: duplicate underflow at hook 1 [ 199.502546][ T1356] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.507984][ T1356] ieee802154 phy1 wpan1: encryption failed: -22 [ 199.541959][ T13] bridge_slave_1: left allmulticast mode [ 199.545379][ T13] bridge_slave_1: left promiscuous mode [ 199.550536][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 199.614900][ T13] bridge_slave_0: left allmulticast mode [ 199.617538][ T13] bridge_slave_0: left promiscuous mode [ 199.620079][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 199.963047][ T7692] FAULT_INJECTION: forcing a failure. [ 199.963047][ T7692] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 200.042496][ T7692] CPU: 0 PID: 7692 Comm: syz.3.739 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0 [ 200.056734][ T7692] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 200.062004][ T7692] Call Trace: [ 200.063950][ T7692] [ 200.066064][ T7692] dump_stack_lvl+0x16c/0x1f0 [ 200.070349][ T7692] should_fail_ex+0x497/0x5b0 [ 200.073459][ T7692] _copy_from_user+0x30/0xf0 [ 200.075568][ T7692] do_compat_sigaltstack+0xf7/0x2f0 [ 200.078168][ T7692] ? __pfx_do_compat_sigaltstack+0x10/0x10 [ 200.081299][ T7692] ? ia32_restore_sigcontext+0x416/0x5d0 [ 200.085175][ T7692] ? __pfx_ia32_restore_sigcontext+0x10/0x10 [ 200.088412][ T7692] ? _raw_spin_unlock_irq+0x23/0x50 [ 200.090810][ T7692] ? lockdep_hardirqs_on+0x7c/0x110 [ 200.093123][ T7692] compat_restore_altstack+0x17/0x40 [ 200.095248][ T7692] __do_compat_sys_rt_sigreturn+0x18c/0x1f0 [ 200.097953][ T7692] ? __pfx___do_compat_sys_rt_sigreturn+0x10/0x10 [ 200.100674][ T7692] do_int80_emulation+0x104/0x200 [ 200.102650][ T7692] asm_int80_emulation+0x1a/0x20 [ 200.105471][ T7692] RIP: 0023:0xf7f03577 [ 200.107391][ T7692] Code: 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 80 5d 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 [ 200.119594][ T7692] RSP: 002b:00000000f5cb656c EFLAGS: 00000296 [ 200.123281][ T7692] RAX: 000000000000013b RBX: 0000000000000005 RCX: 0000000000000004 [ 200.128634][ T7692] RDX: 0000000000000008 RSI: 0000000000000000 RDI: 0000000000000000 [ 200.132641][ T7692] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 200.135991][ T7692] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 200.139450][ T7692] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 200.142813][ T7692] [ 200.767462][ T5258] usb 8-1: new high-speed USB device number 18 using dummy_hcd [ 200.923512][ T4646] Bluetooth: hci4: command 0x0405 tx timeout [ 200.969839][ T5258] usb 8-1: Using ep0 maxpacket: 32 [ 200.973925][ T5258] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 200.982589][ T5258] usb 8-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 201.002962][ T5258] usb 8-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0 [ 201.006703][ T5258] usb 8-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0 [ 201.010444][ T5258] usb 8-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0 [ 201.029617][ T5258] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 201.033616][ T5258] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 201.037277][ T5258] usb 8-1: Product: syz [ 201.039275][ T5258] usb 8-1: Manufacturer: syz [ 201.041522][ T5258] usb 8-1: SerialNumber: syz [ 201.168034][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 201.187957][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 201.211157][ T13] bond0 (unregistering): (slave macvlan0): Releasing backup interface [ 201.225459][ T13] bond0 (unregistering): Released all slaves [ 201.337484][ T25] usb 7-1: new high-speed USB device number 20 using dummy_hcd [ 201.489281][ T25] usb 7-1: device descriptor read/64, error -71 [ 201.757492][ T25] usb 7-1: new high-speed USB device number 21 using dummy_hcd [ 201.907485][ T25] usb 7-1: device descriptor read/64, error -71 [ 201.937589][ T13] hsr_slave_0: left promiscuous mode [ 201.967276][ T13] hsr_slave_1: left promiscuous mode [ 201.972782][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 201.975730][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 201.980968][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 201.993030][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 202.037952][ T25] usb usb7-port1: attempt power cycle [ 202.090019][ T13] veth1_macvtap: left promiscuous mode [ 202.108636][ T13] veth0_macvtap: left promiscuous mode [ 202.111113][ T13] veth1_vlan: left promiscuous mode [ 202.113677][ T13] veth0_vlan: left promiscuous mode [ 202.457565][ T25] usb 7-1: new high-speed USB device number 22 using dummy_hcd [ 202.490746][ T25] usb 7-1: device descriptor read/8, error -71 [ 202.757532][ T25] usb 7-1: new high-speed USB device number 23 using dummy_hcd [ 202.788201][ T25] usb 7-1: device descriptor read/8, error -71 [ 202.907796][ T25] usb usb7-port1: unable to enumerate USB device [ 203.265134][ T5258] cdc_ncm 8-1:1.0: bind() failure [ 203.300821][ T5258] cdc_ncm 8-1:1.1: CDC Union missing and no IAD found [ 203.303625][ T5258] cdc_ncm 8-1:1.1: bind() failure [ 203.348677][ T5258] usb 8-1: USB disconnect, device number 18 [ 203.468639][ T7706] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4) [ 203.471384][ T7706] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 203.481493][ T7706] vhci_hcd vhci_hcd.0: Device attached [ 203.499462][ C2] hpet_rtc_timer_reinit: 55 callbacks suppressed [ 203.499476][ C2] hpet: Lost 1 RTC interrupts [ 203.696661][ T5255] vhci_hcd: vhci_device speed not set [ 203.769102][ T5255] usb 19-1: new low-speed USB device number 4 using vhci_hcd [ 203.876782][ T13] team0 (unregistering): Port device team_slave_1 removed [ 203.890787][ T7712] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4) [ 203.893839][ T7712] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 203.898081][ T7712] vhci_hcd vhci_hcd.0: Device attached [ 204.038711][ T13] team0 (unregistering): Port device team_slave_0 removed [ 204.097518][ T1272] vhci_hcd: vhci_device speed not set [ 204.177475][ T1272] usb 13-1: new full-speed USB device number 2 using vhci_hcd [ 204.249630][ T7707] vhci_hcd: connection reset by peer [ 204.253505][ T1148] vhci_hcd: stop threads [ 204.255837][ T1148] vhci_hcd: release socket [ 204.261991][ T1148] vhci_hcd: disconnect device [ 204.637570][ T5258] usb 7-1: new high-speed USB device number 24 using dummy_hcd [ 204.703753][ T7713] vhci_hcd: connection reset by peer [ 204.752622][ T45] vhci_hcd: stop threads [ 204.754528][ T45] vhci_hcd: release socket [ 204.757020][ T45] vhci_hcd: disconnect device [ 204.839693][ T5258] usb 7-1: config 0 has no interfaces? [ 204.844962][ T5258] usb 7-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 204.853289][ T5258] usb 7-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 204.864280][ T5258] usb 7-1: Manufacturer: syz [ 204.870853][ T5258] usb 7-1: config 0 descriptor?? [ 205.135615][ T5258] usb 7-1: USB disconnect, device number 24 [ 205.487063][ C2] hpet: Lost 1 RTC interrupts [ 205.627918][ T5258] usb 7-1: new high-speed USB device number 25 using dummy_hcd [ 205.701313][ T13] IPVS: stop unused estimator thread 0... [ 205.808247][ T5258] usb 7-1: Using ep0 maxpacket: 16 [ 205.820693][ T5258] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 205.825709][ T5258] usb 7-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 205.832346][ T5258] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 205.839446][ T5258] usb 7-1: config 0 descriptor?? [ 205.860885][ T5258] input: bcm5974 as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input59 [ 206.113587][ T4686] bcm5974 7-1:0.0: could not read from device [ 206.119136][ T7717] bcm5974 7-1:0.0: could not read from device [ 206.125138][ T5258] usb 7-1: USB disconnect, device number 25 [ 206.915726][ T7727] input: syz0 as /devices/virtual/input/input60 [ 208.939432][ T5255] vhci_hcd: vhci_device speed not set [ 209.337538][ T1272] vhci_hcd: vhci_device speed not set [ 209.407810][ T4646] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 209.409368][ T4646] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 209.411111][ T4646] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 209.439397][ T4646] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 209.452574][ T4646] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 209.460981][ T4646] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 209.690004][ T7754] chnl_net:caif_netlink_parms(): no params data found [ 209.959467][ T7754] bridge0: port 1(bridge_slave_0) entered blocking state [ 209.959571][ T7754] bridge0: port 1(bridge_slave_0) entered disabled state [ 209.959665][ T7754] bridge_slave_0: entered allmulticast mode [ 209.960628][ T7754] bridge_slave_0: entered promiscuous mode [ 209.962956][ T7754] bridge0: port 2(bridge_slave_1) entered blocking state [ 209.963052][ T7754] bridge0: port 2(bridge_slave_1) entered disabled state [ 209.963165][ T7754] bridge_slave_1: entered allmulticast mode [ 209.964494][ T7754] bridge_slave_1: entered promiscuous mode [ 210.097710][ T7754] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 210.110802][ T7754] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 210.127719][ T5261] usb 5-1: new high-speed USB device number 23 using dummy_hcd [ 210.185193][ T7754] team0: Port device team_slave_0 added [ 210.194358][ T7754] team0: Port device team_slave_1 added [ 210.279719][ T7754] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 210.283013][ T7754] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 210.294521][ T7754] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 210.306092][ T7754] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 210.309644][ T7754] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 210.309788][ T5261] usb 5-1: config 0 has no interfaces? [ 210.320893][ T7754] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 210.331629][ T5261] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 210.338255][ T5261] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 