last executing test programs: 15.066613825s ago: executing program 1 (id=1565): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x208}, 0x48) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @any, 0x0, 0x1}, 0xe) open_by_handle_at(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[@ANYBLOB="20000000620000d4"], 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000004, 0x10012, 0xffffffffffffffff, 0x0) setsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0xf, &(0x7f0000000080)=0x4, 0x4) 14.895821112s ago: executing program 1 (id=1567): socket$packet(0x11, 0x3, 0x300) r0 = openat$vnet(0xffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000001240)={0x2, 0x0, [{0xd000, 0x1000, &(0x7f0000000240)=""/4096}, {0x1000, 0x8e, &(0x7f00000000c0)=""/142}]}) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001f80)=ANY=[@ANYBLOB="b702000026000000bfa300000000000007030000007effff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065060400010000050404000001007d60b7030000000000006a0a00fe00000000850000002b000000b7000000000000009500000000000000496cf27fb6d2c643db7e2d5fb4b0936cdf827fb43a431ca711fcd0cdfa146ed3d09a6175037958e27106e225b7937f02008b5e5a076d83923dd29c034055b67dafe6c8dc525d78c07f17e4d5b3185b310efcfa89147a09000000f110026e6d2ef831ab7ea0c34f17e3ad6eecbb622003b534dfd8e012e79578e51bc53099e90f4580d760551b5b0a341a2d7cbdb9cd38bdb2ca8e050000003a14817ac61e4dd11183a13477bf7e060e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c214733a18c8b6619f28d9961b6fbce3f897226c57c2691208173656d60a17e3c184b751c51160fbcbbdb5b1e7be6148ba532e60a0ac346dfebd31a0806000000020000000000230048f941b13d924bcf334d83239dd27080e71113610e10d858e8327ef01fb6c86acac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e957bc73ddc4eabba08ab1e1ad828267d4eadd3964663e88535c063f7130856f756436303767d2e24f29e5dad9796edb697a6ea1182babc190ae2ebf8aad34732181feb215139f15ea7e8cb0bae7c34d5ac5e7c805210600000000000000c3dec04b25dfc17975238345d4f71ab158c36657b7218baa0700f781c0a99bd50499ccc421ace5e845885efb5b9964e4beba3da8223fe5308e4e65ee93e107000000f8ddebf70132a4d0175b989b8eccf707882042e716df9b57b290c661d4e85031086197bcc5cb0e221a0c34323c129102b6ff0100002e88a1940b3c02ed9c92d6f64b1282dc51bb00000000000000599e1c72ffa11ed8be1a6830d7507005154c46bd3ca96318c50500721fc7aa2a583726c64c0fb6ca996d278fb00bba99fe1f86468694f22cdf550ef091a78098534f0d973059594119d06d5ea9a8d0857382ec6e2a071474cfc12346e47ad97f4ead7cf70a9d1cdac944779dc08a705414888700a30e2366c6a06b3367a389ca39059787790017b0689a411f450f173db9c24db65c1e00015c1d093dab18fd0699fe3304000000323e9c7080397bc49d70c060d57bc88fbe3bbaa058b040362ab926150363fb099408885afc2bf9a46a076b7babfcddeff8c35030669ea69f5e4be1b8e0d6697e97186f9ae97d5670dba6623279f73db9dec75070cd9ab0fda6b069ef6d2857ca3e4effcf7462710d133d541da86e0477e4a6cc999dc21c3ef408e6b178e7c9f274d7fafc8d757d33dfa35aa2000034837d365e63845f3c1092f8dde8af3904ea0f4b82649b83ed4fa0f873339c4cadecc13219ba7518aa4f7db34ead13484742067ab743c1d82a5687f2ed690000000000000000000000000000000000000000000099d4fa0000000000003f0ecdc7c82e72919c91d2039afe17e95edeeeba72205beff7771bcb293747b88486cacee403000000a2919a4bff2ed893f2c814679fa69fc7e0cf761f918725704a01c56009a9f748e5aaf30a10bd8c409b1870c1f75ee93f9959e3d3f8e0048e55ae289ce2ad779ce71d4dc30cbb2cc4289d2f884d66cddc76eb7f601110ff39053c262279f4ef00fbdb8c328615a9ec84f27a9f3938ae736138b8c1ec220c1540bf3d162dc1c27fa30f0dc60b9f257db5d1c7ed2e152cb2cf06f8edb30177fead735a952ffce676a93110904d5ee2abdab2ef3ff84c4d61443f73552195c7ccfbf9f03c44432eaa3b7501d4239354da8de21eada75d3a3afb2c76ff0700007981699b6c0f0e946766f57544ff52cef0dd811bec4e3c0a30f2d7d19d26d2503a3ea376721b8eded3bc475958dd498ee2b2d6146e33fc0de1dc2e0516ac565ddb1d4ae89e6712824a85eb9ee0a3b68c9e209756623adf685dd715d68ed11e4b4d5502f5124948f8f98c615cac3666c58f785c3f758be352a71871d5c081197d37980e4f4e26b5476fb20407ff7098b7174bef660200a99b5c0c20b378065fac4ef9ac2d0d804b9400000060e5d3f1749feaecf69ba83a71caa9bdddc679f1b826f54b6563a4be1fd82b73c8c2bc65f63982b951fb058fd3c7b6341c4580376b6c16bd94d2da66059de81abfa15eeeb88b6ae5882ad341032c73f1285e21fff5a1d138e061b1dc7bbda199b5fab8e0719e9cd69b47dcb52b0be6a3a73afdf328132e1d4f21065716be0c53a23940d07188b015fa341dbc92231c8b5e5717eac184f46c9f61b69f55cd2231bcf821052429a1f250e8b734be0605a15f25923d599544b319319ff0a32621019347df460a098119a6f47eb1bac47946d7a009cbc6ec74c19a93cc7c7138b28c95270116181fd5f54d2ad0e10d3663488e664401453f22f0d76d2162635365258af61ae1f46f4a7862f302d91e3f7c2781f602220522e84602a939a8d5e4137ae31ccd397404dc72e06715a6503d4d865182803ee6725da7293b23daeebefd6fce7411c9624a7e8d5ba5a13e1c32adc4f3274497c6882a72475e4280a4d9a47c003c6ed3071330c58145be498ca2b42496c479a0a71e2f6f9bad8c84bc6be20281bde0b348cd2c60538a505ad4a0510eebb023e4954c9eb6cd70627f5c03d867dbf3ad5d1f1dc852064dd0efafc3df20ed65af3d194db76127f88f284fa1b71ab964fdd2474471da76373e65e9a8bf844bdfdd348bc7d00c4c7e7afe8a1f8cde79b7a6c5aafe954b8ba37818e40c14b37c23f9f614576b689436fef2f27f8b1e756e00262e22bca49c43fd73e7e99b2fa44a8c1db99c2cf2735ad6c5fabf082e0df0f8ba7e24272165f2f5b28230c02b53d44bd84bf6770157e96bbb96b5e1f165c87e7ad68a3600b3d357fa9a7d53c281d88ebb175a4dbb82130e6870982947913110f091d21760d985afd3163f2e6880682432f9b3b97d57a9f980edfa1116a3d04d58872a07d6a7e12db673acd2f7b8989d833e71943fe2c1c65a3cf36b955c56b55bfd3ecf0af694c71a03f2996c15b1ba971de1cb9c7e6a0000000000000014783ef54c51199317413f98dca8ff3d0bda50f6c0af58dbd6c031b1a5a7512c5896514adfa17d31429c68db50a93d88199defd3b4625fea426ff9293a28a544a6a9e2a79b55daa1b3c6b14c4ec6d164e902ce4913843d65d841973468729ea12bf6d3499036dbb66718f3497855c3baa6cc07c0fa388ec9df0617c1a28ef5a595ee267a76175b8a057e6efaf4fefe46def451f2858fe71a53e77b1a44e98843bb3a40102da3703dfb9f61bdcea2fb810b32d52e2157a150a63ea6135d1cf6f864c2e68884d7245bc5d61dc5a114d10ffb22e76678bbfc1e3865d17d128306d1b81884a934cb00000000000000000098a4526e6468987dbc63bff7590eb388afaba43d811996333eef7e9f472bee293f0c40d434b8be07cbd52325296e22802493edb5c590ad208bac683a8b2d4c9d2d57ff846ae8c422e0b28546671f11d8157bb762c91f3fbcca8e21589c92446ae65d408c0637ffcc2d44d715ce003dd1e12b085e186d069a55c2e96efbe5024d61a56a36d988c0f51a973a6c238e545b28211a92000000001501ae03002af0fcd540a9d4e293690c5e697b3a1480e46df5371bca1cfb28a57c1b3c956ec81397e81fbf870a67385fea04220423f52ad8178b9fd04bdc7e5fee4bd52db996e633792118efdb6b88023e80da74fdf723c7f0b2e9f3bb90613508c00a292a0c5b87a4f8ff35eba73ce9ebf77d0c842063a7b42c757d828678d38e6a86ad4f19cdeb7cfc100ceabb4a3999cce5d36ecfe80def20f7187bab75515226f4d9b30e0567612210d492468781999ce795522b726bdf37b15e9afde32a7052cc909eb08cca312c557bff04cf1fbb0dcfe8ac00"/2830], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff4f}, 0x48) r3 = syz_io_uring_complete(0x0) ioctl$RFKILL_IOCTL_NOINPUT(r3, 0x5201) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000900)={r2, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000380)="804395164463a671569ba56a5cfd", 0x0, 0x20002, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) process_vm_readv(0x0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r4, &(0x7f0000000080), 0x6) getsockname(r4, 0x0, &(0x7f00000000c0)) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x5, 0x2, 0x8, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4000, 0x2000000}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) munmap(&(0x7f0000002000/0x2000)=nil, 0x2000) 14.515623234s ago: executing program 1 (id=1570): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0xf, &(0x7f0000000180)=ANY=[], 0x0}, 0x90) io_setup(0xff, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) r0 = getpid() process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42f82, 0x0) ioctl$SNDCTL_DSP_SPEED(r1, 0xc0045002, &(0x7f0000000500)=0x1000003) write$dsp(r1, &(0x7f00000001c0), 0x0) 14.115013264s ago: executing program 1 (id=1571): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB]) chdir(&(0x7f0000000100)='./file0\x00') mkdir(&(0x7f0000000580)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0) r1 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) chdir(&(0x7f0000000140)='./bus\x00') linkat(r0, &(0x7f00000002c0)='./file1\x00', r1, &(0x7f0000000440)='./file0\x00', 0x0) lchown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f00000004c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000180)='./bus\x00', &(0x7f0000000100), 0x0, &(0x7f0000000000)={[{@xino_auto}, {@lowerdir={'lowerdir', 0x3d, './file1'}, 0x3a}], [], 0x2f}) 13.633070147s ago: executing program 1 (id=1573): r0 = socket$can_j1939(0x1d, 0x2, 0x7) madvise(&(0x7f0000165000/0x1000)=nil, 0x1000, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000100)='net\x00') bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) close(r3) r4 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_rx_ring(r4, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) write$cgroup_subtree(r2, &(0x7f0000000380)=ANY=[@ANYBLOB="8fedcb5d07081196f37538e486dd6372ce22fdb911"], 0xfdef) lseek(r0, 0x7, 0x0) getdents64(r1, 0xffffffffffffffff, 0x43) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r2, 0x40089413, &(0x7f0000000240)=0x8) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000240)=ANY=[], 0x50}}, 0x0) getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x1f, &(0x7f00000000c0)=""/227, &(0x7f0000000000)=0xe3) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r6}, 0x4) bpf$MAP_LOOKUP_ELEM(0x15, &(0x7f0000000500)={r6, 0x0, 0x0}, 0x20) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3c00000010000341d1b48b006775289f93e6d70000000000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000001c001280080001006772650010000280080014000700000004001200"], 0x3c}}, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600707, 0x0) syz_emit_vhci(&(0x7f0000001540)=ANY=[@ANYBLOB="040f0404001c04"], 0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) 13.24983011s ago: executing program 1 (id=1575): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x208}, 0x48) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @any, 0x0, 0x1}, 0xe) open_by_handle_at(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[@ANYBLOB="20000000620000d4"], 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000004, 0x10012, 0xffffffffffffffff, 0x0) setsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0xf, &(0x7f0000000080)=0x4, 0x4) 12.696874691s ago: executing program 2 (id=1577): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f}) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, 0x0) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]}) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000002c0)={0x1}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002a20702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000838520084aa79ae6f923a624a49f80bf257305637a330f11eef4f9836855a8b1623fe6a6c42816b11551171ea524fa2c985ca67f5a5f4e2d00a7a59172ee558e7133bd47af795f9104b39122b665e77cce986f66428b567ef90e5afecb899e6d932c6609f12db2d34e8e3e640f902823e1761273c80e563bb6ceb77163d5730ff8822ff15b4ac8f472ad1a765f80624d7e018d4ef52e19e6964b8f5a6e0f5818e5618ec2c2b33216d768b0384ad46097086ae18d2bd140efd0620573a102ac810a21a9b32cba9e88866b0e69782c173b0f1868e75aa6bb05296bdfed2566509db884cbed028c5c557ddd8abf750dcbbabf844792574258"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x800000}, 0x90) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) ioctl$DRM_IOCTL_GET_MAGIC(r2, 0x80046402, 0x0) close_range(r1, 0xffffffffffffffff, 0x0) 12.44675168s ago: executing program 2 (id=1578): socket$packet(0x11, 0x3, 0x300) r0 = openat$vnet(0xffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000001240)={0x2, 0x0, [{0xd000, 0x1000, &(0x7f0000000240)=""/4096}, {0x1000, 0x8e, &(0x7f00000000c0)=""/142}]}) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001f80)=ANY=[@ANYBLOB="b702000026000000bfa300000000000007030000007effff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065060400010000050404000001007d60b7030000000000006a0a00fe00000000850000002b000000b7000000000000009500000000000000496cf27fb6d2c643db7e2d5fb4b0936cdf827fb43a431ca711fcd0cdfa146ed3d09a6175037958e27106e225b7937f02008b5e5a076d83923dd29c034055b67dafe6c8dc525d78c07f17e4d5b3185b310efcfa89147a09000000f110026e6d2ef831ab7ea0c34f17e3ad6eecbb622003b534dfd8e012e79578e51bc53099e90f4580d760551b5b0a341a2d7cbdb9cd38bdb2ca8e050000003a14817ac61e4dd11183a13477bf7e060e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c214733a18c8b6619f28d9961b6fbce3f897226c57c2691208173656d60a17e3c184b751c51160fbcbbdb5b1e7be6148ba532e60a0ac346dfebd31a0806000000020000000000230048f941b13d924bcf334d83239dd27080e71113610e10d858e8327ef01fb6c86acac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e957bc73ddc4eabba08ab1e1ad828267d4eadd3964663e88535c063f7130856f756436303767d2e24f29e5dad9796edb697a6ea1182babc190ae2ebf8aad34732181feb215139f15ea7e8cb0bae7c34d5ac5e7c805210600000000000000c3dec04b25dfc17975238345d4f71ab158c36657b7218baa0700f781c0a99bd50499ccc421ace5e845885efb5b9964e4beba3da8223fe5308e4e65ee93e107000000f8ddebf70132a4d0175b989b8eccf707882042e716df9b57b290c661d4e85031086197bcc5cb0e221a0c34323c129102b6ff0100002e88a1940b3c02ed9c92d6f64b1282dc51bb00000000000000599e1c72ffa11ed8be1a6830d7507005154c46bd3ca96318c50500721fc7aa2a583726c64c0fb6ca996d278fb00bba99fe1f86468694f22cdf550ef091a78098534f0d973059594119d06d5ea9a8d0857382ec6e2a071474cfc12346e47ad97f4ead7cf70a9d1cdac944779dc08a705414888700a30e2366c6a06b3367a389ca39059787790017b0689a411f450f173db9c24db65c1e00015c1d093dab18fd0699fe3304000000323e9c7080397bc49d70c060d57bc88fbe3bbaa058b040362ab926150363fb099408885afc2bf9a46a076b7babfcddeff8c35030669ea69f5e4be1b8e0d6697e97186f9ae97d5670dba6623279f73db9dec75070cd9ab0fda6b069ef6d2857ca3e4effcf7462710d133d541da86e0477e4a6cc999dc21c3ef408e6b178e7c9f274d7fafc8d757d33dfa35aa2000034837d365e63845f3c1092f8dde8af3904ea0f4b82649b83ed4fa0f873339c4cadecc13219ba7518aa4f7db34ead13484742067ab743c1d82a5687f2ed690000000000000000000000000000000000000000000099d4fa0000000000003f0ecdc7c82e72919c91d2039afe17e95edeeeba72205beff7771bcb293747b88486cacee403000000a2919a4bff2ed893f2c814679fa69fc7e0cf761f918725704a01c56009a9f748e5aaf30a10bd8c409b1870c1f75ee93f9959e3d3f8e0048e55ae289ce2ad779ce71d4dc30cbb2cc4289d2f884d66cddc76eb7f601110ff39053c262279f4ef00fbdb8c328615a9ec84f27a9f3938ae736138b8c1ec220c1540bf3d162dc1c27fa30f0dc60b9f257db5d1c7ed2e152cb2cf06f8edb30177fead735a952ffce676a93110904d5ee2abdab2ef3ff84c4d61443f73552195c7ccfbf9f03c44432eaa3b7501d4239354da8de21eada75d3a3afb2c76ff0700007981699b6c0f0e946766f57544ff52cef0dd811bec4e3c0a30f2d7d19d26d2503a3ea376721b8eded3bc475958dd498ee2b2d6146e33fc0de1dc2e0516ac565ddb1d4ae89e6712824a85eb9ee0a3b68c9e209756623adf685dd715d68ed11e4b4d5502f5124948f8f98c615cac3666c58f785c3f758be352a71871d5c081197d37980e4f4e26b5476fb20407ff7098b7174bef660200a99b5c0c20b378065fac4ef9ac2d0d804b9400000060e5d3f1749feaecf69ba83a71caa9bdddc679f1b826f54b6563a4be1fd82b73c8c2bc65f63982b951fb058fd3c7b6341c4580376b6c16bd94d2da66059de81abfa15eeeb88b6ae5882ad341032c73f1285e21fff5a1d138e061b1dc7bbda199b5fab8e0719e9cd69b47dcb52b0be6a3a73afdf328132e1d4f21065716be0c53a23940d07188b015fa341dbc92231c8b5e5717eac184f46c9f61b69f55cd2231bcf821052429a1f250e8b734be0605a15f25923d599544b319319ff0a32621019347df460a098119a6f47eb1bac47946d7a009cbc6ec74c19a93cc7c7138b28c95270116181fd5f54d2ad0e10d3663488e664401453f22f0d76d2162635365258af61ae1f46f4a7862f302d91e3f7c2781f602220522e84602a939a8d5e4137ae31ccd397404dc72e06715a6503d4d865182803ee6725da7293b23daeebefd6fce7411c9624a7e8d5ba5a13e1c32adc4f3274497c6882a72475e4280a4d9a47c003c6ed3071330c58145be498ca2b42496c479a0a71e2f6f9bad8c84bc6be20281bde0b348cd2c60538a505ad4a0510eebb023e4954c9eb6cd70627f5c03d867dbf3ad5d1f1dc852064dd0efafc3df20ed65af3d194db76127f88f284fa1b71ab964fdd2474471da76373e65e9a8bf844bdfdd348bc7d00c4c7e7afe8a1f8cde79b7a6c5aafe954b8ba37818e40c14b37c23f9f614576b689436fef2f27f8b1e756e00262e22bca49c43fd73e7e99b2fa44a8c1db99c2cf2735ad6c5fabf082e0df0f8ba7e24272165f2f5b28230c02b53d44bd84bf6770157e96bbb96b5e1f165c87e7ad68a3600b3d357fa9a7d53c281d88ebb175a4dbb82130e6870982947913110f091d21760d985afd3163f2e6880682432f9b3b97d57a9f980edfa1116a3d04d58872a07d6a7e12db673acd2f7b8989d833e71943fe2c1c65a3cf36b955c56b55bfd3ecf0af694c71a03f2996c15b1ba971de1cb9c7e6a0000000000000014783ef54c51199317413f98dca8ff3d0bda50f6c0af58dbd6c031b1a5a7512c5896514adfa17d31429c68db50a93d88199defd3b4625fea426ff9293a28a544a6a9e2a79b55daa1b3c6b14c4ec6d164e902ce4913843d65d841973468729ea12bf6d3499036dbb66718f3497855c3baa6cc07c0fa388ec9df0617c1a28ef5a595ee267a76175b8a057e6efaf4fefe46def451f2858fe71a53e77b1a44e98843bb3a40102da3703dfb9f61bdcea2fb810b32d52e2157a150a63ea6135d1cf6f864c2e68884d7245bc5d61dc5a114d10ffb22e76678bbfc1e3865d17d128306d1b81884a934cb00000000000000000098a4526e6468987dbc63bff7590eb388afaba43d811996333eef7e9f472bee293f0c40d434b8be07cbd52325296e22802493edb5c590ad208bac683a8b2d4c9d2d57ff846ae8c422e0b28546671f11d8157bb762c91f3fbcca8e21589c92446ae65d408c0637ffcc2d44d715ce003dd1e12b085e186d069a55c2e96efbe5024d61a56a36d988c0f51a973a6c238e545b28211a92000000001501ae03002af0fcd540a9d4e293690c5e697b3a1480e46df5371bca1cfb28a57c1b3c956ec81397e81fbf870a67385fea04220423f52ad8178b9fd04bdc7e5fee4bd52db996e633792118efdb6b88023e80da74fdf723c7f0b2e9f3bb90613508c00a292a0c5b87a4f8ff35eba73ce9ebf77d0c842063a7b42c757d828678d38e6a86ad4f19cdeb7cfc100ceabb4a3999cce5d36ecfe80def20f7187bab75515226f4d9b30e0567612210d492468781999ce795522b726bdf37b15e9afde32a7052cc909eb08cca312c557bff04cf1fbb0dcfe8ac00"/2830], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff4f}, 0x48) r3 = syz_io_uring_complete(0x0) ioctl$RFKILL_IOCTL_NOINPUT(r3, 0x5201) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000900)={r2, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000380)="804395164463a671569ba56a5cfd", 0x0, 0x20002, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) process_vm_readv(0x0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r4, &(0x7f0000000080), 0x6) getsockname(r4, 0x0, &(0x7f00000000c0)) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x5, 0x2, 0x8, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4000, 0x2000000}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) munmap(&(0x7f0000002000/0x2000)=nil, 0x2000) 12.134802572s ago: executing program 2 (id=1580): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x208}, 0x48) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000080), 0xfefc) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000004, 0x10012, r1, 0x0) setsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0xf, &(0x7f0000000080)=0x4, 0x4) 12.036805268s ago: executing program 2 (id=1581): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB]) chdir(&(0x7f0000000100)='./file0\x00') mkdir(&(0x7f0000000580)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0) r1 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) chdir(&(0x7f0000000140)='./bus\x00') linkat(r0, &(0x7f00000002c0)='./file1\x00', r1, &(0x7f0000000440)='./file0\x00', 0x0) lchown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f00000004c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f0000000180)='./bus\x00', &(0x7f0000000100), 0x0, &(0x7f0000000000)={[{@xino_auto}, {@lowerdir={'lowerdir', 0x3d, './file1'}, 0x3a}], [], 0x2f}) 11.8240837s ago: executing program 2 (id=1582): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x10}]}) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = socket$kcm(0x11, 0x3, 0x0) setsockopt$sock_attach_bpf(r7, 0x107, 0xf, &(0x7f0000000000), 0x4) sendmsg$kcm(r7, &(0x7f00000000c0)={&(0x7f0000000340)=@phonet={0x23, 0x0, 0x0, 0x41}, 0x80, &(0x7f0000000180)=[{&(0x7f0000000300)="27050200590200000600002fb96dbcf706e105000700810000008100ee162fd4b8bf892faccb", 0x26}], 0x1}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000540)={'wlan0\x00'}) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000080)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_PMKSA(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010029bd7000000000003400000008000300", @ANYRES32=r8, @ANYBLOB="140055005c9e0000008c00ed3dfd7e73ab383f980a00340002020202020200001400fe797f1d67c0cb9c7a26148936b2ff009809b1a477ba0c2798228a28f1a956fa0a000600de4daae5c23800001400550056fcb7189b518237ccdf03bc533a5af50a000600ffffffffffff00008fe59decfdfa8ec7eb07d409f29585bade7bda6ad1bca89f68379e0abfbc68ade962ce6f0de5501b976fad3e21e3f595527c24939cba538651d28b7db507e15fb34361e090bb0dec42ba638ea9c20958ad24c5189d88f0c7befd437740cb070d05aaa7f4365f920f83365d300f25b7e6febfa4ca1378ce44b3bd5b7e1264215406c076f2edaeee991bb69ac8dcc89d0c9310efe977b66585b9e765e63af08bd802a90981224ec38bd291678e3aca93a8b2e8814361799d8b8c7b"], 0x7c}}, 0x0) r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f00000002c0)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r9}, 0x10) r10 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r10, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)="5c00000026006bab9a3fe3d86e17aa31106b876c1d0000007ea60864160af36504001a0038001d004231a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb5b64f69853362ac3407173ec", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) recvmsg(r10, &(0x7f0000001b00)={0x0, 0x0, &(0x7f0000004080)=[{&(0x7f0000002f80)=""/4096, 0x1069}], 0x1}, 0x0) write$sndseq(0xffffffffffffffff, &(0x7f00000005c0)=[{0x6, 0x0, 0x0, 0x0, @time, {0x2}, {}, @ext={0x0, 0x0}}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"272be5806cd46d7b9ff797a0"}}, {}], 0x70) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=ANY=[@ANYBLOB="480000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000200012800e0001006970366772657461700000000c00028008000100", @ANYRES32, @ANYBLOB="080001"], 