last executing test programs: 3.970115436s ago: executing program 0 (id=1134): r0 = userfaultfd(0x801) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x298}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2}) mremap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil) ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000040)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00005cf000/0x4000)=nil, 0x400000, 0x0, 0x2}) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYRES32, @ANYBLOB], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xc, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000d60639311cf07f96fd35010f000f280004000000000000009aaa0700000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000807b5af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001e00000095000000"], &(0x7f0000000840)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0xe, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_DEL(r3, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000a00)={&(0x7f0000000440)=ANY=[@ANYRESHEX=r2, @ANYRES16=r4, @ANYBLOB="13000000000000000000080000000e0001006e200064657673696d0000000fdd0f0000657464657673696d3000000800030000000000b3"], 0x3c}}, 0x24048000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) r5 = syz_clone(0x812f8000, &(0x7f0000000000)="006a5749b2f6b48b230c8d692dfa2bf9a08e", 0x12, &(0x7f0000000280), &(0x7f0000000380), &(0x7f00000004c0)="293919f309572c1e1ac0351e496b2e91add8cc473e13440244d439c866f82bfd4586a9208573ac56a4357828a080e328599932d2ccf66266047edae7765276bc63178604546bc749628bc9eb8e48a9387a38b55f8beb09da17f82ce7b61d11c9bf1b6efe27fa14f218ebbeadefd8c1341f53c52247fee7ae2dd766273ba3c1867cb18586529db8090e24e4b2f6ede86ef0c81a09eb1e225fd65305d3057d8ca0dd5bc49395d0ca81f16b41304d34ba839ef9b4c5887e4cf5bb22cd0cdd0571a6ac6185af5e4a6d7571c8820ab38fc3509973a7fd") move_pages(r5, 0x20ec, &(0x7f00000005c0)=[&(0x7f0000b5a000/0x4000)=nil], &(0x7f0000000000), &(0x7f0000000000), 0x0) openat$bsg(0xffffff9c, 0x0, 0x0, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) memfd_create(&(0x7f0000000680)='\x103q}2\x9a\xce\xaf^\xd5\xfd\xa9\r\xac7A\x94\xa0\x00\x00\x00\x90+\xd6\x05\r\x84\x87\x1c\b\xdb\xe2\x00\x00A\x90m\xb6&\xd0\x9d\x00\x00\xc5\xb8,\f\xd4s\xb2\x99\x18\xc0\x9a\xf2O\xdb\x00\x00\x00\x00\x00\x00\r\x1b\xd3\xff<\x83z\x80\x8fQ|\xf5d\x10\x10\xd7\x01M\x7fML\x18\'\x1a<\xfee7{l\x16}\xa0I\x7f\xb5)l\xbb\x02\xfa\xb7\xb6\xa0]\xda8\xe0~\x1c \x91\t\x8b\xbd\x1f\xb3834d1i\x9b\x94\xa6\\\x0e\xe2\xfa\xe5!\xd3\xcf\xfc\xce\xba\xe2\x9f\x05xgL5\x14Y+\xb3\x1axi)<\xf7\x98\xc1\xba\xf4|\xe7|\xc4\xd7\x03\x00\x00\x00\x04D\x15E^7%8\x94y\x98\xf0l\xa0\'Q%\xd4\xda\xee\x81}\xcc\xfd\xa2\xe3M~x\x96\xe3]\xd70\xa2\x17\xca\xde\x1b\xaa\xe0l\xfc\x85\x8fc\x1c{|e\x8bs\xb0\x85E\xce;p)\xf8\xa6\xaa&QC4V\x81\x04\xcf\xd2\x81\xdc\xdf\xd7<\x9f\x93\x8bX\xd4\xea\xb2\xff\b\x92\xc7\x00\xef\xff\x00\x93\x1f\x92\xa7dcY\x9c\x9e9O-\xfcF\xbb\xbd{:IR\xea\xd8$\xe2\xa0\xc2\x8b\x1a\xead\xb8\xe1:6\x15M\x1f\xdak\x8c\x909\xd8\xb3\x02\xe0\x04\x9c\xc2\x06|\xf0\x0f\xa6Y&r\x9b\xc7\x1d\xe7jDf\x87@\x8fg\tRJwe\xe2\xdcunu\xff`\xa40\xce\xffB%\xe4k\xff\x8d\x06\x0e\x89\xd99C\x9fF\x9c[M=\xa0^\xa8\xed)\xe8Z\xe8\x9b&\x87\x04\xa4\t\xaa\xd8\xd6\xd5pG\xcb\xc4\x8b\xf7\xb8#\xc9\xd8|\xa5\xa6S\x8b\x8cv\xb7)\x02k\xf3L\x03\xbb\xfa\xe1\\\xf1\x8cUj\xd5\xa5\x88GL\xe7_\xfd\x17C=G\x0f\xe9u\x1d\xfeg\xfex\xcd\xaa\xad\x906\xd0sy\xc6T\x93\xae\xd5r\xc8G\xc5\xfdS\xff\x04:`\x1e\xe3;l\xcd&\xd4\xf4\x8eum\x04\x00~\xfa\x05\xd7\xe7X\xc7/\xae5\x93wwT\x13\xbd,\xd6\x16\x84\xcd\xd1\xd8\xe1P_\xbf0\xd8\x8d%Yh\xb5\xb4\"\xf5\x93\xdeh\xce\xa5\xe8\xc8ZmH\x98\xaeb\xa5B5)\x80m\xff\xec\x88\x89\xf07{\x95\xc9\xd0\xee\xe1\x1d\x80\xcc]-\xc2\xa1\x02ELhI\xd9\xf5\xcfk\x8a&i\xc1\xff9T\x8e\xe2rY\xa3\xd2H9\xfe\x0e\x1e\xac\x0f\xc3\xbd{\xd9\xcc\xbe\xa9\x93\xe0\xa4W\x1cn>\xc1\xf1\x9e\"\x93\x19\x19\x1a\xcc\x7fy\xd2~\x05\x99\xe6\x00o\xca\xe0\xc6\xd4\xf5\xa0\xc8P\xd6\x05\xf3\xc6~E\xacI\xd4\xe9\xa1|>\x91.K\x81\xa9+\xcf\xff\xcb\xfa\x0f\xe7n\x83H\x12\xac\x80\x16\xf8\x87Q\x97Az\n`\xb6\xe13A\xec\x8d(\\D\xec\xa6\t1\xa0h\xfc\x1f\xdd1@-4\xb4:\xf8\xd5wP \x84m\xe2\xd9\xfcb\xa0\xc3\xc9\xe7W\x86\xd7$\xa4ml\xee\x97[\xb7\xfa\x19\x06U)j!\x91\'\x98\xd2kFN\xfa\x80)O\xb9(!n\x9d\x13\x15\xf1\x1a\xb8y\x14l\xd1', 0x7) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) r7 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_LOOPBACK(r7, 0x65, 0x3, &(0x7f0000000080), 0x4) setsockopt$inet6_tcp_TCP_CONGESTION(r6, 0x6, 0xd, &(0x7f00000000c0)='lp\x00', 0x3) bind$inet6(r6, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c) setsockopt$inet6_tcp_int(r6, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4) sendto$inet6(r6, &(0x7f0000000240)=':', 0x1, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x398, @empty}, 0x1c) r8 = socket(0x10, 0x3, 0x0) sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000a80)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="01002bbd7000000000001400000018000180140002006e657464657673696d300000000000000500190001000000f92c1a907449827dc5fc73a48ee7cdbe38d8b2b547091cc91fb215ad93f0207b4f6d31eb3f1184edfe72e977f18f8d0899219990ddba0ce943521432e37415930d47880dc9cded506ed385de9c56c28f22cfb209911623c25655bd51cb3fafa5255fc73b8b28ad9e5454821daeafd1824a4732accaa5d33ac5979143db1b16bfd524ceb8c036af8bd1c8651791c9f6423427d2a9e043f0261f8a65211f2bf4f03b53ce7572810a04c64694c0099e46203722c1e1d8ee149b56dc28cfa481fda539b094c98ba37a013b1f8849471c669acd42d764cbe489a84dcff4ed4c96f10eaf91ae0a058322aad1345293f3796f050e00a9e500000000"], 0x34}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x2c, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, 0x0, {0x0, 0x5}, {0xffff, 0xffff}, {0xfff3, 0x6}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0x7}]}, 0x2c}}, 0x44080) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="5000000020000103feffffff000000000a000000000000000400010008000a000008000005001e"], 0x50}}, 0x4000850) sendmmsg$alg(r8, &(0x7f0000000140), 0x4924b68, 0x0) shutdown(r6, 0x1) openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) 3.760195864s ago: executing program 0 (id=1136): unshare(0x68060200) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) socket$kcm(0x10, 0x2, 0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x29, 0x0, 0x0) bind$bt_hci(0xffffffffffffffff, 0x0, 0x0) sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a2809302060000fd41fd01020400000a001e0002002800000019002d007fffffff0022de1330d54400009b84136ef75afb83de066a5900e1baac968300000000f2ff000001000000", 0x55}], 0x1, 0x0, 0x0, 0x7a000000}, 0x0) 3.619086256s ago: executing program 0 (id=1139): sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x2, 0x0) mknod$loop(&(0x7f0000000080)='./file0\x00', 0x10, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) mount$fuseblk(&(0x7f0000002440), &(0x7f00000001c0)='./file0\x00', &(0x7f0000002300), 0x10080, &(0x7f0000002240)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x1000}}) mount$fuseblk(&(0x7f0000002440), &(0x7f00000001c0)='./file0\x00', &(0x7f0000002300), 0x10080, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'cryptd(blake2b-256-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, 0x0, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) getpid() sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="3c0000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="a5fdad8800000000140012800b00010067656e6576650000040053800800c428bab60000"], 0x3c}}, 0x0) syz_io_uring_setup(0x6a95, 0x0, 0x0, 0x0) syz_io_uring_setup(0x2bda, &(0x7f00000006c0)={0x0, 0x1885, 0x80, 0x2}, 0x0, 0x0) socket$rds(0x15, 0x5, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) syz_io_uring_setup(0x24fa, 0x0, &(0x7f0000000100), 0x0) openat$rdma_cm(0xffffff9c, &(0x7f0000000240), 0x2, 0x0) r3 = syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a82300000904000002ca744d00090503034d00ff99090805", @ANYRES32], &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]}) r4 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) read$char_usb(r4, &(0x7f0000000280)=""/239, 0xef) read$char_usb(r4, 0x0, 0x0) write$char_usb(r4, 0x0, 0x0) syz_usb_disconnect(r3) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000c80)={'lo\x00'}) sendmsg$nl_route_sched(r5, &(0x7f0000001200)={0x0, 0x0, 0x0}, 0x0) write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x118) 3.500263967s ago: executing program 3 (id=1140): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x20, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600"], 0x48) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000200)={@in={{0x2, 0x0, @multicast2}}, 0x0, 0x0, 0x24, 0x0, "43cad7244bde5bbd8035d89034a56bad61a87c614899a37c5d0d7da4d7fc948375f3593dbd21eb7618ffb4ff4984e01eedc37998dd16526edb40eaadabe6cd2bd9f9dfeade7787ea64309c01ae05fb70"}, 0xd8) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) io_setup(0x8, &(0x7f0000004200)=0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080000000000000010000009400000007ad4160850000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78) r4 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, &(0x7f00000001c0)={0x5813}, 0x10) sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x30}}, 0x0) io_submit(r3, 0x1, &(0x7f0000004540)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff, 0x0}]) eventfd(0x39ea46a6) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000004000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r5}, 0x10) r6 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r6, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000440)=ANY=[@ANYBLOB="020300030c00000000070000000000000200090008000000e90000000000000003000600000000000200000000000000000000000000000002000100000000004700000d00000000030005000000000002"], 0x60}, 0x1, 0x7}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/notes', 0x0, 0x0) r7 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r7, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x2c) bind$rxrpc(r1, &(0x7f0000000040)=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}}}, 0x24) setsockopt$inet_msfilter(r7, 0x0, 0x29, &(0x7f0000000040)=ANY=[@ANYBLOB="e00000027f0000010000000003"], 0x1c) r8 = socket$netlink(0x10, 0x3, 0x0) writev(r8, &(0x7f00000003c0)=[{&(0x7f0000000300)="39000000131f034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1) timerfd_settime(0xffffffffffffffff, 0x6, &(0x7f0000000280)={{0x0, 0x989680}}, 0x0) r9 = openat$tun(0xffffffffffffff9c, 0x0, 0x40841, 0x0) ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) socket$kcm(0x2, 0x4, 0x2) 3.300177046s ago: executing program 2 (id=1141): r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f0000000b00)=0x6) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r3 = dup(r2) write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c) r4 = syz_io_uring_setup(0x1c57, &(0x7f0000000300)={0x0, 0x40ac, 0x10000, 0x2, 0x3f, 0x0, r3}, &(0x7f0000000180)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r2}) io_uring_enter(r4, 0x2def, 0x4000, 0x0, 0x0, 0x0) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x20000000000000}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0) 3.136288337s ago: executing program 3 (id=1142): socket$rxrpc(0x21, 0x2, 0x2) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = socket(0x2, 0x80805, 0x0) r2 = socket$inet_sctp(0x2, 0x1, 0x84) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) r3 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(0xffffffffffffffff, 0xa, 0x0, r3) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000500)=@IORING_OP_FILES_UPDATE={0x14, 0x2c, 0x0, 0x0, 0xa78, &(0x7f00000004c0)=[r0, r0], 0x2, 0x0, 0x0, {0x0, r3}}) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f00000001c0)={0x11, @loopback, 0x4e28, 0x3, 'wrr\x00', 0x1, 0x802, 0x5a}, 0x2c) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x3, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000400)=0x6) r4 = getpid() setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000180)=ANY=[@ANYBLOB="ffffffffac1414170100000001000000c00000"], 0x14) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x15d74000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) setsockopt$IP_VS_SO_SET_ADDDEST(r1, 0x0, 0x487, &(0x7f0000000380)={{0x84, @private=0xa010101, 0x4e21, 0x3, 'lc\x00', 0x4, 0x8, 0x77}, {@rand_addr=0x64010102, 0x4e23, 0x2, 0xcd, 0x5, 0x6}}, 0x44) setsockopt$IP_VS_SO_SET_FLUSH(r2, 0x0, 0x485, 0x0, 0x0) r7 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) sendmsg$netlink(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400448c0}, 0x0) r8 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x1) r9 = epoll_create1(0x0) name_to_handle_at(r8, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)=@OVL_FILEID_V1={0x4d, 0xf8, {'\x00', {0x0, 0xfb, 0x4a, 0x0, 0xfe, "4269afea490f669f972e19d20c226bb6", "60893cba62a3cf7ee5165cc2ff266db371cc3c50234793b7c2f550a826c8ec0b9bf7b5b2d4d007ce78654919d59e2ff6cc9ad3ed0f"}}}, &(0x7f00000001c0), 0x1000) r10 = fcntl$dupfd(r9, 0x2, 0xffffffffffffffff) fanotify_mark(r10, 0x80, 0x0, r10, 0x0) 2.426783135s ago: executing program 2 (id=1144): copy_file_range(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000440)=0x81, 0x1, 0x0) socket(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r0 = socket(0x10, 0x803, 0x2) timerfd_create(0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f00000000c0)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) close(0x3) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r4, 0x0, 0x0) syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff) fcntl$addseals(r2, 0x409, 0xe) sendmsg$TIPC_CMD_SET_NODE_ADDR(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_CMD_GET_NODES(0xffffffffffffffff, 0x0, 0x840) r5 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301) ioctl$USBDEVFS_CLEAR_HALT(r5, 0xc0105502, 0x0) setsockopt$inet6_int(r4, 0x29, 0x5, &(0x7f0000000040)=0x7, 0x4) sendto$inet6(r4, &(0x7f0000f6f000), 0xfffffffffffffea7, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'vlan0\x00', 0x0}) r7 = socket(0x18, 0x80002, 0x0) sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000880)=ANY=[@ANYBLOB="700200001300290a000000000000000007000000", @ANYRES32=r6, @ANYBLOB="000000000000000008001a80100003800c0005800800000000000000100003803000018005000c000000000014000500714abbd2547de97cbbf6efb226f19bf90d0002003a288eb6c9bc5e5b5b5a40000000006000078014000400293a02149f3b75a67093c28fd6015b2314000400e48f01e49713f0c2d839f940d9f088d80500060000000000130002006272696467655f696c6176655f30000007000200293a00000500060000000000080001000000000018000180140004004d2906d0880fc8ac459650c78132c2bf5000018014000500a1085e7df341b9dc3d8008a2fe5bdaad140004009c7e472c916020fe41bcc5aa8f56c9471400050080ab8be51421cfa3c9e5cbfe8217e0af080001000000000008000100000000006000018005000600000000000500060000000000080001000000000005000600000000000c00020073797a746e6c30000800010000000000130002006272696467655f736c6176655f30000014000500e078d277f38ed3a40a448f3f6b6763e8e0000c80080025000000000005000600000000001400190003dd96197aca85b64424a37dbda7b69414000700eb052fcd3dd4d3e8bbcbf1de857c0e1ca40018800400010000000000080001000000000014000400b2112a97bf9704ee57915340334b827114000500e8635392a70f36f95f4b9b352920ebec080028000000000060001a8020000a80050008000000000014000700fe8000000000000000000000000000aa34000a8000000700fe8000000000000000000000000000aa1400070000000000007100000000ffffffffffff14000700ff0100000000000000000000000000010400070000000a80000008000000000000000700fe8000000000000000000000000000bb00000700000000000000000000000000000000010000080000000000000008000000000000000700fc0200"/710], 0x270}}, 0x0) 2.223866322s ago: executing program 3 (id=1145): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_tx_ring(r2, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0x7000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan1\x00', 