210.352226][ T5261] usb 5-1: Manufacturer: syz [ 210.373665][ T5261] usb 5-1: config 0 descriptor?? [ 210.523643][ T7774] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4) [ 210.526387][ T7774] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 210.530095][ T7774] vhci_hcd vhci_hcd.0: Device attached [ 210.564625][ T7754] hsr_slave_0: entered promiscuous mode [ 210.573579][ T7754] hsr_slave_1: entered promiscuous mode [ 210.598870][ T7754] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 210.602591][ T7754] Cannot create hsr debugfs directory [ 210.646038][ T5255] usb 5-1: USB disconnect, device number 23 [ 210.732050][ T7781] input: syz0 as /devices/virtual/input/input61 [ 210.746165][ T1272] vhci_hcd: vhci_device speed not set [ 210.817521][ T1272] usb 17-1: new full-speed USB device number 2 using vhci_hcd [ 211.207245][ T7754] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 211.257561][ T5255] usb 5-1: new high-speed USB device number 24 using dummy_hcd [ 211.277562][ T7775] vhci_hcd: connection reset by peer [ 211.282888][ T11] vhci_hcd: stop threads [ 211.284838][ T11] vhci_hcd: release socket [ 211.286852][ T11] vhci_hcd: disconnect device [ 211.289788][ T7754] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 211.431551][ T7754] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 211.437508][ T5255] usb 5-1: Using ep0 maxpacket: 16 [ 211.441987][ T5255] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 211.446129][ T5255] usb 5-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 211.472168][ T5255] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 211.513277][ T5255] usb 5-1: config 0 descriptor?? [ 211.529539][ T5255] input: bcm5974 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input62 [ 211.557533][ T5210] Bluetooth: hci3: command tx timeout [ 211.579328][ T7754] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 211.785352][ T7754] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 211.793980][ T4686] bcm5974 5-1:0.0: could not read from device [ 211.809145][ T7754] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 211.840465][ T5255] usb 5-1: USB disconnect, device number 24 [ 211.890807][ T7754] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 211.908574][ T7754] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 212.060368][ T7754] 8021q: adding VLAN 0 to HW filter on device bond0 [ 212.085899][ T7754] 8021q: adding VLAN 0 to HW filter on device team0 [ 212.097021][ T969] bridge0: port 1(bridge_slave_0) entered blocking state [ 212.102051][ T969] bridge0: port 1(bridge_slave_0) entered forwarding state [ 212.122661][ T969] bridge0: port 2(bridge_slave_1) entered blocking state [ 212.126496][ T969] bridge0: port 2(bridge_slave_1) entered forwarding state [ 212.348816][ T7786] input: syz0 as /devices/virtual/input/input63 [ 212.368661][ T7754] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 212.421883][ T7754] veth0_vlan: entered promiscuous mode [ 212.431009][ T7754] veth1_vlan: entered promiscuous mode [ 212.472176][ T7754] veth0_macvtap: entered promiscuous mode [ 212.484571][ T7754] veth1_macvtap: entered promiscuous mode [ 212.507280][ T7754] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 212.512086][ T7754] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.517147][ T7754] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 212.523340][ T7754] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.532573][ T7754] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 212.540585][ T7754] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.545202][ T7754] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 212.551451][ T7754] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.557294][ T7754] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 212.569067][ T7754] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 212.574027][ T7754] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.579956][ T7754] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 212.585992][ T7754] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.594165][ T7754] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 212.600033][ T7754] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.604452][ T7754] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 212.618314][ T7754] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 212.631105][ T7754] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 212.643755][ T7754] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 212.647941][ T7754] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 212.652017][ T7754] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 212.656510][ T7754] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 212.720775][ T45] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 212.724230][ T45] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 212.765771][ T1148] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 212.770709][ T1148] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 212.931014][ T7798] x_tables: duplicate underflow at hook 1 [ 213.569743][ T7808] netlink: 828 bytes leftover after parsing attributes in process `syz.2.761'. [ 213.637702][ T5210] Bluetooth: hci3: command tx timeout [ 214.162744][ C2] hpet: Lost 1 RTC interrupts [ 214.469181][ T7811] overlay: Unknown parameter './bus' [ 214.475988][ T7813] Invalid ELF header len 18 [ 214.652349][ T39] audit: type=1326 audit(1721402647.042:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7816 comm="syz.2.763" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f47579 code=0x0 [ 215.014974][ C2] hpet: Lost 1 RTC interrupts [ 215.057528][ T5255] usb 5-1: new high-speed USB device number 25 using dummy_hcd [ 215.270478][ T5255] usb 5-1: config 0 has no interfaces? [ 215.274905][ T5255] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 215.279217][ T5255] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 215.282966][ T5255] usb 5-1: Manufacturer: syz [ 215.290248][ T5255] usb 5-1: config 0 descriptor?? [ 215.573395][ T30] usb 5-1: USB disconnect, device number 25 [ 215.605738][ T7825] FAULT_INJECTION: forcing a failure. [ 215.605738][ T7825] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 215.612478][ T7825] CPU: 1 PID: 7825 Comm: syz.2.766 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0 [ 215.616287][ T7825] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 215.620370][ T7825] Call Trace: [ 215.621764][ T7825] [ 215.623221][ T7825] dump_stack_lvl+0x16c/0x1f0 [ 215.625065][ T7825] should_fail_ex+0x497/0x5b0 [ 215.627047][ T7825] _copy_from_user+0x30/0xf0 [ 215.629098][ T7825] get_compat_msghdr+0xa8/0x170 [ 215.630814][ T7825] ? __pfx_get_compat_msghdr+0x10/0x10 [ 215.632717][ T7825] ? kfree+0x245/0x3b0 [ 215.634215][ T7825] ___sys_sendmsg+0x1b0/0x1e0 [ 215.636053][ T7825] ? __pfx____sys_sendmsg+0x10/0x10 [ 215.638148][ T7825] ? __pfx_lock_release+0x10/0x10 [ 215.640500][ T7825] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 215.643361][ T7825] ? __pfx___might_resched+0x10/0x10 [ 215.645715][ T7825] ? __fget_light+0x173/0x210 [ 215.647841][ T7825] __sys_sendmmsg+0x2a5/0x450 [ 215.650313][ T7825] ? __pfx___sys_sendmmsg+0x10/0x10 [ 215.652960][ T7825] ? vfs_write+0x14d/0x1140 [ 215.654986][ T7825] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 215.657787][ T7825] ? fput+0x32/0x390 [ 215.659441][ T7825] ? ksys_write+0x1ab/0x260 [ 215.661292][ T7825] ? __pfx_ksys_write+0x10/0x10 [ 215.663181][ T7825] __ia32_compat_sys_sendmmsg+0x9d/0x100 [ 215.665732][ T7825] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 215.669453][ T7825] __do_fast_syscall_32+0x73/0x120 [ 215.671899][ T7825] do_fast_syscall_32+0x32/0x80 [ 215.673997][ T7825] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 215.677194][ T7825] RIP: 0023:0xf7f47579 [ 215.679478][ T7825] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 215.690330][ T7825] RSP: 002b:00000000f5cd556c EFLAGS: 00000296 ORIG_RAX: 0000000000000159 [ 215.694727][ T7825] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200038c0 [ 215.698361][ T7825] RDX: 00000000ffffff06 RSI: 0000000000000000 RDI: 0000000000000000 [ 215.701953][ T7825] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 215.704902][ T7825] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 215.708565][ T7825] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 215.712145][ T7825] [ 215.722247][ T5210] Bluetooth: hci3: command tx timeout [ 215.958076][ T1272] vhci_hcd: vhci_device speed not set [ 216.187622][ T30] usb 5-1: new high-speed USB device number 26 using dummy_hcd [ 216.387491][ T30] usb 5-1: Using ep0 maxpacket: 16 [ 216.395691][ T30] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 216.400480][ T30] usb 5-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 216.404620][ T30] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 216.425115][ T30] usb 5-1: config 0 descriptor?? [ 216.464701][ T30] input: bcm5974 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input65 [ 216.563024][ C2] hpet: Lost 1 RTC interrupts [ 216.744622][ T4686] bcm5974 5-1:0.0: could not read from device [ 216.776167][ T7819] bcm5974 5-1:0.0: could not read from device [ 216.786553][ T30] usb 5-1: USB disconnect, device number 26 [ 216.803493][ T4686] bcm5974 5-1:0.0: could not read from device [ 216.848122][ T4686] bcm5974 5-1:0.0: could not read from device [ 216.857166][ T4686] bcm5974 5-1:0.0: could not read from device [ 217.077985][ T7835] tun0: tun_chr_ioctl cmd 1074025678 [ 217.080462][ T7835] tun0: group set to 0 [ 217.412599][ T7840] netlink: 4 bytes leftover after parsing attributes in process `syz.2.771'. [ 217.444165][ T7843] netlink: 'syz.3.772': attribute type 3 has an invalid length. [ 217.448382][ T7843] netlink: 130984 bytes leftover after parsing attributes in process `syz.3.772'. [ 217.499168][ T7843] netlink: 4 bytes leftover after parsing attributes in process `syz.3.772'. [ 217.653599][ T7843] fuse: Bad value for 'fd' [ 217.799410][ T5210] Bluetooth: hci3: command tx timeout [ 217.999054][ T7858] random: crng reseeded on system resumption [ 218.466381][ T39] audit: type=1326 audit(1721402650.852:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7864 comm="syz.2.779" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f47579 code=0x0 [ 218.959768][ T7884] input: syz0 as /devices/virtual/input/input67 [ 219.522883][ C2] hpet: Lost 1 RTC interrupts [ 219.557485][ T1150] usb 5-1: new high-speed USB device number 27 using dummy_hcd [ 219.588568][ T5261] usb 8-1: new high-speed USB device number 19 using dummy_hcd [ 219.627532][ T7885] netlink: 4 bytes leftover after parsing attributes in process `syz.1.780'. [ 219.707516][ T1150] usb 5-1: device descriptor read/64, error -71 [ 219.789563][ T5261] usb 8-1: config 0 has no interfaces? [ 219.793783][ T5261] usb 8-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 219.799516][ T5261] usb 8-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 219.803809][ T5261] usb 8-1: Manufacturer: syz [ 219.810173][ T5261] usb 8-1: config 0 descriptor?? [ 219.998267][ T1150] usb 5-1: new high-speed USB device number 28 using dummy_hcd [ 220.046654][ C2] hpet: Lost 1 RTC interrupts [ 220.093143][ T5261] usb 8-1: USB disconnect, device number 19 [ 220.148601][ T1150] usb 5-1: device descriptor read/64, error -71 [ 220.268076][ T1150] usb usb5-port1: attempt power cycle [ 220.437594][ T7906] x_tables: duplicate underflow at hook 1 [ 220.607461][ T5261] usb 8-1: new high-speed USB device number 20 using dummy_hcd [ 220.677499][ T1150] usb 5-1: new high-speed USB device number 29 using dummy_hcd [ 220.718139][ T1150] usb 5-1: device descriptor read/8, error -71 [ 220.799249][ T5261] usb 8-1: Using ep0 maxpacket: 16 [ 220.805871][ T5261] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 220.818808][ T5261] usb 8-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 220.831028][ T5261] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 220.846751][ T5261] usb 8-1: config 0 descriptor?? [ 220.866788][ T5261] input: bcm5974 as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/input/input69 [ 221.007470][ T1150] usb 5-1: new high-speed USB device number 30 using dummy_hcd [ 221.039042][ T1150] usb 5-1: device descriptor read/8, error -71 [ 221.151278][ T4686] bcm5974 8-1:0.0: could not read from device [ 221.155657][ T7887] bcm5974 8-1:0.0: could not read from device [ 221.167954][ T1150] usb usb5-port1: unable to enumerate USB device [ 221.173768][ T4686] bcm5974 8-1:0.0: could not read from device [ 221.192988][ T5261] usb 8-1: USB disconnect, device number 20 [ 222.630638][ C2] hpet: Lost 1 RTC interrupts [ 222.944710][ T7926] random: crng reseeded on system resumption [ 223.085745][ T7927] input: syz0 as /devices/virtual/input/input70 [ 225.547238][ T7976] input: syz0 as /devices/virtual/input/input71 [ 225.718046][ T7981] input: syz0 as /devices/virtual/input/input72 [ 225.877518][ T969] usb 5-1: new high-speed USB device number 31 using dummy_hcd [ 226.059707][ T969] usb 5-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 226.079997][ T969] usb 5-1: config 27 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 226.097930][ T969] usb 5-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 226.105461][ T969] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 226.110649][ T969] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 226.167863][ T969] snd-usb-audio 5-1:27.0: probe with driver snd-usb-audio failed with error -2 [ 226.243599][ T6709] udevd[6709]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb5/5-1/5-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 226.284074][ T7985] x_tables: duplicate underflow at hook 1 [ 226.350775][ T25] usb 5-1: USB disconnect, device number 31 [ 227.867599][ T1150] usb 8-1: new high-speed USB device number 21 using dummy_hcd [ 228.057505][ T10] usb 6-1: new high-speed USB device number 14 using dummy_hcd [ 228.057517][ T1150] usb 8-1: Using ep0 maxpacket: 32 [ 228.073107][ T1150] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 228.078889][ T1150] usb 8-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 228.084556][ T1150] usb 8-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0 [ 228.090403][ T1150] usb 8-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0 [ 228.096026][ T1150] usb 8-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0 [ 228.105097][ T1150] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 228.117955][ T1150] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 228.123994][ T1150] usb 8-1: Product: syz [ 228.126217][ T1150] usb 8-1: Manufacturer: syz [ 228.129411][ T1150] usb 8-1: SerialNumber: syz [ 228.273350][ T10] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 228.277053][ T10] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 228.291053][ T10] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 228.296622][ T10] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 228.319710][ T10] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 228.323770][ T10] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 228.329578][ T10] usb 6-1: Product: syz [ 228.331392][ T10] usb 6-1: Manufacturer: syz [ 228.339469][ T10] cdc_wdm 6-1:1.0: probe with driver cdc_wdm failed with error -22 [ 229.349139][ T5252] usb 7-1: new high-speed USB device number 26 using dummy_hcd [ 229.530109][ T5252] usb 7-1: config 0 has no interfaces? [ 229.535032][ T5252] usb 7-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 229.539760][ T5252] usb 7-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 229.543451][ T5252] usb 7-1: Manufacturer: syz [ 229.550299][ T5252] usb 7-1: config 0 descriptor?? [ 229.787461][ T1272] usb 5-1: new high-speed USB device number 32 using dummy_hcd [ 229.814178][ T969] usb 7-1: USB disconnect, device number 26 [ 229.967460][ T1272] usb 5-1: Using ep0 maxpacket: 8 [ 229.977793][ T1272] usb 5-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 229.982503][ T1272] usb 5-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 229.990260][ T1272] usb 5-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 229.995164][ T1272] usb 5-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 230.003583][ T1272] usb 5-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 230.008524][ T1272] usb 5-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 230.018656][ T1272] usb 5-1: string descriptor 0 read error: -22 [ 230.021548][ T1272] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 230.025600][ T1272] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 230.034263][ T1272] adutux 5-1:168.0: interrupt endpoints not found [ 230.238654][ T969] usb 5-1: USB disconnect, device number 32 [ 230.301049][ T30] usb 7-1: new high-speed USB device number 27 using dummy_hcd [ 230.429220][ T1150] cdc_ncm 8-1:1.0: bind() failure [ 230.443657][ T1150] cdc_ncm 8-1:1.1: CDC Union missing and no IAD found [ 230.455848][ T1150] cdc_ncm 8-1:1.1: bind() failure [ 230.467530][ T8046] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 230.467904][ T1150] usb 8-1: USB disconnect, device number 21 [ 230.477513][ T30] usb 7-1: Using ep0 maxpacket: 16 [ 230.495513][ T30] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 230.512904][ T30] usb 7-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 230.520238][ T30] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 230.525478][ T30] usb 7-1: config 0 descriptor?? [ 230.534514][ T30] input: bcm5974 as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input74 [ 230.693964][ T5210] Bluetooth: hci2: Malformed Event: 0x2f [ 230.759091][ T39] audit: type=1326 audit(1721402663.152:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8018 comm="syz.1.816" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f53579 code=0x7fc00000 [ 230.780383][ T1150] usb 6-1: USB disconnect, device number 14 [ 230.786689][ T4686] bcm5974 7-1:0.0: could not read from device [ 230.798026][ T8044] bcm5974 7-1:0.0: could not read from device [ 230.803301][ T30] usb 7-1: USB disconnect, device number 27 [ 232.997529][ T969] usb 6-1: new high-speed USB device number 15 using dummy_hcd [ 233.187845][ T969] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 233.192335][ T969] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 233.202443][ T969] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 233.206447][ T969] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 233.236935][ T969] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 233.244251][ T969] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 233.248225][ T969] usb 6-1: Product: syz [ 233.250825][ T969] usb 6-1: Manufacturer: syz [ 233.264096][ T969] cdc_wdm 6-1:1.0: probe with driver cdc_wdm failed with error -22 [ 233.307733][ T30] usb 8-1: new high-speed USB device number 22 using dummy_hcd [ 233.472143][ T8100] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4) [ 233.474514][ T8100] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 233.478220][ T8100] vhci_hcd vhci_hcd.0: Device attached [ 233.518461][ T30] usb 8-1: Using ep0 maxpacket: 8 [ 233.523098][ T30] usb 8-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 233.526583][ T30] usb 8-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 233.531008][ T1150] usb 5-1: new high-speed USB device number 33 using dummy_hcd [ 233.539295][ T30] usb 8-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 233.542850][ T30] usb 8-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 233.551526][ T30] usb 8-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 233.555054][ T30] usb 8-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 233.564670][ T30] usb 8-1: string descriptor 0 read error: -22 [ 233.566867][ T30] usb 8-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 233.570553][ T30] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 233.585351][ T30] adutux 8-1:168.0: interrupt endpoints not found [ 233.687559][ T10] vhci_hcd: vhci_device speed not set [ 