0x48}}, 0x0) 11.415944261s ago: executing program 3 (id=1584): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x208}, 0x48) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @any, 0x0, 0x1}, 0xe) open_by_handle_at(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[@ANYBLOB="20000000620000d4"], 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000004, 0x10012, 0xffffffffffffffff, 0x0) setsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0xf, &(0x7f0000000080)=0x4, 0x4) 11.314991674s ago: executing program 3 (id=1585): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f}) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, 0x0) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]}) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000002c0)={0x1}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002a20702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000838520084aa79ae6f923a624a49f80bf257305637a330f11eef4f9836855a8b1623fe6a6c42816b11551171ea524fa2c985ca67f5a5f4e2d00a7a59172ee558e7133bd47af795f9104b39122b665e77cce986f66428b567ef90e5afecb899e6d932c6609f12db2d34e8e3e640f902823e1761273c80e563bb6ceb77163d5730ff8822ff15b4ac8f472ad1a765f80624d7e018d4ef52e19e6964b8f5a6e0f5818e5618ec2c2b33216d768b0384ad46097086ae18d2bd140efd0620573a102ac810a21a9b32cba9e88866b0e69782c173b0f1868e75aa6bb05296bdfed2566509db884cbed028c5c557ddd8abf750dcbbabf844792574258"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x800000}, 0x90) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) ioctl$DRM_IOCTL_GET_MAGIC(r2, 0x80046402, 0x0) close_range(r1, 0xffffffffffffffff, 0x0) 11.196455489s ago: executing program 3 (id=1586): openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000900), 0x0, 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) read(r0, 0x0, 0x0) r1 = getpid() process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) write$uinput_user_dev(r0, &(0x7f0000000100)={'syz0\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4000, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x2, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000], [0x59a7314d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x2, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x3, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x810, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc], [0x100, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x1, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000]}, 0x45c) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota') chdir(&(0x7f0000000140)='./file1\x00') r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0) quotactl_fd$Q_SETQUOTA(r2, 0xffffffff80000700, 0xee01, &(0x7f00000000c0)) r3 = socket$rds(0x15, 0x5, 0x0) lseek(r3, 0x7c82, 0x3) bind$rds(r3, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10) sendmsg$rds(r3, &(0x7f00000011c0)={&(0x7f0000000940)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000580)=[@rdma_args={0x48, 0x114, 0x2, {{0x7, 0x4}, {0x0}, 0x0, 0x27}}], 0x48}, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000002000/0x1000)=nil}) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) syz_io_uring_setup(0x2ddd, &(0x7f00000006c0)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000140)=0x0) r6 = syz_io_uring_setup(0x5e2, &(0x7f0000000080), &(0x7f0000000180), &(0x7f0000000380)) syz_io_uring_submit(0x0, r5, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x4}) io_uring_enter(r6, 0x381b, 0x0, 0x0, 0x0, 0x0) recvfrom(r4, 0x0, 0x0, 0x0, 0x0, 0x0) 11.085892932s ago: executing program 2 (id=1587): socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_generic(0x10, 0x3, 0x10) r0 = getpgid(0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x0, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x4051}, 0x0) sched_setscheduler(0x0, 0x0, 0x0) r1 = epoll_create1(0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r4 = creat(&(0x7f0000000280)='./file0\x00', 0x0) close(r4) syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) r5 = openat$udambuf(0xffffffffffffff9c, &(0x7f00000001c0), 0x2) r6 = memfd_create(&(0x7f0000000300)='y\x105\xfb\xf7%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00s\x04\x879\xa24\xa9am\xde\xb2\x02\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea7\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\x0f<\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x06\'\x93\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00\xd5\xf3\\\x00\xbe]Et\xad*\xecj\x02\xc8\xc4\f\x04\x99\xf6\x1d\xcf\xf38\xe2\x80\xf5\xd7\xcd5\xd9\x1fE\xfd\xce', 0x3) ftruncate(r6, 0xffff) fcntl$addseals(r6, 0x409, 0x7) r7 = ioctl$UDMABUF_CREATE(r5, 0x40187542, &(0x7f00000002c0)={r6, 0x0, 0x0, 0x1000}) r8 = fcntl$dupfd(r7, 0x0, r7) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r4, 0xc00c642e, &(0x7f0000000180)={0x0, 0x0, r8}) ioctl$DRM_IOCTL_GEM_CLOSE(r4, 0x40086409, &(0x7f0000000080)={r9}) r10 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_udp_encap(r10, 0x11, 0x64, &(0x7f0000000080), 0xffffff1b) r11 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000100)={0x20000014}) epoll_ctl$EPOLL_CTL_ADD(r11, 0x1, r1, &(0x7f0000000000)={0xa0000001}) epoll_wait(r11, &(0x7f0000000340)=[{}], 0x1, 0x1000) socket$netlink(0x10, 0x3, 0x0) 10.003436643s ago: executing program 3 (id=1589): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB]) chdir(&(0x7f0000000100)='./file0\x00') mkdir(&(0x7f0000000580)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0) r1 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) chdir(&(0x7f0000000140)='./bus\x00') linkat(r0, &(0x7f00000002c0)='./file1\x00', r1, &(0x7f0000000440)='./file0\x00', 0x0) lchown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f00000004c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f0000000180)='./bus\x00', &(0x7f0000000100), 0x0, &(0x7f0000000000)={[{@xino_auto}, {@lowerdir={'lowerdir', 0x3d, './file1'}, 0x3a}], [], 0x2f}) 9.695677466s ago: executing program 3 (id=1590): r0 = syz_open_dev$dri(&(0x7f00000005c0), 0x2, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f00000002c0)={0x0, 0x0, 0x0, &(0x7f0000000280)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETENCODER(r0, 0xc01464a6, &(0x7f0000000fc0)={r1, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_GETGAMMA(r0, 0xc02064a4, &(0x7f0000000300)={r2, 0x1, &(0x7f0000000080)=[0x0], 0x0, 0x0}) connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socket$nl_sock_diag(0x10, 0x3, 0x4) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$OSF_MSG_ADD(r3, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000080)={&(0x7f0000001c00)=ANY=[@ANYBLOB="60100000000505000000000000000000040000075402010001000000070000000d040500840f1b0073797a30000000000000000000000000000000000000000000000000000000009bf791b8c2f2607a53d5eaf14934472260e50d0648733d940c35e6bd90f19aa89ca2706e963f1ddea828e8c349c0ff3b89f730437c4941f9f33ad07f5f21c71ce801010002000000050000000700a10103000000050000000700070000000000100000000600e1e600000000584400000500050001000000a9360000f9ff080003000000090000000c00000001000000060000000200030003000000d2e4a41f00009b000000000008000000030005000000000001feffff0000d99900000000020000000600090002000000070000005e60070003000000700500000500020003000000020000000a0070bd00000000060000000101040003000000ffffffff040003000100000004000000faff0500020000000004000008005100030000000000000001010866020000007e050000603be99501000000000000000c00050001000000030000000b00080002000000060000000400080003000000050000000500070001000000001000000900000000000000000000000000ffff01000000018000000200000000000000060000000500000800000000018000000700010001000000ff000000fdff070000000000d5760000ff0f030000000000040000000900018001000000040000000c05fdff02000000080000000500001802000000070000000300fbff030000000d00000008000800030000000200000005000100010000000300000006000200000000000100000003007f000300000007000000540201000200000000000000e70200000900190073797a3100000000000000000000000000000000000000000000000000000000ffe43ef42564db2084dadfd6bc319710d4deae4591ff25cab50aa8ff248e2ebac667fa73e5c6be716f1051780873674bb1e5ced5ea41c3e40d8a69764a9696bfff03010002000000c0ffffff03000700020000000f0000008500ff010300000002000000100008000200000008000000010481000000000000020000050007000300000000000000298b020003000000010000000500080000000000010000000200feff0100000007000000ffffff0f00000000020000000100060003000000f8ffffff0100060700000000070000000200ffff0300000008000000040000c001000000080000009b0c01010100000002000000d30a07000100000003000000070007000100000007000000ff07feff030000000900000005005ba10300000008000000030004000300000001000080000209000200000001000000aaf5080003000000c000000002000600020000000700000003000800020000005e090000000000000100000002000000280009000000000007000000060005000300000006000000ebd905000200000005000000000000000300000008000000ffff712600000000ff7f000000805785030000000a000000ff0009000000000004000000ff7f08000300000001feffffbbd9090003000000090000000500060002000000010400000600100003000000b3000000f4ff07000200000003000000040001000200000000feffff0300070000000000ffff34770000ff010100000025000000540201000100000005000000ac4009000200240073797a3000000000000000000000000000000000000000000000000000000000de8831e89541a0f75ab03e25fe9d73ac27c4071d8165e209a6b0a6db76613f48a184c9fd95d27d6bc6c2909dc6ae8e09ee0e29e5933aa19533c6d13b6a10109105001e0000000000ffff0000050040000200000007000000090000010200000007000000000005000100000084ffffff090003000100000000010000020002000000000007000000f9ff06000200000000020000090002000300000000feffff0b000400020000007f00000004000000000000000b00070002000000001000000900030002000000b00f00000300060001000000020000000080ff0f000000000f000000010001000100000003000000000007000100000009000000070009000200000001000000f6ff090001000000000090001000000003000000ffff00000700020003000000ff0f00000900060003000000010000000500060003000000000100000300080000000000000000000100030002000000000000081bec1301010000007af40000f7ffff7f0000000005000000070006000200000002000000020008000200000001000000020009000100000001000000fcff0800030000000300000005000300010000000200000007000400020000003100000008000040000000000700000002000100020000000000008000ca0000000000000000000000000300000000000700000002000300030000000b000000020081000300000000000100ffffff070000000005000000010001000200000005000000540201000200000008000000ff6b9c54ff3b200073797a3100000000000000000000000000000000000000000000000000000000f9c9c01a484962e7b918158564c7c4f7083f766da1865b3013d7a43aa7e19321d7a3dcde88d9b07c7cc5da6bcb479e032760dca441826158cbdbc4eb6b16c9760100800002000000040000000000090000000000030000000400ff000000000007000000000402000100000004000000f9ff06000100000003000000ff0306000000000006000000ff07ff070000000002000000040006000300000050f6c67b0d00ffff00000000040000000180000001000000000000800000ff0003000000fbffffff470d000103000000060000000000140002000000010000000500ffff0200000007000000020008000300000006000000000000040100000002000000ff7f04000300000007000000ffff080002000000040000000400307003000000800000000100a000030000000500000009000000010000000700000008000000f47325c80800000004008d7f020000000800000002000d0003000000ffffffff41047f0003000000010100000900080003000000ff0100000100070000000000070000000008f20e00000000645b00000600050003000000050000000700030001000000ff0f000002000f0001000000020000000800080000000000865d3069ff00040003000000bec900000300001001000000090000000100ff000300000005000000010400040300000004000000ff7f0800000000000000002000008000030000008f0000000300600001000000d2b08670030002000000000009000000540201000200000001000000860000000400060073797a300000000000000000000000000000000000000000000000000000000042e7ec7f0de26fa1afc2c0ea144d0bcca82f2e41fa29a28cd4c9892b542a0607415104fe559550bd481d919e1a1bfdea751abf196a1393f12f8c69f51d56f73401f002000100000000000000090008000100000003000000ab00060000000000ffffffff0900030000000000030000000900e5000100000092a8dc3b010400040100000001000000ff0f0000000000000700000006000b0002000000e7d800000700010002000000070000005500ff7f00000000040000000900020003000000000000000c005800000000000900000009000101010000000000000008000a0002000000ee460000000407000000000001800000ff0008000200000003000000050007000300000008000000d67e0000020000000400000000005f000200000000000000fbff82000200000010000000ea00b358020000004d0c0000090009000200000002000000feff040003000000a77700001607950002000000000400000400feff03000000ff000000ff7f110801000000000800000400d50000000000ffff00000b000100010000000400000007000200020000000b0000000600040002000000050000000400ffff03000000018000000900bf000100000007000000ff7f070001000000256200000200e10700000000010001000400950a03000000050000004000060001000000008000000002000000000000f50300006f0019530000000005000000314903000300000000000000080003000300000006000000540201000200000005000000100000000001260073797a3100000000000000000000000000000000000000000000000000000000a3f7a1d25fad8d3f522181c169daa9184aafb76eba7f65039927779a00002ba2ada4070c0adf8f834e3d3d621f598c03f282bee73a4781ff6e5f2f31640c44040500090000000000ff00000002000500000000000500000040000600010000000900000005000002000000000400000008000000000000000000000005000c0003000000050000000300000001000000080000000100ce0000000000080000000a000600020000000500000002000100030000000400000003000180010000000e0000000000040002000000000000000800ff0701000000fcffffff09000200010000000000000001000600020000000500000000800e0001000000020000000a00080002000000010000000000cbf803000000100000000100000002000000120300000800ff7f0000000009000000ff077f00000000006ee7c935060000000300000080000000ff0307000300000003000000020008000200000001000000040003000100000008000000ffff02000100000001040000ff0ffdff00000000010000000400090002000000010000000d00080003000000008000004000050002000000020000005861008001000000060000000d00b228000000000100000003006c0e020000000900000002000002020000000700000006004000020000004075000000000300000000000b000000ff0307000300000067030000079008000000000001000000050004000100000006000000001081730000000005010000540201000200000081000000073e03000100140073797a3000000000000000000000000000000000000000000000000000000000955e03666e41f1f8cb31e42cb3a7bf6ffe786afccf9619d7c721d2ad256777011642889d6f969fa7175df00ffbb5183dba556c671868ec7053cf9913169ec3c10900080000000000030000000000050003000000010000000700080401000000050000000200020001000000c700000052e2010001000000070000007f00ff000100000001f0ffff060006000100000001000000ff008e0000000000000001008c0001000200000000000000080005000000000003000000d0b10400000000000700000009003f360000000045000000018003000000050000000400040001000000080000000900050001000000080000000009960c0300000004000000100002000200000000100000bde80000020000000200000004000000000000000300000000010300030000000100000006000200030000000700000006000100010000001cb00e6906005100010000009a0000000100ff03010000000c00000007000008010000000300000009000600030000007e000000030001010200000008000000020080000200000008000000050000040000000054000000080007000300000007000000ff000100000000000100000005004d00000000000200000000000000000000008e0500000500050000000000070000000000060000000000dedf0000060004000300000005000000df230800030000000100000007000900f46cab6004000000c30017f2000000000c0000000700ff010200000001010000ddbfb726ee90a3"], 0x1060}, 0x1, 0x0, 0x0, 0x20000000}, 0x40004) r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8b07, &(0x7f0000000000)={'wlan1\x00', 0x0}) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000900)=ANY=[@ANYBLOB="c000000001010101"], 0xc0}}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) ptrace$setregset(0x4205, 0xffffffffffffffff, 0x4, &(0x7f0000000400)={0x0}) r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r7, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYRESDEC=r5], &(0x7f0000000000)='syzkaller\x00', 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r10}, 0x10) r11 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r11, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)={0x20, 0x10, 0x701, 0x0, 0x0, {0xa}, [@typed={0xc, 0x2, 0x0, 0x0, @str='nl80211\x00'}]}, 0x20}}, 0x0) recvmmsg(r11, &(0x7f0000000a40)=[{{0x0, 0x0, &(0x7f0000000800)=[{&(0x7f0000000100)=""/210, 0xd2}, {&(0x7f0000000400)=""/203, 0xcb}, {&(0x7f0000000200)=""/7, 0x7}, {&(0x7f0000000280)=""/118, 0x76}], 0x4}}], 0x1, 0x0, 0x0) r12 = socket$inet6(0xa, 0x3, 0x2) getsockname(r12, &(0x7f0000000380)=@xdp={0x2c, 0x0, 0x0}, &(0x7f0000000c80)=0xff76) r14 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r14, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)=ANY=[@ANYBLOB="480000001000810500"/20, @ANYRES32=r13, @ANYBLOB="0000000000000000280012800a00010063616e"], 0x48}}, 0x0) ioctl$KVM_SET_IRQCHIP(r9, 0xc048aec8, &(0x7f0000000080)={0x0, 0x0, @ioapic}) socketpair$unix(0x1, 0x0, 0x0, 0x0) 6.925946259s ago: executing program 3 (id=1600): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r0}, 0x10) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00001f0000), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xd) io_setup(0x5, &(0x7f0000000200)=0x0) io_submit(r2, 0x1, &(0x7f0000000780)=[&(0x7f0000000100)={0x1008, 0x0, 0x0, 0x0, 0x0, r1, 0x0}]) 3.504099319s ago: executing program 0 (id=1606): ioctl$F2FS_IOC_DEFRAGMENT(0xffffffffffffffff, 0xc010f508, &(0x7f0000000000)={0xa00000000000, 0x6}) r0 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x40002, 0x31) pidfd_send_signal(r0, 0x37, &(0x7f0000000080)={0x3d, 0x0, 0x7}, 0x0) ioctl$UI_DEV_CREATE(r0, 0x5501) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000240)={&(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000001c0)=[0x0], &(0x7f0000000200)=[0x0], 0x7, 0x5, 0x1, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f0000000280)={&(0x7f0000000100)=[0x0], 0x1, r2}) ioctl$DRM_IOCTL_MODE_CURSOR2(r0, 0xc02464bb, &(0x7f0000000300)={0x3, r3, 0x7fff, 0x1, 0x6, 0x3, 0x2, 0x5, 0x9}) r5 = openat$rtc(0xffffff9c, &(0x7f0000000340), 0x220002, 0x0) syslog(0x1, &(0x7f0000000380)=""/212, 0xd4) syslog(0x2, 0x0, 0x0) r6 = openat$sw_sync_info(0xffffff9c, &(0x7f0000000480), 0x20081, 0x0) ioctl$VIDIOC_SUBDEV_G_EDID(r6, 0xc0245628, &(0x7f0000000500)={0x0, 0xffffff01, 0xff, '\x00', &(0x7f00000004c0)=0xf7}) openat$cgroup(r0, &(0x7f0000000540)='syz1\x00', 0x200002, 0x0) timerfd_settime(0xffffffffffffffff, 0x1, &(0x7f0000000580)={{}, {0x0, 0x3938700}}, &(0x7f00000005c0)) ioctl$SNDCTL_DSP_GETIPTR(r6, 0x800c5011, &(0x7f0000000600)) syslog(0x3, &(0x7f0000000640)=""/254, 0xfe) syslog(0x2, &(0x7f0000000740)=""/151, 0x97) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000900)={&(0x7f0000000800)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000840)=[0x0, 0x0, 0x0], &(0x7f0000000880)=[0x0, 0x0], &(0x7f00000008c0)=[0x0, 0x0, 0x0, 0x0], 0x4, 0x3, 0x2, 0x4}) ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f0000000980)={&(0x7f0000000940)=[r7, 0x0, r4], 0x3, r2, r1, 0x4, 0xb9c, 0x6, 0x8, {0x2, 0x7, 0x6, 0xfffc, 0x7, 0xb, 0xd, 0x5, 0xab9, 0x5, 0x7f, 0x9, 0x5, 0x4, "dc3ba4865994579b20ab087ab8a8f36fe535ff26bcc9386ccf2bec9ef08c186d"}}) r8 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000a00), r8) close_range(r5, r6, 0x0) syslog(0xa, &(0x7f0000000a40)=""/245, 0xf5) syslog(0x2, &(0x7f0000000b40)=""/10, 0xa) syslog(0x9, &(0x7f0000000b80)=""/73, 0x49) add_key$keyring(&(0x7f0000000c00), &(0x7f0000000c40)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffc) add_key$keyring(&(0x7f0000000c80), &(0x7f0000000cc0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffff8) add_key$keyring(&(0x7f0000000d00), &(0x7f0000000d40)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd) socket$netlink(0x10, 0x3, 0x0) 3.309983332s ago: executing program 0 (id=1607): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) syz_socket_connect_nvme_tcp() socket$kcm(0x10, 0x3, 0x10) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = getpid() process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0xb) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f00000006c0)=ANY=[@ANYRES32=r1, @ANYBLOB], 0x0, 0x9}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000004c0)={r3, 0xf, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r4 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r4, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4) setsockopt$packet_rx_ring(r4, 0x107, 0x5, &(0x7f0000000040)=@req={0x0, 0x6, 0xffa0468}, 0x10) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000007000000890704e06800000011"], 0x68}, 0x0) r5 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) bind$bt_hci(r5, &(0x7f0000000000)={0x27}, 0x74) sendmmsg$unix(r5, &(0x7f0000006380)=[{{&(0x7f00000000c0)=@file={0x0, './file0\x00'}, 0x6e, 0x0}}, {{0x0, 0x0, &(0x7f00000001c0)}}], 0x2, 0x0) socketpair(0x6, 0x1, 0x81, &(0x7f0000001c40)) r6 = bpf$ITER_CREATE(0x21, &(0x7f0000001c80), 0x8) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r7, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="240000001000010700000000000000000a000000060001001800000008000a00f24c0f01d31b6b457efdbc207fe6a670e0612a9aba32f029ab4a0cae1c178924e703fa9b0f13", @ANYRESDEC=r6, @ANYRESOCT=r6], 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x24000815) accept4$packet(0xffffffffffffffff, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000380)=0x14, 0x40400) r8 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r8, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1d, 