0x0}) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f0000000240)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}]}) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_open_dev$dri(&(0x7f0000000140), 0x1, 0x101502) r7 = dup2(r6, r6) ioctl$DRM_IOCTL_WAIT_VBLANK(r7, 0xc018643a, &(0x7f00000001c0)={0x14000000}) sendmsg$NL80211_CMD_FRAME(r5, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="48040000", @ANYRES16=r4, @ANYBLOB="01e5c300000000fb04003b1c210008000300", @ANYRES32=r3, @ANYBLOB="2c0433"], 0x448}}, 0x0) open(&(0x7f00009e1000)='./file0\x00', 0x8060, 0x0) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_SWAP(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, 0x6, 0x6, 0x201, 0x0, 0x0, {0xa, 0x0, 0x2}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4010}, 0xd0) openat$fuse(0xffffff9c, &(0x7f0000000000), 0x2, 0x0) r9 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) shutdown(r5, 0x1) mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002380)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r9, @ANYBLOB=',rootmode=03000000000000000120000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00']) 2.08022971s ago: executing program 3 (id=1146): rseq(&(0x7f0000000000)={0x0, 0x0, 0x0, 0x2}, 0x20, 0x0, 0x0) r0 = socket$vsock_stream(0x28, 0x1, 0x0) bind$vsock_stream(r0, &(0x7f0000000440)={0x28, 0x0, 0x0, @hyper}, 0x10) listen(r0, 0x0) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000000140)) timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) ioctl$FS_IOC_GETFSSYSFSPATH(0xffffffffffffffff, 0x80811501, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x420f40, 0x0) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [{0x90, 0x1, [@m_ct={0x44, 0x7, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9c, 0x11e41e7a, 0x7, 0x2, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x3ffd, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x4811) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x1, &(0x7f0000000040)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000180)=0x8) sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r6 = socket(0x400000000010, 0x3, 0x0) r7 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r8, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x2}}}]}, 0x38}}, 0x0) 1.966253853s ago: executing program 0 (id=1147): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) flistxattr(r0, &(0x7f0000000240)=""/253, 0xfd) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0xc, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) msgget$private(0x0, 0x204) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000740)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mount$bind(&(0x7f0000000c40)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2901090, 0x0) chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00') mount(0x0, &(0x7f0000000d40)='./file0/../file0/../file0\x00', &(0x7f00000002c0)='sysfs\x00', 0x0, 0x0) pivot_root(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f00000001c0)='./file0/../file0/../file0\x00') syz_open_dev$ttys(0xc, 0x2, 0x0) socket(0x10, 0x3, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30) sendmsg$IPSET_CMD_RENAME(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x14, 0x5, 0x6, 0x101, 0x0, 0x0, {0x0, 0x0, 0x8}}, 0x14}, 0x1, 0x0, 0x0, 0x107a3d55c2028fbd}, 0x4800) 1.77023237s ago: executing program 1 (id=1150): r0 = socket(0x10, 0x3, 0x0) getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000080)={0x0, @multicast1, @local}, &(0x7f00000000c0)=0xc) sendmsg$nl_route(r0, 0x0, 0x24004000) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000000)={0x4}, 0x10) syz_open_dev$usbfs(0x0, 0x1ff, 0x402) r1 = syz_open_dev$sg(0x0, 0x0, 0x8002) syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff) ioctl$VIDIOC_G_TUNER(0xffffffffffffffff, 0xc054561d, &(0x7f0000000140)={0x3, "ce02fcfd6da16d009256149b2517d736e708fc0a8dab0bdb7b71d28a2011eef6", 0x3, 0x1, 0x7, 0x8, 0x8, 0x0, 0xbe, 0x4}) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x5, 0x200000, 0x0, 0x0, 0x10000000}) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDGKBTYPE(r2, 0x560f, 0x0) futex(0x0, 0x5, 0x10000, 0x0, 0x0, 0x0) ioctl$EXT4_IOC_GETFSUUID(0xffffffffffffffff, 0x8008662c, &(0x7f0000000100)) socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$TIOCGPGRP(r2, 0x540f, &(0x7f00000001c0)=0x0) prctl$PR_SCHED_CORE(0x3e, 0x2, r3, 0x1, &(0x7f0000000200)) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) syz_genetlink_get_family_id$l2tp(0x0, 0xffffffffffffffff) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) syz_open_dev$vim2m(0x0, 0x3fe, 0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) r4 = fcntl$dupfd(r1, 0x0, r1) read$snapshot(r4, 0x0, 0x0) write(r0, &(0x7f0000000240)="240000001a007f0214f9f4070009040880ffffff000000050000000008000f40fe00000e", 0x24) 1.680368205s ago: executing program 1 (id=1151): bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001440)={0x1f, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b70800000c000000638af8ff00000000b5080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018240000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000400)={r1, 0x0, 0x0}, 0x10) 1.680134796s ago: executing program 1 (id=1152): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=@newlink={0x30, 0x10, 0x801, 0x700, 0x0, {0x0, 0x0, 0x0, 0x0, 0x900, 0x4064}, [@IFLA_GROUP={0x8}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x30}}, 0x0) 1.60039784s ago: executing program 1 (id=1153): openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) socket$pptp(0x18, 0x1, 0x2) socket$nl_route(0x10, 0x3, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) unshare(0x6a040000) mmap(&(0x7f00002ad000/0xc00000)=nil, 0xc00000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = gettid() sendmsg$nl_route(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000005f00)=ANY=[@ANYBLOB="2800000010000100"/20, @ANYRES32=r0, @ANYBLOB="6d3082610000000008001300", @ANYRES32=r2], 0x28}, 0x1, 0x0, 0x0, 0x4000004}, 0x0) 1.459824987s ago: executing program 2 (id=1154): sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000e80)={0x0, 0x0, &(0x7f0000000e40)={&(0x7f00000009c0)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYRES32=0x0], 0xcc}, 0x1, 0x0, 0x0, 0x80}, 0x4000000) socketpair$unix(0x1, 0x3, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) ioctl$VT_OPENQRY(r0, 0x5600, &(0x7f0000000100)) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) madvise(&(0x7f0000000000/0x2000)=nil, 0x8000000, 0x19) socket$inet6_mptcp(0xa, 0x1, 0x106) r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) ioctl$I2C_SMBUS(r1, 0x720, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x9) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @pix={0x434c, 0x8, 0x584e4f53, 0x4, 0x2, 0x7, 0x0, 0x2f73, 0x1, 0x4, 0x2, 0x7}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7ff, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) shutdown(0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x0, 0x0}, &(0x7f0000000180)=0xc) r3 = socket(0x40000000015, 0x5, 0x0) getsockopt(r3, 0x200000000114, 0x2710, &(0x7f0000000580)=""/102393, &(0x7f0000000040)=0x18ff9) set_mempolicy(0x2, &(0x7f0000000080)=0x51e1, 0x3ff) r4 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x401c2, 0x0) ftruncate(r4, 0x8800000) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)) 1.364601475s ago: executing program 1 (id=1155): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000740)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) syz_io_uring_setup(0x497, &(0x7f00000000c0)={0x0, 0x9013, 0x100, 0x4, 0x165}, &(0x7f0000000000)=0x0, &(0x7f0000000280)=0x0) socket$inet_udp(0x2, 0x2, 0x0) r6 = syz_io_uring_setup(0x231, &(0x7f0000002100)={0x0, 0x0, 0x10100}, &(0x7f00000021c0)=0x0, &(0x7f00000020c0)=0x0) syz_io_uring_submit(r7, r8, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0xfffffffffffffffc, 0x0, 0x0, 0x10}) io_uring_enter(r6, 0x7a98, 0x0, 0x0, 0x0, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x20, 0x10, r3, 0x0, 0x0, 0x0, 0x60, 0x1, {0x1}}) r9 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r9, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000200)=@newlink={0x4c, 0x10, 0x437, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @bond={{0x9}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_BOND_AD_ACTOR_SYS_PRIO={0x6, 0x18, 0xfff}, @IFLA_BOND_AD_LACP_RATE={0x5}, @IFLA_BOND_MODE={0x5, 0x1, 0x4}]}}}]}, 0x4c}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000) recvmmsg(0xffffffffffffffff, &(0x7f00000086c0), 0x0, 0x2020, 0x0) 1.098965121s ago: executing program 3 (id=1156): syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141181) mknod$loop(&(0x7f0000000100)='./file0\x00', 0x100, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[]) read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x8, 0x120, 0x0, 0x6, 0x4}}, 0x50) pselect6(0x40, &(0x7f0000000100), 0x0, &(0x7f0000000240)={0x1f}, 0x0, 0x0) creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca) 256.627844ms ago: executing program 3 (id=1157): socket(0x10, 0x80002, 0xfffffffe) connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, 0xffffffffffffffff, {0x2, 0xfffc, @broadcast}, 0x2}}, 0x2e) openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$L2TP_CMD_SESSION_DELETE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, r1, 0x1, 0x70bd28, 0x25dfdbfb, {}, [@L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x10004881}, 0x4009000) r2 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000001540), 0x1, 0x0) write$binfmt_register(r2, &(0x7f00000001c0)={0x3a, 'syz3', 0x3a, 'E', 0x3a, 0x8, 0x3a, '\xb7\x05$\xe6\x18\xdb\xd8\x16\f>\xd9%.*\xfc\x05\xb3\x1e\x89\x93\'\xd7\xad5\xf1\x9a\xdb\xcb\x13\a\x99\xa9\x8e\x98\xb9\v\x87\xfe\xeb\x8c\xa4:U:H\xf1\xbf<\xd9\xe8\xf7\xe9%\fa\x10\xf3\xd4\xc6b\x15f<\xb4q \x18\xcdu\x18W\x84\x98{\x82\xfe>n\xdf\x89\xf2Rj\xd9\xae\xcd\xe0\xdb\xa5y\xbd\xdfb\xbe\\9vz\xa0\x14\xa4B', 0x3a, '\n\x83\xdf \xefp\x99,g\xd8\x02M\x1f\xaf\x84W\xf6\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\xce/3\xce\x02lr\x8b\x1a\xdf\xa9S\a#\x8a\xd2\xe90X\xc2\xbd#.\x0f\x00\x00\x00\x00\x00\x00\x00\x00\xed0\x14', 0x3a, './bus'}, 0xce) ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000000)={0x3, 0x2c, {}, {0xee01}, 0x5, 0x1}) getpid() r3 = syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0) r4 = syz_clone(0x2000211, 0x0, 0x0, 0x0, 0x0, 0x0) migrate_pages(r4, 0xc, &(0x7f0000000180)=0xbb, &(0x7f0000000200)=0xfe) openat$snapshot(0xffffffffffffff9c, &(0x7f00000002c0), 0x7e00, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2) sched_setaffinity(0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sysfs(0xffffff9c, &(0x7f0000000340)='/sys/power/reserved_size', 0x18740, 0xc0) getsockname(r3, &(0x7f0000000240)=@l2tp6={0xa, 0x0, 0x0, @ipv4={""/10, ""/2, @multicast2}}, &(0x7f0000000300)=0x80) r5 = syz_open_dev$MSR(&(0x7f0000000040), 0x20000008, 0x0) read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8) r6 = openat$full(0xffffff9c, &(0x7f0000000080), 0x400, 0x0) ioctl$SNDCTL_DSP_GETFMTS(r6, 0x8004500b, &(0x7f0000000140)=0x2a) r7 = socket$netlink(0x10, 0x3, 0xc) bind$netlink(r7, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) syz_emit_ethernet(0xf8, 0x0, 0x0) 199.629696ms ago: executing program 2 (id=1158): socket$nl_route(0x10, 0x3, 0x0) syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2) unshare(0x22020400) pselect6(0x40, &(0x7f0000000100)={0x0, 0x3, 0x0, 0x1, 0x800}, 0x0, &(0x7f0000000240)={0x1f, 0x3, 0x0, 0x0, 0x1000000}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0) 199.176814ms ago: executing program 0 (id=1159): r0 = socket(0x10, 0x3, 0x0) getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000080)={0x0, @multicast1, @local}, &(0x7f00000000c0)=0xc) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="2c0000001c0000032dbd7000ffdbdf2502000001", @ANYRES32=r1, @ANYBLOB="80002a090600050004000000060006004e210000"], 0x2c}}, 0x24004000) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000000)={0x4}, 0x10) syz_open_dev$usbfs(0x0, 0x1ff, 0x402) r2 = syz_open_dev$sg(0x0, 0x0, 0x8002) syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff) ioctl$VIDIOC_G_TUNER(0xffffffffffffffff, 0xc054561d, &(0x7f0000000140)={0x3, "ce02fcfd6da16d009256149b2517d736e708fc0a8dab0bdb7b71d28a2011eef6", 0x3, 0x1, 0x7, 0x8, 0x8, 0x0, 0xbe, 0x4}) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x5, 0x200000, 0x0, 0x0, 0x10000000}) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDGKBTYPE(r3, 0x560f, 0x0) futex(0x0, 0x5, 0x10000, 0x0, 0x0, 0x0) ioctl$EXT4_IOC_GETFSUUID(0xffffffffffffffff, 0x8008662c, &(0x7f0000000100)) socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$TIOCGPGRP(r3, 0x540f, &(0x7f00000001c0)=0x0) prctl$PR_SCHED_CORE(0x3e, 0x2, r4, 0x1, &(0x7f0000000200)) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) syz_genetlink_get_family_id$l2tp(0x0, 0xffffffffffffffff) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) syz_open_dev$vim2m(0x0, 0x3fe, 0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) r5 = fcntl$dupfd(r2, 0x0, r2) read$snapshot(r5, 0x0, 0x0) write(r0, &(0x7f0000000240)="240000001a007f0214f9f4070009040880ffffff000000050000000008000f40fe00000e", 0x24) 98.402572ms ago: executing program 1 (id=1160): bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000400)={&(0x7f0000000140)="b83582b0d62282ede706fbd722a3c59a67d70cbbca6c8c015afb8c8d1ddc6eae5f1bc2784836eb75431b88bb485c4976bc91b04872a8ed0f19805c6c32da8f3d82d57188b24236d32f31ff89bd149b214618b0f5a5c07c8d5828e12374de54bc1b6fbae78cd2c269f13bf413c72a31c2bba92c78d0ddead7d83707e6dfd30bbe174184ef0c6511f9b47553b2b2b5a53524f87768e8cea8e4a9382babeacf7d5b604890f1c7a83eeb9a789ad3dae199b5cccdbef0e3fa37994fa06117589856564a2ad59073ced88009c1984cd6", 0x0, 0x0, 0x0, 0x1ff, 0xffffffffffffffff, 0x4}, 0x38) r0 = syz_io_uring_setup(0x5ce, &(0x7f0000000480)={0x0, 0x7734, 0x10, 0x0, 0x34f}, &(0x7f0000000000)=0x0, &(0x7f0000000080)=0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) fcntl$notify(r3, 0x402, 0x4) r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close_range(r4, r4, 0x2) r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) r6 = fanotify_init(0x8, 0x0) fanotify_mark(r6, 0x9, 0x1031, r5, 0x0) r7 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_ATOMIC(r7, 0xc03864d0, &(0x7f0000000840)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.controllers\x00', 0x275a, 0x0) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}, 0x1, 0x0, 0x0, 0x4}, 0x0) sendmsg$NFT_BATCH(r8, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000240)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_DELFLOWTABLE={0x2c, 0x18, 0xa, 0x5, 0x0, 0x0, {0x2, 0x0, 0x1}, [@NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x54}, 0x1, 0x0, 0x0, 0x4048000}, 0x880) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2e, 0x0, 0x0, 0x4}]}, 0x10) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}) io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0) 85.671237ms ago: executing program 2 (id=1161): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) syz_open_procfs(0x0, &(0x7f0000000180)='map_files\x00') sendmmsg$unix(r0, &(0x7f0000000d40), 0x0, 0x0) 232.815µs ago: executing program 0 (id=1162): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x3, &(0x7f0000000300)=ANY=[], &(0x7f0000000280)='GPL\x00', 0xa, 0xb9, &(0x7f0000000140)=""/185, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) (async) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f0000005d40)=[{{&(0x7f0000000c00)=@alg, 0x80, &(0x7f0000000d40)=[{&(0x7f0000000c80)=""/144, 