233.724926][ T1150] usb 5-1: config 0 has no interfaces? [ 233.732259][ T1150] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 233.736563][ T1150] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 233.740376][ T1150] usb 5-1: Manufacturer: syz [ 233.755774][ T1150] usb 5-1: config 0 descriptor?? [ 233.767618][ T10] usb 17-1: new full-speed USB device number 3 using vhci_hcd [ 233.792535][ T1150] usb 8-1: USB disconnect, device number 22 [ 234.013542][ T8091] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 234.028446][ T35] usb 5-1: USB disconnect, device number 33 [ 234.307681][ T8101] vhci_hcd: connection reset by peer [ 234.311530][ T13] vhci_hcd: stop threads [ 234.313064][ T13] vhci_hcd: release socket [ 234.314663][ T13] vhci_hcd: disconnect device [ 234.657464][ T35] usb 5-1: new high-speed USB device number 34 using dummy_hcd [ 234.877451][ T35] usb 5-1: Using ep0 maxpacket: 16 [ 234.883089][ T35] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 234.887917][ T35] usb 5-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 234.891800][ T35] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 234.908204][ T35] usb 5-1: config 0 descriptor?? [ 234.915542][ T35] input: bcm5974 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input75 [ 235.175124][ T4686] bcm5974 5-1:0.0: could not read from device [ 235.192413][ T35] usb 5-1: USB disconnect, device number 34 [ 235.723199][ T39] audit: type=1326 audit(1721402668.112:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8086 comm="syz.1.836" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f53579 code=0x7fc00000 [ 235.763422][ T5261] usb 6-1: USB disconnect, device number 15 [ 236.021968][ T8133] x_tables: duplicate underflow at hook 1 [ 236.637740][ T969] usb 8-1: new high-speed USB device number 23 using dummy_hcd [ 236.827557][ T969] usb 8-1: Using ep0 maxpacket: 8 [ 236.829365][ T969] usb 8-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 236.829405][ T969] usb 8-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 236.830509][ T969] usb 8-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 236.830550][ T969] usb 8-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 236.831504][ T969] usb 8-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 236.831527][ T969] usb 8-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 236.834341][ T969] usb 8-1: string descriptor 0 read error: -22 [ 236.834410][ T969] usb 8-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 236.834421][ T969] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 236.851617][ T969] adutux 8-1:168.0: interrupt endpoints not found [ 237.056249][ T35] usb 8-1: USB disconnect, device number 23 [ 237.286805][ T8141] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 238.917524][ T10] vhci_hcd: vhci_device speed not set [ 239.059379][ T8175] netlink: 'syz.3.859': attribute type 3 has an invalid length. [ 239.062780][ T8175] netlink: 130984 bytes leftover after parsing attributes in process `syz.3.859'. [ 239.128450][ T25] usb 6-1: new high-speed USB device number 16 using dummy_hcd [ 239.247522][ T39] audit: type=1326 audit(1721402671.622:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8171 comm="syz.0.860" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x0 [ 239.249553][ T8181] input: syz0 as /devices/virtual/input/input77 [ 239.321238][ T25] usb 6-1: config 0 has no interfaces? [ 239.324789][ T25] usb 6-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 239.333631][ T25] usb 6-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 239.337207][ T25] usb 6-1: Manufacturer: syz [ 239.360364][ T25] usb 6-1: config 0 descriptor?? [ 239.628799][ T25] usb 6-1: USB disconnect, device number 16 [ 240.197972][ T25] usb 6-1: new high-speed USB device number 17 using dummy_hcd [ 240.377586][ T25] usb 6-1: Using ep0 maxpacket: 16 [ 240.379639][ T25] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 240.379683][ T25] usb 6-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 240.379702][ T25] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 240.381627][ T25] usb 6-1: config 0 descriptor?? [ 240.385737][ T25] input: bcm5974 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input78 [ 240.673890][ T4686] bcm5974 6-1:0.0: could not read from device [ 240.696533][ T25] usb 6-1: USB disconnect, device number 17 [ 240.696876][ T8166] bcm5974 6-1:0.0: could not read from device [ 241.225945][ T8196] tty tty4: ldisc open failed (-12), clearing slot 3 [ 241.424441][ T8203] ttyS ttyS3: ldisc open failed (-12), clearing slot 3 [ 241.425930][ T8206] ttyS ttyS3: ldisc open failed (-12), clearing slot 3 [ 242.250159][ T8230] netlink: 'syz.2.870': attribute type 3 has an invalid length. [ 242.253357][ T8230] netlink: 130984 bytes leftover after parsing attributes in process `syz.2.870'. [ 242.499303][ T8235] netlink: 'syz.2.871': attribute type 3 has an invalid length. [ 242.502630][ T8235] netlink: 130984 bytes leftover after parsing attributes in process `syz.2.871'. [ 242.511243][ T8232] netlink: 4 bytes leftover after parsing attributes in process `syz.2.871'. [ 242.595651][ T8238] FAULT_INJECTION: forcing a failure. [ 242.595651][ T8238] name failslab, interval 1, probability 0, space 0, times 0 [ 242.604813][ T8238] CPU: 0 PID: 8238 Comm: syz.0.873 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0 [ 242.609312][ T8238] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 242.614006][ T8238] Call Trace: [ 242.615648][ T8238] [ 242.616996][ T8238] dump_stack_lvl+0x16c/0x1f0 [ 242.618219][ T8235] fuse: Bad value for 'fd' [ 242.619183][ T8238] should_fail_ex+0x497/0x5b0 [ 242.623256][ T8238] should_failslab+0x9/0x20 [ 242.625352][ T8238] __kmalloc_node_noprof+0xd1/0x440 [ 242.627680][ T8238] ? __kvmalloc_node_noprof+0x9d/0x1a0 [ 242.630010][ T8238] __kvmalloc_node_noprof+0x9d/0x1a0 [ 242.632382][ T8238] snd_pcm_plugin_alloc+0x5e1/0x7d0 [ 242.634717][ T8238] snd_pcm_plug_alloc+0x214/0x330 [ 242.637012][ T8238] snd_pcm_oss_change_params_locked+0x1a29/0x3a50 [ 242.639939][ T8238] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 242.642956][ T8238] ? __mutex_lock+0x1a6/0x9c0 [ 242.645122][ T8238] ? __pfx___mutex_lock+0x10/0x10 [ 242.647436][ T8238] snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 242.649993][ T8238] snd_pcm_oss_write+0x4af/0xa10 [ 242.651693][ T8238] ? bpf_lsm_file_permission+0x9/0x10 [ 242.653785][ T8238] ? security_file_permission+0x98/0xc0 [ 242.653803][ T8238] ? rw_verify_area+0xd0/0x6c0 [ 242.658486][ T8238] ? __pfx_snd_pcm_oss_write+0x10/0x10 [ 242.660831][ T8238] vfs_write+0x29a/0x1140 [ 242.662636][ T8238] ? __pfx_vfs_write+0x10/0x10 [ 242.664628][ T8238] ? __fget_files+0x256/0x400 [ 242.666682][ T8238] ? __fget_light+0x173/0x210 [ 242.668268][ T8238] ksys_write+0x12f/0x260 [ 242.669747][ T8238] ? __pfx_ksys_write+0x10/0x10 [ 242.671530][ T8238] __do_fast_syscall_32+0x73/0x120 [ 242.673648][ T8238] do_fast_syscall_32+0x32/0x80 [ 242.675745][ T8238] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 242.678175][ T8238] RIP: 0023:0xf741e579 [ 242.679971][ T8238] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 242.687579][ T8238] RSP: 002b:00000000f5d3656c EFLAGS: 00000296 ORIG_RAX: 0000000000000004 [ 242.690489][ T8238] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000500 [ 242.693154][ T8238] RDX: 000000000000fdbc RSI: 0000000000000000 RDI: 0000000000000000 [ 242.696281][ T8238] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 242.699530][ T8238] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 242.702185][ T8238] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 242.705524][ T8238] [ 243.057516][ T1272] usb 8-1: new high-speed USB device number 24 using dummy_hcd [ 243.261687][ T1272] usb 8-1: config 0 has no interfaces? [ 243.266007][ T1272] usb 8-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 243.270673][ T1272] usb 8-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 243.272499][ T8255] input: syz0 as /devices/virtual/input/input80 [ 243.276667][ T1272] usb 8-1: Manufacturer: syz [ 243.292647][ T1272] usb 8-1: config 0 descriptor?? [ 243.557979][ T969] usb 8-1: USB disconnect, device number 24 [ 244.127488][ T969] usb 8-1: new high-speed USB device number 25 using dummy_hcd [ 244.307481][ T969] usb 8-1: Using ep0 maxpacket: 16 [ 244.312375][ T969] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 244.316959][ T969] usb 8-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 244.321028][ T969] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 244.327771][ T969] usb 8-1: config 0 descriptor?? [ 244.340623][ T969] input: bcm5974 as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/input/input81 [ 244.593063][ T4686] bcm5974 8-1:0.0: could not read from device [ 244.593658][ T35] usb 8-1: USB disconnect, device number 25 [ 244.607842][ T6709] bcm5974 8-1:0.0: could not read from device [ 245.148127][ T8285] netlink: 'syz.2.884': attribute type 3 has an invalid length. [ 245.148241][ T8285] netlink: 130984 bytes leftover after parsing attributes in process `syz.2.884'. [ 245.152256][ T8284] netlink: 4 bytes leftover after parsing attributes in process `syz.2.884'. [ 245.244987][ T8285] fuse: Bad value for 'fd' [ 246.157543][ T8308] ebtables: wrong size: *len 264, entries_size 144, replsz 144 [ 246.197448][ T8308] IPVS: set_ctl: invalid protocol: 0 255.255.255.255:20001 [ 246.252211][ T8312] input: syz0 as /devices/virtual/input/input83 [ 246.807306][ T8320] netlink: 'syz.1.894': attribute type 3 has an invalid length. [ 246.814386][ T8320] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.894'. [ 246.827650][ T8318] netlink: 4 bytes leftover after parsing attributes in process `syz.1.894'. [ 246.885944][ T8319] input: syz0 as /devices/virtual/input/input84 [ 246.982309][ T8320] fuse: Bad value for 'fd' [ 247.862704][ T8345] netlink: 8 bytes leftover after parsing attributes in process `syz.2.900'. [ 249.065554][ T8368] input: syz0 as /devices/virtual/input/input86 [ 