0xb, &(0x7f0000000800)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002d2070250000000000f1040d2b971961201af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b70300000000000085005ba657858490333e00945900007300800095e80c445d55e1268b18ae8e22e320857976e57023df16cd1ef9e9e624098b26013792d761c53bbcd4851d784408f654f20fce69032817baa6848446f07562f8cf5a89f91c1f15778ba8064a19550a86db1fb713f654842f7d351ef7d3b1b8e31932257ced5f61aba81a12974fcef150bce0baa3d39066c857a6b7f58169c84d5351f51b27c5e77ed317103218b6884d604b33d61b11746aedb66a822190cdcc3e7f"], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x90) r9 = socket(0x1e, 0x1, 0x0) connect$tipc(r9, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}, 0x101d0}}, 0x10) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) 2.526387011s ago: executing program 0 (id=1608): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x90) r1 = io_uring_setup(0x4cfa, &(0x7f0000000040)) io_uring_register$IORING_UNREGISTER_RING_FDS(r1, 0x16, &(0x7f00000008c0)=[{0x0, 0x0, 0x0, 0x0, 0x0}], 0x1) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10) bpf$ENABLE_STATS(0x20, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = getpid() process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r3 = open(0x0, 0x0, 0x146) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x7800007, 0x12, r3, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) sendmsg$NL80211_CMD_GET_KEY(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x4020801) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0) mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(&(0x7f0000000480)=@nullb, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000040)='squashfs\x00', 0x8200, 0x0) dup(0xffffffffffffffff) ioctl$TCSETS(r4, 0x5402, &(0x7f0000000340)={0x0, 0x0, 0x0, 0xffffffbf, 0x0, "9931f1000025c9c3a91efe14dc853fcbacd591"}) syz_open_procfs(0x0, &(0x7f0000001080)='smaps_rollup\x00') openat$vcsa(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) r6 = dup(r5) write$UHID_INPUT(r6, &(0x7f0000001980)={0xf, {"a2e3ad214fc752f91b2909094bf70e0dd038e7ff7fc6e5539b3267078b089b34083b681a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b313b0d076d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e924afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006) r7 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f0000000500)=@filter={'filter\x00', 0x4, 0x4, 0x13e0, 0xffffffff, 0x154, 0x124c, 0x154, 0xfeffffff, 0xffffffff, 0x1318, 0x1318, 0x1318, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x2f2, 0x130, 0x154, 0x0, {}, [@common=@srh1={{0x8c}, {0x0, 0x0, 0x0, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, @private2, @mcast2}}]}, @REJECT={0x24}}, {{@uncond, 0x0, 0x10d4, 0x10f8, 0x0, {}, [@common=@unspec=@cgroup1={{0x1030}, {0x1, 0x0, 0x0, 0x0, './cgroup/syz0\x00'}}]}, @REJECT={0x24}}, {{@uncond, 0x0, 0xa4, 0xcc}, @common=@unspec=@NFQUEUE2={0x28}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x143c) fsopen(&(0x7f0000000280)='ceph\x00', 0x0) 1.321501953s ago: executing program 0 (id=1609): openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) r0 = openat$pfkey(0xffffff9c, &(0x7f0000000000), 0x50500, 0x0) read$FUSE(0xffffffffffffffff, &(0x7f0000000580)={0x2020}, 0x2020) syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff) socket$nl_route(0x10, 0x3, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = getpid() process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000000)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x0) unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x200) r3 = inotify_init1(0x0) fcntl$setown(r3, 0x8, 0xffffffffffffffff) fcntl$getownex(r3, 0x10, &(0x7f0000000380)={0x0, 0x0}) setpgid(0x0, r4) mount$9p_xen(0x0, &(0x7f0000000100)='./file1\x00', 0x0, 0x0, 0x0) creat(&(0x7f0000000480)='./bus\x00', 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0) r5 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x2, 0x0) r6 = open(&(0x7f00000002c0)='./bus\x00', 0x42202, 0x0) splice(r5, 0x0, r6, 0x0, 0x114, 0x0) r7 = open$dir(&(0x7f0000000080)='./file0\x00', 0x481, 0x7) vmsplice(r7, &(0x7f0000000240), 0x0, 0x0) 87.060434ms ago: executing program 0 (id=1610): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x208}, 0x48) bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x0, @any, 0x0, 0x1}, 0xe) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000080), 0xfefc) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000004, 0x10012, r0, 0x0) setsockopt$bt_BT_DEFER_SETUP(0xffffffffffffffff, 0x112, 0xf, &(0x7f0000000080)=0x4, 0x4) 0s ago: executing program 0 (id=1611): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_ADD_VIF(r0, 0x0, 0xca, &(0x7f00000000c0)={0x8, 0xffffffffffffffff, 0x0, 0x23, @vifc_lcl_addr=@private=0xa010102, @multicast1=0xe0000300}, 0x10) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@bloom_filter={0x1e, 0x1, 0x2, 0x2, 0x1901, 0x1, 0x1adf, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x3, 0x2, 0x3}, 0x48) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) socket$nl_audit(0x10, 0x3, 0x9) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000080)={'\x00', 0x52d35ce30131f272}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x324) r3 = socket$nl_route(0x10, 0x3, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000c80)={'lo\x00'}) sendmsg$nl_route_sched(r3, &(0x7f0000001200)={0x0, 0x0, 0x0}, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) mlock(&(0x7f0000c00000/0x400000)=nil, 0x400000) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) r4 = userfaultfd(0x1) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000000040)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) ioctl$UFFDIO_WRITEPROTECT(r4, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000800000/0x800000)=nil, 0x802000}, 0x2}) ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000400)={&(0x7f0000b36000/0x12000)=nil, &(0x7f0000841000/0x4000)=nil, 0x12000}) r5 = fcntl$dupfd(r4, 0x0, r4) ioctl$UFFDIO_CONTINUE(r5, 0xc018aa06, &(0x7f00000000c0)={{&(0x7f0000800000/0x800000)=nil, 0x800000}, 0x1}) syz_io_uring_setup(0x6866, &(0x7f00000003c0)={0x0, 0x0, 0x400, 0x0, 0x14}, &(0x7f0000000100), &(0x7f0000000140)) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) syz_open_procfs$userns(0x0, &(0x7f00000002c0)) kernel console output (not intermixed with test programs): uct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=syz2,mems_allowed=0-1 [ 406.428433][T10634] CPU: 3 UID: 0 PID: 10634 Comm: syz.2.1328 Not tainted 6.11.0-rc3-syzkaller-00315-ge0fac5fc8b76 #0 [ 406.432745][T10634] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 406.437384][T10634] Call Trace: [ 406.439118][T10634] [ 406.440494][T10634] dump_stack_lvl+0x16c/0x1f0 [ 406.442476][T10634] warn_alloc+0x24d/0x3a0 [ 406.444310][T10634] ? __pfx_warn_alloc+0x10/0x10 [ 406.446353][T10634] ? fs_reclaim_acquire+0xae/0x160 [ 406.448492][T10634] ? trace_kmalloc+0x2d/0xe0 [ 406.450410][T10634] ? __kasan_kmalloc+0x8a/0xb0 [ 406.452569][T10634] ? __get_vm_area_node+0x1bc/0x2d0 [ 406.454724][T10634] __vmalloc_node_range_noprof+0xc1e/0x1520 [ 406.457356][T10634] ? mark_lock+0xb5/0xc60 [ 406.459518][T10634] ? __pfx_mark_lock+0x10/0x10 [ 406.462038][T10634] ? bpf_prog_alloc_no_stats+0x54/0x5e0 [ 406.465218][T10634] ? mark_lock+0xb5/0xc60 [ 406.467169][T10634] ? aa_get_newest_label+0x376/0x680 [ 406.469260][T10634] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 406.471889][T10634] ? __pfx_aa_get_newest_label+0x10/0x10 [ 406.474238][T10634] ? mark_lock+0xb5/0xc60 [ 406.476012][T10634] ? bpf_prog_alloc_no_stats+0x54/0x5e0 [ 406.478141][T10634] __vmalloc_noprof+0x6d/0x90 [ 406.496167][T10634] ? bpf_prog_alloc_no_stats+0x54/0x5e0 [ 406.498597][T10634] bpf_prog_alloc_no_stats+0x54/0x5e0 [ 406.500733][T10634] bpf_prog_alloc+0x3b/0x240 [ 406.502356][T10634] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 406.504902][T10634] bpf_prog_load+0x1b4e/0x2670 [ 406.506966][T10634] ? hlock_class+0x4e/0x130 [ 406.508922][T10634] ? __pfx_bpf_prog_load+0x10/0x10 [ 406.510939][T10634] ? find_held_lock+0x2d/0x110 [ 406.525143][T10634] ? security_bpf+0x8c/0xc0 [ 406.527247][T10634] __sys_bpf+0x9e0/0x55e0 [ 406.528955][T10634] ? __pfx___sys_bpf+0x10/0x10 [ 406.530978][T10634] ? ksys_write+0x12f/0x260 [ 406.533039][T10634] ? find_held_lock+0x2d/0x110 [ 406.535203][T10634] ? ksys_write+0x21c/0x260 [ 406.537264][T10634] ? __pfx_lock_release+0x10/0x10 [ 406.539319][T10634] ? vfs_write+0x14d/0x1140 [ 406.541331][T10634] ? __mutex_unlock_slowpath+0x164/0x650 [ 406.543803][T10634] ? fput+0x32/0x390 [ 406.545567][T10634] ? ksys_write+0x1ab/0x260 [ 406.547471][T10634] ? __pfx_ksys_write+0x10/0x10 [ 406.549587][T10634] __ia32_sys_bpf+0x76/0xe0 [ 406.551598][T10634] __do_fast_syscall_32+0x73/0x120 [ 406.553841][T10634] do_fast_syscall_32+0x32/0x80 [ 406.555968][T10634] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 406.558253][T10634] RIP: 0023:0xf7f80579 [ 406.559635][T10634] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 406.567601][T10634] RSP: 002b:00000000f572656c EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 406.570988][T10634] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200006c0 [ 406.574409][T10634] RDX: 0000000000000090 RSI: 0000000000000000 RDI: 0000000000000000 [ 406.577446][T10634] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 406.580405][T10634] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 406.583927][T10634] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 406.587166][T10634] [ 406.596556][T10634] Mem-Info: [ 406.599219][T10634] active_anon:6365 inactive_anon:124 isolated_anon:0 [ 406.599219][T10634] active_file:7988 inactive_file:36663 isolated_file:0 [ 406.599219][T10634] unevictable:787 dirty:220 writeback:0 [ 406.599219][T10634] slab_reclaimable:4976 slab_unreclaimable:62024 [ 406.599219][T10634] mapped:33097 shmem:829 pagetables:739 [ 406.599219][T10634] sec_pagetables:330 bounce:0 [ 406.599219][T10634] kernel_misc_reclaimable:0 [ 406.599219][T10634] free:68546 free_pcp:6025 free_cma:0 [ 406.625072][T10634] Node 0 active_anon:4kB inactive_anon:48kB active_file:20kB inactive_file:0kB unevictable:1612kB isolated(anon):0kB isolated(file):0kB mapped:10660kB dirty:16kB writeback:0kB shmem:1572kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10536kB pagetables:1828kB sec_pagetables:1260kB all_unreclaimable? no [ 406.638053][T10634] Node 1 active_anon:21964kB inactive_anon:112kB active_file:31932kB inactive_file:146652kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:121728kB dirty:864kB writeback:0kB shmem:1744kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:1288kB pagetables:1128kB sec_pagetables:60kB all_unreclaimable? no [ 406.650736][T10634] Node 0 DMA free:944kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:28kB writepending:0kB present:15992kB managed:15360kB mlocked:28kB bounce:0kB free_pcp:300kB local_pcp:72kB free_cma:0kB [ 406.662267][T10634] lowmem_reserve[]: 0 369 0 0 0 [ 406.664601][T10634] Node 0 DMA32 free:27152kB boost:0kB min:18816kB low:23520kB high:28224kB reserved_highatomic:4096KB active_anon:172kB inactive_anon:108kB active_file:20kB inactive_file:0kB unevictable:1584kB writepending:16kB present:1032192kB managed:405668kB mlocked:48kB bounce:0kB free_pcp:4400kB local_pcp:1984kB free_cma:0kB [ 406.677007][T10634] lowmem_reserve[]: 0 0 0 0 0 [ 406.678610][T10634] Node 1 DMA32 free:245712kB boost:0kB min:47052kB low:58812kB high:70572kB reserved_highatomic:0KB active_anon:17664kB inactive_anon:112kB active_file:31932kB inactive_file:146652kB unevictable:1536kB writepending:864kB present:1048436kB managed:946208kB mlocked:0kB bounce:0kB free_pcp:28212kB local_pcp:5972kB free_cma:0kB [ 406.690583][T10634] lowmem_reserve[]: 0 0 0 0 0 [ 406.692956][T10634] Node 0 DMA: 2*4kB (U) 3*8kB (U) 5*16kB (U) 27*32kB (U) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 976kB [ 406.698781][T10634] Node 0 DMA32: 308*4kB (UMEH) 69*8kB (UMEH) 21*16kB (UMEH) 50*32kB (UMEH) 44*64kB (UMEH) 20*128kB (MEH) 13*256kB (UME) 3*512kB (UMH) 1*1024kB (U) 0*2048kB 3*4096kB (UM) = 27272kB [ 406.708428][T10634] Node 1 DMA32: 1*4kB (M) 72*8kB (UM) 564*16kB (UM) 303*32kB (UME) 312*64kB (UME) 71*128kB (UME) 38*256kB (UME) 16*512kB (UME) 15*1024kB (UME) 6*2048kB (ME) 37*4096kB (M) = 245476kB [ 406.716681][T10634] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 406.721052][T10634] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 406.726956][T10634] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 406.732365][T10634] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 406.736282][T10634] 46322 total pagecache pages [ 406.738440][T10634] 824 pages in swap cache [ 406.740383][T10634] Free swap = 106144kB [ 406.745588][T10634] Total swap = 124996kB [ 406.747423][T10634] 524155 pages RAM [ 406.771335][T10634] 0 pages HighMem/MovableOnly [ 406.773527][T10634] 182346 pages reserved [ 406.775252][T10634] 0 pages cma reserved [ 407.282066][T10658] xt_cgroup: invalid path, errno=-2 [ 408.238547][ T30] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 408.242529][ T30] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 408.254534][ T30] hid-generic 0000:0000:0000.0006: hidraw1: HID v0.00 Device [syz0] on syz1 [ 409.675934][ T5349] Bluetooth: hci6: Received unexpected HCI Event 0x00 [ 410.267274][T10741] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1349'. [ 410.570166][T10750] FAULT_INJECTION: forcing a failure. [ 410.570166][T10750] name failslab, interval 1, probability 0, space 0, times 0 [ 410.576339][T10750] CPU: 3 UID: 0 PID: 10750 Comm: syz.1.1352 Not tainted 6.11.0-rc3-syzkaller-00315-ge0fac5fc8b76 #0 [ 410.581267][T10750] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 410.585919][T10750] Call Trace: [ 410.587703][T10750] [ 410.589032][T10750] dump_stack_lvl+0x16c/0x1f0 [ 410.591111][T10750] should_fail_ex+0x497/0x5b0 [ 410.593179][T10750] should_failslab+0xc2/0x120 [ 410.595231][T10750] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 410.597926][T10750] ? skb_clone+0x190/0x3f0 [ 410.600478][T10750] skb_clone+0x190/0x3f0 [ 410.602270][T10750] netlink_deliver_tap+0xb26/0xcf0 [ 410.604467][T10750] netlink_unicast+0x5e1/0x7f0 [ 410.606616][T10750] ? __pfx_netlink_unicast+0x10/0x10 [ 410.609159][T10750] ? __phys_addr_symbol+0x30/0x80 [ 410.611453][T10750] ? __check_object_size+0x497/0x720 [ 410.614406][T10750] netlink_sendmsg+0x8b8/0xd70 [ 410.616636][T10750] ? __pfx_netlink_sendmsg+0x10/0x10 [ 410.619356][T10750] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 410.622037][T10750] ____sys_sendmsg+0x9b4/0xb50 [ 410.624336][T10750] ? __pfx_____sys_sendmsg+0x10/0x10 [ 410.627438][T10750] ? get_compat_msghdr+0x11b/0x170 [ 410.630157][T10750] ? __pfx___lock_acquire+0x10/0x10 [ 410.632933][T10750] ___sys_sendmsg+0x135/0x1e0 [ 410.636100][T10750] ? __pfx____sys_sendmsg+0x10/0x10 [ 410.639369][T10750] ? ksys_write+0x21c/0x260 [ 410.641457][T10750] ? __fget_light+0x173/0x210 [ 410.643575][T10750] __sys_sendmsg+0x117/0x1f0 [ 410.645679][T10750] ? __pfx___sys_sendmsg+0x10/0x10 [ 410.648056][T10750] __do_fast_syscall_32+0x73/0x120 [ 410.650552][T10750] do_fast_syscall_32+0x32/0x80 [ 410.652940][T10750] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 410.656001][T10750] RIP: 0023:0xf73ae579 [ 410.657859][T10750] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 410.666241][T10750] RSP: 002b:00000000f56b656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 410.669951][T10750] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000180 [ 410.673448][T10750] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 410.676978][T10750] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 410.680710][T10750] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 410.684619][T10750] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 410.688224][T10750] [ 410.950473][T10751] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1351'. [ 411.540853][ T5349] Bluetooth: hci3: command 0x0406 tx timeout [ 411.714713][ T5351] Bluetooth: hci2: Received unexpected HCI Event 0x00 [ 412.275036][T10776] xt_NFQUEUE: number of total queues is 0 [ 413.853021][T10802] input: syz0 as /devices/virtual/input/input56 [ 413.900041][ T5351] Bluetooth: hci3: Received unexpected HCI Event 0x00 [ 414.066809][T10806] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1364'. [ 414.170160][T10810] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1364'. [ 415.151483][T10835] xt_NFQUEUE: number of total queues is 0 [ 415.355288][T10833] FAULT_INJECTION: forcing a failure. [ 415.355288][T10833] name failslab, interval 1, probability 0, space 0, times 0 [ 415.366764][T10833] CPU: 1 UID: 0 PID: 10833 Comm: syz.1.1376 Not tainted 6.11.0-rc3-syzkaller-00315-ge0fac5fc8b76 #0 [ 415.371397][T10833] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 415.375906][T10833] Call Trace: [ 415.377388][T10833] [ 415.378662][T10833] dump_stack_lvl+0x16c/0x1f0 [ 415.380726][T10833] should_fail_ex+0x497/0x5b0 [ 415.382753][T10833] ? fs_reclaim_acquire+0xae/0x160 [ 415.384961][T10833] should_failslab+0xc2/0x120 [ 415.386979][T10833] kmem_cache_alloc_node_noprof+0x71/0x310 [ 415.389477][T10833] ? alloc_vmap_area+0x636/0x2a70 [ 415.391643][T10833] alloc_vmap_area+0x636/0x2a70 [ 415.393734][T10833] ? __pfx_alloc_vmap_area+0x10/0x10 [ 415.395997][T10833] __get_vm_area_node+0x17e/0x2d0 [ 415.398155][T10833] ? do_fast_syscall_32+0x32/0x80 [ 415.400330][T10833] __vmalloc_node_range_noprof+0x276/0x1520 [ 415.402831][T10833] ? xskq_create+0xfb/0x1d0 [ 415.404788][T10833] ? xskq_create+0xfb/0x1d0 [ 415.406737][T10833] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 415.409425][T10833] ? xskq_create+0xfb/0x1d0 [ 415.411261][T10833] vmalloc_user_noprof+0x6b/0x90 [ 415.413116][T10833] ? xskq_create+0xfb/0x1d0 [ 415.414832][T10833] xskq_create+0xfb/0x1d0 [ 415.416766][T10833] xsk_setsockopt+0x869/0xac0 [ 415.418784][T10833] ? aa_sk_perm+0x2f5/0xb20 [ 415.420759][T10833] ? __pfx_xsk_setsockopt+0x10/0x10 [ 415.422979][T10833] ? __pfx_aa_sk_perm+0x10/0x10 [ 415.425229][T10833] ? bpf_lsm_socket_setsockopt+0x9/0x10 [ 415.427588][T10833] ? __pfx_xsk_setsockopt+0x10/0x10 [ 415.429846][T10833] do_sock_setsockopt+0x222/0x480 [ 415.432044][T10833] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 415.434426][T10833] ? __fget_light+0x173/0x210 [ 415.436456][T10833] __sys_setsockopt+0x1a4/0x270 [ 415.438530][T10833] ? __pfx___sys_setsockopt+0x10/0x10 [ 415.440917][T10833] ? fput+0x32/0x390 [ 415.442599][T10833] ? ksys_write+0x1ab/0x260 [ 415.444540][T10833] ? __pfx_ksys_write+0x10/0x10 [ 415.446613][T10833] __ia32_sys_setsockopt+0xbc/0x160 [ 415.448862][T10833] ? lockdep_hardirqs_on+0x7c/0x110 [ 415.451076][T10833] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 415.454025][T10833] __do_fast_syscall_32+0x73/0x120 [ 415.456135][T10833] do_fast_syscall_32+0x32/0x80 [ 415.458248][T10833] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 415.460961][T10833] RIP: 0023:0xf73ae579 [ 415.462700][T10833] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 415.470170][T10833] RSP: 002b:00000000f569556c EFLAGS: 00000296 ORIG_RAX: 000000000000016e [ 415.473606][T10833] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000000011b [ 415.476834][T10833] RDX: 0000000000000005 RSI: 0000000020000100 RDI: 0000000000000004 [ 415.480161][T10833] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 415.483525][T10833] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 415.486848][T10833] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 415.490184][T10833] [ 416.151297][ T5351] Bluetooth: hci3: Received unexpected HCI Event 0x00 [ 416.269326][T10847] EXT4-fs (sda1): resizing filesystem from 262144 to 262144 blocks [ 416.374418][T10850] ntfs3: nullb0: Primary boot signature is not NTFS. [ 416.378572][T10850] ntfs3: nullb0: try to read out of volume at offset 0x3e7ffffe00 [ 416.542110][T10857] input: syz0 as /devices/virtual/input/input58 [ 416.570867][ T1167] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 416.699076][T10860] input: syz0 as /devices/virtual/input/input59 [ 416.752604][ T1167] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 416.891684][ T1167] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 417.015764][ T1167] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 417.204325][ T5349] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 417.231259][ T5349] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 417.241583][ T5349] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 417.260450][ T5349] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 417.271047][ T5349] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 417.275871][ T5349] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 417.340399][ T1167] bridge_slave_1: left allmulticast mode [ 417.353847][ T1167] bridge_slave_1: left promiscuous mode [ 417.356553][ T1167] bridge0: port 2(bridge_slave_1) entered disabled state [ 417.362990][ T1167] bridge_slave_0: left allmulticast mode [ 417.365475][ T1167] bridge_slave_0: left promiscuous mode [ 417.367996][ T1167] bridge0: port 1(bridge_slave_0) entered disabled state [ 417.455727][ T832] usb 7-1: new high-speed USB device number 12 using dummy_hcd [ 417.699933][ T832] usb 7-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 417.708181][ T832] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 417.719893][ T832] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 