0x90}], 0x1, &(0x7f00000020c0)=""/4096, 0x1000}, 0xd}, {{&(0x7f0000000d80)=@pppoe={0x18, 0x0, {0x0, @link_local}}, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000e00)=""/254, 0xfe}, {&(0x7f0000000f00)=""/114, 0x72}, {&(0x7f0000000f80)=""/139, 0x8b}, {&(0x7f0000001040)=""/203, 0xcb}, {&(0x7f0000001140)=""/1, 0x1}, {&(0x7f0000001180)=""/51, 0x33}], 0x6, &(0x7f0000001200)=""/97, 0x61}, 0x10}, {{&(0x7f0000001280)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @private2}}}, 0x80, &(0x7f0000003200)=[{&(0x7f0000001300)=""/133, 0x85}, {&(0x7f0000003380)=""/4096, 0x1000}, {&(0x7f00000013c0)=""/2, 0x2}, {&(0x7f0000001400)=""/43, 0x2b}, {&(0x7f0000001440)=""/219, 0xdb}, {&(0x7f00000031c0)=""/53, 0x35}, {&(0x7f0000005c40)=""/227, 0xe3}], 0x7, &(0x7f0000001580)=""/52, 0x34}, 0x2}, {{&(0x7f00000015c0)=@l2tp6={0xa, 0x0, 0x0, @private2}, 0x80, &(0x7f0000003300)=[{&(0x7f0000004380)=""/4096, 0x1000}, {&(0x7f00000030c0)=""/50, 0x32}, {&(0x7f0000003100)=""/182, 0xb6}, {&(0x7f0000005b40)=""/247, 0xf7}, {&(0x7f0000005380)=""/200, 0xc8}, {&(0x7f00000032c0)=""/37, 0x25}], 0x6, &(0x7f0000005480)=""/137, 0x89}, 0x6}, {{&(0x7f0000005540)=@generic, 0x80, &(0x7f0000005980)=[{&(0x7f00000055c0)=""/244, 0xf4}, {&(0x7f0000001540)=""/28, 0x1c}, {&(0x7f0000003240)=""/121, 0x79}, {&(0x7f0000005780)=""/186, 0xba}, {&(0x7f0000005880)=""/200, 0xc8}], 0x5, &(0x7f00000059c0)=""/170, 0xaa}, 0x9}], 0x5, 0x2, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001640)={0x11, 0x19, &(0x7f0000001740)=ANY=[@ANYBLOB="180800000600000000000000000000008510"], &(0x7f0000000000)='GPL\x00', 0xa, 0xde, &(0x7f0000000340)=""/222, 0x0, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0xfffffffffffffd81, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001640)={0x11, 0x19, &(0x7f0000001740)=ANY=[@ANYBLOB="180800000600000000000000000000008510"], &(0x7f0000000000)='GPL\x00', 0xa, 0xde, &(0x7f0000000340)=""/222, 0x0, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0xfffffffffffffd81, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0x40305828, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x7db, 0x4000800000000001, 0x2, 0x100}) syz_io_uring_setup(0x7bd8, &(0x7f0000000b00)={0x0, 0x3156, 0x4, 0x2, 0x2bd}, &(0x7f0000000b80), &(0x7f0000000bc0)) (async) syz_io_uring_setup(0x7bd8, &(0x7f0000000b00)={0x0, 0x3156, 0x4, 0x2, 0x2bd}, &(0x7f0000000b80), &(0x7f0000000bc0)) socket$inet6_sctp(0xa, 0x5, 0x84) (async) r4 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r4, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) (async) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r6, &(0x7f0000003340)=[{{0x0, 0xfffffffffffffed1, &(0x7f0000000280)=[{&(0x7f0000000600)='4', 0x1}], 0x1, &(0x7f00000056c0)=ANY=[@ANYBLOB="1000087f5c6f06b71435b10092f9"], 0x10, 0x40}}], 0x1, 0x0) pipe(&(0x7f00000006c0)) (async) pipe(&(0x7f00000006c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r5, 0x0, r8, 0x0, 0x39011, 0x0) write$UHID_DESTROY(r7, &(0x7f00000000c0), 0x4) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x1c, &(0x7f0000000080)=[@in6={0xa, 0xffff, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}}]}, &(0x7f0000000240)=0x10) (async) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x1c, &(0x7f0000000080)=[@in6={0xa, 0xffff, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}}]}, &(0x7f0000000240)=0x10) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r4, 0x84, 0x7a, &(0x7f0000000340)={r9, @in6={{0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, &(0x7f0000000040)=0x84) (async) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r4, 0x84, 0x7a, &(0x7f0000000340)={r9, @in6={{0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, &(0x7f0000000040)=0x84) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0x18, &(0x7f0000000440)=ANY=[@ANYBLOB="18fcffffffffffffff0000000500000018110000d5903d0fe25ee49d69c127a073c160a2e47ba3c3e5dd5f4ef66aede2387e24f6a5867909d956a80475a81b48eb04a23fd18dec90db36f40eebdcd557a2323c2f6312963b330c7b2b762675577d309b6e97d5c60c2e7909bd1126fd0d8067883f546b874a3def588f8141dd1f7b18446fcef0f36c55ee16878fe632cb3ac4fab8b89cbc7caabe65831a1bedf5ee7f49416e9c2601b720b77b977da661a230b65c1782240b463b9e4aa74f783504234fd4da8e69fc24dcbfe03362320b4b1ab91d5cfa7b694fe192785f68592068", @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b7080000090000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000010000008500000082000000bf91000000000000b7020000010000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x8, 0x0, 0x0, 0x41100, 0x71, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000280)={0x2, 0x5, 0x472, 0x5}, 0x10, 0x0, 0x0, 0x1, &(0x7f0000000040)=[0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000001700)=[{0x4, 0x3, 0x5, 0x3}], 0x10, 0xb, @void, @value}, 0x94) (async) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0x18, &(0x7f0000000440)=ANY=[@ANYBLOB="18fcffffffffffffff0000000500000018110000d5903d0fe25ee49d69c127a073c160a2e47ba3c3e5dd5f4ef66aede2387e24f6a5867909d956a80475a81b48eb04a23fd18dec90db36f40eebdcd557a2323c2f6312963b330c7b2b762675577d309b6e97d5c60c2e7909bd1126fd0d8067883f546b874a3def588f8141dd1f7b18446fcef0f36c55ee16878fe632cb3ac4fab8b89cbc7caabe65831a1bedf5ee7f49416e9c2601b720b77b977da661a230b65c1782240b463b9e4aa74f783504234fd4da8e69fc24dcbfe03362320b4b1ab91d5cfa7b694fe192785f68592068", @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b7080000090000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000010000008500000082000000bf91000000000000b7020000010000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x8, 0x0, 0x0, 0x41100, 0x71, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000280)={0x2, 0x5, 0x472, 0x5}, 0x10, 0x0, 0x0, 0x1, &(0x7f0000000040)=[0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000001700)=[{0x4, 0x3, 0x5, 0x3}], 0x10, 0xb, @void, @value}, 0x94) getgid() vmsplice(r4, &(0x7f0000000300)=[{&(0x7f0000000640)="a8d636dfbaf718e72d9ae35ab5ff619bff9c600cffd8c115965c81561d840b7870e63126a682c7415680365a525fb013a25465c7ad0fbec2dc44016d908f5fca055295338ea8fa00e4f8699da4566752", 0x50}, {&(0x7f0000000700)="9d08b19340ead64df0d1137d99a610fb88625f690a1b5112f7d6c05f77051cb7c0ae3ebf5a32ac049e4c458142ca3fcb540a115b1e9a5291d77c983a5956559cd26f6b8565c278d00118e3aea067ce8d95a8dff026ef", 0x56}, {&(0x7f0000000780)="dcfdbe353d407ffd4d4a4b3d89db2c09f5c6fe909d42079a4d022a90167d91369be8949e5c89ea0a0669e77ccbf3b1f8873aa74dcad6028fdff14435c62e0c69d63d6a6ec658a70b424ad09a945469ef357695644e", 0x55}, {&(0x7f0000000800)="d47835543be7e3cc9b7c088eb4e354b9fbe9ea3c933aef0e9b5f4c2623bb9f7683a75e6a7ec97baa5364c34917c67159a924c231e9586f37dcd034170b15a86326d215105d271cf89d5fef362933b10501707cd88fa2348a26", 0x59}, {&(0x7f0000000880)="ca9895c4cea1fb39bfdc8a38924a830652c0a241f1b0f19c7b92989ca47213ea0104cc0fa3476b95ba1468840c1e0f22a94157cc868efcca2cf4891ae0f72b3803b252b23a9bf10d7cdebcb157cd4fde2ce004df0838ffcc8c19640406d9d15965c78c6bc00cbe43adf08f8e946f07ab351c23b3c3200b0f7472153c7cd95a2d53e3ff331a91d3076e1394204478df40145172accd8d5965bbefc523df3f34426d772f7ac79de7335837cf332af3932c3c1e11c242b1437502ba4884005f18d6126ca8eb3815843fc7fa4eb2d62c9161f02319b123c84070d28c082cbfa709de373d0b444b5004", 0xe7}, {&(0x7f0000000980)="98e1160f6beda325278939754ae25b1d4f59153baf980c60136cfc1958a97273fcea8a87eb9f832ba4959c90b692954033a7bd9dc3f4ec84e649c4b8f1481cb1edeafc5585b53e67cc791f61", 0x4c}, {&(0x7f0000000a00)="bc82f8136be914743e75e575818fe0c396922e70474a160d594f5b64cddcdbe4c9cf8ec5d467f5ef2868663e72421b1e9e113bc56551d6761d873ba97f67f1f0b28fdcd316b1d1ea01712ec51e3ea661054992d4b733b082efb66f9fa0f695803e14ac04f219460fa1e61b8bbeb448727745a2219e747183ed747cc512db700f8440c5fa2884306f44b95fc56c425af293f1e36c94fe745ffc76ae541f914f3278f3d5ed7e795c37f2b2f8a267fd079edff6de692a16d036de494d8e1beb99ec6c3bcd57ac74ba9e217ffb026eca85c93fe9ead61dca647b61", 0xd9}], 0x7, 0x8) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x20, 0xe, &(0x7f0000001780)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a4fc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b87f7c40a1702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f600e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10f9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80729fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a85430600f1e49db5a5517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f5589829b6b0679b5d65a00000000000000000000000047e628cd57cde4268f47c9aaec3a3dfe43e032b88ea53656a8740c1a4e0a99be5c97ba451d8b2b0f4e12ba96082e0f6b2dabe716699090058e61a38ce85611945106dd1309087d3a2cf3aaef6216ff3720c3917170544a509071166565eaa3c9285b5227f520cd47"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 0s ago: executing program 2 (id=1163): r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0) write$dsp(r0, &(0x7f0000000140)='u', 0x1) ioctl$SNDCTL_DSP_SYNC(r0, 0x5001, 0x0) ioctl$SNDCTL_DSP_GETOPTR(r0, 0x800c5012, &(0x7f0000000080)) epoll_create(0x6) syz_io_uring_setup(0x239, &(0x7f0000000300)={0x0, 0x2a36, 0x10100, 0x4, 0x20000002}, &(0x7f0000000200), &(0x7f00000001c0)) socket$nl_route(0x10, 0x3, 0x0) setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x8008000000010, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_open_procfs(0x0, 0x0) r4 = socket$netlink(0x10, 0x3, 0x15) writev(r4, &(0x7f0000000280)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500", 0x1a}, {&(0x7f0000000580)="fa21bd2b5c40cc420740358ffc7f9f4b6e68fc8d1aa2597e7b484f301f11e35f22", 0x21}], 0x2) socket$rxrpc(0x21, 0x2, 0xa) syz_emit_vhci(&(0x7f0000000000)=ANY=[], 0x4) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="740006011000010400"/20, @ANYRES32=0x0, @ANYBLOB="2b030040000000004c0012800b00010067656e65766500003c000280080005000100000014000700000000000000000500000000000000010800"], 0x74}}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) socket$inet_smc(0x2b, 0x1, 0x0) kernel console output (not intermixed with test programs): er after parsing attributes in process `syz.3.628'. [ 173.478367][ T8501] Context (ID=0x0) not attached to queue pair (handle=0x1:0xfffffffa) [ 173.548115][ T8503] netlink: 92 bytes leftover after parsing attributes in process `syz.2.629'. [ 173.551919][ C3] Unknown status report in ack skb [ 174.310401][ T8529] random: crng reseeded on system resumption [ 174.313674][ T61] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 174.493648][ T61] usb 5-1: Using ep0 maxpacket: 16 [ 174.504914][ T61] usb 5-1: config 0 has no interfaces? [ 174.523323][ T61] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 174.527342][ T61] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 174.531049][ T61] usb 5-1: Product: syz [ 174.532473][ T61] usb 5-1: Manufacturer: syz [ 174.534156][ T61] usb 5-1: SerialNumber: syz [ 174.536607][ T8533] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 174.546859][ T61] usb 5-1: config 0 descriptor?? [ 174.955424][ T8544] FAULT_INJECTION: forcing a failure. [ 174.955424][ T8544] name failslab, interval 1, probability 0, space 0, times 0 [ 174.960609][ T8544] CPU: 1 UID: 0 PID: 8544 Comm: syz.2.641 Not tainted 6.16.0-rc1-syzkaller-00004-gaef17cb3d3c4 #0 PREEMPT(full) [ 174.960625][ T8544] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 174.960633][ T8544] Call Trace: [ 174.960637][ T8544] [ 174.960641][ T8544] dump_stack_lvl+0x16c/0x1f0 [ 174.960662][ T8544] should_fail_ex+0x512/0x640 [ 174.960677][ T8544] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 174.960693][ T8544] should_failslab+0xc2/0x120 [ 174.960703][ T8544] __kmalloc_cache_noprof+0x6a/0x3e0 [ 174.960717][ T8544] ? madvise_collapse+0x1cb/0xb20 [ 174.960730][ T8544] madvise_collapse+0x1cb/0xb20 [ 174.960740][ T8544] ? __alloc_frozen_pages_noprof+0x294/0x23f0 [ 174.960756][ T8544] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 174.960769][ T8544] ? is_bpf_text_address+0x94/0x1a0 [ 174.960784][ T8544] ? __pfx_madvise_collapse+0x10/0x10 [ 174.960797][ T8544] ? mas_prev_slot+0x4ce/0x1ff0 [ 174.960806][ T8544] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 174.960824][ T8544] madvise_vma_behavior+0x118d/0x2420 [ 174.960837][ T8544] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 174.960849][ T8544] ? __pfx_mas_prev+0x10/0x10 [ 174.960865][ T8544] ? find_vma_prev+0xda/0x160 [ 174.960878][ T8544] ? __pfx_find_vma_prev+0x10/0x10 [ 174.960896][ T8544] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 174.960906][ T8544] madvise_walk_vmas+0x1ce/0x2c0 [ 174.960917][ T8544] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 174.960931][ T8544] madvise_do_behavior+0x15d/0x3f0 [ 174.960941][ T8544] ? __pfx___might_resched+0x10/0x10 [ 174.960954][ T8544] ? __pfx_madvise_do_behavior+0x10/0x10 [ 174.960965][ T8544] ? down_read+0x13d/0x480 [ 174.960982][ T8544] do_madvise+0x161/0x230 [ 174.960993][ T8544] ? __pfx_do_madvise+0x10/0x10 [ 174.961010][ T8544] ? ksys_write+0x1ac/0x250 [ 174.961024][ T8544] ? __pfx_ksys_write+0x10/0x10 [ 174.961040][ T8544] __ia32_sys_madvise+0xa7/0x110 [ 174.961052][ T8544] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 174.961068][ T8544] __do_fast_syscall_32+0x7c/0x3a0 [ 174.961079][ T8544] do_fast_syscall_32+0x32/0x80 [ 174.961089][ T8544] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 174.961102][ T8544] RIP: 0023:0xf711e579 [ 174.961111][ T8544] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 174.961120][ T8544] RSP: 002b:00000000f510e55c EFLAGS: 00000296 ORIG_RAX: 00000000000000db [ 174.961131][ T8544] RAX: ffffffffffffffda RBX: 0000000080000000 RCX: 0000000000600722 [ 174.961137][ T8544] RDX: 0000000000000019 RSI: 0000000000000000 RDI: 0000000000000000 [ 174.961143][ T8544] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 174.961149][ T8544] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 174.961154][ T8544] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 174.961167][ T8544] [ 175.858832][ T8551] bridge1: entered promiscuous mode [ 176.732504][ T61] usb 5-1: USB disconnect, device number 9 [ 176.788959][ T8575] netlink: 8 bytes leftover after parsing attributes in process `syz.3.649'. [ 176.888815][ T6389] vhci_hcd: vhci_device speed not set [ 176.949782][ T8579] loop6: detected capacity change from 0 to 524287999 [ 177.592429][ T8600] xt_policy: output policy not valid in PREROUTING and INPUT [ 177.726779][ T8606] netlink: 20 bytes leftover after parsing attributes in process `syz.0.661'. [ 177.966251][ T61] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 178.034681][ T8623] FAULT_INJECTION: forcing a failure. [ 178.034681][ T8623] name failslab, interval 1, probability 0, space 0, times 0 [ 178.039851][ T8623] CPU: 2 UID: 0 PID: 8623 Comm: syz.3.667 Not tainted 6.16.0-rc1-syzkaller-00004-gaef17cb3d3c4 #0 PREEMPT(full) [ 178.039876][ T8623] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 178.039887][ T8623] Call Trace: [ 178.039894][ T8623] [ 178.039913][ T8623] dump_stack_lvl+0x16c/0x1f0 [ 178.039944][ T8623] should_fail_ex+0x512/0x640 [ 178.039970][ T8623] ? __kmalloc_cache_node_noprof+0x5a/0x420 [ 178.039998][ T8623] should_failslab+0xc2/0x120 [ 178.040015][ T8623] __kmalloc_cache_node_noprof+0x6d/0x420 [ 178.040038][ T8623] ? reacquire_held_locks+0xcd/0x1f0 [ 178.040060][ T8623] ? release_sock+0x21/0x220 [ 178.040075][ T8623] ? __get_vm_area_node+0x101/0x330 [ 178.040099][ T8623] __get_vm_area_node+0x101/0x330 [ 178.040122][ T8623] __vmalloc_node_range_noprof+0x271/0x14b0 [ 178.040145][ T8623] ? ip_set_sockfn_get+0x18e/0xd30 [ 178.040172][ T8623] ? __local_bh_enable_ip+0xa4/0x120 [ 178.040197][ T8623] ? ip_set_sockfn_get+0x18e/0xd30 [ 178.040224][ T8623] ? aa_get_newest_label+0x375/0x680 [ 178.040246][ T8623] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 178.040268][ T8623] ? rcu_is_watching+0x12/0xc0 [ 178.040293][ T8623] ? ip_set_sockfn_get+0x18e/0xd30 [ 178.040318][ T8623] __vmalloc_node_noprof+0xad/0xf0 [ 178.040339][ T8623] ? ip_set_sockfn_get+0x18e/0xd30 [ 178.040367][ T8623] ip_set_sockfn_get+0x18e/0xd30 [ 178.040395][ T8623] ? __pfx_ip_set_sockfn_get+0x10/0x10 [ 178.040424][ T8623] ? nf_sockopt_find.constprop.0+0x222/0x290 [ 178.040448][ T8623] nf_getsockopt+0x7c/0xe0 [ 178.040468][ T8623] ip_getsockopt+0x18c/0x1e0 [ 178.040494][ T8623] ? __pfx_ip_getsockopt+0x10/0x10 [ 178.040521][ T8623] ? find_held_lock+0x2b/0x80 [ 178.040541][ T8623] raw_getsockopt+0x4d/0x1f0 [ 178.040563][ T8623] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 178.040585][ T8623] do_sock_getsockopt+0x3fc/0x800 [ 178.040608][ T8623] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 178.040626][ T8623] ? __fget_files+0x204/0x3c0 [ 178.040661][ T8623] __sys_getsockopt+0x123/0x1b0 [ 178.040692][ T8623] __ia32_sys_getsockopt+0xbc/0x160 [ 178.040717][ T8623] ? lockdep_hardirqs_on+0x7c/0x110 [ 178.040742][ T8623] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 178.040769][ T8623] __do_fast_syscall_32+0x7c/0x3a0 [ 178.040787][ T8623] do_fast_syscall_32+0x32/0x80 [ 178.040803][ T8623] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 178.040829][ T8623] RIP: 0023:0xf7f27579 [ 178.040843][ T8623] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 178.040859][ T8623] RSP: 002b:00000000f504655c EFLAGS: 00000296 ORIG_RAX: 000000000000016d [ 178.040876][ T8623] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000 [ 178.040887][ T8623] RDX: 0000000000000053 RSI: 0000000080000000 RDI: 0000000080000080 [ 178.040897][ T8623] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 178.040907][ T8623] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 178.040917][ T8623] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 178.040940][ T8623] [ 178.041121][ T8623] syz.3.667: vmalloc error: size 12, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null) [ 178.115273][ T61] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 178.123711][ T8623] ,cpuset= [ 178.125464][ T61] usb 6-1: config 0 has no interfaces? [ 178.130924][ T8623] / [ 178.131267][ T61] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b [ 178.138865][ T8623] ,mems_allowed=0-1 [ 178.144641][ T61] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 178.145812][ T61] usb 6-1: config 0 descriptor?? [ 178.153765][ T8623] [ 178.184766][ T8623] CPU: 2 UID: 0 PID: 8623 Comm: syz.3.667 Not tainted 6.16.0-rc1-syzkaller-00004-gaef17cb3d3c4 #0 PREEMPT(full) [ 178.184783][ T8623] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 178.184789][ T8623] Call Trace: [ 178.184793][ T8623] [ 178.184797][ T8623] dump_stack_lvl+0x16c/0x1f0 [ 178.184826][ T8623] warn_alloc+0x248/0x3a0 [ 178.184842][ T8623] ? __pfx_warn_alloc+0x10/0x10 [ 178.184857][ T8623] ? rcu_is_watching+0x12/0xc0 [ 178.184880][ T8623] ? trace_kmalloc+0x2b/0xd0 [ 178.184891][ T8623] ? __kmalloc_cache_node_noprof+0x272/0x420 [ 178.184907][ T8623] ? __kasan_kmalloc+0x8a/0xb0 [ 178.184923][ T8623] ? __get_vm_area_node+0x208/0x330 [ 178.184938][ T8623] __vmalloc_node_range_noprof+0xb2d/0x14b0 [ 178.184951][ T8623] ? __local_bh_enable_ip+0xa4/0x120 [ 178.184966][ T8623] ? ip_set_sockfn_get+0x18e/0xd30 [ 178.184983][ T8623] ? aa_get_newest_label+0x375/0x680 [ 178.184996][ T8623] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 178.185009][ T8623] ? rcu_is_watching+0x12/0xc0 [ 178.185023][ T8623] ? ip_set_sockfn_get+0x18e/0xd30 [ 178.185037][ T8623] __vmalloc_node_noprof+0xad/0xf0 [ 178.185049][ T8623] ? ip_set_sockfn_get+0x18e/0xd30 [ 178.185066][ T8623] ip_set_sockfn_get+0x18e/0xd30 [ 178.185082][ T8623] ? __pfx_ip_set_sockfn_get+0x10/0x10 [ 178.185100][ T8623] ? nf_sockopt_find.constprop.0+0x222/0x290 [ 178.185114][ T8623] nf_getsockopt+0x7c/0xe0 [ 178.185126][ T8623] ip_getsockopt+0x18c/0x1e0 [ 178.185142][ T8623] ? __pfx_ip_getsockopt+0x10/0x10 [ 178.185158][ T8623] ? find_held_lock+0x2b/0x80 [ 178.185169][ T8623] raw_getsockopt+0x4d/0x1f0 [ 178.185183][ T8623] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 178.185197][ T8623] do_sock_getsockopt+0x3fc/0x800 [ 178.185210][ T8623] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 178.185221][ T8623] ? __fget_files+0x204/0x3c0 [ 178.185242][ T8623] __sys_getsockopt+0x123/0x1b0 [ 178.185260][ T8623] __ia32_sys_getsockopt+0xbc/0x160 [ 178.185276][ T8623] ? lockdep_hardirqs_on+0x7c/0x110 [ 178.185291][ T8623] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 178.185307][ T8623] __do_fast_syscall_32+0x7c/0x3a0 [ 178.185318][ T8623] do_fast_syscall_32+0x32/0x80 [ 178.185328][ T8623] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 178.185341][ T8623] RIP: 0023:0xf7f27579 [ 178.185349][ T8623] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 178.185359][ T8623] RSP: 002b:00000000f504655c EFLAGS: 00000296 ORIG_RAX: 000000000000016d [ 178.185370][ T8623] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000 [ 178.185376][ T8623] RDX: 0000000000000053 RSI: 0000000080000000 RDI: 0000000080000080 [ 178.185382][ T8623] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 178.185387][ T8623] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 178.185393][ T8623] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 178.185406][ T8623] [ 178.185437][ T8623] Mem-Info: [ 178.283481][ T8623] active_anon:9315 inactive_anon:16 isolated_anon:0 [ 178.283481][ T8623] active_file:11492 inactive_file:36480 isolated_file:0 [ 178.283481][ T8623] unevictable:1768 dirty:110 writeback:0 [ 178.283481][ T8623] slab_reclaimable:7824 slab_unreclaimable:53600 [ 178.283481][ T8623] mapped:23775 shmem:5945 pagetables:1153 [ 178.283481][ T8623] sec_pagetables:314 bounce:0 [ 178.283481][ T8623] kernel_misc_reclaimable:0 [ 178.283481][ T8623] free:46109 free_pcp:5321 free_cma:0 [ 178.301148][ T8623] Node 0 active_anon:720kB inactive_anon:0kB active_file:16kB inactive_file:8kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:92kB dirty:0kB writeback:0kB shmem:3544kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:8512kB pagetables:1796kB sec_pagetables:1156kB all_unreclaimable? yes Balloon:0kB [ 178.314126][ T8623] Node 1 active_anon:36464kB inactive_anon:64kB active_file:45952kB inactive_file:145912kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:95008kB dirty:440kB writeback:0kB shmem:20236kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:4464kB pagetables:2740kB sec_pagetables:100kB all_unreclaimable? no Balloon:0kB [ 178.325163][ T8623] Node 0 DMA free:2100kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:296kB local_pcp:4kB free_cma:0kB [ 178.335091][ T8623] lowmem_reserve[]: 0 289 289 289 289 [ 178.336914][ T8623] Node 0 DMA32 free:21088kB boost:0kB min:13332kB low:16664kB high:19996kB reserved_highatomic:4096KB free_highatomic:1520KB active_anon:640kB inactive_anon:0kB active_file:16kB inactive_file:8kB unevictable:3536kB writepending:0kB present:1032196kB managed:296672kB mlocked:0kB bounce:0kB free_pcp:9800kB local_pcp:968kB free_cma:0kB [ 178.346610][ T8623] lowmem_reserve[]: 0 0 0 0 0 [ 178.348231][ T8623] Node 1 DMA32 free:161248kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:36464kB inactive_anon:64kB active_file:45952kB inactive_file:145912kB unevictable:3536kB writepending:440kB present:1048432kB managed:948268kB mlocked:0kB bounce:0kB free_pcp:11604kB local_pcp:2212kB free_cma:0kB [ 178.358076][ T8623] lowmem_reserve[]: 0 0 0 0 0 [ 178.360448][ T8623] Node 0 DMA: 47*4kB (UM) 13*8kB (UM) 3*16kB (UM) 5*32kB (UM) 1*64kB (M) 0*128kB 0*256kB 1*512kB (M) 1*1024kB (M) 0*2048kB 0*4096kB = 2100kB [ 178.365169][ T8623] Node 0 DMA32: 196*4kB (MEH) 206*8kB (UMEH) 84*16kB (UMEH) 76*32kB (MEH) 30*64kB (MEH) 13*128kB (ME) 11*256kB (UME) 2*512kB (M) 3*1024kB (UM) 2*2048kB (M) 0*4096kB = 20800kB [ 178.370930][ T8623] Node 1 DMA32: 934*4kB (UME) 874*8kB (UME) 796*16kB (UME) 839*32kB (UME) 502*64kB (UME) 150*128kB (UME) 66*256kB (UME) 23*512kB (UM) 7*1024kB (UME) 10*2048kB (UM) 1*4096kB (M) = 162056kB [ 178.371389][ T61] usb 6-1: USB disconnect, device number 4 [ 178.376709][ T8623] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 178.381893][ T8623] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 178.384870][ T8623] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 178.387855][ T8623] Node 1 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 178.390733][ T8623] 54706 total pagecache pages [ 178.392534][ T8623] 302 pages in swap cache [ 178.394517][ T8623] Free swap = 118668kB [ 178.396056][ T8623] Total swap = 124996kB [ 178.397644][ T8623] 524155 pages RAM [ 178.398834][ T8623] 0 pages HighMem/MovableOnly [ 178.400306][ T8623] 209080 pages reserved [ 178.401578][ T8623] 0 pages cma reserved [ 178.599394][ T8640] IPv6: Can't replace route, no match found [ 178.624970][ T8638] wireguard0: entered promiscuous mode [ 178.627247][ T8638] wireguard0: entered allmulticast mode [ 178.989687][ T8646] FAULT_INJECTION: forcing a failure. [ 178.989687][ T8646] name failslab, interval 1, probability 0, space 0, times 0 [ 178.994546][ T8646] CPU: 3 UID: 0 PID: 8646 Comm: syz.1.675 Not tainted 6.16.0-rc1-syzkaller-00004-gaef17cb3d3c4 #0 PREEMPT(full) [ 178.994561][ T8646] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 178.994568][ T8646] Call Trace: [ 178.994572][ T8646] [ 178.994577][ T8646] dump_stack_lvl+0x16c/0x1f0 [ 178.994601][ T8646] should_fail_ex+0x512/0x640 [ 178.994617][ T8646] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 178.994635][ T8646] should_failslab+0xc2/0x120 [ 178.994645][ T8646] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 178.994659][ T8646] ? ceph_msg_new2+0x2a1/0x4f0 [ 178.994673][ T8646] ? ceph_msg_new2+0x3e/0x4f0 [ 178.994687][ T8646] ceph_msg_new2+0x3e/0x4f0 [ 178.994701][ T8646] ceph_monc_init+0x62e/0xc80 [ 178.994715][ T8646] ceph_create_client+0x25b/0x370 [ 178.994728][ T8646] ceph_get_tree+0x1ac/0x1ec0 [ 178.994741][ T8646] ? security_capable+0x7e/0x260 [ 178.994753][ T8646] vfs_get_tree+0x8e/0x340 [ 178.994765][ T8646] vfs_cmd_create+0xd7/0x2a0 [ 178.994776][ T8646] __do_sys_fsconfig+0x7b8/0xbe0 [ 178.994787][ T8646] ? __pfx___do_sys_fsconfig+0x10/0x10 [ 178.994796][ T8646] ? fput+0x70/0xf0 [ 178.994809][ T8646] ? rcu_is_watching+0x12/0xc0 [ 178.994821][ T8646] __do_fast_syscall_32+0x7c/0x3a0 [ 178.994833][ T8646] do_fast_syscall_32+0x32/0x80 [ 178.994842][ T8646] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 178.994857][ T8646] RIP: 0023:0xf707e579 [ 178.994865][ T8646] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 178.994875][ T8646] RSP: 002b:00000000f506e55c EFLAGS: 00000296 ORIG_RAX: 00000000000001af [ 178.994885][ T8646] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000000006 [ 178.994891][ T8646] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 178.994897][ T8646] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 178.994903][ T8646] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 178.994908][ T8646] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 178.994921][ T8646] [ 179.300306][ T8651] FAULT_INJECTION: forcing a failure. [ 179.300306][ T8651] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 179.307485][ T8651] CPU: 0 UID: 0 PID: 8651 Comm: syz.2.677 Not tainted 6.16.0-rc1-syzkaller-00004-gaef17cb3d3c4 #0 PREEMPT(full) [ 179.307501][ T8651] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 179.307508][ T8651] Call Trace: [ 179.307511][ T8651] [ 179.307516][ T8651] dump_stack_lvl+0x16c/0x1f0 [ 179.307537][ T8651] should_fail_ex+0x512/0x640 [ 179.307554][ T8651] _copy_to_user+0x32/0xd0 [ 179.307565][ T8651] simple_read_from_buffer+0xcb/0x170 [ 179.307581][ T8651] proc_fail_nth_read+0x197/0x270 [ 179.307595][ T8651] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 179.307608][ T8651] ? rw_verify_area+0xcf/0x680 [ 179.307635][ T8651] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 179.307646][ T8651] vfs_read+0x1e4/0xc60 [ 179.307661][ T8651] ? fdget_pos+0x2a2/0x370 [ 179.307677][ T8651] ? __pfx_vfs_read+0x10/0x10 [ 179.307690][ T8651] ? find_held_lock+0x2b/0x80 [ 179.307705][ T8651] ? __fget_files+0x20e/0x3c0 [ 179.307722][ T8651] ksys_read+0x12a/0x250 [ 179.307736][ T8651] ? __pfx_ksys_read+0x10/0x10 [ 179.307751][ T8651] ? rcu_is_watching+0x12/0xc0 [ 179.307764][ T8651] __do_fast_syscall_32+0x7c/0x3a0 [ 179.307776][ T8651] do_fast_syscall_32+0x32/0x80 [ 179.307785][ T8651] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 179.307798][ T8651] RIP: 0023:0xf711e579 [ 179.307807][ T8651] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 179.307817][ T8651] RSP: 002b:00000000f510e590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 179.307827][ T8651] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f510e620 [ 179.307833][ T8651] RDX: 000000000000000f RSI: 00000000f7482ff4 RDI: 0000000000000000 [ 179.307839][ T8651] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 179.307845][ T8651] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 179.307850][ T8651] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 179.307867][ T8651] [ 179.777346][ T8666] 9pnet: p9_errstr2errno: server reported unknown error @΂(@ [ 180.840384][ T8693] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 180.986974][ T8699] netlink: 'syz.2.693': attribute type 1 has an invalid length. [ 181.001112][ T8699] 8021q: adding VLAN 0 to HW filter on device bond3 [ 181.051763][ T8699] bond3: (slave veth3): Enslaving as an active interface with a down link [ 181.079867][ T8699] vlan0: entered allmulticast mode [ 181.081930][ T8699] veth1: entered allmulticast mode [ 181.083965][ T8699] veth1: entered promiscuous mode [ 181.086117][ T8699] veth1: left promiscuous mode [ 181.088714][ T8699] bond3: (slave vlan0): making interface the new active one [ 181.091405][ T8699] veth1: entered promiscuous mode [ 181.093360][ T8699] vlan0: entered promiscuous mode [ 181.095503][ T8699] bond3: (slave vlan0): Enslaving as an active interface with an up link [ 182.364293][ T8725] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 182.385429][ T8725] FAULT_INJECTION: forcing a failure. [ 182.385429][ T8725] name failslab, interval 1, probability 0, space 0, times 0 [ 182.389288][ T8725] CPU: 0 UID: 0 PID: 8725 Comm: syz.2.699 Not tainted 6.16.0-rc1-syzkaller-00004-gaef17cb3d3c4 #0 PREEMPT(full) [ 182.389303][ T8725] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 182.389311][ T8725] Call Trace: [ 182.389315][ T8725] [ 182.389319][ T8725] dump_stack_lvl+0x16c/0x1f0 [ 182.389339][ T8725] should_fail_ex+0x512/0x640 [ 182.389355][ T8725] ? fs_reclaim_acquire+0xae/0x150 [ 182.389369][ T8725] should_failslab+0xc2/0x120 [ 182.389379][ T8725] __kmalloc_cache_noprof+0x6a/0x3e0 [ 182.389393][ T8725] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 182.389403][ T8725] ? kobject_uevent_env+0x265/0x1870 [ 182.389417][ T8725] kobject_uevent_env+0x265/0x1870 [ 182.389429][ T8725] ? __pfx_dev_uevent_name+0x10/0x10 [ 182.389446][ T8725] ? bus_to_subsys+0x131/0x160 [ 182.389461][ T8725] device_del+0x623/0x9f0 [ 182.389478][ T8725] ? __pfx_device_del+0x10/0x10 [ 182.389495][ T8725] ? netdev_unregister_kobject+0x2da/0x540 [ 182.389509][ T8725] unregister_netdevice_many_notify+0x1903/0x2700 [ 182.389526][ T8725] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 182.389540][ T8725] ? __pfx___mutex_lock+0x10/0x10 [ 182.389555][ T8725] ? unregister_netdevice_queue+0x22e/0x3f0 [ 182.389567][ T8725] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 182.389579][ T8725] ? __nla_parse+0x40/0x60 [ 182.389592][ T8725] rtnl_dellink+0x3cb/0xa80 [ 182.389602][ T8725] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 182.389613][ T8725] ? dev_hard_start_xmit+0x94/0x740 [ 182.389626][ T8725] ? __dev_queue_xmit+0x7eb/0x43e0 [ 182.389639][ T8725] ? netlink_deliver_tap+0xa87/0xd30 [ 182.389650][ T8725] ? netlink_unicast+0x5df/0x7f0 [ 182.389661][ T8725] ? __pfx_rtnl_dellink+0x10/0x10 [ 182.389669][ T8725] ? __sys_sendmsg+0x16d/0x220 [ 182.389679][ T8725] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 182.389716][ T8725] ? __lock_acquire+0x622/0x1c90 [ 182.389731][ T8725] ? rcu_is_watching+0x12/0xc0 [ 182.389742][ T8725] ? trace_cap_capable+0x18d/0x200 [ 182.389756][ T8725] ? find_held_lock+0x2b/0x80 [ 182.389766][ T8725] ? __pfx_rtnl_dellink+0x10/0x10 [ 182.389775][ T8725] ? __pfx_rtnl_dellink+0x10/0x10 [ 182.389783][ T8725] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 182.389794][ T8725] ? __pfx_rtnl_dellink+0x10/0x10 [ 182.389804][ T8725] rtnetlink_rcv_msg+0x95b/0xe90 [ 182.389816][ T8725] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 182.389830][ T8725] ? ref_tracker_free+0x37c/0x830 [ 182.389847][ T8725] netlink_rcv_skb+0x155/0x420 [ 182.389859][ T8725] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 182.389870][ T8725] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 182.389887][ T8725] ? netlink_deliver_tap+0x1ae/0xd30 [ 182.389901][ T8725] netlink_unicast+0x53d/0x7f0 [ 182.389914][ T8725] ? __pfx_netlink_unicast+0x10/0x10 [ 182.389930][ T8725] netlink_sendmsg+0x8d1/0xdd0 [ 182.389944][ T8725] ? __pfx_netlink_sendmsg+0x10/0x10 [ 182.389957][ T8725] ? __import_iovec+0x1dd/0x650 [ 182.389971][ T8725] ____sys_sendmsg+0xa95/0xc70 [ 182.389985][ T8725] ? __pfx_____sys_sendmsg+0x10/0x10 [ 182.389997][ T8725] ? get_compat_msghdr+0x11a/0x170 [ 182.390013][ T8725] ___sys_sendmsg+0x134/0x1d0 [ 182.390031][ T8725] ? __pfx____sys_sendmsg+0x10/0x10 [ 182.390053][ T8725] ? find_held_lock+0x2b/0x80 [ 182.390072][ T8725] __sys_sendmsg+0x16d/0x220 [ 182.390081][ T8725] ? __pfx___sys_sendmsg+0x10/0x10 [ 182.390097][ T8725] ? rcu_is_watching+0x12/0xc0 [ 182.390109][ T8725] __do_fast_syscall_32+0x7c/0x3a0 [ 182.390120][ T8725] do_fast_syscall_32+0x32/0x80 [ 182.390130][ T8725] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 182.390142][ T8725] RIP: 0023:0xf711e579 [ 182.390150][ T8725] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 182.390160][ T8725] RSP: 002b:00000000f510e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 182.390170][ T8725] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000240 [ 182.390177][ T8725] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 182.390182][ T8725] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 182.390190][ T8725] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 182.390195][ T8725] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 182.390208][ T8725] [ 182.775645][ T8743] netlink: 28 bytes leftover after parsing attributes in process `syz.3.704'. [ 182.790870][ T8743] mkiss: ax0: crc mode is auto. [ 182.946002][ T8748] mac80211_hwsim hwsim7 wlan1: entered allmulticast mode [ 183.249933][ T8755] netlink: 36 bytes leftover after parsing attributes in process `syz.1.708'. [ 183.430209][ T8768] Invalid logical block size (-625016833) [ 183.500016][ T8762] block device autoloading is deprecated and will be removed. [ 183.708056][ T8782] kAFS: No cell specified [ 183.710946][ T8782] netlink: 24 bytes leftover after parsing attributes in process `syz.0.717'. [ 183.755950][ T8779] FAULT_INJECTION: forcing a failure. [ 183.755950][ T8779] name failslab, interval 1, probability 0, space 0, times 0 [ 183.761179][ T8779] CPU: 1 UID: 0 PID: 8779 Comm: syz.2.715 Not tainted 6.16.0-rc1-syzkaller-00004-gaef17cb3d3c4 #0 PREEMPT(full) [ 183.761203][ T8779] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 183.761214][ T8779] Call Trace: [ 183.761220][ T8779] [ 183.761227][ T8779] dump_stack_lvl+0x16c/0x1f0 [ 183.761259][ T8779] should_fail_ex+0x512/0x640 [ 183.761285][ T8779] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 183.761314][ T8779] should_failslab+0xc2/0x120 [ 183.761329][ T8779] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 183.761353][ T8779] ? __alloc_skb+0x2b2/0x380 [ 183.761384][ T8779] __alloc_skb+0x2b2/0x380 [ 183.761407][ T8779] ? __pfx___alloc_skb+0x10/0x10 [ 183.761435][ T8779] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 183.761458][ T8779] netlink_alloc_large_skb+0x69/0x130 [ 183.761478][ T8779] netlink_sendmsg+0x6a1/0xdd0 [ 183.761501][ T8779] ? __pfx_netlink_sendmsg+0x10/0x10 [ 183.761522][ T8779] ? __import_iovec+0x1dd/0x650 [ 183.761545][ T8779] ____sys_sendmsg+0xa95/0xc70 [ 183.761567][ T8779] ? __pfx_____sys_sendmsg+0x10/0x10 [ 183.761585][ T8779] ? get_compat_msghdr+0x11a/0x170 [ 183.761612][ T8779] ___sys_sendmsg+0x134/0x1d0 [ 183.761640][ T8779] ? __pfx____sys_sendmsg+0x10/0x10 [ 183.761678][ T8779] ? find_held_lock+0x2b/0x80 [ 183.761716][ T8779] __sys_sendmsg+0x16d/0x220 [ 183.761734][ T8779] ? __pfx___sys_sendmsg+0x10/0x10 [ 183.761750][ T8779] ? __pfx_bpf_trace_run2+0x10/0x10 [ 183.761779][ T8779] ? syscall_trace_enter+0x1cb/0x260 [ 183.761805][ T8779] ? rcu_is_watching+0x12/0xc0 [ 183.761825][ T8779] __do_fast_syscall_32+0x7c/0x3a0 [ 183.761844][ T8779] do_fast_syscall_32+0x32/0x80 [ 183.761860][ T8779] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 183.761880][ T8779] RIP: 0023:0xf711e579 [ 183.761894][ T8779] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 183.761909][ T8779] RSP: 002b:00000000f510e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 183.761927][ T8779] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000080000340 [ 183.761937][ T8779] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 183.761946][ T8779] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 183.761955][ T8779] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 183.761966][ T8779] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 183.761987][ T8779] [ 184.296765][ T8805] random: crng reseeded on system resumption [ 185.573190][ T8835] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 186.090126][ T8853] random: crng reseeded on system resumption [ 186.093664][ T6268] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 186.408321][ T8865] netlink: 8 bytes leftover after parsing attributes in process `syz.3.743'. [ 186.409075][ T8863] FAULT_INJECTION: forcing a failure. [ 186.409075][ T8863] name failslab, interval 1, probability 0, space 0, times 0 [ 186.418082][ T8863] CPU: 0 UID: 0 PID: 8863 Comm: syz.0.742 Not tainted 6.16.0-rc1-syzkaller-00004-gaef17cb3d3c4 #0 PREEMPT(full) [ 186.418117][ T8863] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 186.418126][ T8863] Call Trace: [ 186.418132][ T8863] [ 186.418137][ T8863] dump_stack_lvl+0x16c/0x1f0 [ 186.418166][ T8863] should_fail_ex+0x512/0x640 [ 186.418186][ T8863] ? __kmalloc_noprof+0xbf/0x510 [ 186.418207][ T8863] ? fib6_info_alloc+0x40/0x160 [ 186.418221][ T8863] should_failslab+0xc2/0x120 [ 186.418234][ T8863] __kmalloc_noprof+0xd2/0x510 [ 186.418252][ T8863] ? __local_bh_enable_ip+0xa4/0x120 [ 186.418272][ T8863] fib6_info_alloc+0x40/0x160 [ 186.418287][ T8863] ip6_route_info_create+0x14c/0x870 [ 186.418311][ T8863] ip6_route_add+0x26/0x1d0 [ 186.418331][ T8863] addrconf_prefix_route+0x2fd/0x510 [ 186.418354][ T8863] ? __pfx_addrconf_prefix_route+0x10/0x10 [ 186.418375][ T8863] ? atomic_notifier_call_chain+0xa8/0x1c0 [ 186.418412][ T8863] inet6_addr_add+0x589/0x960 [ 186.418432][ T8863] inet6_rtm_newaddr+0x1619/0x1c70 [ 186.418452][ T8863] ? __pfx_inet6_rtm_newaddr+0x10/0x10 [ 186.418469][ T8863] ? __lock_acquire+0x622/0x1c90 [ 186.418491][ T8863] ? trace_cap_capable+0x18d/0x200 [ 186.418510][ T8863] ? find_held_lock+0x2b/0x80 [ 186.418523][ T8863] ? __pfx_inet6_rtm_newaddr+0x10/0x10 [ 186.418538][ T8863] ? __pfx_inet6_rtm_newaddr+0x10/0x10 [ 186.418553][ T8863] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 186.418571][ T8863] ? __pfx_inet6_rtm_newaddr+0x10/0x10 [ 186.418587][ T8863] rtnetlink_rcv_msg+0x95b/0xe90 [ 186.418603][ T8863] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 186.418623][ T8863] ? ref_tracker_free+0x37c/0x830 [ 186.418647][ T8863] netlink_rcv_skb+0x155/0x420 [ 186.418664][ T8863] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 186.418689][ T8863] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 186.418714][ T8863] ? netlink_deliver_tap+0x1ae/0xd30 [ 186.418734][ T8863] netlink_unicast+0x53d/0x7f0 [ 186.418754][ T8863] ? __pfx_netlink_unicast+0x10/0x10 [ 186.418777][ T8863] netlink_sendmsg+0x8d1/0xdd0 [ 186.418797][ T8863] ? __pfx_netlink_sendmsg+0x10/0x10 [ 186.418816][ T8863] ? __import_iovec+0x1dd/0x650 [ 186.418835][ T8863] ____sys_sendmsg+0xa95/0xc70 [ 186.418855][ T8863] ? __pfx_____sys_sendmsg+0x10/0x10 [ 186.418871][ T8863] ? get_compat_msghdr+0x11a/0x170 [ 186.418912][ T8863] ___sys_sendmsg+0x134/0x1d0 [ 186.418939][ T8863] ? __pfx____sys_sendmsg+0x10/0x10 [ 186.418972][ T8863] ? find_held_lock+0x2b/0x80 [ 186.419001][ T8863] __sys_sendmsg+0x16d/0x220 [ 186.419014][ T8863] ? __pfx___sys_sendmsg+0x10/0x10 [ 186.419038][ T8863] ? rcu_is_watching+0x12/0xc0 [ 186.419056][ T8863] __do_fast_syscall_32+0x7c/0x3a0 [ 186.419072][ T8863] do_fast_syscall_32+0x32/0x80 [ 186.419085][ T8863] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 186.419102][ T8863] RIP: 0023:0xf704e579 [ 186.419114][ T8863] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 186.419129][ T8863] RSP: 002b:00000000f503e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 186.419143][ T8863] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 00000000800001c0 [ 186.419152][ T8863] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 186.419161][ T8863] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 186.419169][ T8863] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 186.419178][ T8863] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 186.419196][ T8863] [ 186.757039][ T8877] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 186.760639][ T8877] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 186.795835][ T8880] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 187.501994][ T8906] FAULT_INJECTION: forcing a failure. [ 187.501994][ T8906] name failslab, interval 1, probability 0, space 0, times 0 [ 187.506890][ T8906] CPU: 2 UID: 0 PID: 8906 Comm: syz.1.756 Not tainted 6.16.0-rc1-syzkaller-00004-gaef17cb3d3c4 #0 PREEMPT(full) [ 187.506905][ T8906] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 187.506912][ T8906] Call Trace: [ 187.506917][ T8906] [ 187.506921][ T8906] dump_stack_lvl+0x16c/0x1f0 [ 187.506943][ T8906] should_fail_ex+0x512/0x640 [ 187.506961][ T8906] should_failslab+0xc2/0x120 [ 187.506972][ T8906] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 187.506988][ T8906] ? skb_clone+0x190/0x3f0 [ 187.507001][ T8906] skb_clone+0x190/0x3f0 [ 187.507011][ T8906] netlink_deliver_tap+0xabd/0xd30 [ 187.507026][ T8906] netlink_unicast+0x5df/0x7f0 [ 187.507040][ T8906] ? __pfx_netlink_unicast+0x10/0x10 [ 187.507055][ T8906] netlink_sendmsg+0x8d1/0xdd0 [ 187.507069][ T8906] ? __pfx_netlink_sendmsg+0x10/0x10 [ 187.507082][ T8906] ? __import_iovec+0x1dd/0x650 [ 187.507096][ T8906] ____sys_sendmsg+0xa95/0xc70 [ 187.507110][ T8906] ? __pfx_____sys_sendmsg+0x10/0x10 [ 187.507122][ T8906] ? get_compat_msghdr+0x11a/0x170 [ 187.507139][ T8906] ___sys_sendmsg+0x134/0x1d0 [ 187.507156][ T8906] ? __pfx____sys_sendmsg+0x10/0x10 [ 187.507179][ T8906] ? find_held_lock+0x2b/0x80 [ 187.507198][ T8906] __sys_sendmsg+0x16d/0x220 [ 187.507208][ T8906] ? __pfx___sys_sendmsg+0x10/0x10 [ 187.507224][ T8906] ? rcu_is_watching+0x12/0xc0 [ 187.507236][ T8906] __do_fast_syscall_32+0x7c/0x3a0 [ 187.507266][ T8906] do_fast_syscall_32+0x32/0x80 [ 187.507278][ T8906] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 187.507291][ T8906] RIP: 0023:0xf707e579 [ 187.507300][ T8906] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 187.507310][ T8906] RSP: 002b:00000000f506e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 187.507320][ T8906] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080000600 [ 187.507326][ T8906] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 187.507332][ T8906] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 187.507337][ T8906] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 187.507343][ T8906] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 187.507356][ T8906] [ 187.590232][ C2] vkms_vblank_simulate: vblank timer overrun [ 187.808380][ T8913] batman_adv: batadv0: Adding interface: ip6gretap1 [ 187.810588][ T8913] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 187.818627][ T8913] batman_adv: batadv0: Interface activated: ip6gretap1 [ 188.779763][ T8939] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(10) [ 188.782464][ T8939] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 188.786620][ T8939] vhci_hcd vhci_hcd.0: Device attached [ 188.791651][ T8939] vhci_hcd vhci_hcd.0: pdev(3) rhport(1) sockfd(12) [ 188.794358][ T8939] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 188.800031][ T8939] vhci_hcd vhci_hcd.0: Device attached [ 188.805046][ T8939] vhci_hcd vhci_hcd.0: pdev(3) rhport(2) sockfd(14) [ 188.807185][ T8939] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 188.809919][ T8939] vhci_hcd vhci_hcd.0: Device attached [ 188.814496][ T8939] vhci_hcd vhci_hcd.0: pdev(3) rhport(3) sockfd(17) [ 188.817189][ T8939] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 188.820426][ T8939] vhci_hcd vhci_hcd.0: Device attached [ 188.824653][ T8939] vhci_hcd vhci_hcd.0: pdev(3) rhport(4) sockfd(19) [ 188.827338][ T8939] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 188.831678][ T8939] vhci_hcd vhci_hcd.0: Device attached [ 188.837906][ T8939] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(21) [ 188.840048][ T8939] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 188.842563][ T8939] vhci_hcd vhci_hcd.0: Device attached [ 188.845715][ T8939] vhci_hcd vhci_hcd.0: pdev(3) rhport(1) sockfd(23) [ 188.847827][ T8939] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 188.850289][ T8939] vhci_hcd vhci_hcd.0: Device attached [ 188.852654][ T8939] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 188.857534][ T8939] vhci_hcd vhci_hcd.0: pdev(3) rhport(2) sockfd(27) [ 188.859532][ T8939] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 188.865903][ T8939] vhci_hcd vhci_hcd.0: Device attached [ 188.874809][ T8939] vhci_hcd vhci_hcd.0: pdev(3) rhport(6) sockfd(32) [ 188.877421][ T8939] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 188.880474][ T8939] vhci_hcd vhci_hcd.0: Device attached [ 188.886622][ T8944] vhci_hcd: connection closed [ 188.886869][ T8946] vhci_hcd: connection closed [ 188.888271][ T8950] vhci_hcd: connection closed [ 188.889688][ T8952] vhci_hcd: connection closed [ 188.891844][ T8948] vhci_hcd: connection closed [ 188.892847][ T8954] vhci_hcd: connection closed [ 188.893444][ T8940] vhci_hcd: connection closed [ 188.897428][ T8942] vhci_hcd: connection closed [ 188.900971][ T13] vhci_hcd: stop threads [ 188.908898][ T13] vhci_hcd: release socket [ 188.911042][ T13] vhci_hcd: disconnect device [ 188.913453][ T13] vhci_hcd: stop threads [ 188.933687][ T13] vhci_hcd: release socket [ 188.935599][ T13] vhci_hcd: disconnect device [ 188.937561][ T13] vhci_hcd: stop threads [ 188.938956][ T13] vhci_hcd: release socket [ 188.940877][ T13] vhci_hcd: disconnect device [ 188.942655][ T13] vhci_hcd: stop threads [ 188.945998][ T13] vhci_hcd: release socket [ 188.948120][ T13] vhci_hcd: disconnect device [ 188.955063][ T13] vhci_hcd: stop threads [ 