250.173745][ T39] audit: type=1326 audit(1721402682.562:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8385 comm="syz.0.911" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000 [ 250.202349][ T39] audit: type=1326 audit(1721402682.562:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8385 comm="syz.0.911" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000 [ 250.224735][ T39] audit: type=1326 audit(1721402682.562:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8385 comm="syz.0.911" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf741e579 code=0x7ffc0000 [ 250.237748][ T39] audit: type=1326 audit(1721402682.562:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8385 comm="syz.0.911" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000 [ 250.250170][ T39] audit: type=1326 audit(1721402682.562:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8385 comm="syz.0.911" exe="/syz-executor" sig=0 arch=40000003 syscall=42 compat=1 ip=0xf741e579 code=0x7ffc0000 [ 250.271532][ T39] audit: type=1326 audit(1721402682.562:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8385 comm="syz.0.911" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000 [ 250.299758][ T39] audit: type=1326 audit(1721402682.562:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8385 comm="syz.0.911" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000 [ 250.305255][ T8390] ip_tunnel: non-ECT from 172.30.0.3 with TOS=0x2 [ 250.314340][ T39] audit: type=1326 audit(1721402682.562:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8385 comm="syz.0.911" exe="/syz-executor" sig=0 arch=40000003 syscall=305 compat=1 ip=0xf741e579 code=0x7ffc0000 [ 250.324748][ T39] audit: type=1326 audit(1721402682.562:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8385 comm="syz.0.911" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000 [ 250.335020][ T39] audit: type=1326 audit(1721402682.562:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8385 comm="syz.0.911" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000 [ 251.079150][ T8414] input: syz0 as /devices/virtual/input/input87 [ 251.292211][ T8420] input: syz0 as /devices/virtual/input/input88 [ 252.367502][ T30] IPVS: starting estimator thread 0... [ 252.477522][ T1150] usb 8-1: new high-speed USB device number 26 using dummy_hcd [ 252.487490][ T8454] IPVS: using max 18 ests per chain, 43200 per kthread [ 252.674304][ T1150] usb 8-1: Using ep0 maxpacket: 8 [ 252.684460][ T1150] usb 8-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 252.693524][ T1150] usb 8-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 252.759435][ T1150] usb 8-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 252.763406][ T1150] usb 8-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 252.775794][ T1150] usb 8-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 252.787513][ T1150] usb 8-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 252.802185][ T1150] usb 8-1: string descriptor 0 read error: -22 [ 252.807501][ T1150] usb 8-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 252.815192][ T1150] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 252.841532][ T1150] adutux 8-1:168.0: interrupt endpoints not found [ 253.050341][ T1150] usb 8-1: USB disconnect, device number 26 [ 253.280778][ T8437] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 253.535218][ T8468] input: syz0 as /devices/virtual/input/input89 [ 253.579920][ T8474] sit0: entered allmulticast mode [ 253.711744][ T8479] input: syz0 as /devices/virtual/input/input90 [ 254.043148][ T8486] input: syz0 as /devices/virtual/input/input91 [ 254.424716][ T8490] ======================================================= [ 254.424716][ T8490] WARNING: The mand mount option has been deprecated and [ 254.424716][ T8490] and is ignored by this kernel. Remove the mand [ 254.424716][ T8490] option from the mount to silence this warning. [ 254.424716][ T8490] ======================================================= [ 255.127627][ T8505] input: syz0 as /devices/virtual/input/input92 [ 255.707653][ T5258] usb 6-1: new high-speed USB device number 18 using dummy_hcd [ 255.887580][ T5258] usb 6-1: Using ep0 maxpacket: 8 [ 255.890034][ T5258] usb 6-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 255.890075][ T5258] usb 6-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 255.891206][ T5258] usb 6-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 255.891245][ T5258] usb 6-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 255.892595][ T5258] usb 6-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 255.892636][ T5258] usb 6-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 255.896121][ T5258] usb 6-1: string descriptor 0 read error: -22 [ 255.896233][ T5258] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 255.896252][ T5258] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 255.902442][ T5258] adutux 6-1:168.0: interrupt endpoints not found [ 256.117741][ T5258] usb 6-1: USB disconnect, device number 18 [ 256.338545][ T8510] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 256.345799][ T8528] input: syz0 as /devices/virtual/input/input93 [ 257.542254][ C2] hpet_rtc_timer_reinit: 11 callbacks suppressed [ 257.542272][ C2] hpet: Lost 1 RTC interrupts [ 258.317618][ T10] usb 5-1: new high-speed USB device number 35 using dummy_hcd [ 258.412391][ T8568] input: syz0 as /devices/virtual/input/input94 [ 258.537750][ T10] usb 5-1: Using ep0 maxpacket: 8 [ 258.546139][ T10] usb 5-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 258.567447][ T10] usb 5-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 258.580430][ T10] usb 5-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 258.584929][ T10] usb 5-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 258.618780][ T10] usb 5-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 258.623532][ T10] usb 5-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 258.641012][ T10] usb 5-1: string descriptor 0 read error: -22 [ 258.643792][ T10] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 258.648296][ T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 258.656388][ T10] adutux 5-1:168.0: interrupt endpoints not found [ 258.866194][ T10] usb 5-1: USB disconnect, device number 35 [ 259.096204][ T8554] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 259.613578][ T8587] binder: 8586:8587 ioctl c0306201 20000580 returned -14 [ 259.622722][ T8587] tmpfs: Unknown parameter 'mp' [ 259.624296][ T8587] netlink: 'syz.2.972': attribute type 10 has an invalid length. [ 259.624312][ T8587] ipvlan1: entered promiscuous mode [ 259.635333][ T8587] team0: Device ipvlan1 failed to register rx_handler [ 260.385924][ T8607] netlink: 'syz.2.977': attribute type 10 has an invalid length. [ 260.386013][ T8607] netlink: 40 bytes leftover after parsing attributes in process `syz.2.977'. [ 260.387605][ T8607] ipvlan1: entered allmulticast mode [ 260.387621][ T8607] veth0_vlan: entered allmulticast mode [ 260.390198][ T8607] bridge0: port 3(ipvlan1) entered blocking state [ 260.392056][ T8607] bridge0: port 3(ipvlan1) entered disabled state [ 260.396802][ T8607] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check. [ 260.489530][ T8614] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4) [ 260.489558][ T8614] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 260.489673][ T8614] vhci_hcd vhci_hcd.0: Device attached [ 260.697500][ T1272] vhci_hcd: vhci_device speed not set [ 260.716336][ T8622] input: syz0 as /devices/virtual/input/input95 [ 260.777678][ T1272] usb 13-1: new full-speed USB device number 3 using vhci_hcd [ 260.817542][ T5218] usb 7-1: new high-speed USB device number 28 using dummy_hcd [ 260.921838][ T1356] ieee802154 phy0 wpan0: encryption failed: -22 [ 260.921938][ T1356] ieee802154 phy1 wpan1: encryption failed: -22 [ 261.007626][ T5218] usb 7-1: Using ep0 maxpacket: 8 [ 261.019884][ T5218] usb 7-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 261.019927][ T5218] usb 7-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 261.022970][ T5218] usb 7-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 261.023011][ T5218] usb 7-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 261.024011][ T5218] usb 7-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 261.024034][ T5218] usb 7-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 261.027473][ T5218] usb 7-1: string descriptor 0 read error: -22 [ 261.027608][ T5218] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 261.027629][ T5218] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 261.042304][ T5218] adutux 7-1:168.0: interrupt endpoints not found [ 261.259987][ T5218] usb 7-1: USB disconnect, device number 28 [ 261.299601][ T8616] vhci_hcd: connection reset by peer [ 261.305032][ T105] vhci_hcd: stop threads [ 261.305086][ T105] vhci_hcd: release socket [ 261.305196][ T105] vhci_hcd: disconnect device [ 261.488955][ T8620] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 262.138450][ T1390] usb 6-1: new high-speed USB device number 19 using dummy_hcd [ 262.348262][ T1390] usb 6-1: Using ep0 maxpacket: 32 [ 262.365867][ T1390] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 262.397554][ T1390] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 262.404402][ T1390] usb 6-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0 [ 262.412949][ T1390] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0 [ 262.420716][ T1390] usb 6-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0 [ 262.430469][ T1390] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 262.443340][ T1390] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 262.450600][ T1390] usb 6-1: Product: syz [ 262.452933][ T1390] usb 6-1: Manufacturer: syz [ 262.455377][ T1390] usb 6-1: SerialNumber: syz [ 262.736163][ T1390] cdc_ncm 6-1:1.0: bind() failure [ 262.759844][ T1390] cdc_ncm 6-1:1.1: CDC Union missing and no IAD found [ 262.763553][ T1390] cdc_ncm 6-1:1.1: bind() failure [ 262.787874][ T1390] usb 6-1: USB disconnect, device number 19 [ 263.085369][ T39] audit: type=1326 audit(1721402695.472:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8643 comm="syz.2.990" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f47579 code=0x0 [ 263.393552][ T8651] input: syz0 as /devices/virtual/input/input96 [ 263.760719][ T39] audit: type=1326 audit(1721402696.152:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8654 comm="syz.1.993" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f53579 code=0x0 [ 264.068902][ T8662] input: syz0 as /devices/virtual/input/input97 [ 264.732932][ T5210] Bluetooth: hci3: unexpected event for opcode 0x040e [ 265.253074][ T8694] netlink: 'syz.0.1003': attribute type 3 has an invalid length. [ 265.256169][ T8694] netlink: 130984 bytes leftover after parsing attributes in process `syz.0.1003'. [ 265.284407][ T8692] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1003'. [ 265.297566][ T1150] usb 6-1: new high-speed USB device number 20 using dummy_hcd [ 265.390416][ T8693] input: syz0 as /devices/virtual/input/input98 [ 265.413491][ T8697] input: syz0 as /devices/virtual/input/input99 [ 265.509048][ T8694] fuse: Bad value for 'fd' [ 265.517483][ T1150] usb 6-1: Using ep0 maxpacket: 32 [ 265.530300][ C2] hpet: Lost 1 RTC interrupts [ 265.534305][ T1150] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 265.549395][ T1150] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 265.611127][ T1150] usb 6-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0 [ 265.616851][ T1150] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0 [ 265.641999][ T1150] usb 6-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0 [ 265.662124][ T1150] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 265.667859][ T1150] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 265.677017][ T1150] usb 6-1: Product: syz [ 265.682184][ T1150] usb 6-1: Manufacturer: syz [ 265.686771][ T1150] usb 6-1: SerialNumber: syz [ 265.887521][ T1272] vhci_hcd: vhci_device speed not set [ 265.968789][ T1150] cdc_ncm 6-1:1.0: bind() failure [ 265.978172][ T1150] cdc_ncm 6-1:1.1: CDC Union missing and no IAD found [ 265.981010][ T1150] cdc_ncm 6-1:1.1: bind() failure [ 265.995191][ T1150] usb 6-1: USB disconnect, device number 20 [ 266.416777][ T8711] netlink: 203516 bytes leftover after parsing attributes in process `syz.2.1006'. [ 266.422569][ T8711] netlink: zone id is out of range [ 266.425610][ T8711] netlink: del zone limit has 8 unknown bytes [ 266.475229][ T39] audit: type=1326 audit(1721402698.862:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8708 comm="syz.3.1007" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f03579 code=0x0 [ 267.698027][ T8734] input: syz0 as /devices/virtual/input/input101 [ 267.864294][ T8744] input: syz0 as /devices/virtual/input/input102 [ 268.047576][ T5324] usb 8-1: new high-speed USB device number 27 using dummy_hcd [ 268.179197][ T8750] input: syz0 as /devices/virtual/input/input103 [ 268.267514][ T5324] usb 8-1: Using ep0 maxpacket: 32 [ 268.277490][ T5324] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 268.287546][ T5324] usb 8-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 268.304296][ T5324] usb 8-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0 [ 268.314439][ T5324] usb 8-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0 [ 268.324654][ T5324] usb 8-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0 [ 268.362207][ T5324] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 268.389777][ T5324] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 268.397642][ T5324] usb 8-1: Product: syz [ 268.400655][ T5324] usb 8-1: Manufacturer: syz [ 268.403398][ T5324] usb 8-1: SerialNumber: syz [ 268.461260][ T8753] netlink: 'syz.2.1020': attribute type 3 has an invalid length. [ 268.464567][ T8753] netlink: 130984 bytes leftover after parsing attributes in process `syz.2.1020'. [ 268.477148][ T8752] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1020'. [ 268.599934][ T8753] fuse: Bad value for 'fd' [ 268.896381][ T8762] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1022'. [ 268.913106][ T8763] netlink: 203516 bytes leftover after parsing attributes in process `syz.1.1021'. [ 268.923472][ T8763] netlink: zone id is out of range [ 268.926006][ T8763] netlink: del zone limit has 8 unknown bytes [ 269.367922][ T8772] x_tables: duplicate underflow at hook 1 [ 270.495264][ T8783] input: syz0 as /devices/virtual/input/input106 [ 270.660471][ T5324] cdc_ncm 8-1:1.0: bind() failure [ 270.675408][ T5324] cdc_ncm 8-1:1.1: CDC Union missing and no IAD found [ 270.689537][ T5324] cdc_ncm 8-1:1.1: bind() failure [ 270.707865][ T5324] usb 8-1: USB disconnect, device number 27 [ 271.723215][ T8797] input: syz0 as /devices/virtual/input/input107 [ 272.061335][ T39] audit: type=1326 audit(1721402704.452:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8799 comm="syz.3.1035" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f03579 code=0x0 [ 272.696416][ T8810] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4) [ 272.699368][ T8810] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 272.704228][ T8810] vhci_hcd vhci_hcd.0: Device attached [ 272.907516][ T5218] vhci_hcd: vhci_device speed not set [ 272.987464][ T5218] usb 15-1: new full-speed USB device number 5 using vhci_hcd [ 273.058493][ T8818] netlink: 203516 bytes leftover after parsing attributes in process `syz.3.1038'. [ 273.062675][ T8818] netlink: zone id is out of range [ 273.064963][ T8818] netlink: del zone limit has 8 unknown bytes [ 273.333491][ T1150] usb 5-1: new high-speed USB device number 36 using dummy_hcd [ 273.527527][ T1150] usb 5-1: Using ep0 maxpacket: 32 [ 273.532003][ T1150] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 273.540634][ T1150] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 273.546634][ T1150] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0 [ 273.554880][ T1150] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0 [ 273.562743][ T1150] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0 [ 273.564997][ T8811] vhci_hcd: connection reset by peer [ 273.572484][ T76] vhci_hcd: stop threads [ 273.574778][ T76] vhci_hcd: release socket [ 273.576025][ T1150] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 273.577336][ T76] vhci_hcd: disconnect device [ 273.581352][ T1150] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 273.587140][ T1150] usb 5-1: Product: syz [ 273.589174][ T1150] usb 5-1: Manufacturer: syz [ 273.591716][ T1150] usb 5-1: SerialNumber: syz [ 273.767633][ T30] usb 7-1: new high-speed USB device number 29 using dummy_hcd [ 273.813796][ T1150] cdc_ncm 5-1:1.0: bind() failure [ 273.819805][ T1150] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found [ 273.822866][ T1150] cdc_ncm 5-1:1.1: bind() failure [ 273.829023][ T1150] usb 5-1: USB disconnect, device number 36 [ 273.977532][ T30] usb 7-1: Using ep0 maxpacket: 8 [ 273.982849][ T30] usb 7-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 273.986748][ T30] usb 7-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 273.998871][ T30] usb 7-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 274.002629][ T30] usb 7-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 274.008316][ T30] usb 7-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 274.011879][ T30] usb 7-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 274.025240][ T30] usb 7-1: string descriptor 0 read error: -22 [ 274.027339][ T30] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 274.031436][ T30] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 274.049761][ T30] adutux 7-1:168.0: interrupt endpoints not found [ 274.253401][ T969] usb 7-1: USB disconnect, device number 29 [ 274.362468][ T8824] overlay: ./file0 is not a directory [ 274.474309][ T8822] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 274.506170][ T8829] x_tables: duplicate underflow at hook 1 [ 274.723259][ T39] audit: type=1326 audit(1721402707.112:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8831 comm="syz.3.1045" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03579 code=0x7ffc0000 [ 274.734634][ T39] audit: type=1326 audit(1721402707.122:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8831 comm="syz.3.1045" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03579 code=0x7ffc0000 [ 274.753215][ T39] audit: type=1326 audit(1721402707.122:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8831 comm="syz.3.1045" exe="/syz-executor" sig=0 arch=40000003 syscall=39 compat=1 ip=0xf7f03579 code=0x7ffc0000 [ 274.755666][ T8832] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1045'. [ 274.773149][ T39] audit: type=1326 audit(1721402707.122:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8831 comm="syz.3.1045" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03579 code=0x7ffc0000 [ 274.796118][ T39] audit: type=1326 audit(1721402707.122:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8831 comm="syz.3.1045" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03579 code=0x7ffc0000 [ 274.815462][ T39] audit: type=1326 audit(1721402707.122:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8831 comm="syz.3.1045" exe="/syz-executor" sig=0 arch=40000003 syscall=15 compat=1 ip=0xf7f03579 code=0x7ffc0000 [ 274.836162][ T39] audit: type=1326 audit(1721402707.122:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8831 comm="syz.3.1045" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03579 code=0x7ffc0000 [ 274.859814][ T39] audit: type=1326 audit(1721402707.122:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8831 comm="syz.3.1045" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf7f03579 code=0x7ffc0000 [ 274.880172][ T39] audit: type=1326 audit(1721402707.132:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8831 comm="syz.3.1045" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf7f03579 code=0x7ffc0000 [ 