417.726287][ T832] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 417.745002][ T832] usb 7-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 417.748981][ T832] usb 7-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 417.753311][ T832] usb 7-1: Manufacturer: syz [ 417.767110][ T832] usb 7-1: config 0 descriptor?? [ 417.885193][T10877] overlay: ./file0 is not a directory [ 417.919762][T10877] overlayfs: failed to resolve './file0': -2 [ 417.978604][T10877] FAULT_INJECTION: forcing a failure. [ 417.978604][T10877] name failslab, interval 1, probability 0, space 0, times 0 [ 417.989203][T10877] CPU: 0 UID: 0 PID: 10877 Comm: syz.0.1393 Not tainted 6.11.0-rc3-syzkaller-00315-ge0fac5fc8b76 #0 [ 417.993557][T10877] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 417.997800][T10877] Call Trace: [ 417.999362][T10877] [ 418.000853][T10877] dump_stack_lvl+0x16c/0x1f0 [ 418.003042][T10877] should_fail_ex+0x497/0x5b0 [ 418.005256][T10877] ? fs_reclaim_acquire+0xae/0x160 [ 418.007609][T10877] should_failslab+0xc2/0x120 [ 418.009868][T10877] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 418.012330][T10877] ? p9_tag_alloc+0x9c/0x870 [ 418.014263][T10877] p9_tag_alloc+0x9c/0x870 [ 418.016171][T10877] ? __pfx_p9_tag_alloc+0x10/0x10 [ 418.018422][T10877] ? __lock_acquire+0x1620/0x3cb0 [ 418.021042][T10877] p9_client_prepare_req+0x19f/0x4d0 [ 418.023444][T10877] ? __pfx_p9_client_prepare_req+0x10/0x10 [ 418.025743][T10877] ? hlock_class+0x4e/0x130 [ 418.027609][T10877] ? mark_lock+0xb5/0xc60 [ 418.029403][T10877] ? __pfx___lock_acquire+0x10/0x10 [ 418.032068][T10877] p9_client_rpc+0x1c3/0xc10 [ 418.034725][T10877] ? __pfx_p9_client_rpc+0x10/0x10 [ 418.036832][T10877] ? find_held_lock+0x2d/0x110 [ 418.039043][T10877] ? p9_fid_create+0x26a/0x470 [ 418.041219][T10877] ? __pfx_lock_release+0x10/0x10 [ 418.043738][T10877] ? mark_held_locks+0x9f/0xe0 [ 418.046108][T10877] ? trace_9p_fid_ref+0x174/0x1f0 [ 418.049186][T10877] p9_client_walk+0x1ad/0x540 [ 418.051921][T10877] ? __pfx_p9_client_walk+0x10/0x10 [ 418.054294][T10877] ? v9fs_fid_lookup+0xe9/0xec0 [ 418.056750][T10877] v9fs_vfs_lookup+0x208/0x520 [ 418.059097][T10877] ? __pfx_v9fs_vfs_lookup+0x10/0x10 [ 418.061757][T10877] ? do_raw_spin_unlock+0x172/0x230 [ 418.065274][T10877] ? _raw_spin_unlock+0x28/0x50 [ 418.068382][T10877] lookup_one_qstr_excl+0x11d/0x190 [ 418.071566][T10877] ? mnt_want_write+0x161/0x450 [ 418.074534][T10877] do_renameat2+0x5ae/0xdc0 [ 418.077317][T10877] ? __pfx_do_renameat2+0x10/0x10 [ 418.079601][T10877] ? __virt_addr_valid+0x5e/0x590 [ 418.081995][T10877] ? __phys_addr_symbol+0x30/0x80 [ 418.084378][T10877] ? getname_flags.part.0+0x1c5/0x550 [ 418.087021][T10877] __ia32_sys_rename+0x7c/0xa0 [ 418.089802][T10877] __do_fast_syscall_32+0x73/0x120 [ 418.092905][T10877] do_fast_syscall_32+0x32/0x80 [ 418.095381][T10877] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 418.098640][T10877] RIP: 0023:0xf741e579 [ 418.101092][T10877] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 418.112662][T10877] RSP: 002b:00000000f572656c EFLAGS: 00000296 ORIG_RAX: 0000000000000026 [ 418.117395][T10877] RAX: ffffffffffffffda RBX: 00000000200001c0 RCX: 0000000020000280 [ 418.122415][T10877] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 418.126771][T10877] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 418.130696][T10877] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 418.134243][T10877] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 418.137797][T10877] [ 418.189369][ T1167] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 418.198108][ T1167] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 418.205019][ T1167] bond0 (unregistering): Released all slaves [ 418.229446][ T832] appleir 0003:05AC:8243.0007: unknown main item tag 0x0 [ 418.244419][ T832] appleir 0003:05AC:8243.0007: No inputs registered, leaving [ 418.255434][ T832] appleir 0003:05AC:8243.0007: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0 [ 418.268814][T10870] ip6gretap0 speed is unknown, defaulting to 1000 [ 418.640815][ T5349] Bluetooth: hci6: Received unexpected HCI Event 0x00 [ 418.699435][T10870] chnl_net:caif_netlink_parms(): no params data found [ 418.738125][ T5386] usb 7-1: USB disconnect, device number 12 [ 419.032219][ T1167] hsr_slave_0: left promiscuous mode [ 419.035214][ T1167] hsr_slave_1: left promiscuous mode [ 419.039119][ T1167] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 419.043004][ T1167] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 419.050257][ T1167] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 419.054449][ T1167] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 419.101047][ T1167] veth1_macvtap: left promiscuous mode [ 419.103479][ T1167] veth0_macvtap: left promiscuous mode [ 419.105966][ T1167] veth1_vlan: left promiscuous mode [ 419.260839][ T2791] usb 5-1: new high-speed USB device number 24 using dummy_hcd [ 419.287437][T10915] input: syz0 as /devices/virtual/input/input60 [ 419.391076][ T5349] Bluetooth: hci1: command tx timeout [ 419.444174][ T2791] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 419.448183][ T2791] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 419.453322][ T2791] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 419.457354][ T2791] usb 5-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0xF7, changing to 0x87 [ 419.462609][ T2791] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 419.468214][ T2791] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 419.475471][ T2791] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 419.478375][ T2791] usb 5-1: Product: syz [ 419.480236][ T2791] usb 5-1: Manufacturer: syz [ 419.487548][ T2791] cdc_wdm 5-1:1.0: skipping garbage [ 419.497679][ T2791] cdc_wdm 5-1:1.0: skipping garbage [ 419.501316][ T2791] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device [ 419.504906][ T2791] cdc_wdm 5-1:1.0: Unknown control protocol [ 419.697428][ C1] wdm_int_callback: 153 callbacks suppressed [ 419.697446][ C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 419.702678][ C1] wdm_int_callback: 153 callbacks suppressed [ 419.702688][ C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 419.707553][ C1] cdc_wdm 5-1:1.0: wdm_int_callback - usb_submit_urb failed with result -1 [ 419.713579][ T5388] usb 5-1: USB disconnect, device number 24 [ 420.432570][ T1167] team0 (unregistering): Port device team_slave_1 removed [ 420.563054][ T39] audit: type=1326 audit(1723977740.369:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10918 comm="syz.1.1401" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ae579 code=0x7ffc0000 [ 420.579873][ T39] audit: type=1326 audit(1723977740.369:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10918 comm="syz.1.1401" exe="/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf73ae579 code=0x7ffc0000 [ 420.581186][ T1167] team0 (unregistering): Port device team_slave_0 removed [ 420.594387][ T39] audit: type=1326 audit(1723977740.369:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10918 comm="syz.1.1401" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ae579 code=0x7ffc0000 [ 420.603131][ T39] audit: type=1326 audit(1723977740.369:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10918 comm="syz.1.1401" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ae579 code=0x7ffc0000 [ 420.610612][ T39] audit: type=1326 audit(1723977740.369:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10918 comm="syz.1.1401" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf73ae579 code=0x7ffc0000 [ 420.619625][ T39] audit: type=1326 audit(1723977740.369:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10918 comm="syz.1.1401" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ae579 code=0x7ffc0000 [ 420.628102][ T39] audit: type=1326 audit(1723977740.379:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10918 comm="syz.1.1401" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ae579 code=0x7ffc0000 [ 420.638685][ T39] audit: type=1326 audit(1723977740.379:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10918 comm="syz.1.1401" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf73ae579 code=0x7ffc0000 [ 420.648449][ T39] audit: type=1326 audit(1723977740.379:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10918 comm="syz.1.1401" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ae579 code=0x7ffc0000 [ 420.658821][ T39] audit: type=1326 audit(1723977740.379:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10918 comm="syz.1.1401" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf73ae579 code=0x7ffc0000 [ 421.140933][ T984] usb 7-1: new high-speed USB device number 13 using dummy_hcd [ 421.165550][ T5349] Bluetooth: hci6: Received unexpected HCI Event 0x00 [ 421.346342][ T984] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 421.352795][ T984] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 421.362193][ T984] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 421.369332][ T984] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 421.393118][T10932] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 421.412741][ T984] usb 7-1: Quirk or no altset; falling back to MIDI 1.0 [ 421.471607][ T5349] Bluetooth: hci1: command tx timeout [ 421.612921][T10932] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 421.624667][T10932] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 422.054379][T10954] input: syz0 as /devices/virtual/input/input61 [ 422.072579][T10870] bridge0: port 1(bridge_slave_0) entered blocking state [ 422.081041][T10870] bridge0: port 1(bridge_slave_0) entered disabled state [ 422.084296][T10870] bridge_slave_0: entered allmulticast mode [ 422.122653][T10870] bridge_slave_0: entered promiscuous mode [ 422.128877][T10870] bridge0: port 2(bridge_slave_1) entered blocking state [ 422.141106][T10870] bridge0: port 2(bridge_slave_1) entered disabled state [ 422.144331][T10870] bridge_slave_1: entered allmulticast mode [ 422.148749][T10870] bridge_slave_1: entered promiscuous mode [ 422.166955][ T5388] usb 7-1: USB disconnect, device number 13 [ 422.327973][T10870] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 422.354779][T10870] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 422.533865][T10870] team0: Port device team_slave_0 added [ 422.541717][T10870] team0: Port device team_slave_1 added [ 422.599173][T10870] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 422.605148][T10870] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 422.615983][T10870] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 422.643064][T10870] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 422.646282][T10870] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 422.658639][T10870] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 422.762423][T10870] hsr_slave_0: entered promiscuous mode [ 422.773007][T10870] hsr_slave_1: entered promiscuous mode [ 422.795649][T10870] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 422.799186][T10870] Cannot create hsr debugfs directory [ 423.323355][ T5349] Bluetooth: Unknown BR/EDR signaling command 0x0c [ 423.326324][ T5349] Bluetooth: Wrong link type (-22) [ 423.329434][ T5349] Bluetooth: hci6: link tx timeout [ 423.334121][ T5349] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa [ 423.541095][ T5351] Bluetooth: hci1: command tx timeout [ 424.198007][T10870] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 424.213585][T10870] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 424.226627][T10870] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 424.234397][T10870] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 424.433616][T10870] 8021q: adding VLAN 0 to HW filter on device bond0 [ 424.480523][T10870] 8021q: adding VLAN 0 to HW filter on device team0 [ 424.508722][ T77] bridge0: port 1(bridge_slave_0) entered blocking state [ 424.512150][ T77] bridge0: port 1(bridge_slave_0) entered forwarding state [ 424.539558][ T77] bridge0: port 2(bridge_slave_1) entered blocking state [ 424.542417][ T77] bridge0: port 2(bridge_slave_1) entered forwarding state [ 425.299378][T10870] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 425.381010][ T5351] Bluetooth: hci6: command 0x0406 tx timeout [ 425.428078][T10870] veth0_vlan: entered promiscuous mode [ 425.479554][ C0] vkms_vblank_simulate: vblank timer overrun [ 425.494323][T10870] veth1_vlan: entered promiscuous mode [ 425.563095][T10870] veth0_macvtap: entered promiscuous mode [ 425.569616][T10870] veth1_macvtap: entered promiscuous mode [ 425.607301][T10870] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 425.614400][T10870] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 425.619528][T10870] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 425.623463][ T5349] Bluetooth: hci1: command tx timeout [ 425.636363][T10870] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 425.642309][T10870] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 425.645964][T10870] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 425.649179][T10870] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 425.655196][T10870] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 425.659327][T10870] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 425.667362][T10870] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 425.672163][T10870] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 425.678347][T10870] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 425.686320][T10870] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 425.692365][T10870] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 425.697281][T10870] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 425.702846][T10870] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 425.707506][T10870] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 425.712890][T10870] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 425.717710][T10870] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 425.722065][T10870] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 425.727152][T10870] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 425.731510][T10870] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 425.736284][T10870] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 425.741811][T10870] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 425.746421][T10870] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 425.752973][T10870] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 425.766125][T10870] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 425.771303][T10870] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 425.775009][T10870] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 425.779083][T10870] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 425.918813][ T1102] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 425.931020][ T1102] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 425.935818][ T1112] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 425.948510][ T1112] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 426.375972][T11052] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 426.379665][T11052] overlayfs: failed to set xattr on upper [ 426.382382][T11052] overlayfs: ...falling back to redirect_dir=nofollow. [ 426.385540][T11052] overlayfs: ...falling back to index=off. [ 426.388367][T11052] overlayfs: ...falling back to uuid=null. [ 427.298320][T11075] netlink: 2384 bytes leftover after parsing attributes in process `syz.1.1428'. [ 427.376923][T11076] hub 9-0:1.0: USB hub found [ 427.380805][T11076] hub 9-0:1.0: 1 port detected [ 427.421678][T11076] netlink: 'syz.0.1427': attribute type 1 has an invalid length. [ 427.429021][T11076] netlink: 244 bytes leftover after parsing attributes in process `syz.0.1427'. [ 427.731629][T11078] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1428'. [ 427.735626][T11078] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1428'. [ 429.498296][T11103] FAULT_INJECTION: forcing a failure. [ 429.498296][T11103] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 429.504474][T11103] CPU: 3 UID: 0 PID: 11103 Comm: syz.0.1434 Not tainted 6.11.0-rc3-syzkaller-00315-ge0fac5fc8b76 #0 [ 429.509073][T11103] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 429.513853][T11103] Call Trace: [ 429.515185][T11103] [ 429.516333][T11103] dump_stack_lvl+0x16c/0x1f0 [ 429.518562][T11103] should_fail_ex+0x497/0x5b0 [ 429.520729][T11103] _copy_to_user+0x30/0xc0 [ 429.522719][T11103] simple_read_from_buffer+0xd0/0x160 [ 429.525106][T11103] proc_fail_nth_read+0x19e/0x280 [ 429.527544][T11103] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 429.530172][T11103] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 429.532809][T11103] vfs_read+0x1d4/0xbd0 [ 429.534746][T11103] ? __fdget_pos+0xeb/0x180 [ 429.536977][T11103] ? __pfx_vfs_read+0x10/0x10 [ 429.539125][T11103] ? __pfx___mutex_lock+0x10/0x10 [ 429.541476][T11103] ? __fget_files+0x256/0x400 [ 429.543671][T11103] ksys_read+0x12f/0x260 [ 429.545732][T11103] ? __pfx_ksys_read+0x10/0x10 [ 429.548090][T11103] __do_fast_syscall_32+0x73/0x120 [ 429.550478][T11103] do_fast_syscall_32+0x32/0x80 [ 429.552833][T11103] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 429.555779][T11103] RIP: 0023:0xf741e579 [ 429.557668][T11103] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 429.565714][T11103] RSP: 002b:00000000f57265a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 429.569252][T11103] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00000000f5726620 [ 429.572791][T11103] RDX: 000000000000000f RSI: 00000000f7410ff4 RDI: 0000000000000000 [ 429.576408][T11103] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 429.579662][T11103] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 429.582950][T11103] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 429.586530][T11103] [ 430.647696][T11129] overlay: ./file0 is not a directory [ 430.821173][T11129] overlayfs: failed to resolve './file0': -2 [ 430.878486][ T10] usb 5-1: new high-speed USB device number 25 using dummy_hcd [ 430.948497][T11129] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 431.077557][ T10] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 431.085986][ T10] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 431.114353][ T10] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 431.118836][ T10] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 431.154496][ T10] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 431.158704][ T10] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 431.162717][ T10] usb 5-1: Product: syz [ 431.164765][ T10] usb 5-1: Manufacturer: syz [ 431.175433][ T10] cdc_wdm 5-1:1.0: skipping garbage [ 431.178790][ T10] cdc_wdm 5-1:1.0: skipping garbage [ 431.207666][ T10] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device [ 431.210477][ T10] cdc_wdm 5-1:1.0: Unknown control protocol [ 431.297767][T11143] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22 [ 431.303948][T11143] netdevsim netdevsim1: Direct firmware load for . failed with error -22 [ 431.309637][T11143] netdevsim netdevsim1: Falling back to sysfs fallback for: . [ 431.452898][ C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 431.453319][ T7413] usb 5-1: USB disconnect, device number 25 [ 431.455485][ C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 431.460343][ C0] cdc_wdm 5-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19 [ 431.470351][ T1102] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 431.581989][ T1102] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 431.687555][ T1102] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 431.811880][ T5351] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 431.822330][ T5351] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 431.823774][ T1102] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 431.826610][ T5351] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 431.845499][ T5351] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 431.856906][ T5351] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 431.863037][ T5351] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 431.928777][T11146] ip6gretap0 speed is unknown, defaulting to 1000 [ 432.092421][ T1102] bridge_slave_1: left allmulticast mode [ 432.097222][ T1102] bridge_slave_1: left promiscuous mode [ 432.099990][ T1102] bridge0: port 2(bridge_slave_1) entered disabled state [ 432.110123][ T1102] bridge_slave_0: left allmulticast mode [ 432.112892][ T1102] bridge_slave_0: left promiscuous mode [ 432.115498][ T1102] bridge0: port 1(bridge_slave_0) entered disabled state [ 432.261563][T11152] FAULT_INJECTION: forcing a failure. [ 432.261563][T11152] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 432.266253][T11152] CPU: 3 UID: 0 PID: 11152 Comm: syz.0.1451 Not tainted 6.11.0-rc3-syzkaller-00315-ge0fac5fc8b76 #0 [ 432.270051][T11152] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 432.274479][T11152] Call Trace: [ 432.275669][T11152] [ 432.276695][T11152] dump_stack_lvl+0x16c/0x1f0 [ 432.278671][T11152] should_fail_ex+0x497/0x5b0 [ 432.280495][T11152] _copy_to_user+0x30/0xc0 [ 432.282208][T11152] simple_read_from_buffer+0xd0/0x160 [ 432.284325][T11152] proc_fail_nth_read+0x19e/0x280 [ 432.286264][T11152] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 432.288398][T11152] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 432.290510][T11152] vfs_read+0x1d4/0xbd0 [ 432.292128][T11152] ? __fdget_pos+0xeb/0x180 [ 432.293879][T11152] ? __pfx_vfs_read+0x10/0x10 [ 432.295775][T11152] ? __pfx___mutex_lock+0x10/0x10 [ 432.297964][T11152] ? __fget_files+0x256/0x400 [ 432.299579][T11152] ksys_read+0x12f/0x260 [ 432.301054][T11152] ? __pfx_ksys_read+0x10/0x10 [ 432.302807][T11152] __do_fast_syscall_32+0x73/0x120 [ 432.304737][T11152] do_fast_syscall_32+0x32/0x80 [ 432.306823][T11152] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 432.309749][T11152] RIP: 0023:0xf741e579 [ 432.311633][T11152] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 432.320290][T11152] RSP: 002b:00000000f57265a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 432.324286][T11152] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f5726620 [ 432.327809][T11152] RDX: 000000000000000f RSI: 00000000f7410ff4 RDI: 0000000000000000 [ 432.330663][T11152] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 432.334019][T11152] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 432.337172][T11152] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 432.340551][T11152] [ 432.889970][ T1102] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 432.899103][ T1102] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 432.928232][ T1102] bond0 (unregistering): Released all slaves [ 432.950142][T11159] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1452'. [ 432.968038][T11168] netlink: 'syz.2.1453': attribute type 10 has an invalid length. [ 432.981181][T11168] batman_adv: batadv0: Adding interface: hsr_slave_0 [ 433.003332][T11168] batman_adv: batadv0: Not using interface hsr_slave_0 (retrying later): interface not active [ 433.016588][T11171] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1455'. [ 433.083350][T11172] bridge0: port 2(bridge_slave_1) entered blocking state [ 433.086667][T11172] bridge0: port 2(bridge_slave_1) entered listening state [ 433.091872][T11172] bridge0: port 1(bridge_slave_0) entered blocking state [ 433.095531][T11172] bridge0: port 1(bridge_slave_0) entered listening state [ 433.123258][T11172] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 433.226238][T11182] input: syz0 as /devices/virtual/input/input62 [ 433.376362][T11146] chnl_net:caif_netlink_parms(): no params data found [ 433.607740][T11193] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1459'. [ 433.655887][T11193] sock: sock_set_timeout: `syz.2.1459' (pid 11193) tries to set negative timeout [ 433.695006][T11146] bridge0: port 1(bridge_slave_0) entered blocking state [ 433.698163][T11146] bridge0: port 1(bridge_slave_0) entered disabled state [ 433.704805][T11146] bridge_slave_0: entered allmulticast mode [ 433.708261][T11146] bridge_slave_0: entered promiscuous mode [ 433.722079][ T1102] hsr_slave_0: left promiscuous mode [ 433.725465][ T1102] hsr_slave_1: left promiscuous mode [ 433.732998][ T1102] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 433.737435][ T1102] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 433.761781][ T1102] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 433.767906][ T1102] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 433.842781][ T1102] veth1_macvtap: left promiscuous mode [ 433.845412][ T1102] veth0_macvtap: left promiscuous mode [ 433.848268][ T1102] veth1_vlan: left promiscuous mode [ 433.851206][ T1102] veth0_vlan: left promiscuous mode [ 433.950506][ T5349] Bluetooth: hci1: command tx timeout [ 435.488203][ T1102] team0 (unregistering): Port device team_slave_1 removed [ 435.595042][ T1102] team0 (unregistering): Port device team_slave_0 removed [ 436.020914][ T5349] Bluetooth: hci1: command tx timeout [ 436.640178][T11197] netlink: 'syz.1.1460': attribute type 4 has an invalid length. [ 436.644105][T11146] bridge0: port 2(bridge_slave_1) entered blocking state [ 436.648745][T11146] bridge0: port 2(bridge_slave_1) entered disabled state [ 436.654698][T11146] bridge_slave_1: entered allmulticast mode [ 436.659069][T11146] bridge_slave_1: entered promiscuous mode [ 436.738385][T11219] netlink: 2384 bytes leftover after parsing attributes in process `syz.1.1466'. [ 436.779384][T11212] bridge0: port 2(bridge_slave_1) entered disabled state [ 436.784379][T11213] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1465'. [ 436.791546][T11213] team0: left allmulticast mode [ 436.793476][T11213] team_slave_0: left allmulticast mode [ 436.799043][T11213] team_slave_1: left allmulticast mode [ 436.803165][T11213] bridge1: left allmulticast mode [ 436.805285][T11213] team0: left promiscuous mode [ 436.807336][T11213] team_slave_0: left promiscuous mode [ 436.809612][T11213] team_slave_1: left promiscuous mode [ 436.813616][T11213] bridge1: left promiscuous mode [ 436.815747][T11226] netlink: 172 bytes leftover after parsing attributes in process `syz.1.1466'. [ 436.815971][T11213] bridge0: port 3(team0) entered disabled state [ 436.833535][T11213] bridge_slave_1: left allmulticast mode [ 436.836173][T11213] bridge_slave_1: left promiscuous mode [ 436.839120][T11213] bridge0: port 2(bridge_slave_1) entered disabled state [ 436.846104][T11213] bridge_slave_0: left allmulticast mode [ 436.848782][T11213] bridge_slave_0: left promiscuous mode [ 436.852535][T11213] bridge0: port 1(bridge_slave_0) entered disabled state [ 436.969783][T11146] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 437.038970][T11146] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 437.138785][T11146] team0: Port device team_slave_0 added [ 437.150473][T11146] team0: Port device team_slave_1 added [ 437.158843][T11219] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1466'. [ 437.167938][T11219] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1466'. [ 437.317161][T11146] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 437.321880][T11146] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 437.334759][T11146] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 437.344712][T11146] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 437.354274][T11146] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 437.366585][T11146] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 437.496438][T11146] hsr_slave_0: entered promiscuous mode [ 437.502509][T11146] hsr_slave_1: entered promiscuous mode [ 437.509602][T11146] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 437.513231][T11146] Cannot create hsr debugfs directory [ 438.111039][ T5349] Bluetooth: hci1: command tx timeout [ 438.805200][T11146] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 438.812894][T11146] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 438.818519][T11146] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 438.828013][T11146] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 438.962775][T11146] 8021q: adding VLAN 0 to HW filter on device bond0 [ 439.006906][T11146] 8021q: adding VLAN 0 to HW filter on device team0 [ 439.024977][ T1102] bridge0: port 1(bridge_slave_0) entered blocking state [ 439.028390][ T1102] bridge0: port 1(bridge_slave_0) entered forwarding state [ 439.059363][T11215] bridge0: port 2(bridge_slave_1) entered blocking state [ 439.062409][T11215] bridge0: port 2(bridge_slave_1) entered forwarding state [ 439.515977][T11146] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 439.607164][T11146] veth0_vlan: entered promiscuous mode [ 439.633960][T11146] veth1_vlan: entered promiscuous mode [ 439.750153][T11146] veth0_macvtap: entered promiscuous mode [ 439.770148][T11146] veth1_macvtap: entered promiscuous mode [ 439.856093][T11146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 439.870173][T11146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 439.876474][T11146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 439.881669][T11146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 439.887729][T11146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 439.894116][T11146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 439.899165][T11146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 439.905014][T11146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 439.909439][T11146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 439.914658][T11146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 439.919212][T11146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 439.924839][T11146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 439.935540][T11146] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 439.957988][T11146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 439.965919][T11146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 439.976680][T11146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 439.988741][T11146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 440.007436][T11146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 440.015044][T11146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 440.027883][T11146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 440.034296][T11146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 440.047478][T11146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 440.063295][T11146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 440.069752][T11146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 440.082068][T11146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 440.093116][T11146] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 440.099648][T11146] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 440.111140][T11146] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 440.115338][T11146] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 440.119399][T11146] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 440.201771][ T5349] Bluetooth: hci1: command tx timeout [ 440.298960][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 440.312655][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 440.373779][T11215] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 440.378233][T11215] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 442.474998][T11317] input: syz0 as /devices/virtual/input/input63 [ 442.721406][T11322] FAULT_INJECTION: forcing a failure. [ 442.721406][T11322] name failslab, interval 1, probability 0, space 0, times 0 [ 442.726930][T11322] CPU: 1 UID: 0 PID: 11322 Comm: syz.2.1475 Not tainted 6.11.0-rc3-syzkaller-00315-ge0fac5fc8b76 #0 [ 442.747393][T11322] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 442.752202][T11322] Call Trace: [ 442.753701][T11322] [ 442.755023][T11322] dump_stack_lvl+0x16c/0x1f0 [ 442.757128][T11322] should_fail_ex+0x497/0x5b0 [ 442.759235][T11322] ? fs_reclaim_acquire+0xae/0x160 [ 442.761515][T11322] should_failslab+0xc2/0x120 [ 442.767728][T11322] __kmalloc_noprof+0xcb/0x410 [ 442.769839][T11322] ? __pfx_lock_acquire+0x10/0x10 [ 442.771809][T11322] tomoyo_realpath_from_path+0xbf/0x710 [ 442.773947][T11322] ? tomoyo_profile+0x47/0x60 [ 442.775885][T11322] tomoyo_path_number_perm+0x245/0x5b0 [ 442.778192][T11322] ? tomoyo_path_number_perm+0x232/0x5b0 [ 442.780689][T11322] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 442.783355][T11322] ? __pfx_lock_release+0x10/0x10 [ 442.785578][T11322] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 442.788174][T11322] ? __fget_files+0x256/0x400 [ 442.790245][T11322] security_file_ioctl_compat+0x75/0xc0 [ 442.792680][T11322] __do_compat_sys_ioctl+0x5d/0x330 [ 442.794973][T11322] __do_fast_syscall_32+0x73/0x120 [ 442.797286][T11322] do_fast_syscall_32+0x32/0x80 [ 442.799441][T11322] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 442.802184][T11322] RIP: 0023:0xf7f80579 [ 442.803959][T11322] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 442.812930][T11322] RSP: 002b:00000000f572656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 442.816765][T11322] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000004b47 [ 442.820056][T11322] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 442.823287][T11322] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 442.826591][T11322] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 442.830141][T11322] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 442.833641][T11322] [ 442.869031][T11322] ERROR: Out of memory at tomoyo_realpath_from_path. [ 443.733962][T11342] overlay: ./file0 is not a directory [ 443.948964][T11342] overlayfs: upper fs needs to support d_type. [ 443.953661][T11342] overlayfs: upper fs does not support tmpfile. [ 443.977753][T11342] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 443.988589][T11342] overlayfs: failed to set xattr on upper [ 443.993034][T11342] overlayfs: ...falling back to redirect_dir=nofollow. [ 443.996669][T11347] overlayfs: lowerdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 444.003284][T11342] overlayfs: ...falling back to index=off. [ 444.006015][T11347] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 444.009437][T11342] overlayfs: ...falling back to uuid=null. [ 444.461473][T11352] netlink: 2384 bytes leftover after parsing attributes in process `syz.0.1482'. [ 444.475089][T11352] netlink: 172 bytes leftover after parsing attributes in process `syz.0.1482'. [ 444.649958][T11353] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1482'. [ 444.655890][T11353] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1482'. [ 445.131423][ T832] usb 7-1: new high-speed USB device number 14 using dummy_hcd [ 445.153565][ T1112] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 445.243865][T11362] input: syz0 as /devices/virtual/input/input64 [ 445.266481][ T1112] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 445.314338][ T1379] ieee802154 phy1 wpan1: encryption failed: -22 [ 445.322597][ T832] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 445.329008][ T832] usb 7-1: New USB device found, idVendor=0eb1, idProduct=7007, bcdDevice= 2.09 [ 445.338440][ T832] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 445.363244][ T832] usb 7-1: config 0 descriptor?? [ 445.373625][ T1112] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 445.497197][ T1112] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 445.529637][ T5351] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 445.552458][ T5351] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 445.556631][ T5351] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 445.563230][ T5351] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 445.567657][ T5351] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 445.576169][ T5351] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 445.619947][ T5388] usb 7-1: USB disconnect, device number 14 [ 445.644469][T11364] ip6gretap0 speed is unknown, defaulting to 1000 [ 445.812411][ T1112] bridge_slave_1: left allmulticast mode [ 445.814661][ T1112] bridge_slave_1: left promiscuous mode [ 445.817029][ T1112] bridge0: port 2(bridge_slave_1) entered disabled state [ 445.845144][ T1112] bridge_slave_0: left allmulticast mode [ 445.847516][ T1112] bridge_slave_0: left promiscuous mode [ 445.849971][ T1112] bridge0: port 1(bridge_slave_0) entered disabled state [ 446.503979][T11379] netlink: 'syz.0.1489': attribute type 3 has an invalid length. [ 446.507002][T11379] netlink: 130984 bytes leftover after parsing attributes in process `syz.0.1489'. [ 446.797123][ T1112] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 446.816098][ T1112] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 446.828423][ T1112] bond0 (unregistering): Released all slaves [ 447.065001][T11364] chnl_net:caif_netlink_parms(): no params data found [ 447.541506][T11388] syz.0.1491 (11388): /proc/11386/oom_adj is deprecated, please use /proc/11386/oom_score_adj instead. [ 447.638613][ T5349] Bluetooth: hci1: command tx timeout [ 447.699833][ T1112] hsr_slave_0: left promiscuous mode [ 447.706478][ T1112] hsr_slave_1: left promiscuous mode [ 447.707987][ T1112] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 447.708012][ T1112] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 447.708854][ T1112] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 447.708872][ T1112] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 447.789469][ T1112] veth1_macvtap: left promiscuous mode [ 447.789588][ T1112] veth0_macvtap: left promiscuous mode [ 447.789745][ T1112] veth1_vlan: left promiscuous mode [ 447.789848][ T1112] veth0_vlan: left promiscuous mode [ 447.890012][T11405] netlink: 2384 bytes leftover after parsing attributes in process `syz.1.1493'. [ 447.960291][T11406] netlink: 172 bytes leftover after parsing attributes in process `syz.1.1493'. [ 448.295437][T11411] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1494'. [ 448.356466][T11411] FAULT_INJECTION: forcing a failure. [ 448.356466][T11411] name failslab, interval 1, probability 0, space 0, times 0 [ 448.363663][T11411] CPU: 2 UID: 0 PID: 11411 Comm: syz.2.1494 Not tainted 6.11.0-rc3-syzkaller-00315-ge0fac5fc8b76 #0 [ 448.368327][T11411] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 448.373060][T11411] Call Trace: [ 448.374548][T11411] [ 448.386392][T11411] dump_stack_lvl+0x16c/0x1f0 [ 448.388387][T11411] should_fail_ex+0x497/0x5b0 [ 448.390298][T11411] ? fs_reclaim_acquire+0xae/0x160 [ 448.392836][T11411] should_failslab+0xc2/0x120 [ 448.394913][T11411] __kmalloc_cache_noprof+0x6b/0x310 [ 448.397206][T11411] ? __request_module+0x2c6/0x6c0 [ 448.399199][T11411] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 448.401773][T11411] __request_module+0x2c6/0x6c0 [ 448.403943][T11411] ? crypto_alg_mod_lookup+0x3ac/0x4c0 [ 448.406339][T11411] ? __pfx___request_module+0x10/0x10 [ 448.408940][T11411] ? __crypto_alg_lookup+0x29b/0x300 [ 448.411561][T11411] ? crypto_alg_mod_lookup+0x32b/0x4c0 [ 448.413998][T11411] crypto_alg_mod_lookup+0x3ac/0x4c0 [ 448.416348][T11411] crypto_alloc_tfm_node+0xd3/0x260 [ 448.418738][T11411] esp_init_aead.constprop.0+0x108/0x3b0 [ 448.421311][T11411] ? __pfx_esp_init_aead.constprop.0+0x10/0x10 [ 448.424051][T11411] ? __pfx_lock_release+0x10/0x10 [ 448.426302][T11411] esp6_init_state+0x86/0x510 [ 448.428408][T11411] __xfrm_init_state+0x836/0x1a90 [ 448.430642][T11411] xfrm_add_sa+0x2355/0x4da0 [ 448.432690][T11411] ? __pfx_xfrm_add_sa+0x10/0x10 [ 448.434853][T11411] ? __nla_parse+0x40/0x60 [ 448.436828][T11411] ? __pfx_xfrm_add_sa+0x10/0x10 [ 448.439005][T11411] xfrm_user_rcv_msg+0x58c/0xb30 [ 448.441212][T11411] ? __pfx_xfrm_user_rcv_msg+0x10/0x10 [ 448.443674][T11411] ? hlock_class+0x4e/0x130 [ 448.445841][T11411] ? __lock_acquire+0x1620/0x3cb0 [ 448.448140][T11411] ? __mutex_trylock_common+0xea/0x250 [ 448.450904][T11411] netlink_rcv_skb+0x165/0x410 [ 448.453129][T11411] ? __pfx_xfrm_user_rcv_msg+0x10/0x10 [ 448.455570][T11411] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 448.457906][T11411] ? __mutex_lock+0x1a6/0x9c0 [ 448.460143][T11411] ? netlink_deliver_tap+0x1ae/0xcf0 [ 448.462458][T11411] xfrm_netlink_rcv+0x71/0x90 [ 448.464561][T11411] netlink_unicast+0x53c/0x7f0 [ 448.466705][T11411] ? __pfx_netlink_unicast+0x10/0x10 [ 448.469051][T11411] ? __phys_addr_symbol+0x30/0x80 [ 448.471288][T11411] ? __check_object_size+0x497/0x720 [ 448.473431][T11411] netlink_sendmsg+0x8b8/0xd70 [ 448.475305][T11411] ? __pfx_netlink_sendmsg+0x10/0x10 [ 448.477613][T11411] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 448.479957][T11411] ____sys_sendmsg+0x9b4/0xb50 [ 448.482066][T11411] ? __pfx_____sys_sendmsg+0x10/0x10 [ 448.484387][T11411] ? get_compat_msghdr+0x11b/0x170 [ 448.486640][T11411] ? __pfx___lock_acquire+0x10/0x10 [ 448.488959][T11411] ___sys_sendmsg+0x135/0x1e0 [ 448.491044][T11411] ? __pfx____sys_sendmsg+0x10/0x10 [ 448.493348][T11411] ? ksys_write+0x21c/0x260 [ 448.495386][T11411] ? __fget_light+0x173/0x210 [ 448.497460][T11411] __sys_sendmsg+0x117/0x1f0 [ 448.499483][T11411] ? __pfx___sys_sendmsg+0x10/0x10 [ 448.501482][T11411] __do_fast_syscall_32+0x73/0x120 [ 448.503477][T11411] do_fast_syscall_32+0x32/0x80 [ 448.505364][T11411] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 448.507795][T11411] RIP: 0023:0xf7f80579 [ 448.509386][T11411] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 448.517681][T11411] RSP: 002b:00000000f572656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 448.521307][T11411] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000 [ 448.524831][T11411] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 448.528355][T11411] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 448.531799][T11411] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 448.535240][T11411] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 448.538415][T11411] [ 448.542223][ C2] bridge0: port 1(bridge_slave_0) entered learning state [ 448.546312][ C2] bridge0: port 2(bridge_slave_1) entered learning state [ 449.702770][ T5349] Bluetooth: hci1: command tx timeout [ 449.875360][T11426] input: syz0 as /devices/virtual/input/input66 [ 450.722103][ T1112] team0 (unregistering): Port device team_slave_1 removed [ 450.867696][ T1112] team0 (unregistering): Port device team_slave_0 removed [ 451.781057][ T5349] Bluetooth: hci1: command tx timeout [ 451.797469][T11364] bridge0: port 1(bridge_slave_0) entered blocking state [ 451.810771][T11364] bridge0: port 1(bridge_slave_0) entered disabled state [ 451.813909][T11364] bridge_slave_0: entered allmulticast mode [ 451.817387][T11364] bridge_slave_0: entered promiscuous mode [ 451.822888][T11364] bridge0: port 2(bridge_slave_1) entered blocking state [ 451.826087][T11364] bridge0: port 2(bridge_slave_1) entered disabled state [ 451.829407][T11364] bridge_slave_1: entered allmulticast mode [ 451.840656][T11364] bridge_slave_1: entered promiscuous mode [ 451.847281][T11409] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1493'. [ 451.860021][T11409] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1493'. [ 452.058831][T11364] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 452.074189][T11364] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 452.254107][T11364] team0: Port device team_slave_0 added [ 452.269039][T11364] team0: Port device team_slave_1 added [ 452.439999][T11364] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 452.450740][T11364] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 452.463201][T11364] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 452.476425][T11364] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 452.479531][T11364] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 452.495569][T11364] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 452.622022][T11461] input: syz0 as /devices/virtual/input/input67 [ 452.764824][T11364] hsr_slave_0: entered promiscuous mode [ 452.791652][T11364] hsr_slave_1: entered promiscuous mode [ 452.804409][T11364] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 452.807836][T11364] Cannot create hsr debugfs directory [ 453.864426][ T5349] Bluetooth: hci1: command tx timeout [ 453.958924][T11490] Context (ID=0x10) not attached to queue pair (handle=0x2:0x0) [ 454.296023][T11364] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 454.308894][T11364] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 454.314536][T11364] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 454.326335][T11364] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 454.476067][T11364] 8021q: adding VLAN 0 to HW filter on device bond0 [ 454.506954][T11364] 8021q: adding VLAN 0 to HW filter on device team0 [ 454.525914][ T1112] bridge0: port 1(bridge_slave_0) entered blocking state [ 454.529494][ T1112] bridge0: port 1(bridge_slave_0) entered forwarding state [ 454.556767][ T77] bridge0: port 2(bridge_slave_1) entered blocking state [ 454.559787][ T77] bridge0: port 2(bridge_slave_1) entered forwarding state [ 454.878495][T11518] input: syz0 as /devices/virtual/input/input68 [ 455.005559][T11364] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 455.084360][T11364] veth0_vlan: entered promiscuous mode [ 455.115532][T11364] veth1_vlan: entered promiscuous mode [ 455.156721][T11364] veth0_macvtap: entered promiscuous mode [ 455.170836][T11364] veth1_macvtap: entered promiscuous mode [ 455.196899][T11364] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 455.207424][T11364] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 455.213030][T11364] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 455.217250][T11364] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 455.221948][T11364] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 455.226065][T11364] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 455.232480][T11364] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 455.239993][T11364] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 455.244756][T11364] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 455.249047][T11364] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 455.259474][T11364] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 455.271031][T11364] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 455.276843][T11364] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 455.294156][T11364] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 455.298215][T11364] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 455.321615][T11364] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 455.326070][T11364] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 455.340857][T11364] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 455.345344][T11364] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 455.347266][ T5359] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 455.349557][T11364] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 455.366865][T11364] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 455.380753][T11364] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 455.385378][T11364] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 455.390091][T11364] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 455.403209][T11364] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 455.408671][T11364] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 455.441567][T11364] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 455.444826][T11364] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 455.448082][T11364] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 455.461871][T11364] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 455.554339][ T5359] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 455.562360][ T5359] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 455.583463][ T5359] usb 6-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 455.600885][ T5359] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 455.612059][ T5359] usb 6-1: config 0 descriptor?? [ 455.624964][ T1112] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 455.633033][ T1112] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 455.704934][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 455.714569][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 455.819797][T11526] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 455.824293][ T5359] cm6533_jd 0003:0D8C:0022.0008: unknown main item tag 0x0 [ 455.834229][ T5359] cm6533_jd 0003:0D8C:0022.0008: unknown main item tag 0x0 [ 455.839978][T11526] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 455.849475][ T5359] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/0003:0D8C:0022.0008/input/input69 [ 455.930324][ T5359] cm6533_jd 0003:0D8C:0022.0008: input,hiddev0,hidraw1: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.1-1/input0 [ 455.964669][ T5359] usb 6-1: USB disconnect, device number 9 [ 455.991704][ T5349] Bluetooth: hci2: unexpected event for opcode 0x0c23 [ 456.421057][ T112] EXT4-fs warning (device sda1): es_reclaim_extents:1827: forced shrink of precached extents [ 457.385993][T11588] kvm: pic: single mode not supported [ 457.387807][T11588] kvm: pic: non byte write [ 457.446122][T11594] ipvlan1: entered promiscuous mode [ 457.448523][T11594] ipvlan1: entered allmulticast mode [ 457.460826][T11594] veth0_vlan: entered allmulticast mode [ 457.775683][T11598] ieee802154 phy1 wpan1: encryption failed: -22 [ 457.865829][T11601] overlay: ./file0 is not a directory [ 457.899710][T11601] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 457.951208][T11603] input: syz0 as /devices/virtual/input/input70 [ 458.145605][T11605] 9pnet_virtio: no channels available for device syz [ 458.150664][T11605] overlayfs: failed to resolve './file1': -2 [ 458.184820][T11605] overlayfs: failed to resolve './file0': -2 [ 458.203644][T11605] overlayfs: overlapping lowerdir path [ 458.649170][T11610] pimreg: entered allmulticast mode [ 458.823632][ T5351] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 458.850922][ T5351] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 458.870096][ T5351] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 458.883969][ T5351] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 458.889043][ T5351] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 458.893219][ T5351] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 458.964706][T11611] ip6gretap0 speed is unknown, defaulting to 1000 [ 459.186542][T11611] chnl_net:caif_netlink_parms(): no params data found [ 459.408331][T11611] bridge0: port 1(bridge_slave_0) entered blocking state [ 459.421585][T11611] bridge0: port 1(bridge_slave_0) entered disabled state [ 459.443466][T11611] bridge_slave_0: entered allmulticast mode [ 459.446783][T11611] bridge_slave_0: entered promiscuous mode [ 459.455768][T11611] bridge0: port 2(bridge_slave_1) entered blocking state [ 459.458969][T11611] bridge0: port 2(bridge_slave_1) entered disabled state [ 459.465222][T11611] bridge_slave_1: entered allmulticast mode [ 459.469155][T11611] bridge_slave_1: entered promiscuous mode [ 459.493543][T11630] overlay: ./file0 is not a directory [ 459.545312][T11630] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 459.591777][T11611] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 459.599853][T11611] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 459.633711][T11632] 9pnet_virtio: no channels available for device syz [ 459.643386][T11632] overlayfs: failed to resolve './file1': -2 [ 459.656602][T11632] overlayfs: failed to resolve './file0': -2 [ 459.674710][T11632] overlayfs: overlapping lowerdir path [ 459.755430][T11611] team0: Port device team_slave_0 added [ 459.764299][T11611] team0: Port device team_slave_1 added [ 459.853031][T11611] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 459.856467][T11611] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 459.865820][T11611] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 459.875974][T11611] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 459.879044][T11611] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 459.891922][T11611] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 459.911956][T11634] ip6gretap0 speed is unknown, defaulting to 1000 [ 460.129275][T11611] hsr_slave_0: entered promiscuous mode [ 460.149030][T11611] hsr_slave_1: entered promiscuous mode [ 460.152955][T11611] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 460.156382][T11611] Cannot create hsr debugfs directory [ 460.209480][ T65] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 460.349988][T11640] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 460.402411][ T5351] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 460.405092][ T65] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 460.408839][ T5351] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 460.415440][ T5351] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 460.420624][ T5351] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 460.425584][ T5351] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 460.429360][ T5351] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 460.524800][ T65] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 460.538041][T11641] ip6gretap0 speed is unknown, defaulting to 1000 [ 460.661805][T11611] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 460.761551][ T65] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 460.781725][T11649] overlay: ./file0 is not a directory [ 460.805478][T11611] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 460.918784][T11649] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 460.945175][T11611] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 460.999365][ T5349] Bluetooth: hci6: command tx timeout [ 461.110755][T11611] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 461.210682][T11641] chnl_net:caif_netlink_parms(): no params data found [ 461.636819][ T65] team0: Port device bridge1 removed [ 461.807841][ T5351] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 461.837189][ T5351] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 461.856937][ T5351] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 461.889605][ T5351] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 461.899100][ T5351] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 461.904155][ T5351] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 461.957039][ T65] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 461.964742][ T65] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 461.975626][ T65] bond0 (unregistering): Released all slaves [ 462.056773][ T6593] ip6gretap0 speed is unknown, defaulting to 1000 [ 462.230093][T11641] bridge0: port 1(bridge_slave_0) entered blocking state [ 462.243312][T11641] bridge0: port 1(bridge_slave_0) entered disabled state [ 462.246501][T11641] bridge_slave_0: entered allmulticast mode [ 462.252858][T11641] bridge_slave_0: entered promiscuous mode [ 462.290550][T11641] bridge0: port 2(bridge_slave_1) entered blocking state [ 462.301364][T11641] bridge0: port 2(bridge_slave_1) entered disabled state [ 462.304658][T11641] bridge_slave_1: entered allmulticast mode [ 462.308663][T11641] bridge_slave_1: entered promiscuous mode [ 462.384455][T11611] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 462.395177][T11611] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 462.450205][T11641] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 462.470065][T11611] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 462.491798][T11611] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 462.502883][ T5351] Bluetooth: hci2: command tx timeout [ 462.505671][T11641] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 462.765118][T11641] team0: Port device team_slave_0 added [ 462.845943][T11641] team0: Port device team_slave_1 added [ 463.055283][T11641] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 463.058352][T11641] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 463.070472][ T5351] Bluetooth: hci6: command tx timeout [ 463.075106][T11641] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 463.111951][ T65] hsr_slave_0: left promiscuous mode [ 463.119977][ T65] hsr_slave_1: left promiscuous mode [ 463.126508][ T65] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 463.129935][ T65] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 463.134305][ T65] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 463.137660][ T65] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 463.199127][ T65] veth1_macvtap: left promiscuous mode [ 463.202259][ T65] veth0_macvtap: left promiscuous mode [ 463.205903][ T65] veth1_vlan: left promiscuous mode [ 463.208542][ T65] veth0_vlan: left promiscuous mode [ 463.314029][ T65] pimreg (unregistering): left allmulticast mode [ 463.332194][ T65] pim6reg (unregistering): left allmulticast mode [ 463.864159][ C2] bridge0: port 2(bridge_slave_1) entered forwarding state [ 463.867313][ C2] bridge0: topology change detected, propagating [ 463.871202][ C2] bridge0: port 1(bridge_slave_0) entered forwarding state [ 463.874454][ C2] bridge0: topology change detected, propagating [ 463.940970][ T5351] Bluetooth: hci1: command tx timeout [ 464.590926][ T5351] Bluetooth: hci2: command tx timeout [ 464.611399][ T65] team0 (unregistering): Port device team_slave_1 removed [ 464.700939][ T65] team0 (unregistering): Port device team_slave_0 removed [ 465.156416][ T5351] Bluetooth: hci6: command tx timeout [ 465.775068][T11641] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 465.778217][T11641] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 465.791306][T11641] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 466.015271][T11655] chnl_net:caif_netlink_parms(): no params data found [ 466.023617][ T5351] Bluetooth: hci1: command tx timeout [ 466.030767][T11641] hsr_slave_0: entered promiscuous mode [ 466.091201][T11641] hsr_slave_1: entered promiscuous mode [ 466.108038][T11641] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 466.112877][T11641] Cannot create hsr debugfs directory [ 466.427712][T11611] 8021q: adding VLAN 0 to HW filter on device bond0 [ 466.464713][T11611] 8021q: adding VLAN 0 to HW filter on device team0 [ 466.533986][T11655] bridge0: port 1(bridge_slave_0) entered blocking state [ 466.537106][T11655] bridge0: port 1(bridge_slave_0) entered disabled state [ 466.541745][T11655] bridge_slave_0: entered allmulticast mode [ 466.546107][T11655] bridge_slave_0: entered promiscuous mode [ 466.554823][T11655] bridge0: port 2(bridge_slave_1) entered blocking state [ 466.558931][T11655] bridge0: port 2(bridge_slave_1) entered disabled state [ 466.563363][T11655] bridge_slave_1: entered allmulticast mode [ 466.567434][T11655] bridge_slave_1: entered promiscuous mode [ 466.660758][ T5351] Bluetooth: hci2: command tx timeout [ 466.671982][T11673] bridge0: port 1(bridge_slave_0) entered blocking state [ 466.676535][T11673] bridge0: port 1(bridge_slave_0) entered forwarding state [ 466.686588][T11673] bridge0: port 2(bridge_slave_1) entered blocking state [ 466.689985][T11673] bridge0: port 2(bridge_slave_1) entered forwarding state [ 466.817506][T11655] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 466.903011][ T65] IPVS: stop unused estimator thread 0... [ 466.920043][T11655] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 467.058281][T11655] team0: Port device team_slave_0 added [ 467.173336][T11655] team0: Port device team_slave_1 added [ 467.221268][ T5351] Bluetooth: hci6: command tx timeout [ 467.485035][T11655] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 467.487668][T11655] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 467.500174][T11655] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 467.510480][T11655] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 467.515726][T11655] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 467.527373][T11655] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 467.586523][ T65] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 467.788186][ T65] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 467.927572][T11655] hsr_slave_0: entered promiscuous mode [ 467.939227][T11655] hsr_slave_1: entered promiscuous mode [ 467.951645][T11655] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 467.954497][T11655] Cannot create hsr debugfs directory [ 467.993706][ T65] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 468.120080][ T5351] Bluetooth: hci1: command tx timeout [ 468.166826][ T65] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 468.421957][T11611] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 468.510945][T11641] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 468.542883][T11641] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 468.594899][T11641] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 468.606118][T11641] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 468.619741][ T65] bridge_slave_1: left allmulticast mode [ 468.622709][ T65] bridge_slave_1: left promiscuous mode [ 468.625610][ T65] bridge0: port 2(bridge_slave_1) entered disabled state [ 468.638687][ T65] bridge_slave_0: left allmulticast mode [ 468.641737][ T65] bridge_slave_0: left promiscuous mode [ 468.644076][ T65] bridge0: port 1(bridge_slave_0) entered disabled state [ 468.742597][ T5351] Bluetooth: hci2: command tx timeout [ 469.176441][ T65] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 469.185294][ T65] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 469.192855][ T65] bond0 (unregistering): Released all slaves [ 469.302985][T11611] veth0_vlan: entered promiscuous mode [ 469.372733][T11611] veth1_vlan: entered promiscuous mode [ 469.421403][T11611] veth0_macvtap: entered promiscuous mode [ 469.426598][T11611] veth1_macvtap: entered promiscuous mode [ 469.476705][T11611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 469.481860][T11611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 469.485672][T11611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 469.490158][T11611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 469.496142][T11611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 469.501123][T11611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 469.505846][T11611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 469.510263][T11611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 469.514501][T11611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 469.518890][T11611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 469.523770][T11611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 469.527962][T11611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 469.533049][T11611] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 469.692895][T11611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 469.697772][T11611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 469.710796][T11611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 469.722779][T11611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 469.732975][T11611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 469.740847][T11611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 469.740867][T11611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 469.740881][T11611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 469.740894][T11611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 469.740906][T11611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 469.740920][T11611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 469.740932][T11611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 