275.153210][ T65] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 275.159226][ T65] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 276.409676][ T8859] FAULT_INJECTION: forcing a failure. [ 276.409676][ T8859] name failslab, interval 1, probability 0, space 0, times 0 [ 276.409702][ T8859] CPU: 1 PID: 8859 Comm: syz.0.1052 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0 [ 276.409720][ T8859] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 276.409730][ T8859] Call Trace: [ 276.409737][ T8859] [ 276.409744][ T8859] dump_stack_lvl+0x16c/0x1f0 [ 276.409774][ T8859] should_fail_ex+0x497/0x5b0 [ 276.409817][ T8859] should_failslab+0x9/0x20 [ 276.409837][ T8859] __kmalloc_noprof+0xcb/0x410 [ 276.409856][ T8859] ? __phys_addr+0xc6/0x150 [ 276.409892][ T8859] ? mpi_free_limb_space+0x1f/0x30 [ 276.409921][ T8859] mpi_alloc_limb_space+0x31/0x60 [ 276.409944][ T8859] mpi_powm+0xfe6/0x1be0 [ 276.409978][ T8859] ? __pfx_mpi_powm+0x10/0x10 [ 276.410009][ T8859] ? kasan_save_track+0x14/0x30 [ 276.410026][ T8859] ? __kasan_kmalloc+0xaa/0xb0 [ 276.410047][ T8859] dh_compute_value+0x1b2/0x3b0 [ 276.410074][ T8859] ? __pfx_dh_compute_value+0x10/0x10 [ 276.410099][ T8859] ? trace_kmalloc+0x2d/0xe0 [ 276.410122][ T8859] ? __kmalloc_noprof+0x207/0x410 [ 276.410146][ T8859] __keyctl_dh_compute+0x7d8/0xf50 [ 276.410171][ T8859] ? __pfx___keyctl_dh_compute+0x10/0x10 [ 276.410204][ T8859] ? __pfx_lock_release+0x10/0x10 [ 276.410240][ T8859] compat_keyctl_dh_compute+0x161/0x1d0 [ 276.410260][ T8859] ? __pfx_compat_keyctl_dh_compute+0x10/0x10 [ 276.410290][ T8859] ? ksys_write+0x1ab/0x260 [ 276.410307][ T8859] ? __pfx_ksys_write+0x10/0x10 [ 276.410328][ T8859] __do_compat_sys_keyctl+0x27b/0x440 [ 276.410348][ T8859] __do_fast_syscall_32+0x73/0x120 [ 276.410368][ T8859] do_fast_syscall_32+0x32/0x80 [ 276.410385][ T8859] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 276.410409][ T8859] RIP: 0023:0xf741e579 [ 276.410437][ T8859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 276.410459][ T8859] RSP: 002b:00000000f5d3656c EFLAGS: 00000296 ORIG_RAX: 0000000000000120 [ 276.410476][ T8859] RAX: ffffffffffffffda RBX: 0000000000000017 RCX: 0000000020000100 [ 276.410488][ T8859] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000180 [ 276.410499][ T8859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 276.410510][ T8859] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 276.410521][ T8859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 276.410544][ T8859] [ 276.759925][ T8865] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1054'. [ 277.044331][ T8868] x_tables: duplicate underflow at hook 1 [ 277.460792][ T8880] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1057'. [ 278.119067][ T5218] vhci_hcd: vhci_device speed not set [ 278.578802][ T8895] input: syz0 as /devices/virtual/input/input110 [ 278.661425][ T8894] input: syz0 as /devices/virtual/input/input111 [ 279.647511][ T10] usb 8-1: new high-speed USB device number 28 using dummy_hcd [ 279.785473][ T8914] input: syz0 as /devices/virtual/input/input112 [ 279.862361][ T10] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 279.875620][ T10] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 279.881011][ T10] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 279.886087][ T10] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 279.888470][ T25] usb 6-1: new high-speed USB device number 21 using dummy_hcd [ 279.898316][ T10] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 279.902697][ T10] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 279.922111][ T10] usb 8-1: config 0 descriptor?? [ 279.927678][ T8903] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 280.088242][ T25] usb 6-1: Using ep0 maxpacket: 8 [ 280.093972][ T25] usb 6-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 280.107495][ T25] usb 6-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 280.119887][ T25] usb 6-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 280.125486][ T25] usb 6-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 280.132499][ T25] usb 6-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 280.137180][ T25] usb 6-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 280.148136][ T25] usb 6-1: string descriptor 0 read error: -22 [ 280.151229][ T25] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 280.155595][ T25] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 280.172925][ T25] adutux 6-1:168.0: interrupt endpoints not found [ 280.380007][ T10] plantronics 0003:047F:FFFF.0007: unknown main item tag 0xd [ 280.401033][ T25] usb 6-1: USB disconnect, device number 21 [ 280.427193][ T10] plantronics 0003:047F:FFFF.0007: No inputs registered, leaving [ 280.466766][ T10] plantronics 0003:047F:FFFF.0007: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 280.664524][ T8912] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 280.681913][ T10] usb 8-1: USB disconnect, device number 28 [ 281.358200][ T8923] FAULT_INJECTION: forcing a failure. [ 281.358200][ T8923] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 281.363965][ T8923] CPU: 0 PID: 8923 Comm: syz.0.1068 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0 [ 281.368153][ T8923] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 281.372938][ T8923] Call Trace: [ 281.374456][ T8923] [ 281.375744][ T8923] dump_stack_lvl+0x16c/0x1f0 [ 281.377780][ T8923] should_fail_ex+0x497/0x5b0 [ 281.379840][ T8923] _copy_from_user+0x30/0xf0 [ 281.381853][ T8923] copy_from_buffer+0x86/0xb0 [ 281.383863][ T8923] copy_uabi_to_xstate+0x26e/0x670 [ 281.387344][ T8923] ? __pfx_copy_uabi_to_xstate+0x10/0x10 [ 281.387374][ T8923] ? __pfx_lock_release+0x10/0x10 [ 281.387398][ T8923] ? __fpu_restore_sig+0xc2c/0x1430 [ 281.387421][ T8923] ? __local_bh_enable_ip+0xa4/0x120 [ 281.387448][ T8923] __fpu_restore_sig+0x1070/0x1430 [ 281.387475][ T8923] ? __pfx___fpu_restore_sig+0x10/0x10 [ 281.387513][ T8923] ? __might_fault+0xe3/0x190 [ 281.387537][ T8923] fpu__restore_sig+0x102/0x180 [ 281.387562][ T8923] ia32_restore_sigcontext+0x40f/0x5d0 [ 281.387589][ T8923] ? __pfx_ia32_restore_sigcontext+0x10/0x10 [ 281.387614][ T8923] ? __pfx_lock_release+0x10/0x10 [ 281.387639][ T8923] ? _raw_spin_unlock_irq+0x23/0x50 [ 281.387663][ T8923] ? lockdep_hardirqs_on+0x7c/0x110 [ 281.387691][ T8923] __do_compat_sys_rt_sigreturn+0x116/0x1f0 [ 281.387717][ T8923] ? __pfx___do_compat_sys_rt_sigreturn+0x10/0x10 [ 281.387749][ T8923] do_int80_emulation+0x104/0x200 [ 281.387768][ T8923] asm_int80_emulation+0x1a/0x20 [ 281.387789][ T8923] RIP: 0023:0xf741e577 [ 281.387803][ T8923] Code: 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 80 5d 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 [ 281.387820][ T8923] RSP: 002b:00000000f5d3656c EFLAGS: 00000296 [ 281.387841][ T8923] RAX: 0000000000000174 RBX: 0000000000000007 RCX: 0000000020000280 [ 281.387856][ T8923] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 281.387867][ T8923] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 281.387878][ T8923] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 281.387888][ T8923] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 281.387911][ T8923] [ 281.500043][ T8933] veth1_to_hsr: entered promiscuous mode [ 281.503522][ T8933] veth1_to_hsr: left promiscuous mode [ 281.768599][ T8946] input: syz0 as /devices/virtual/input/input115 [ 281.777175][ T8940] input: syz0 as /devices/virtual/input/input114 [ 281.941342][ T8949] input: syz0 as /devices/virtual/input/input116 [ 282.747954][ T8959] FAULT_INJECTION: forcing a failure. [ 282.747954][ T8959] name failslab, interval 1, probability 0, space 0, times 0 [ 282.753219][ T8959] CPU: 0 PID: 8959 Comm: syz.1.1077 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0 [ 282.757328][ T8959] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 282.761959][ T8959] Call Trace: [ 282.763379][ T8959] [ 282.764725][ T8959] dump_stack_lvl+0x16c/0x1f0 [ 282.766795][ T8959] should_fail_ex+0x497/0x5b0 [ 282.768961][ T8959] should_failslab+0x9/0x20 [ 282.771130][ T8959] __kmalloc_node_noprof+0xd1/0x440 [ 282.773526][ T8959] ? __kvmalloc_node_noprof+0x9d/0x1a0 [ 282.776031][ T8959] __kvmalloc_node_noprof+0x9d/0x1a0 [ 282.778521][ T8959] io_uring_setup+0x6cf/0x36c0 [ 282.780681][ T8959] ? __pfx_io_uring_setup+0x10/0x10 [ 282.783115][ T8959] ? ksys_write+0x1ab/0x260 [ 282.784979][ T8959] ? __pfx_ksys_write+0x10/0x10 [ 282.787020][ T8959] __ia32_sys_io_uring_setup+0x97/0x140 [ 282.789316][ T8959] __do_fast_syscall_32+0x73/0x120 [ 282.791486][ T8959] do_fast_syscall_32+0x32/0x80 [ 282.793612][ T8959] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 282.796639][ T8959] RIP: 0023:0xf7f53579 [ 282.798519][ T8959] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 282.806516][ T8959] RSP: 002b:00000000f5d0651c EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 282.809915][ T8959] RAX: ffffffffffffffda RBX: 0000000000006866 RCX: 00000000200003c0 [ 282.813291][ T8959] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 282.816672][ T8959] RBP: 0000000020000440 R08: 0000000000000000 R09: 0000000000000000 [ 282.820289][ T8959] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 282.823612][ T8959] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 282.826811][ T8959] [ 282.910120][ T8967] syz.0.1079[8967] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 282.910383][ T8967] syz.0.1079[8967] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 282.969039][ T39] kauditd_printk_skb: 25 callbacks suppressed [ 282.969056][ T39] audit: type=1326 audit(1721402715.352:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8966 comm="syz.0.1079" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x0 [ 282.987441][ T8972] random: crng reseeded on system resumption [ 283.657586][ T1150] usb 7-1: new high-speed USB device number 30 using dummy_hcd [ 283.837457][ T1150] usb 7-1: Using ep0 maxpacket: 8 [ 283.841950][ T1150] usb 7-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 