469.747135][T11611] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 469.850349][T11641] 8021q: adding VLAN 0 to HW filter on device bond0 [ 469.853861][T11611] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 469.853940][T11611] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 469.853963][T11611] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 469.853987][T11611] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 469.957311][T11641] 8021q: adding VLAN 0 to HW filter on device team0 [ 470.031340][ T65] hsr_slave_0: left promiscuous mode [ 470.034064][ T65] hsr_slave_1: left promiscuous mode [ 470.038336][ T65] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 470.038378][ T65] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 470.039419][ T65] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 470.039442][ T65] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 470.141286][ T65] veth1_macvtap: left promiscuous mode [ 470.141536][ T65] veth0_macvtap: left promiscuous mode [ 470.147936][ T65] veth1_vlan: left promiscuous mode [ 470.148061][ T65] veth0_vlan: left promiscuous mode [ 470.191666][ T5351] Bluetooth: hci1: command tx timeout [ 472.024691][ T65] team0 (unregistering): Port device team_slave_1 removed [ 472.192743][ T65] team0 (unregistering): Port device team_slave_0 removed [ 473.291642][ T1100] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 473.303750][ T1100] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 473.310194][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 473.313931][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 473.373606][T11673] bridge0: port 2(bridge_slave_1) entered blocking state [ 473.377094][T11673] bridge0: port 2(bridge_slave_1) entered forwarding state [ 473.410145][T11655] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 473.432895][T11655] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 473.434680][T11673] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 473.439419][T11673] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 473.449793][T11655] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 473.462960][T11655] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 473.716387][T11655] 8021q: adding VLAN 0 to HW filter on device bond0 [ 473.788214][T11655] 8021q: adding VLAN 0 to HW filter on device team0 [ 473.825512][T11641] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 473.853916][ T1112] bridge0: port 1(bridge_slave_0) entered blocking state [ 473.856980][ T1112] bridge0: port 1(bridge_slave_0) entered forwarding state [ 473.907457][ T1112] bridge0: port 2(bridge_slave_1) entered blocking state [ 473.911496][ T1112] bridge0: port 2(bridge_slave_1) entered forwarding state [ 474.048013][T11641] veth0_vlan: entered promiscuous mode [ 474.061245][T11641] veth1_vlan: entered promiscuous mode [ 474.134262][T11641] veth0_macvtap: entered promiscuous mode [ 474.140405][T11641] veth1_macvtap: entered promiscuous mode [ 474.173514][T11641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 474.178087][T11641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.183693][T11641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 474.188178][T11641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.192436][T11641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 474.196987][T11641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.201187][T11641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 474.205545][T11641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.209772][T11641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 474.214601][T11641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.218912][T11641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 474.223551][T11641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.229741][T11641] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 474.237621][T11641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 474.242360][T11641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.246546][T11641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 474.251097][T11641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.255311][T11641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 474.259792][T11641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.264475][T11641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 474.269033][T11641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.283339][T11641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 474.288402][T11641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.310728][T11641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 474.315894][T11641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.337635][T11641] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 474.369239][T11641] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 474.385240][T11641] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 474.389295][T11641] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 474.400766][T11641] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 474.511901][T11655] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 474.591314][ T1167] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 474.594599][ T1167] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 474.669981][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 474.673754][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 474.701947][T11655] veth0_vlan: entered promiscuous mode [ 474.719158][T11655] veth1_vlan: entered promiscuous mode [ 474.785845][T11655] veth0_macvtap: entered promiscuous mode [ 474.790284][T11655] veth1_macvtap: entered promiscuous mode [ 474.859259][T11655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 474.864136][T11655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.868829][T11655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 474.876549][T11655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.881511][T11655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 474.886279][T11655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.891220][T11655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 474.895523][T11655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.900283][T11655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 474.906351][T11655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.911069][T11655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 474.915194][T11655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.921616][T11655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 474.926991][T11655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.938704][T11655] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 474.987098][T11655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 474.995590][T11655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.999851][T11655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 475.005483][T11655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 475.018190][T11655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 475.023064][T11655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 475.027281][T11655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 475.038336][T11655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 475.042813][T11655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 475.047350][T11655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 475.053597][T11655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 475.061161][T11655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 475.065218][T11655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 475.076595][T11655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 475.084778][T11655] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 475.092395][T11655] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 475.096187][T11655] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 475.100194][T11655] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 475.111022][T11655] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 475.289069][T11796] 9pnet_fd: Insufficient options for proto=fd [ 475.299962][T11673] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 475.305592][T11673] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 475.366636][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 475.370385][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 475.613938][T11804] netlink: 2384 bytes leftover after parsing attributes in process `syz.3.1548'. [ 475.631622][T11804] netlink: 172 bytes leftover after parsing attributes in process `syz.3.1548'. [ 475.872971][T11807] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1548'. [ 475.881446][T11807] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1548'. [ 476.522019][T11822] overlay: ./file0 is not a directory [ 476.658172][T11822] overlayfs: upper fs needs to support d_type. [ 476.667404][T11822] overlayfs: upper fs does not support tmpfile. [ 476.685066][T11823] overlayfs: lowerdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 476.697239][T11822] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 476.698699][T11823] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 476.708595][T11822] overlayfs: failed to set xattr on upper [ 476.715864][T11822] overlayfs: ...falling back to redirect_dir=nofollow. [ 476.725773][T11822] overlayfs: ...falling back to index=off. [ 476.728264][T11822] overlayfs: ...falling back to uuid=null. [ 477.074357][T11831] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1574'. [ 477.094054][T11831] netlink: 'syz.0.1574': attribute type 20 has an invalid length. [ 477.348965][ T1112] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 477.567387][ T1112] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 477.724098][ T1112] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 477.890297][ T1112] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 478.077926][ T5349] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 478.090335][ T5349] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 478.105097][ T5349] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 478.113325][ T5349] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 478.123023][ T5349] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 478.126382][ T5349] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 478.193982][ T1112] bridge_slave_1: left allmulticast mode [ 478.196512][ T1112] bridge_slave_1: left promiscuous mode [ 478.199084][ T1112] bridge0: port 2(bridge_slave_1) entered disabled state [ 478.253447][ T1112] bridge_slave_0: left allmulticast mode [ 478.255941][ T1112] bridge_slave_0: left promiscuous mode [ 478.258634][ T1112] bridge0: port 1(bridge_slave_0) entered disabled state [ 478.588233][T11853] overlay: ./file0 is not a directory [ 478.639646][T11853] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 479.010213][ T1112] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 479.019903][ T1112] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 479.043623][ T1112] bond0 (unregistering): Released all slaves [ 479.500904][T11872] input: syz0 as /devices/virtual/input/input71 [ 479.757189][T11840] chnl_net:caif_netlink_parms(): no params data found [ 479.824344][ T5349] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 479.845050][ T5349] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 479.850374][ T5349] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 479.866359][ T1112] hsr_slave_0: left promiscuous mode [ 479.878926][ T67] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 479.882744][ T67] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 479.883326][ T1112] hsr_slave_1: left promiscuous mode [ 479.886320][ T67] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 479.932467][ T1112] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 479.935819][ T1112] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 479.940280][ T1112] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 479.970761][ T1112] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 480.035377][ T1112] veth1_macvtap: left promiscuous mode [ 480.037655][ T1112] veth0_macvtap: left promiscuous mode [ 480.039883][ T1112] veth1_vlan: left promiscuous mode [ 480.042152][ T1112] veth0_vlan: left promiscuous mode [ 480.191393][ T67] Bluetooth: hci6: command tx timeout [ 480.696813][T11886] overlay: ./file0 is not a directory [ 480.768833][T11886] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 481.526656][ T1112] team0 (unregistering): Port device team_slave_1 removed [ 481.668935][ T1112] team0 (unregistering): Port device team_slave_0 removed [ 481.844842][T11896] FAULT_INJECTION: forcing a failure. [ 481.844842][T11896] name failslab, interval 1, probability 0, space 0, times 0 [ 481.856032][T11896] CPU: 2 UID: 0 PID: 11896 Comm: syz.0.1594 Not tainted 6.11.0-rc3-syzkaller-00315-ge0fac5fc8b76 #0 [ 481.861112][T11896] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 481.865875][T11896] Call Trace: [ 481.867481][T11896] [ 481.868903][T11896] dump_stack_lvl+0x16c/0x1f0 [ 481.871130][T11896] should_fail_ex+0x497/0x5b0 [ 481.874130][T11896] ? fs_reclaim_acquire+0xae/0x160 [ 481.876439][T11896] should_failslab+0xc2/0x120 [ 481.878540][T11896] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 481.880925][T11896] ? sk_prot_alloc+0x60/0x2a0 [ 481.882792][T11896] sk_prot_alloc+0x60/0x2a0 [ 481.884372][T11896] sk_alloc+0x36/0xb90 [ 481.885909][T11896] inet6_create+0x380/0x12e0 [ 481.888135][T11896] ? inet6_create+0x5d/0x12e0 [ 481.890242][T11896] __sock_create+0x32e/0x800 [ 481.892323][T11896] mptcp_subflow_create_socket+0xf6/0x10a0 [ 481.894909][T11896] ? __pfx_mark_lock+0x10/0x10 [ 481.897043][T11896] ? lock_acquire+0x1b1/0x560 [ 481.899170][T11896] ? __pfx_mptcp_subflow_create_socket+0x10/0x10 [ 481.901922][T11896] ? find_held_lock+0x2d/0x110 [ 481.904104][T11896] __mptcp_nmpc_sk+0x184/0x7d0 [ 481.906247][T11896] ? __pfx___mptcp_nmpc_sk+0x10/0x10 [ 481.908621][T11896] ? mptcp_setsockopt+0x14ff/0x32d0 [ 481.910954][T11896] ? __local_bh_enable_ip+0xa4/0x120 [ 481.913329][T11896] mptcp_setsockopt+0x1507/0x32d0 [ 481.915616][T11896] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 481.918131][T11896] ? __pfx_mptcp_setsockopt+0x10/0x10 [ 481.920530][T11896] ? __pfx_aa_sk_perm+0x10/0x10 [ 481.922744][T11896] ? sock_common_setsockopt+0x2e/0xf0 [ 481.925111][T11896] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 481.927756][T11896] do_sock_setsockopt+0x222/0x480 [ 481.929996][T11896] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 481.932415][T11896] ? __fget_light+0x173/0x210 [ 481.934306][T11896] __sys_setsockopt+0x1a4/0x270 [ 481.936567][T11896] ? __pfx___sys_setsockopt+0x10/0x10 [ 481.938944][T11896] ? fput+0x32/0x390 [ 481.940537][T11896] ? ksys_write+0x1ab/0x260 [ 481.942434][T11896] ? __pfx_ksys_write+0x10/0x10 [ 481.944619][T11896] __ia32_sys_setsockopt+0xbc/0x160 [ 481.946880][T11896] ? lockdep_hardirqs_on+0x7c/0x110 [ 481.949206][T11896] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 481.952119][T11896] __do_fast_syscall_32+0x73/0x120 [ 481.954419][T11896] do_fast_syscall_32+0x32/0x80 [ 481.956577][T11896] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 481.959133][T11896] RIP: 0023:0xf7fe8579 [ 481.960965][T11896] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 481.969300][T11896] RSP: 002b:00000000f578656c EFLAGS: 00000296 ORIG_RAX: 000000000000016e [ 481.973068][T11896] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000029 [ 481.976529][T11896] RDX: 000000000000004b RSI: 0000000000000000 RDI: 0000000000000004 [ 481.979963][T11896] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 481.983452][T11896] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 481.987470][T11896] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 481.991000][T11896] [ 482.002172][ T67] Bluetooth: hci3: command tx timeout [ 482.271098][ T67] Bluetooth: hci6: command tx timeout [ 483.079242][T11912] input: syz0 as /devices/virtual/input/input72 [ 483.464273][T11840] bridge0: port 1(bridge_slave_0) entered blocking state [ 483.467358][T11840] bridge0: port 1(bridge_slave_0) entered disabled state [ 483.473766][T11840] bridge_slave_0: entered allmulticast mode [ 483.488068][T11840] bridge_slave_0: entered promiscuous mode [ 483.503621][T11840] bridge0: port 2(bridge_slave_1) entered blocking state [ 483.506774][T11840] bridge0: port 2(bridge_slave_1) entered disabled state [ 483.520983][T11840] bridge_slave_1: entered allmulticast mode [ 483.532480][T11840] bridge_slave_1: entered promiscuous mode [ 483.765788][T11840] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 483.778288][T11840] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 483.899531][T11840] team0: Port device team_slave_0 added [ 483.910314][T11840] team0: Port device team_slave_1 added [ 484.021075][ T67] Bluetooth: hci3: command tx timeout [ 484.026936][T11840] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 484.030055][T11840] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 484.048487][T11840] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 484.067639][T11840] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 484.071215][T11840] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 484.086320][T11840] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 484.098557][T11932] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1602'. [ 484.352208][ T67] Bluetooth: hci6: command tx timeout [ 484.589733][ T1112] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 484.620262][T11840] hsr_slave_0: entered promiscuous mode [ 484.629244][T11840] hsr_slave_1: entered promiscuous mode [ 484.638038][T11840] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 484.642305][T11840] Cannot create hsr debugfs directory [ 484.655711][T11879] chnl_net:caif_netlink_parms(): no params data found [ 484.674005][T11930] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 484.679795][T11930] Bluetooth: hci4: Error when powering off device on rfkill (-4) [ 484.775450][ T1112] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 484.941616][ T1112] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 484.972180][T11930] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 484.978539][T11930] Bluetooth: hci5: Error when powering off device on rfkill (-4) [ 485.104128][ T1112] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 485.233358][T11879] bridge0: port 1(bridge_slave_0) entered blocking state [ 485.235916][T11879] bridge0: port 1(bridge_slave_0) entered disabled state [ 485.240322][T11879] bridge_slave_0: entered allmulticast mode [ 485.247396][T11879] bridge_slave_0: entered promiscuous mode [ 485.253127][T11879] bridge0: port 2(bridge_slave_1) entered blocking state [ 485.256400][T11879] bridge0: port 2(bridge_slave_1) entered disabled state [ 485.259644][T11879] bridge_slave_1: entered allmulticast mode [ 485.267336][T11879] bridge_slave_1: entered promiscuous mode [ 485.632732][T11879] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 485.644616][T11879] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 485.850646][T11930] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 485.854997][T11930] Bluetooth: hci2: Error when powering off device on rfkill (-4) [ 485.866129][T11879] team0: Port device team_slave_0 added [ 485.874441][T11879] team0: Port device team_slave_1 added [ 486.071231][T11879] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 486.074609][T11879] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 486.087848][T11879] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 486.100893][ T67] Bluetooth: hci3: command tx timeout [ 486.148633][ T1112] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 486.281852][T11879] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 486.284859][T11879] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 486.297256][T11879] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 486.352239][ T1112] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 486.406639][T11930] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 486.409213][T11930] Bluetooth: hci6: Error when powering off device on rfkill (-4) [ 486.430842][ T67] Bluetooth: hci6: command tx timeout [ 486.455565][T11930] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 486.458792][T11930] Bluetooth: hci3: Error when powering off device on rfkill (-4) [ 486.459701][T11879] hsr_slave_0: entered promiscuous mode [ 486.469946][T11879] hsr_slave_1: entered promiscuous mode [ 486.479532][T11879] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 486.489207][T11879] Cannot create hsr debugfs directory [ 486.500269][ T5351] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 486.507092][ T5351] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 486.521443][ T5351] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 486.540203][ T5351] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 486.544440][ T5351] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 486.548202][ T5351] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 486.571915][ T67] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 486.575386][ T67] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 486.578417][ T67] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 486.582850][ T67] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 486.591114][ T67] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 486.594251][ T67] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 486.630908][ T1112] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 486.775690][T11956] FAULT_INJECTION: forcing a failure. [ 486.775690][T11956] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 486.785759][T11956] CPU: 3 UID: 0 PID: 11956 Comm: syz.0.1603 Not tainted 6.11.0-rc3-syzkaller-00315-ge0fac5fc8b76 #0 [ 486.789913][ T1112] bond0: (slave netdevsim0): Releasing backup interface [ 486.794903][T11956] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 486.794919][T11956] Call Trace: [ 486.794928][T11956] [ 486.794937][T11956] dump_stack_lvl+0x16c/0x1f0 [ 486.794972][T11956] should_fail_ex+0x497/0x5b0 [ 486.795000][T11956] _copy_to_user+0x30/0xc0 [ 486.795024][T11956] simple_read_from_buffer+0xd0/0x160 [ 486.795049][T11956] proc_fail_nth_read+0x19e/0x280 [ 486.795078][T11956] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 486.795110][T11956] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 486.795138][T11956] vfs_read+0x1d4/0xbd0 [ 486.795167][T11956] ? __fdget_pos+0xeb/0x180 [ 486.795194][T11956] ? __pfx_vfs_read+0x10/0x10 [ 486.795218][T11956] ? __pfx___mutex_lock+0x10/0x10 [ 486.795245][T11956] ? __fget_files+0x256/0x400 [ 486.795281][T11956] ksys_read+0x12f/0x260 [ 486.795306][T11956] ? __pfx_ksys_read+0x10/0x10 [ 486.795344][T11956] __do_fast_syscall_32+0x73/0x120 [ 486.795370][T11956] do_fast_syscall_32+0x32/0x80 [ 486.795394][T11956] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 486.795414][T11956] RIP: 0023:0xf7fe8579 [ 486.795429][T11956] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 486.795445][T11956] RSP: 002b:00000000f57865a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 486.795464][T11956] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5786620 [ 486.795477][T11956] RDX: 000000000000000f RSI: 00000000f7470ff4 RDI: 0000000000000000 [ 486.795488][T11956] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000 [ 486.795499][T11956] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 486.795510][T11956] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 486.795535][T11956] [ 486.933332][ T1112] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 487.151069][T11840] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 487.159761][T11840] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 487.232498][ T39] kauditd_printk_skb: 73 callbacks suppressed [ 487.232513][ T39] audit: type=1326 audit(1723977807.039:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11966 comm="syz.0.1607" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe8579 code=0x7ffc0000 [ 487.243693][T11840] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 487.246261][ T39] audit: type=1326 audit(1723977807.039:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11966 comm="syz.0.1607" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe8579 code=0x7ffc0000 [ 487.258037][ T39] audit: type=1326 audit(1723977807.039:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11966 comm="syz.0.1607" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fe8579 code=0x7ffc0000 [ 487.259754][T11840] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 487.267592][ T39] audit: type=1326 audit(1723977807.059:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11966 comm="syz.0.1607" exe="/syz-executor" sig=0 arch=40000003 syscall=346 compat=1 ip=0xf7fe8579 code=0x7ffc0000 [ 487.283711][ T39] audit: type=1326 audit(1723977807.059:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11966 comm="syz.0.1607" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fe8579 code=0x7ffc0000 [ 487.309474][ T39] audit: type=1326 audit(1723977807.059:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11966 comm="syz.0.1607" exe="/syz-executor" sig=0 arch=40000003 syscall=346 compat=1 ip=0xf7fe8579 code=0x7ffc0000 [ 487.320157][ T39] audit: type=1326 audit(1723977807.059:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11966 comm="syz.0.1607" exe="/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf7fe8579 code=0x7ffc0000 [ 487.331219][ T39] audit: type=1326 audit(1723977807.059:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11966 comm="syz.0.1607" exe="/syz-executor" sig=0 arch=40000003 syscall=362 compat=1 ip=0xf7fe8579 code=0x7ffc0000 [ 487.339109][ T39] audit: type=1326 audit(1723977807.059:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11966 comm="syz.0.1607" exe="/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf7fe8579 code=0x7ffc0000 [ 487.348854][ T39] audit: type=1326 audit(1723977807.059:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11966 comm="syz.0.1607" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe8579 code=0x7ffc0000 [ 487.394479][ T1112] bridge_slave_1: left allmulticast mode [ 487.396658][ T1112] bridge_slave_1: left promiscuous mode [ 487.399020][ T1112] bridge0: port 2(bridge_slave_1) entered disabled state [ 487.418643][ T1112] bridge_slave_0: left allmulticast mode [ 487.422808][ T1112] bridge_slave_0: left promiscuous mode [ 487.425506][ T1112] bridge0: port 1(bridge_slave_0) entered disabled state [ 487.435209][ T1112] team0: left allmulticast mode [ 487.437399][ T1112] team_slave_0: left allmulticast mode [ 487.440420][ T1112] team_slave_1: left allmulticast mode [ 487.450292][ T1112] bridge0: port 3(team0) entered disabled state [ 487.460209][ T1112] bridge_slave_1: left allmulticast mode [ 487.463004][ T1112] bridge_slave_1: left promiscuous mode [ 487.465622][ T1112] bridge0: port 2(bridge_slave_1) entered disabled state [ 487.479920][ T1112] bridge_slave_0: left allmulticast mode [ 487.483466][ T1112] bridge_slave_0: left promiscuous mode [ 487.486179][ T1112] bridge0: port 1(bridge_slave_0) entered disabled state [ 488.381047][T11972] xt_cgroup: invalid path, errno=-2 [ 488.636790][ T1112] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 488.648250][ T1112] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 488.653005][ T1112] bond0 (unregistering): Released all slaves [ 488.671336][ T5351] Bluetooth: hci1: command tx timeout [ 488.839675][ T1112] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 488.851354][ T1112] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 488.856158][ T1112] bond0 (unregistering): Released all slaves [ 489.439480][T11931] chnl_net:caif_netlink_parms(): no params data found [ 489.697002][T11840] 8021q: adding VLAN 0 to HW filter on device bond0 [ 489.884974][T11931] bridge0: port 1(bridge_slave_0) entered blocking state [ 489.888433][T11931] bridge0: port 1(bridge_slave_0) entered disabled state [ 489.893370][T11931] bridge_slave_0: entered allmulticast mode [ 489.897195][T11931] bridge_slave_0: entered promiscuous mode [ 489.954968][T11931] bridge0: port 2(bridge_slave_1) entered blocking state [ 489.958346][T11931] bridge0: port 2(bridge_slave_1) entered disabled state [ 489.962280][T11931] bridge_slave_1: entered allmulticast mode [ 489.966524][T11931] bridge_slave_1: entered promiscuous mode [ 489.973954][T11840] 8021q: adding VLAN 0 to HW filter on device team0 [ 490.111547][ T1167] bridge0: port 1(bridge_slave_0) entered blocking state [ 490.114466][ T1167] bridge0: port 1(bridge_slave_0) entered forwarding state [ 490.145141][T11931] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 490.161906][T11931] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 490.170634][T11879] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 490.178522][T11879] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 490.352478][ T77] bridge0: port 2(bridge_slave_1) entered blocking state [ 490.355614][ T77] bridge0: port 2(bridge_slave_1) entered forwarding state [ 490.379548][T11879] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 490.388166][T11879] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 490.416885][T11931] team0: Port device team_slave_0 added [ 490.454581][ T1112] hsr_slave_0: left promiscuous mode [ 490.467138][ T1112] hsr_slave_1: left promiscuous mode [ 490.472429][ T1112] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 490.476781][ T1112] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 490.481777][ T1112] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 490.485170][ T1112] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 490.504484][ T1112] hsr_slave_0: left promiscuous mode [ 490.507808][ T1112] hsr_slave_1: left promiscuous mode [ 490.514830][ T1112] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 490.517548][ T1112] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 490.521761][ T1112] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 490.525196][ T1112] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 490.534218][ T1112] batman_adv: batadv0: Removing interface: hsr_slave_0 [ 490.667127][ T1112] veth1_macvtap: left promiscuous mode [ 490.669714][ T1112] veth0_macvtap: left promiscuous mode [ 490.678353][ T1112] veth1_vlan: left promiscuous mode [ 490.681366][ T1112] veth0_vlan: left promiscuous mode [ 490.686115][ T1112] veth1_macvtap: left allmulticast mode [ 490.688978][ T1112] veth1_macvtap: left promiscuous mode [ 490.699192][ T1112] veth0_macvtap: left promiscuous mode [ 490.701900][ T1112] veth1_vlan: left promiscuous mode [ 490.704457][ T1112] veth0_vlan: left promiscuous mode [ 490.760902][ T5351] Bluetooth: hci1: command tx timeout [ 491.357582][T12009] ------------[ cut here ]------------ [ 491.367538][T12009] WARNING: CPU: 0 PID: 12009 at mm/page_table_check.c:207 __page_table_check_ptes_set+0x2fa/0x3e0 [ 491.375618][T12009] Modules linked in: [ 491.377488][T12009] CPU: 0 UID: 0 PID: 12009 Comm: syz.0.1611 Not tainted 6.11.0-rc3-syzkaller-00315-ge0fac5fc8b76 #0 [ 491.385504][T12009] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 491.390275][T12009] RIP: 0010:__page_table_check_ptes_set+0x2fa/0x3e0 [ 491.395441][T12009] Code: e9 91 fe ff ff e8 e6 44 97 ff 48 8b 2c 24 31 ff 83 e5 02 48 89 ee e8 45 47 97 ff 48 85 ed 0f 84 85 00 00 00 e8 c7 44 97 ff 90 <0f> 0b 90 e9 e9 fd ff ff e8 b9 44 97 ff eb 69 cc cc cc e8 af 44 97 [ 491.404823][T12009] RSP: 0000:ffffc9000390fa28 EFLAGS: 00010293 [ 491.407601][T12009] RAX: 0000000000000000 RBX: ffff88806edb8000 RCX: ffffffff81f3d68b SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 491.410524][T12009] RDX: ffff88801f2bc880 RSI: ffffffff81f3d699 RDI: 0000000000000007 [ 491.430226][T12009] RBP: 0000000000000002 R08: 0000000000000007 R09: 0000000000000000 [ 491.433863][T12009] R10: 0000000000000002 R11: 0000000000000000 R12: 0000000000000001 [ 491.437229][T12009] R13: ffff88801cc29c80 R14: 0000000000000001 R15: 1ffff92000721f47 [ 491.440560][T12009] FS: 0000000000000000(0000) GS:ffff88802c000000(0063) knlGS:00000000581a9440 [ 491.444501][T12009] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 491.447105][T12009] CR2: 00000000200002c0 CR3: 0000000054d3a000 CR4: 0000000000350ef0 [ 491.450196][T12009] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 491.453367][T12009] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 491.469447][T12009] Call Trace: [ 491.471048][T12009] [ 491.472366][T12009] ? show_regs+0x8c/0xa0 [ 491.474272][T12009] ? __warn+0xe5/0x3c0 [ 491.476071][T12009] ? __page_table_check_ptes_set+0x2fa/0x3e0 [ 491.490219][T12009] ? report_bug+0x3c0/0x580 [ 491.492305][T12009] ? handle_bug+0x3d/0x70 [ 491.494208][T12009] ? exc_invalid_op+0x17/0x50 [ 491.496286][T12009] ? asm_exc_invalid_op+0x1a/0x20 [ 491.498481][T12009] ? __page_table_check_ptes_set+0x2eb/0x3e0 [ 491.501173][T12009] ? __page_table_check_ptes_set+0x2f9/0x3e0 [ 491.519958][T12009] ? __page_table_check_ptes_set+0x2fa/0x3e0 [ 491.522715][T12009] ? __page_table_check_ptes_set+0x2f9/0x3e0 [ 491.525333][T12009] ? find_held_lock+0x2d/0x110 [ 491.527410][T12009] ? __pfx___page_table_check_ptes_set+0x10/0x10 [ 491.530193][T12009] ? rcu_read_unlock+0x17/0x60 [ 491.532420][T12009] set_ptes.constprop.0+0x193/0x1d0 [ 491.534711][T12009] ? __pfx_set_ptes.constprop.0+0x10/0x10 [ 491.537210][T12009] do_swap_page+0x1214/0x3dc0 [ 491.539277][T12009] ? __pfx_do_swap_page+0x10/0x10 [ 491.541354][T12009] ? pte_offset_map_nolock+0xfe/0x1c0 [ 491.543948][T12009] ? __pfx_pte_offset_map_nolock+0x10/0x10 [ 491.546499][T12009] __handle_mm_fault+0x146b/0x5360 [ 491.548764][T12009] ? down_read_trylock+0x1ed/0x3f0 [ 491.551088][T12009] ? lock_vma_under_rcu+0x1e2/0x8f0 [ 491.553364][T12009] ? __pfx___handle_mm_fault+0x10/0x10 [ 491.555771][T12009] ? __pfx_lock_vma_under_rcu+0x10/0x10 [ 491.558240][T12009] handle_mm_fault+0x44e/0x7b0 [ 491.560335][T12009] ? __pkru_allows_pkey+0x52/0xb0 [ 491.562555][T12009] do_user_addr_fault+0x60d/0x13f0 [ 491.564829][T12009] exc_page_fault+0x5c/0xc0 [ 491.566869][T12009] asm_exc_page_fault+0x26/0x30 [ 491.568971][T12009] RIP: 0023:0xf72d1311 [ 491.570779][T12009] Code: 00 00 74 02 a4 49 50 89 c8 c1 e9 02 83 e0 03 f3 a5 89 c1 f3 a4 58 89 c7 89 d6 8b 44 24 04 c3 d1 e9 73 01 a4 d1 e9 73 02 66 a5 a5 eb e8 66 90 66 90 66 90 66 90 66 90 90 8b 44 24 0c 39 44 24 [ 491.578949][T12009] RSP: 002b:00000000fff4ebbc EFLAGS: 00010202 [ 491.581624][T12009] RAX: 0000000000000000 RBX: 00000000f7470ff4 RCX: 0000000000000002 [ 491.585148][T12009] RDX: 0000000000000008 RSI: 00000000f6d903ff RDI: 00000000200002c0 [ 491.588355][T12009] RBP: 00000000fff4ee38 R08: 0000000000000000 R09: 0000000000000000 [ 491.591481][T12009] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 491.594689][T12009] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 491.597772][T12009] [ 491.599201][T12009] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 491.602149][T12009] CPU: 0 UID: 0 PID: 12009 Comm: syz.0.1611 Not tainted 6.11.0-rc3-syzkaller-00315-ge0fac5fc8b76 #0 [ 491.606051][T12009] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 491.610081][T12009] Call Trace: [ 491.611507][T12009] [ 491.612892][T12009] dump_stack_lvl+0x3d/0x1f0 [ 491.614638][T12009] panic+0x6f5/0x7a0 [ 491.616144][T12009] ? __pfx_panic+0x10/0x10 [ 491.617825][T12009] ? show_trace_log_lvl+0x363/0x500 [ 491.619835][T12009] ? check_panic_on_warn+0x1f/0xb0 [ 491.621730][T12009] ? __page_table_check_ptes_set+0x2fa/0x3e0 [ 491.623940][T12009] check_panic_on_warn+0xab/0xb0 [ 491.625755][T12009] __warn+0xf1/0x3c0 [ 491.627258][T12009] ? __page_table_check_ptes_set+0x2fa/0x3e0 [ 491.629564][T12009] report_bug+0x3c0/0x580 [ 491.631206][T12009] handle_bug+0x3d/0x70 [ 491.632784][T12009] exc_invalid_op+0x17/0x50 [ 491.634487][T12009] asm_exc_invalid_op+0x1a/0x20 [ 491.636261][T12009] RIP: 0010:__page_table_check_ptes_set+0x2fa/0x3e0 [ 491.638455][T12009] Code: e9 91 fe ff ff e8 e6 44 97 ff 48 8b 2c 24 31 ff 83 e5 02 48 89 ee e8 45 47 97 ff 48 85 ed 0f 84 85 00 00 00 e8 c7 44 97 ff 90 <0f> 0b 90 e9 e9 fd ff ff e8 b9 44 97 ff eb 69 cc cc cc e8 af 44 97 [ 491.645111][T12009] RSP: 0000:ffffc9000390fa28 EFLAGS: 00010293 [ 491.647590][T12009] RAX: 0000000000000000 RBX: ffff88806edb8000 RCX: ffffffff81f3d68b [ 491.650473][T12009] RDX: ffff88801f2bc880 RSI: ffffffff81f3d699 RDI: 0000000000000007 [ 491.653436][T12009] RBP: 0000000000000002 R08: 0000000000000007 R09: 0000000000000000 [ 491.656206][T12009] R10: 0000000000000002 R11: 0000000000000000 R12: 0000000000000001 [ 491.658855][T12009] R13: ffff88801cc29c80 R14: 0000000000000001 R15: 1ffff92000721f47 [ 491.661542][T12009] ? __page_table_check_ptes_set+0x2eb/0x3e0 [ 491.663570][T12009] ? __page_table_check_ptes_set+0x2f9/0x3e0 [ 491.665577][T12009] ? __page_table_check_ptes_set+0x2f9/0x3e0 [ 491.667958][T12009] ? find_held_lock+0x2d/0x110 [ 491.669796][T12009] ? __pfx___page_table_check_ptes_set+0x10/0x10 [ 491.672389][T12009] ? rcu_read_unlock+0x17/0x60 [ 491.674235][T12009] set_ptes.constprop.0+0x193/0x1d0 [ 491.676244][T12009] ? __pfx_set_ptes.constprop.0+0x10/0x10 [ 491.678168][T12009] do_swap_page+0x1214/0x3dc0 [ 491.679918][T12009] ? __pfx_do_swap_page+0x10/0x10 [ 491.681843][T12009] ? pte_offset_map_nolock+0xfe/0x1c0 [ 491.683894][T12009] ? __pfx_pte_offset_map_nolock+0x10/0x10 [ 491.686117][T12009] __handle_mm_fault+0x146b/0x5360 [ 491.687937][T12009] ? down_read_trylock+0x1ed/0x3f0 [ 491.689665][T12009] ? lock_vma_under_rcu+0x1e2/0x8f0 [ 491.692025][T12009] ? __pfx___handle_mm_fault+0x10/0x10 [ 491.694558][T12009] ? __pfx_lock_vma_under_rcu+0x10/0x10 [ 491.697592][T12009] handle_mm_fault+0x44e/0x7b0 [ 491.699924][T12009] ? __pkru_allows_pkey+0x52/0xb0 [ 491.702124][T12009] do_user_addr_fault+0x60d/0x13f0 [ 491.704670][T12009] exc_page_fault+0x5c/0xc0 [ 491.706787][T12009] asm_exc_page_fault+0x26/0x30 [ 491.708928][T12009] RIP: 0023:0xf72d1311 [ 491.710873][T12009] Code: 00 00 74 02 a4 49 50 89 c8 c1 e9 02 83 e0 03 f3 a5 89 c1 f3 a4 58 89 c7 89 d6 8b 44 24 04 c3 d1 e9 73 01 a4 d1 e9 73 02 66 a5 a5 eb e8 66 90 66 90 66 90 66 90 66 90 90 8b 44 24 0c 39 44 24 [ 491.721212][T12009] RSP: 002b:00000000fff4ebbc EFLAGS: 00010202 [ 491.723888][T12009] RAX: 0000000000000000 RBX: 00000000f7470ff4 RCX: 0000000000000002 [ 491.727363][T12009] RDX: 0000000000000008 RSI: 00000000f6d903ff RDI: 00000000200002c0 [ 491.730733][T12009] RBP: 00000000fff4ee38 R08: 0000000000000000 R09: 0000000000000000 [ 491.734428][T12009] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 491.738008][T12009] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 491.741030][T12009] [ 491.742951][T12009] Kernel Offset: disabled [ 491.745291][T12009] Rebooting in 86400 seconds.. VM DIAGNOSIS: 10:43:31 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff84fa6735 RDI=ffffffff9511b340 RBP=ffffffff9511b300 RSP=ffffc9000390f400 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000 R12=0000000000000000 R13=0000000000000030 R14=ffffffff84fa66d0 R15=0000000000000000 RIP=ffffffff84fa675f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802c000000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000200002c0 CR3=0000000054d3a000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000b5b4b9 RBX=0000000000000001 RCX=ffffffff8b055b79 RDX=0000000000000000 RSI=ffffffff8b4cd020 RDI=ffffffff8bb05320 RBP=ffffed1002cf8910 RSP=ffffc90000477e08 R8 =0000000000000001 R9 =ffffed1005826fd9 R10=ffff88802c137ecb R11=0000000000000000 R12=0000000000000001 R13=ffff8880167c4880 R14=ffffffff90113e58 R15=0000000000000000 RIP=ffffffff8b056f6f RFL=00000242 [---Z---] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c100000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000020026000 CR3=0000000054d3a000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=0000000000000005 RCX=ffffffff813c94d1 RDX=ffff88801d9f0000 RSI=0000000000000006 RDI=0000000000000001 RBP=ffffffff8b49d120 RSP=ffffc90000540ac0 R8 =0000000000000001 R9 =0000000000000006 R10=0000000000000009 R11=0000000000000000 R12=0000000000000009 R13=0000000000000001 R14=0000000000000008 R15=ffffc90000540ba5 RIP=ffffffff818b1e54 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f09eb7cdd00 ffffffff 00c00000 GS =0000 ffff88802c200000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000055ac52f87000 CR3=000000001c218000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 0054454955510029 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 005445495551000c ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 ZMM21=093fa06f093fa06f 093fa06f093fa06f 093fa06f093fa06f 093fa06f093fa06f 093fa06f093fa06f 093fa06f093fa06f 093fa06f093fa06f 093fa06f093fa06f ZMM22=6ff8532b6ff8532b 6ff8532b6ff8532b 6ff8532b6ff8532b 6ff8532b6ff8532b 6ff8532b6ff8532b 6ff8532b6ff8532b 6ff8532b6ff8532b 6ff8532b6ff8532b ZMM23=347b6eb3347b6eb3 347b6eb3347b6eb3 347b6eb3347b6eb3 347b6eb3347b6eb3 347b6eb3347b6eb3 347b6eb3347b6eb3 347b6eb3347b6eb3 347b6eb3347b6eb3 ZMM24=632004a9632004a9 632004a9632004a9 632004a9632004a9 632004a9632004a9 632004a9632004a9 632004a9632004a9 632004a9632004a9 632004a9632004a9 ZMM25=550da44d550da44d 550da44d550da44d 550da44d550da44d 550da44d550da44d 550da44d550da44d 550da44d550da44d 550da44d550da44d 550da44d550da44d ZMM26=219da654219da654 219da654219da654 219da654219da654 219da654219da654 219da654219da654 219da654219da654 219da654219da654 219da654219da654 ZMM27=a76ff316a76ff316 a76ff316a76ff316 a76ff316a76ff316 a76ff316a76ff316 a76ff316a76ff316 a76ff316a76ff316 a76ff316a76ff316 a76ff316a76ff316 ZMM28=000000400000003f 0000003e0000003d 0000003c0000003b 0000003a00000039 0000003800000037 0000003600000035 0000003400000033 0000003200000031 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=5017000050170000 5017000050170000 5017000050170000 5017000050170000 5017000050170000 5017000050170000 5017000050170000 5017000050170000 info registers vcpu 3 CPU#3 RAX=1ffffd4000160ba8 RBX=0000000000000000 RCX=ffffffff81c56ec6 RDX=0000000000000000 RSI=0000000000000000 RDI=0000000000000000 RBP=ffff8880158b4050 RSP=ffffc90000e7f3c0 R8 =0000000000000000 R9 =fffff94000160ba8 R10=ffffea0000b05d47 R11=0000000000000000 R12=ffffea0000b05d40 R13=0000000000000001 R14=ffffea0000b05d48 R15=dffffc0000000000 RIP=ffffffff818b1d50 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c300000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f6f668170a0 CR3=0000000055168000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000