283.846583][ T1150] usb 7-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 283.857221][ T1150] usb 7-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 283.862819][ T1150] usb 7-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 283.870578][ T1150] usb 7-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 283.875094][ T1150] usb 7-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 283.892860][ T1150] usb 7-1: string descriptor 0 read error: -22 [ 283.892977][ T1150] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 283.892997][ T1150] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 283.901127][ T1150] adutux 7-1:168.0: interrupt endpoints not found [ 283.972176][ T39] audit: type=1326 audit(1721402716.362:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8981 comm="syz.0.1084" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x0 [ 284.142763][ T25] usb 7-1: USB disconnect, device number 30 [ 284.366643][ T8976] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 284.428824][ T8991] input: syz0 as /devices/virtual/input/input117 [ 285.475145][ T9007] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4) [ 285.477481][ T9007] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 285.480934][ T9007] vhci_hcd vhci_hcd.0: Device attached [ 285.687769][ T25] vhci_hcd: vhci_device speed not set [ 285.747951][ C0] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN NOPTI [ 285.753402][ C0] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 285.757638][ T25] usb 15-1: new full-speed USB device number 6 using vhci_hcd [ 285.759579][ C0] CPU: 0 PID: 9012 Comm: syz.0.1090 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0 [ 285.759600][ C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 285.759610][ C0] RIP: 0010:__dev_flush+0x49/0x1e0 [ 285.771617][ C0] Code: 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 98 01 00 00 48 b8 00 00 00 00 00 fc ff df 49 8b 2f 48 8d 5d 80 48 89 ea 48 c1 ea 03 <80> 3c 02 00 0f 85 69 01 00 00 48 8b 45 00 49 39 ef 4c 8d 60 80 0f [ 285.778826][ C0] RSP: 0018:ffffc90000007c90 EFLAGS: 00010246 [ 285.781011][ C0] RAX: dffffc0000000000 RBX: ffffffffffffff80 RCX: ffffffff88cfc09b [ 285.783943][ C0] RDX: 0000000000000000 RSI: ffffffff81b49c96 RDI: ffffc90007c77a58 [ 285.787295][ C0] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000 [ 285.789995][ C0] R10: 0000000000000010 R11: 0000000000000000 R12: ffffc90007c77a48 [ 285.792649][ C0] R13: ffff88802c0404c8 R14: ffffc90007c77a58 R15: ffffc90007c77a58 [ 285.795432][ C0] FS: 0000000000000000(0000) GS:ffff88802c000000(0063) knlGS:00000000f5d36b40 [ 285.798871][ C0] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 285.802102][ C0] CR2: 0000000020012000 CR3: 00000000627ce000 CR4: 0000000000350ef0 [ 285.805621][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 285.809036][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 285.812154][ C0] Call Trace: [ 285.813384][ C0] [ 285.814250][ C0] ? show_regs+0x8c/0xa0 [ 285.815494][ C0] ? die_addr+0x4f/0xd0 [ 285.816711][ C0] ? exc_general_protection+0x155/0x230 [ 285.818340][ C0] ? asm_exc_general_protection+0x26/0x30 [ 285.820272][ C0] ? xdp_do_check_flushed+0x21b/0x4e0 [ 285.822384][ C0] ? __dev_flush+0x16/0x1e0 [ 285.823955][ C0] ? __dev_flush+0x49/0x1e0 [ 285.825485][ C0] xdp_do_check_flushed+0x26b/0x4e0 [ 285.827479][ C0] __napi_poll.constprop.0+0xd1/0x550 [ 285.829685][ C0] net_rx_action+0xa92/0x1010 [ 285.831659][ C0] ? __pfx_net_rx_action+0x10/0x10 [ 285.833865][ C0] ? __pfx_rcu_is_watching+0x10/0x10 [ 285.836046][ C0] ? trace_rcu_utilization+0x100/0x160 [ 285.838089][ C0] ? run_timer_base+0x11e/0x190 [ 285.839713][ C0] handle_softirqs+0x216/0x8f0 [ 285.841301][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 285.843299][ C0] ? irqtime_account_irq+0x18d/0x2e0 [ 285.845242][ C0] ? tun_get_user+0x1d66/0x3c20 [ 285.846885][ C0] do_softirq+0xb2/0xf0 [ 285.848372][ C0] [ 285.849491][ C0] [ 285.850613][ C0] __local_bh_enable_ip+0x100/0x120 [ 285.852548][ C0] ? tun_get_user+0x1d66/0x3c20 [ 285.854360][ C0] tun_get_user+0x1d80/0x3c20 [ 285.855889][ C0] ? __pfx_tun_get_user+0x10/0x10 [ 285.857536][ C0] ? find_held_lock+0x2d/0x110 [ 285.859155][ C0] ? __pfx_lock_release+0x10/0x10 [ 285.860781][ C0] tun_chr_write_iter+0xe8/0x210 [ 285.862434][ C0] vfs_write+0x6b6/0x1140 [ 285.863880][ C0] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 285.865754][ C0] ? __pfx_vfs_write+0x10/0x10 [ 285.867374][ C0] ? do_futex+0x123/0x350 [ 285.868943][ C0] ? __fget_files+0x256/0x400 [ 285.870746][ C0] ? __fget_light+0x173/0x210 [ 285.872833][ C0] ksys_write+0x12f/0x260 [ 285.874798][ C0] ? __pfx_ksys_write+0x10/0x10 [ 285.876919][ C0] __do_fast_syscall_32+0x73/0x120 [ 285.879127][ C0] do_fast_syscall_32+0x32/0x80 [ 285.881174][ C0] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 285.883553][ C0] RIP: 0023:0xf741e579 [ 285.885040][ C0] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 285.892049][ C0] RSP: 002b:00000000f5d36530 EFLAGS: 00000293 ORIG_RAX: 0000000000000004 [ 285.895416][ C0] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000020000a00 [ 285.898425][ C0] RDX: 0000000000011dc0 RSI: 00000000f7409ff4 RDI: 0000000000000000 [ 285.901120][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 285.904018][ C0] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 285.906993][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 285.910136][ C0] [ 285.911533][ C0] Modules linked in: [ 285.913406][ C0] ---[ end trace 0000000000000000 ]--- [ 285.915846][ C0] RIP: 0010:__dev_flush+0x49/0x1e0 [ 285.918295][ C0] Code: 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 98 01 00 00 48 b8 00 00 00 00 00 fc ff df 49 8b 2f 48 8d 5d 80 48 89 ea 48 c1 ea 03 <80> 3c 02 00 0f 85 69 01 00 00 48 8b 45 00 49 39 ef 4c 8d 60 80 0f [ 285.926369][ C0] RSP: 0018:ffffc90000007c90 EFLAGS: 00010246 [ 285.929078][ C0] RAX: dffffc0000000000 RBX: ffffffffffffff80 RCX: ffffffff88cfc09b [ 285.932902][ C0] RDX: 0000000000000000 RSI: ffffffff81b49c96 RDI: ffffc90007c77a58 [ 285.936147][ C0] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000 [ 285.938892][ C0] R10: 0000000000000010 R11: 0000000000000000 R12: ffffc90007c77a48 [ 285.941409][ C0] R13: ffff88802c0404c8 R14: ffffc90007c77a58 R15: ffffc90007c77a58 [ 285.943852][ C0] FS: 0000000000000000(0000) GS:ffff88802c000000(0063) knlGS:00000000f5d36b40 [ 285.947022][ C0] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 285.950085][ C0] CR2: 0000000020012000 CR3: 00000000627ce000 CR4: 0000000000350ef0 [ 285.953856][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 285.957349][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 285.960847][ C0] Kernel panic - not syncing: Fatal exception in interrupt [ 285.964626][ C0] Kernel Offset: disabled [ 285.966316][ C0] Rebooting in 86400 seconds.. VM DIAGNOSIS: 15:25:18 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff84fc1315 RDI=ffffffff94da62c0 RBP=ffffffff94da6280 RSP=ffffc900000076f0 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=000000004153414b R12=0000000000000000 R13=0000000000000030 R14=ffffffff84fc12b0 R15=0000000000000000 RIP=ffffffff84fc133f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802c000000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000020012000 CR3=00000000627ce000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000710bb9 RBX=0000000000000001 RCX=ffffffff8ae47699 RDX=0000000000000000 RSI=ffffffff8b2cc020 RDI=ffffffff8b904c00 RBP=ffffed1002cea910 RSP=ffffc90000477e08 R8 =0000000000000001 R9 =ffffed1005826fe1 R10=ffff88802c137f0b R11=0000000000000000 R12=0000000000000001 R13=ffff888016754880 R14=ffffffff8fe49ad8 R15=0000000000000000 RIP=ffffffff8ae48a8f RFL=00000242 [---Z---] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c100000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000020010000 CR3=000000001cf1a000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7f7e67002ee6e1f4 b893778e65766809 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ae7d8a5e67ee6d94 7f77abf116f48b19 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a2028673e1790462 202db6c775243485 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 1fc35a6187b3eccb 35814a3bdae1d07f ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000400 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000ae000000ae 4f2956e25401cf98 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000ae000000ae 000000ae00000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000ae39ea83e0 3988ed92390fbbc8 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 005b7a215414d1a8 000000ae2f8ec6f6 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 23e3a6d57b96978e b56edcd043921c46 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 c6070a49cccd015c ef5f5b6497efca48 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=0000000000000001 RCX=ffffffff816f737e RDX=ffff888016784880 RSI=ffffffff816f736c RDI=0000000000000001 RBP=000000000000003b RSP=ffffc90000527690 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=ffffffff8b2bd820 R12=0000000000000200 R13=ffff888020140000 R14=ffffffff8bba8a40 R15=ffffc900005277e8 RIP=ffffffff816f736e RFL=00000093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c200000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000056c934c0 CR3=000000005f722000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000c400000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000001 RBX=0000000000000000 RCX=ffffffff81cb7876 RDX=0000000000000000 RSI=ffffffff81cb7389 RDI=ffff88801a72a884 RBP=000000000000003e RSP=ffffc90000e37810 R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000000 R11=ffff888040ed0000 R12=ffff88801a068e20 R13=000000000000003e R14=000000000000003d R15=ffffc90000e378c8 RIP=ffffffff81cb738e RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c300000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f740a230 CR3=000000005fc5e000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000