188.956498][ T13] vhci_hcd: release socket [ 188.957920][ T13] vhci_hcd: disconnect device [ 188.959758][ T13] vhci_hcd: stop threads [ 188.961106][ T13] vhci_hcd: release socket [ 188.962560][ T13] vhci_hcd: disconnect device [ 188.969425][ T13] vhci_hcd: stop threads [ 188.970832][ T13] vhci_hcd: release socket [ 188.972233][ T13] vhci_hcd: disconnect device [ 188.974150][ T13] vhci_hcd: stop threads [ 188.975521][ T13] vhci_hcd: release socket [ 188.977005][ T13] vhci_hcd: disconnect device [ 189.023653][ T61] usb 43-1: new low-speed USB device number 2 using vhci_hcd [ 189.026357][ T61] usb 43-1: enqueue for inactive port 0 [ 189.095467][ T61] vhci_hcd: vhci_device speed not set [ 189.460594][ T8973] netlink: 4 bytes leftover after parsing attributes in process `syz.1.769'. [ 189.470346][ T8956] vhci_hcd: connection closed [ 189.475103][ T1244] vhci_hcd: stop threads [ 189.478541][ T1244] vhci_hcd: release socket [ 189.480115][ T1244] vhci_hcd: disconnect device [ 189.591284][ T8974] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 189.728740][ T8976] netlink: 4 bytes leftover after parsing attributes in process `syz.3.771'. [ 190.007343][ T8978] netlink: 16 bytes leftover after parsing attributes in process `syz.3.771'. [ 190.398961][ T8986] cgroup: release_agent respecified [ 190.619378][ T8994] Invalid logical block size (43862) [ 191.046535][ T9006] block nbd2: NBD_DISCONNECT [ 191.354392][ T9015] netlink: 4 bytes leftover after parsing attributes in process `syz.0.784'. [ 191.963764][ T5992] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 192.135111][ T5992] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 192.138767][ T5992] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 559 [ 192.141888][ T5992] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 192.148151][ T5992] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 192.162698][ T9026] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 192.186611][ T5992] usb 8-1: Quirk or no altset; falling back to MIDI 1.0 [ 192.445323][ T6268] usb 8-1: USB disconnect, device number 3 [ 192.454135][ T9044] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 192.503960][ T46] vlan0: left promiscuous mode [ 192.687511][ T9050] fuse: Bad value for 'fd' [ 192.984003][ T1337] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 193.133779][ T1337] usb 7-1: Using ep0 maxpacket: 32 [ 193.144817][ T1337] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 193.155590][ T1337] usb 7-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 193.159414][ T1337] usb 7-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 193.162854][ T1337] usb 7-1: Product: syz [ 193.172205][ T1337] usb 7-1: Manufacturer: syz [ 193.174393][ T1337] usb 7-1: SerialNumber: syz [ 193.184822][ T1337] usb 7-1: config 0 descriptor?? [ 193.189969][ T9054] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 193.198097][ T1337] hub 7-1:0.0: bad descriptor, ignoring hub [ 193.200648][ T1337] hub 7-1:0.0: probe with driver hub failed with error -5 [ 193.259810][ C3] sr 2:0:0:0: [sr0] tag#2 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 193.262991][ C3] sr 2:0:0:0: [sr0] tag#2 CDB: ATA command pass through(16) [ 193.265301][ C3] sr 2:0:0:0: [sr0] tag#2 CDB[00]: 85 26 b6 2b fa d6 3a 5d ba 5e 98 e1 9f 27 80 c8 [ 193.268159][ C3] sr 2:0:0:0: [sr0] tag#2 CDB[10]: 05 c6 [ 193.271614][ T9065] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5) [ 193.274414][ T9065] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 193.279381][ T9065] vhci_hcd vhci_hcd.0: Device attached [ 193.365550][ T9064] overlayfs: missing 'lowerdir' [ 193.387930][ T9072] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 0 [ 193.388686][ T9073] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 1 [ 193.395670][ T9074] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 2 [ 193.396668][ T9075] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 3 [ 193.407125][ T9077] netlink: 8 bytes leftover after parsing attributes in process `syz.3.797'. [ 193.409710][ T9076] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 4 [ 193.415839][ T9078] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 5 [ 193.419651][ T9079] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 6 [ 193.424007][ T9080] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 7 [ 193.424966][ T9081] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 8 [ 193.430696][ T9082] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 9 [ 193.434331][ T9083] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 10 [ 193.438024][ T9084] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 11 [ 193.446594][ T9085] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 12 [ 193.450022][ T9087] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 13 [ 193.454337][ T9088] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 14 [ 193.455231][ T9089] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 15 [ 193.464057][ T9091] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 17 [ 193.468307][ T9090] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 16 [ 193.473114][ T9092] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 18 [ 193.474203][ T9094] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 19 [ 193.480845][ T9095] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 20 [ 193.490692][ T9096] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 21 [ 193.491054][ T9097] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 22 [ 193.498789][ T9099] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 23 [ 193.499090][ T9100] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 24 [ 193.506965][ T9101] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 25 [ 193.513707][ T9102] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 26 [ 193.513869][ T9103] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 27 [ 193.522002][ T9104] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 28 [ 193.525612][ T9105] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 29 [ 193.530124][ T9106] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 30 [ 193.535064][ T9107] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 31 [ 193.539840][ T9108] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 32 [ 193.539928][ T9109] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 33 [ 193.545331][ T9110] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 34 [ 193.546232][ T6268] usb 44-1: SetAddress Request (22) to port 0 [ 193.550885][ T9111] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 35 [ 193.551644][ T9112] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 36 [ 193.554576][ T9113] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 37 [ 193.556849][ T9114] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 38 [ 193.557313][ T9115] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 39 [ 193.557696][ T6268] usb 44-1: new SuperSpeed USB device number 22 using vhci_hcd [ 193.557755][ T9116] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 40 [ 193.558208][ T9117] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 41 [ 193.558954][ T9118] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 42 [ 193.560719][ T9119] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 43 [ 193.562778][ T9120] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 44 [ 193.565500][ T9121] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 45 [ 193.573195][ T9123] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 46 [ 193.602446][ T9124] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 47 [ 193.603512][ T9125] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 48 [ 193.607295][ T9126] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 49 [ 193.611665][ T9127] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 50 [ 193.616493][ T9128] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 51 [ 193.624432][ T9129] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 52 [ 193.626967][ T9130] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 53 [ 193.629872][ T9131] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 54 [ 193.634594][ T9132] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 55 [ 193.641251][ T9133] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 56 [ 193.642012][ T9134] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 57 [ 193.642379][ T9135] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 58 [ 193.642900][ T9136] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 59 [ 193.643453][ T9137] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 60 [ 193.644066][ T9138] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 61 [ 193.645996][ T9139] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 62 [ 193.658693][ T9142] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 63 [ 193.709935][ T1422] ieee802154 phy0 wpan0: encryption failed: -22 [ 193.712816][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 193.805285][ T9145] netlink: 4 bytes leftover after parsing attributes in process `syz.1.800'. [ 193.861235][ T9066] vhci_hcd: connection reset by peer [ 193.864318][ T13] vhci_hcd: stop threads [ 193.865758][ T13] vhci_hcd: release socket [ 193.867346][ T13] vhci_hcd: disconnect device [ 194.134712][ T9054] usb 7-1: reset high-speed USB device number 5 using dummy_hcd [ 194.139966][ T9054] usb 7-1: device reset changed ep0 maxpacket size! [ 194.149742][ T1337] usb 7-1: USB disconnect, device number 5 [ 194.544333][ T1337] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 194.713653][ T1337] usb 7-1: Using ep0 maxpacket: 16 [ 194.722423][ T1337] usb 7-1: New USB device found, idVendor=0b05, idProduct=18f0, bcdDevice=99.2f [ 194.725313][ T1337] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 194.728317][ T1337] usb 7-1: Product: syz [ 194.729883][ T1337] usb 7-1: Manufacturer: syz [ 194.731719][ T1337] usb 7-1: SerialNumber: syz [ 194.748749][ T1337] usb 7-1: config 0 descriptor?? [ 194.808779][ T9160] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.805'. [ 194.883672][ T24] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 194.973162][ T61] usb 7-1: USB disconnect, device number 6 [ 195.034207][ T24] usb 8-1: Using ep0 maxpacket: 8 [ 195.038836][ T24] usb 8-1: config 1 interface 0 altsetting 30 endpoint 0x81 has an invalid bInterval 101, changing to 10 [ 195.043088][ T24] usb 8-1: config 1 interface 0 altsetting 30 endpoint 0x81 has invalid maxpacket 42328, setting to 1024 [ 195.047468][ T24] usb 8-1: config 1 interface 0 altsetting 30 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 195.052206][ T24] usb 8-1: config 1 interface 0 has no altsetting 0 [ 195.056132][ T24] usb 8-1: New USB device found, idVendor=04d8, idProduct=f372, bcdDevice= 0.40 [ 195.058967][ T24] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 195.061775][ T24] usb 8-1: Product: syz [ 195.063115][ T24] usb 8-1: Manufacturer: Ѝ⌌:㞕੍囉鞔㚿輑ζ寮敦덙䂄廋೽尀А㍿ꂸ荍내䍄ݶ箉Ꝣ뷷㻩ᄏ⠩佟镜蝤ᾭ嫴ꪹ塳趷䣉迥䛳谹岯쵟 [ 195.070881][ T24] usb 8-1: SerialNumber: syz [ 195.074363][ T9157] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 195.083685][ T1337] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 195.087327][ T40] kauditd_printk_skb: 12 callbacks suppressed [ 195.087336][ T40] audit: type=1326 audit(2000000059.549:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9163 comm="syz.0.807" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x0 [ 195.246374][ T1337] usb 6-1: config index 0 descriptor too short (expected 12384, got 96) [ 195.249945][ T1337] usb 6-1: config 55 has too many interfaces: 49, using maximum allowed: 32 [ 195.253681][ T1337] usb 6-1: config 55 has an invalid descriptor of length 0, skipping remainder of the config [ 195.256979][ T1337] usb 6-1: config 55 has 0 interfaces, different from the descriptor's value: 49 [ 195.263013][ T1337] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 195.266298][ T1337] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 195.268975][ T1337] usb 6-1: Product: syz [ 195.270325][ T1337] usb 6-1: Manufacturer: syz [ 195.291678][ T24] usbhid 8-1:1.0: can't add hid device: -71 [ 195.293740][ T24] usbhid 8-1:1.0: probe with driver usbhid failed with error -71 [ 195.298143][ T24] usb 8-1: USB disconnect, device number 4 [ 195.633123][ T9174] netlink: 4 bytes leftover after parsing attributes in process `syz.2.809'. [ 196.848816][ T9198] random: crng reseeded on system resumption [ 197.277596][ T9209] binder: 9208:9209 ioctl c0306201 80000540 returned -22 [ 197.460290][ T9216] binder: 9215:9216 ioctl c00c620f 80000040 returned -22 [ 197.887908][ T1337] usb 6-1: USB disconnect, device number 5 [ 198.683773][ T6268] usb 44-1: device descriptor read/8, error -110 [ 199.084149][ T6268] usb usb44-port1: attempt power cycle [ 199.120289][ T9239] netlink: 4 bytes leftover after parsing attributes in process `syz.2.823'. [ 199.676335][ T6268] usb usb44-port1: unable to enumerate USB device [ 199.788358][ T9247] ubi31: attaching mtd0 [ 199.798289][ T9247] ubi31: scanning is finished [ 199.973702][ T9247] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB) [ 199.982729][ T9247] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 199.987059][ T9247] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 199.990346][ T9247] ubi31: VID header offset: 64 (aligned 64), data offset: 128 [ 199.993921][ T9247] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 200.040401][ T9247] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 200.043415][ T9247] ubi31: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 767714144 [ 200.072738][ T9247] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 200.076152][ T9250] ubi31: background thread "ubi_bgt31d" started, PID 9250 [ 200.330869][ T9262] random: crng reseeded on system resumption [ 200.463119][ T9267] fuse: Bad value for 'fd' [ 200.910244][ T9282] block nbd0: server does not support multiple connections per device. [ 200.928896][ T9282] block nbd0: shutting down sockets [ 200.991648][ T9281] team0 (unregistering): Port device team_slave_0 removed [ 201.003973][ T9281] team0 (unregistering): Port device team_slave_1 removed [ 201.156666][ T40] audit: type=1326 audit(2000000065.619:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9284 comm="syz.3.837" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f27579 code=0x0 [ 201.273473][ T9285] overlayfs: workdir and upperdir must reside under the same mount [ 201.575993][ T9296] FAULT_INJECTION: forcing a failure. [ 201.575993][ T9296] name failslab, interval 1, probability 0, space 0, times 0 [ 201.580015][ T9296] CPU: 3 UID: 0 PID: 9296 Comm: syz.1.841 Not tainted 6.16.0-rc1-syzkaller-00004-gaef17cb3d3c4 #0 PREEMPT(full) [ 201.580030][ T9296] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 201.580037][ T9296] Call Trace: [ 201.580041][ T9296] [ 201.580045][ T9296] dump_stack_lvl+0x16c/0x1f0 [ 201.580067][ T9296] should_fail_ex+0x512/0x640 [ 201.580084][ T9296] ? fs_reclaim_acquire+0xae/0x150 [ 201.580097][ T9296] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 201.580112][ T9296] should_failslab+0xc2/0x120 [ 201.580123][ T9296] __kmalloc_noprof+0xd2/0x510 [ 201.580141][ T9296] tomoyo_realpath_from_path+0xc2/0x6e0 [ 201.580157][ T9296] ? tomoyo_profile+0x47/0x60 [ 201.580174][ T9296] tomoyo_path_number_perm+0x245/0x580 [ 201.580186][ T9296] ? tomoyo_path_number_perm+0x237/0x580 [ 201.580199][ T9296] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 201.580225][ T9296] ? find_held_lock+0x2b/0x80 [ 201.580236][ T9296] ? hook_file_ioctl_common+0x145/0x410 [ 201.580250][ T9296] ? __fget_files+0x20e/0x3c0 [ 201.580263][ T9296] ? fput+0x70/0xf0 [ 201.580275][ T9296] security_file_ioctl_compat+0x9b/0x240 [ 201.580290][ T9296] __ia32_compat_sys_ioctl+0xc3/0x370 [ 201.580310][ T9296] __do_fast_syscall_32+0x7c/0x3a0 [ 201.580322][ T9296] do_fast_syscall_32+0x32/0x80 [ 201.580332][ T9296] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 201.580345][ T9296] RIP: 0023:0xf707e579 [ 201.580354][ T9296] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 201.580364][ T9296] RSP: 002b:00000000f506e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 201.580374][ T9296] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c05c6104 [ 201.580380][ T9296] RDX: 0000000080000480 RSI: 0000000000000000 RDI: 0000000000000000 [ 201.580386][ T9296] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 201.580392][ T9296] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 201.580398][ T9296] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 201.580411][ T9296] [ 201.580416][ T9296] ERROR: Out of memory at tomoyo_realpath_from_path. [ 202.863487][ T9322] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 203.350092][ T9325] kvm: pic: level sensitive irq not supported [ 203.350840][ T9325] kvm: pic: level sensitive irq not supported [ 204.007479][ T9338] FAULT_INJECTION: forcing a failure. [ 204.007479][ T9338] name failslab, interval 1, probability 0, space 0, times 0 [ 204.013447][ T9338] CPU: 3 UID: 0 PID: 9338 Comm: syz.2.852 Not tainted 6.16.0-rc1-syzkaller-00004-gaef17cb3d3c4 #0 PREEMPT(full) [ 204.013463][ T9338] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 204.013470][ T9338] Call Trace: [ 204.013474][ T9338] [ 204.013479][ T9338] dump_stack_lvl+0x16c/0x1f0 [ 204.013516][ T9338] should_fail_ex+0x512/0x640 [ 204.013537][ T9338] ? __kmalloc_cache_node_noprof+0x5a/0x420 [ 204.013567][ T9338] should_failslab+0xc2/0x120 [ 204.013578][ T9338] __kmalloc_cache_node_noprof+0x6d/0x420 [ 204.013591][ T9338] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 204.013604][ T9338] ? __get_vm_area_node+0x101/0x330 [ 204.013618][ T9338] __get_vm_area_node+0x101/0x330 [ 204.013632][ T9338] __vmalloc_node_range_noprof+0x271/0x14b0 [ 204.013646][ T9338] ? xt_compat_init_offsets+0xe6/0x1f0 [ 204.013661][ T9338] ? __pfx___mutex_trylock_common+0x10/0x10 [ 204.013678][ T9338] ? xt_compat_init_offsets+0xe6/0x1f0 [ 204.013692][ T9338] ? __mutex_lock+0x1ca/0xb90 [ 204.013702][ T9338] ? kasan_save_stack+0x42/0x60 [ 204.013716][ T9338] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 204.013730][ T9338] ? __pfx___mutex_lock+0x10/0x10 [ 204.013739][ T9338] ? rawv6_setsockopt+0xc2/0x510 [ 204.013750][ T9338] ? do_sock_setsockopt+0x221/0x470 [ 204.013762][ T9338] ? __do_fast_syscall_32+0x7c/0x3a0 [ 204.013771][ T9338] ? do_fast_syscall_32+0x32/0x80 [ 204.013782][ T9338] ? xt_compat_init_offsets+0xe6/0x1f0 [ 204.013794][ T9338] __vmalloc_node_noprof+0xad/0xf0 [ 204.013807][ T9338] ? xt_compat_init_offsets+0xe6/0x1f0 [ 204.013821][ T9338] xt_compat_init_offsets+0xe6/0x1f0 [ 204.013835][ T9338] translate_compat_table+0x1f3/0x18d0 [ 204.013852][ T9338] ? find_held_lock+0x2b/0x80 [ 204.013863][ T9338] ? __might_fault+0x13b/0x190 [ 204.013877][ T9338] ? __pfx_translate_compat_table+0x10/0x10 [ 204.013902][ T9338] compat_do_replace+0x255/0x3c0 [ 204.013917][ T9338] ? __pfx_compat_do_replace+0x10/0x10 [ 204.013931][ T9338] ? __pfx_aa_get_newest_label+0x10/0x10 [ 204.013943][ T9338] ? rcu_is_watching+0x12/0xc0 [ 204.013958][ T9338] ? bpf_lsm_capable+0x9/0x10 [ 204.013971][ T9338] ? security_capable+0x7e/0x260 [ 204.013983][ T9338] do_ip6t_set_ctl+0x55d/0xa70 [ 204.013997][ T9338] ? nf_sockopt_find.constprop.0+0x222/0x290 [ 204.014012][ T9338] ? __pfx_do_ip6t_set_ctl+0x10/0x10 [ 204.014028][ T9338] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 204.014045][ T9338] ? nf_sockopt_find.constprop.0+0x222/0x290 [ 204.014059][ T9338] nf_setsockopt+0x8d/0xf0 [ 204.014072][ T9338] ipv6_setsockopt+0x135/0x170 [ 204.014086][ T9338] rawv6_setsockopt+0xc2/0x510 [ 204.014098][ T9338] ? __pfx_rawv6_setsockopt+0x10/0x10 [ 204.014110][ T9338] ? sock_common_setsockopt+0x2e/0xf0 [ 204.014122][ T9338] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 204.014135][ T9338] do_sock_setsockopt+0x221/0x470 [ 204.014147][ T9338] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 204.014167][ T9338] __sys_setsockopt+0x120/0x1a0 [ 204.014185][ T9338] __ia32_sys_setsockopt+0xbc/0x160 [ 204.014200][ T9338] ? lockdep_hardirqs_on+0x7c/0x110 [ 204.014215][ T9338] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 204.014232][ T9338] __do_fast_syscall_32+0x7c/0x3a0 [ 204.014243][ T9338] do_fast_syscall_32+0x32/0x80 [ 204.014252][ T9338] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 204.014266][ T9338] RIP: 0023:0xf711e579 [ 204.014274][ T9338] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 204.014285][ T9338] RSP: 002b:00000000f510e55c EFLAGS: 00000296 ORIG_RAX: 000000000000016e [ 204.014295][ T9338] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000029 [ 204.014301][ T9338] RDX: 0000000000000040 RSI: 00000000800009c0 RDI: 00000000000006cc [ 204.014307][ T9338] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 204.014312][ T9338] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 204.014318][ T9338] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 204.014331][ T9338] [ 204.159231][ T9338] syz.2.852: vmalloc error: size 48, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 204.164069][ T9338] CPU: 3 UID: 0 PID: 9338 Comm: syz.2.852 Not tainted 6.16.0-rc1-syzkaller-00004-gaef17cb3d3c4 #0 PREEMPT(full) [ 204.164094][ T9338] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 204.164102][ T9338] Call Trace: [ 204.164105][ T9338] [ 204.164110][ T9338] dump_stack_lvl+0x16c/0x1f0 [ 204.164129][ T9338] warn_alloc+0x248/0x3a0 [ 204.164146][ T9338] ? __pfx_warn_alloc+0x10/0x10 [ 204.164160][ T9338] ? rcu_is_watching+0x12/0xc0 [ 204.164172][ T9338] ? trace_kmalloc+0x2b/0xd0 [ 204.164181][ T9338] ? __kmalloc_cache_node_noprof+0x272/0x420 [ 204.164197][ T9338] ? __kasan_kmalloc+0x8a/0xb0 [ 204.164213][ T9338] ? __get_vm_area_node+0x208/0x330 [ 204.164228][ T9338] __vmalloc_node_range_noprof+0xb2d/0x14b0 [ 204.164242][ T9338] ? __pfx___mutex_trylock_common+0x10/0x10 [ 204.164260][ T9338] ? xt_compat_init_offsets+0xe6/0x1f0 [ 204.164274][ T9338] ? __mutex_lock+0x1ca/0xb90 [ 204.164284][ T9338] ? kasan_save_stack+0x42/0x60 [ 204.164299][ T9338] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 204.164312][ T9338] ? __pfx___mutex_lock+0x10/0x10 [ 204.164321][ T9338] ? rawv6_setsockopt+0xc2/0x510 [ 204.164332][ T9338] ? do_sock_setsockopt+0x221/0x470 [ 204.164344][ T9338] ? __do_fast_syscall_32+0x7c/0x3a0 [ 204.164353][ T9338] ? do_fast_syscall_32+0x32/0x80 [ 204.164363][ T9338] ? xt_compat_init_offsets+0xe6/0x1f0 [ 204.164382][ T9338] __vmalloc_node_noprof+0xad/0xf0 [ 204.164395][ T9338] ? xt_compat_init_offsets+0xe6/0x1f0 [ 204.164410][ T9338] xt_compat_init_offsets+0xe6/0x1f0 [ 204.164423][ T9338] translate_compat_table+0x1f3/0x18d0 [ 204.164441][ T9338] ? find_held_lock+0x2b/0x80 [ 204.164451][ T9338] ? __might_fault+0x13b/0x190 [ 204.164466][ T9338] ? __pfx_translate_compat_table+0x10/0x10 [ 204.164491][ T9338] compat_do_replace+0x255/0x3c0 [ 204.164505][ T9338] ? __pfx_compat_do_replace+0x10/0x10 [ 204.164519][ T9338] ? __pfx_aa_get_newest_label+0x10/0x10 [ 204.164531][ T9338] ? rcu_is_watching+0x12/0xc0 [ 204.164546][ T9338] ? bpf_lsm_capable+0x9/0x10 [ 204.164558][ T9338] ? security_capable+0x7e/0x260 [ 204.164570][ T9338] do_ip6t_set_ctl+0x55d/0xa70 [ 204.164583][ T9338] ? nf_sockopt_find.constprop.0+0x222/0x290 [ 204.164599][ T9338] ? __pfx_do_ip6t_set_ctl+0x10/0x10 [ 204.164614][ T9338] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 204.164631][ T9338] ? nf_sockopt_find.constprop.0+0x222/0x290 [ 204.164645][ T9338] nf_setsockopt+0x8d/0xf0 [ 204.164658][ T9338] ipv6_setsockopt+0x135/0x170 [ 204.164673][ T9338] rawv6_setsockopt+0xc2/0x510 [ 204.164684][ T9338] ? __pfx_rawv6_setsockopt+0x10/0x10 [ 204.164696][ T9338] ? sock_common_setsockopt+0x2e/0xf0 [ 204.164710][ T9338] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 204.164722][ T9338] do_sock_setsockopt+0x221/0x470 [ 204.164733][ T9338] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 204.164753][ T9338] __sys_setsockopt+0x120/0x1a0 [ 204.164771][ T9338] __ia32_sys_setsockopt+0xbc/0x160 [ 204.164786][ T9338] ? lockdep_hardirqs_on+0x7c/0x110 [ 204.164802][ T9338] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 204.164818][ T9338] __do_fast_syscall_32+0x7c/0x3a0 [ 204.164829][ T9338] do_fast_syscall_32+0x32/0x80 [ 204.164839][ T9338] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 204.164852][ T9338] RIP: 0023:0xf711e579 [ 204.164860][ T9338] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 204.164869][ T9338] RSP: 002b:00000000f510e55c EFLAGS: 00000296 ORIG_RAX: 000000000000016e [ 204.164879][ T9338] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000029 [ 204.164886][ T9338] RDX: 0000000000000040 RSI: 00000000800009c0 RDI: 00000000000006cc [ 204.164892][ T9338] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 204.164898][ T9338] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 204.164903][ T9338] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 204.164916][ T9338] [ 204.164930][ T9338] Mem-Info: [ 204.287177][ T9338] active_anon:13957 inactive_anon:3672 isolated_anon:0 [ 204.287177][ T9338] active_file:5063 inactive_file:33856 isolated_file:0 [ 204.287177][ T9338] unevictable:1768 dirty:438 writeback:0 [ 204.287177][ T9338] slab_reclaimable:7557 slab_unreclaimable:54462 [ 204.287177][ T9338] mapped:32119 shmem:14132 pagetables:1216 [ 204.287177][ T9338] sec_pagetables:315 bounce:0 [ 204.287177][ T9338] kernel_misc_reclaimable:0 [ 204.287177][ T9338] free:30930 free_pcp:12331 free_cma:0 [ 204.302013][ T9338] Node 0 active_anon:2404kB inactive_anon:0kB active_file:488kB inactive_file:8kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:1620kB dirty:0kB writeback:0kB shmem:4312kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9040kB pagetables:1736kB sec_pagetables:1156kB all_unreclaimable? yes Balloon:0kB [ 204.313126][ T9338] Node 1 active_anon:53424kB inactive_anon:14688kB active_file:19764kB inactive_file:135416kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:126656kB dirty:1752kB writeback:0kB shmem:52016kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:6380kB pagetables:3128kB sec_pagetables:104kB all_unreclaimable? no Balloon:0kB [ 204.323635][ T9338] Node 0 DMA free:1972kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:460kB local_pcp:156kB free_cma:0kB [ 204.334579][ T9338] lowmem_reserve[]: 0 289 289 289 289 [ 204.336513][ T9338] Node 0 DMA32 free:19056kB boost:2048kB min:15380kB low:18712kB high:22044kB reserved_highatomic:4096KB free_highatomic:1212KB active_anon:2400kB inactive_anon:0kB active_file:488kB inactive_file:8kB unevictable:3536kB writepending:0kB present:1032196kB managed:296672kB mlocked:0kB bounce:0kB free_pcp:13372kB local_pcp:3996kB free_cma:0kB [ 204.346706][ T9338] lowmem_reserve[]: 0 0 0 0 0 [ 204.348518][ T9338] Node 1 DMA32 free:102692kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:53424kB inactive_anon:14688kB active_file:19764kB inactive_file:135416kB unevictable:3536kB writepending:1752kB present:1048432kB managed:948268kB mlocked:0kB bounce:0kB free_pcp:35828kB local_pcp:9224kB free_cma:0kB [ 204.359087][ T9338] lowmem_reserve[]: 0 0 0 0 0 [ 204.360881][ T9338] Node 0 DMA: 21*4kB (UM) 8*8kB (UM) 2*16kB (U) 4*32kB (UM) 0*64kB 1*128kB (M) 0*256kB 1*512kB (M) 1*1024kB (M) 0*2048kB 0*4096kB = 1972kB [ 204.365686][ T9338] Node 0 DMA32: 352*4kB (UEH) 124*8kB (UMEH) 99*16kB (UMEH) 131*32kB (UMEH) 54*64kB (UMEH) 16*128kB (UME) 7*256kB (UME) 3*512kB (U) 2*1024kB (UM) 0*2048kB 0*4096kB = 19056kB [ 204.371607][ T9338] Node 1 DMA32: 599*4kB (UME) 129*8kB (UE) 48*16kB (UME) 151*32kB (UME) 138*64kB (UME) 84*128kB (UME) 71*256kB (UME) 31*512kB (UME) 15*1024kB (UM) 8*2048kB (UM) 2*4096kB (M) = 102596kB [ 204.377717][ T9338] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 204.381588][ T9338] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 204.385324][ T9338] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 204.388487][ T9338] Node 1 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 204.391504][ T9338] 53300 total pagecache pages [ 204.393114][ T9338] 328 pages in swap cache [ 204.394619][ T9338] Free swap = 117820kB [ 204.396094][ T9338] Total swap = 124996kB [ 204.397585][ T9338] 524155 pages RAM [ 204.398907][ T9338] 0 pages HighMem/MovableOnly [ 204.400526][ T9338] 209080 pages reserved [ 204.401982][ T9338] 0 pages cma reserved [ 204.450645][ T40] audit: type=1326 audit(2000000068.899:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9339 comm="syz.2.853" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x7ffc0000 [ 204.456851][ T40] audit: type=1326 audit(2000000068.899:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9339 comm="syz.2.853" exe="/syz-executor" sig=0 arch=40000003 syscall=289 compat=1 ip=0xf711e579 code=0x7ffc0000 [ 204.462852][ T40] audit: type=1326 audit(2000000068.899:394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9339 comm="syz.2.853" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x7ffc0000 [ 204.469197][ T40] audit: type=1326 audit(2000000068.899:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9339 comm="syz.2.853" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf711e579 code=0x7ffc0000 [ 204.476025][ T40] audit: type=1326 audit(2000000068.899:396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9339 comm="syz.2.853" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x7ffc0000 [ 204.484470][ T40] audit: type=1326 audit(2000000068.899:397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9339 comm="syz.2.853" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf711e579 code=0x7ffc0000 [ 204.490833][ T40] audit: type=1326 audit(2000000068.899:398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9339 comm="syz.2.853" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x7ffc0000 [ 204.497795][ T40] audit: type=1326 audit(2000000068.899:399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9339 comm="syz.2.853" exe="/syz-executor" sig=0 arch=40000003 syscall=365 compat=1 ip=0xf711e579 code=0x7ffc0000 [ 204.505109][ T40] audit: type=1326 audit(2000000068.899:400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9339 comm="syz.2.853" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x7ffc0000 [ 204.722831][ T9353] FAULT_INJECTION: forcing a failure. [ 204.722831][ T9353] name failslab, interval 1, probability 0, space 0, times 0 [ 204.727910][ T9353] CPU: 3 UID: 0 PID: 9353 Comm: syz.2.858 Not tainted 6.16.0-rc1-syzkaller-00004-gaef17cb3d3c4 #0 PREEMPT(full) [ 204.727925][ T9353] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 204.727932][ T9353] Call Trace: [ 204.727936][ T9353] [ 204.727940][ T9353] dump_stack_lvl+0x16c/0x1f0 [ 204.727960][ T9353] should_fail_ex+0x512/0x640 [ 204.727976][ T9353] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 204.727997][ T9353] should_failslab+0xc2/0x120 [ 204.728007][ T9353] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 204.728023][ T9353] ? proc_alloc_inode+0x25/0x200 [ 204.728039][ T9353] ? __pfx_proc_alloc_inode+0x10/0x10 [ 204.728052][ T9353] proc_alloc_inode+0x25/0x200 [ 204.728065][ T9353] alloc_inode+0x61/0x240 [ 204.728077][ T9353] new_inode+0x22/0x1c0 [ 204.728088][ T9353] proc_pid_make_inode+0x22/0x160 [ 204.728103][ T9353] proc_pid_make_base_inode.constprop.0+0x25/0x180 [ 204.728120][ T9353] proc_pid_instantiate+0x51/0x1e0 [ 204.728136][ T9353] proc_pid_lookup+0x1fc/0x500 [ 204.728151][ T9353] proc_root_lookup+0x23/0x70 [ 204.728167][ T9353] __lookup_slow+0x251/0x460 [ 204.728180][ T9353] ? __pfx___lookup_slow+0x10/0x10 [ 204.728200][ T9353] ? lookup_fast+0x156/0x610 [ 204.728215][ T9353] walk_component+0x353/0x5b0 [ 204.728229][ T9353] link_path_walk+0x627/0xe20 [ 204.728247][ T9353] path_openat+0x1b0/0x2cb0 [ 204.728260][ T9353] ? do_fast_syscall_32+0x32/0x80 [ 204.728269][ T9353] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 204.728291][ T9353] ? __pfx_path_openat+0x10/0x10 [ 204.728309][ T9353] do_filp_open+0x20b/0x470 [ 204.728324][ T9353] ? __pfx_do_filp_open+0x10/0x10 [ 204.728343][ T9353] ? __pfx_kfree_link+0x10/0x10 [ 204.728360][ T9353] ? _raw_spin_unlock+0x28/0x50 [ 204.728374][ T9353] ? alloc_fd+0x471/0x7d0 [ 204.728391][ T9353] do_sys_openat2+0x11b/0x1d0 [ 204.728403][ T9353] ? __pfx_do_sys_openat2+0x10/0x10 [ 204.728416][ T9353] ? __fget_files+0x20e/0x3c0 [ 204.728428][ T9353] ? handle_mm_fault+0x200/0xd10 [ 204.728444][ T9353] __ia32_compat_sys_openat+0x16d/0x210 [ 204.728456][ T9353] ? __pfx___ia32_compat_sys_openat+0x10/0x10 [ 204.728468][ T9353] ? ksys_write+0x1ac/0x250 [ 204.728484][ T9353] ? rcu_is_watching+0x12/0xc0 [ 204.728497][ T9353] __do_fast_syscall_32+0x7c/0x3a0 [ 204.728507][ T9353] do_fast_syscall_32+0x32/0x80 [ 204.728517][ T9353] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 204.728529][ T9353] RIP: 0023:0xf711e579 [ 204.728538][ T9353] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 204.728548][ T9353] RSP: 002b:00000000f510e490 EFLAGS: 00000293 ORIG_RAX: 0000000000000127 [ 204.728558][ T9353] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000f510e4e0 [ 204.728565][ T9353] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 00000000f7482ff4 [ 204.728571][ T9353] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000 [ 204.728576][ T9353] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 204.728582][ T9353] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 204.728595][ T9353] [ 205.426235][ T9376] bond0: (slave syz_tun): Releasing backup interface [ 205.441523][ T9376] bond0: (slave bond_slave_0): Releasing backup interface [ 205.450953][ T9376] bond0: (slave bond_slave_1): Releasing backup interface [ 205.480401][ T9376] team0: Port device team_slave_0 removed [ 205.507815][ T9376] team0: Port device team_slave_1 removed [ 205.510464][ T9376] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 205.513514][ T9376] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 205.519154][ T9376] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 205.522078][ T9376] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 205.531381][ T9372] netlink: 'syz.3.864': attribute type 10 has an invalid length. [ 205.557856][ T9372] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 206.809812][ T9386] random: crng reseeded on system resumption [ 207.109793][ T9392] FAULT_INJECTION: forcing a failure. [ 207.109793][ T9392] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 207.114893][ T9392] CPU: 2 UID: 0 PID: 9392 Comm: syz.3.868 Not tainted 6.16.0-rc1-syzkaller-00004-gaef17cb3d3c4 #0 PREEMPT(full) [ 207.114919][ T9392] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 207.114927][ T9392] Call Trace: [ 207.114931][ T9392] [ 207.114935][ T9392] dump_stack_lvl+0x16c/0x1f0 [ 207.114956][ T9392] should_fail_ex+0x512/0x640 [ 207.114974][ T9392] _copy_to_user+0x32/0xd0 [ 207.114985][ T9392] simple_read_from_buffer+0xcb/0x170 [ 207.115000][ T9392] proc_fail_nth_read+0x197/0x270 [ 207.115014][ T9392] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 207.115027][ T9392] ? rw_verify_area+0xcf/0x680 [ 207.115040][ T9392] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 207.115052][ T9392] vfs_read+0x1e4/0xc60 [ 207.115067][ T9392] ? fdget_pos+0x2a2/0x370 [ 207.115107][ T9392] ? __pfx_vfs_read+0x10/0x10 [ 207.115121][ T9392] ? find_held_lock+0x2b/0x80 [ 207.115135][ T9392] ? __fget_files+0x20e/0x3c0 [ 207.115153][ T9392] ksys_read+0x12a/0x250 [ 207.115166][ T9392] ? __pfx_ksys_read+0x10/0x10 [ 207.115182][ T9392] ? rcu_is_watching+0x12/0xc0 [ 207.115194][ T9392] __do_fast_syscall_32+0x7c/0x3a0 [ 207.115206][ T9392] do_fast_syscall_32+0x32/0x80 [ 207.115216][ T9392] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 207.115229][ T9392] RIP: 0023:0xf7f27579 [ 207.115237][ T9392] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 207.115252][ T9392] RSP: 002b:00000000f5025590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 207.115262][ T9392] RAX: ffffffffffffffda RBX: 000000000000000d RCX: 00000000f5025620 [ 207.115269][ T9392] RDX: 000000000000000f RSI: 00000000f73b2ff4 RDI: 0000000000000000 [ 207.115275][ T9392] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 207.115280][ T9392] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 207.115286][ T9392] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 207.115299][ T9392] [ 207.387152][ T9395] netlink: 56 bytes leftover after parsing attributes in process `syz.0.870'. [ 207.486211][ T9401] netlink: 20 bytes leftover after parsing attributes in process `syz.3.872'. [ 209.177293][ T9438] mac80211_hwsim hwsim6 wlan1: entered allmulticast mode [ 209.278018][ T9438] bond0: (slave bond_slave_0): Releasing backup interface [ 209.289038][ T9442] netlink: 'syz.0.886': attribute type 10 has an invalid length. [ 209.290246][ T9438] bond0: (slave bond_slave_1): Releasing backup interface [ 209.319441][ T9438] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 209.329979][ T9444] random: crng reseeded on system resumption [ 209.333677][ T9438] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 209.339987][ T9438] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 209.348424][ T9438] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 209.409406][ T9442] mac80211_hwsim hwsim6 wlan1: left allmulticast mode [ 209.456851][ T9442] 8021q: adding VLAN 0 to HW filter on device bond0 [ 209.464662][ T9442] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 210.262643][ T9451] FAULT_INJECTION: forcing a failure. [ 210.262643][ T9451] name failslab, interval 1, probability 0, space 0, times 0 [ 210.273754][ T9451] CPU: 1 UID: 0 PID: 9451 Comm: syz.3.889 Not tainted 6.16.0-rc1-syzkaller-00004-gaef17cb3d3c4 #0 PREEMPT(full) [ 210.273772][ T9451] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 210.273778][ T9451] Call Trace: [ 210.273782][ T9451] [ 210.273786][ T9451] dump_stack_lvl+0x16c/0x1f0 [ 210.273808][ T9451] should_fail_ex+0x512/0x640 [ 210.273824][ T9451] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 210.273841][ T9451] should_failslab+0xc2/0x120 [ 210.273865][ T9451] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 210.273881][ T9451] ? security_file_alloc+0x34/0x2b0 [ 210.273896][ T9451] security_file_alloc+0x34/0x2b0 [ 210.273910][ T9451] init_file+0x93/0x4c0 [ 210.273921][ T9451] alloc_empty_file+0x73/0x1e0 [ 210.273932][ T9451] alloc_file_pseudo+0x13a/0x230 [ 210.273944][ T9451] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 210.273955][ T9451] ? idr_alloc_cyclic+0x174/0x230 [ 210.273973][ T9451] __anon_inode_getfile+0xf7/0x3a0 [ 210.273990][ T9451] bpf_link_prime+0x10f/0x290 [ 210.274007][ T9451] bpf_uprobe_multi_link_attach+0xff0/0x1280 [ 210.274030][ T9451] ? __pfx_bpf_uprobe_multi_link_attach+0x10/0x10 [ 210.274045][ T9451] ? __fget_files+0x20e/0x3c0 [ 210.274062][ T9451] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 210.274081][ T9451] __sys_bpf+0x3fb6/0x4d80 [ 210.274098][ T9451] ? __pfx___sys_bpf+0x10/0x10 [ 210.274114][ T9451] ? ksys_write+0x190/0x250 [ 210.274130][ T9451] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 210.274149][ T9451] ? fput+0x70/0xf0 [ 210.274158][ T9451] ? ksys_write+0x1ac/0x250 [ 210.274171][ T9451] ? __pfx_ksys_write+0x10/0x10 [ 210.274188][ T9451] __ia32_sys_bpf+0x76/0xe0 [ 210.274198][ T9451] __do_fast_syscall_32+0x7c/0x3a0 [ 210.274210][ T9451] do_fast_syscall_32+0x32/0x80 [ 210.274219][ T9451] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 210.274233][ T9451] RIP: 0023:0xf7f27579 [ 210.274242][ T9451] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 210.274252][ T9451] RSP: 002b:00000000f504655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 210.274262][ T9451] RAX: ffffffffffffffda RBX: 000000000000001c RCX: 0000000080000180 [ 210.274268][ T9451] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000000 [ 210.274274][ T9451] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 210.274280][ T9451] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 210.274291][ T9451] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 210.274304][ T9451] [ 212.500609][ T9498] netlink: 24 bytes leftover after parsing attributes in process `syz.3.903'. [ 212.501813][ T9497] random: crng reseeded on system resumption [ 214.964320][ T5961] Bluetooth: hci3: SCO packet for unknown connection handle 200 [ 215.085275][ T9542] xt_TCPMSS: Only works on TCP SYN packets [ 215.134270][ T9547] tmpfs: Unknown parameter 'vԡaņۊ 0܈lY9mJtuo L5գKmDZڣ" ɥ [ 224.110709][ T9757] dump_stack_lvl+0x16c/0x1f0 [ 224.110739][ T9757] should_fail_ex+0x512/0x640 [ 224.110764][ T9757] ? __kmalloc_noprof+0xbf/0x510 [ 224.110793][ T9757] ? bpf_prepare_filter+0x745/0x1100 [ 224.110813][ T9757] should_failslab+0xc2/0x120 [ 224.110828][ T9757] __kmalloc_noprof+0xd2/0x510 [ 224.110857][ T9757] bpf_prepare_filter+0x745/0x1100 [ 224.110877][ T9757] ? __pfx_bpf_prepare_filter+0x10/0x10 [ 224.110903][ T9757] bpf_prog_create+0x16f/0x240 [ 224.110945][ T9757] bpf_mt_check+0xf8/0x1a0 [ 224.110964][ T9757] ? __pfx_bpf_mt_check+0x10/0x10 [ 224.110981][ T9757] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 224.110998][ T9757] ? __pfx_bpf_mt_check+0x10/0x10 [ 224.111016][ T9757] xt_check_match+0x283/0xa50 [ 224.111039][ T9757] ? __pfx_xt_check_match+0x10/0x10 [ 224.111062][ T9757] ? xt_find_match+0x1f6/0x290 [ 224.111083][ T9757] ? xt_find_match+0x1f6/0x290 [ 224.111109][ T9757] find_check_entry.constprop.0+0x34e/0xa20 [ 224.111138][ T9757] ? __pfx_find_check_entry.constprop.0+0x10/0x10 [ 224.111168][ T9757] ? lockdep_hardirqs_on+0x7c/0x110 [ 224.111195][ T9757] ? kfree+0x2b4/0x4d0 [ 224.111213][ T9757] ? translate_table+0xc0e/0x17b0 [ 224.111238][ T9757] translate_table+0xd0b/0x17b0 [ 224.111269][ T9757] ? __pfx_translate_table+0x10/0x10 [ 224.111298][ T9757] translate_compat_table+0x1474/0x18d0 [ 224.111330][ T9757] ? __pfx_translate_compat_table+0x10/0x10 [ 224.111371][ T9757] compat_do_replace+0x255/0x3c0 [ 224.111395][ T9757] ? __pfx_compat_do_replace+0x10/0x10 [ 224.111416][ T9757] ? __pfx_aa_get_newest_label+0x10/0x10 [ 224.111440][ T9757] ? rcu_is_watching+0x12/0xc0 [ 224.111465][ T9757] ? bpf_lsm_capable+0x9/0x10 [ 224.111484][ T9757] ? security_capable+0x7e/0x260 [ 224.111503][ T9757] do_ip6t_set_ctl+0x55d/0xa70 [ 224.111524][ T9757] ? nf_sockopt_find.constprop.0+0x222/0x290 [ 224.111548][ T9757] ? __pfx_do_ip6t_set_ctl+0x10/0x10 [ 224.111571][ T9757] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 224.111598][ T9757] ? nf_sockopt_find.constprop.0+0x222/0x290 [ 224.111620][ T9757] nf_setsockopt+0x8d/0xf0 [ 224.111641][ T9757] ipv6_setsockopt+0x135/0x170 [ 224.111663][ T9757] udpv6_setsockopt+0x7d/0xd0 [ 224.111703][ T9757] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 224.111724][ T9757] do_sock_setsockopt+0x221/0x470 [ 224.111742][ T9757] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 224.111774][ T9757] __sys_setsockopt+0x120/0x1a0 [ 224.111803][ T9757] __ia32_sys_setsockopt+0xbc/0x160 [ 224.111826][ T9757] ? lockdep_hardirqs_on+0x7c/0x110 [ 224.111850][ T9757] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 224.111877][ T9757] __do_fast_syscall_32+0x7c/0x3a0 [ 224.111896][ T9757] do_fast_syscall_32+0x32/0x80 [ 224.111912][ T9757] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 224.111931][ T9757] RIP: 0023:0xf704e579 [ 224.111944][ T9757] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 224.111960][ T9757] RSP: 002b:00000000f503e55c EFLAGS: 00000296 ORIG_RAX: 000000000000016e [ 224.111987][ T9757] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000029 [ 224.111996][ T9757] RDX: 0000000000000040 RSI: 00000000800006c0 RDI: 0000000000000688 [ 224.112005][ T9757] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 224.112014][ T9757] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 224.112023][ T9757] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 224.112044][ T9757] [ 224.112456][ T9757] xt_bpf: check failed: parse error [ 224.192852][ T9759] ubi: mtd0 is already attached to ubi31 [ 224.970886][ T9771] delete_channel: no stack [ 224.987834][ T9773] netlink: 'syz.3.982': attribute type 39 has an invalid length. [ 225.047282][ T9777] capability: warning: `syz.3.984' uses 32-bit capabilities (legacy support in use) [ 225.233814][ T1337] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 225.391975][ T1337] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 225.402934][ T1337] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 225.409532][ T1337] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 225.418300][ T1337] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 225.451417][ T9771] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 225.782288][ T1337] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 225.935865][ T9784] program syz.3.987 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 226.337116][ T9802] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null. [ 226.341555][ T9802] overlayfs: missing 'lowerdir' [ 226.381234][ T9804] bond0: (slave bond_slave_0): Releasing backup interface [ 226.385687][ T9804] bond0: (slave bond_slave_1): Releasing backup interface [ 226.397195][ T9804] team0: Port device team_slave_0 removed [ 226.401437][ T9804] team0: Port device team_slave_1 removed [ 226.403822][ T9804] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 226.406304][ T9804] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 226.409334][ T9804] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 226.411774][ T9804] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 226.421194][ T9804] bond3: (slave veth3): Releasing active interface [ 226.423319][ T9804] bond3: (slave veth3): the permanent HWaddr of slave - c2:9b:64:22:82:be - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts [ 226.428913][ T9804] vlan0: entered promiscuous mode [ 226.432578][ T9804] bond3: (slave vlan0): Releasing active interface [ 226.435076][ T9804] vlan0: left promiscuous mode [ 226.437905][ T9804] veth1: left promiscuous mode [ 226.447955][ T9805] vlan0: entered promiscuous mode [ 226.449672][ T9805] veth1: entered promiscuous mode [ 226.451420][ T9805] vlan0: left allmulticast mode [ 226.453448][ T9805] veth1: left allmulticast mode [ 226.457718][ T9805] team0: Port device vlan0 added [ 226.488699][ T9804] tipc: Started in network mode [ 226.490295][ T9804] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711 [ 226.492654][ T9804] tipc: Enabled bearer , priority 0 [ 226.744440][ T9809] netlink: 20 bytes leftover after parsing attributes in process `syz.2.995'. [ 227.279358][ T9813] netlink: 8 bytes leftover after parsing attributes in process `syz.3.996'. [ 227.282210][ T9813] netlink: 24 bytes leftover after parsing attributes in process `syz.3.996'. [ 227.623715][ T837] tipc: Node number set to 11578026 [ 227.926381][ T837] usb 6-1: USB disconnect, device number 6 [ 228.204065][ T9832] bio_check_eod: 4 callbacks suppressed [ 228.204076][ T9832] syz.1.998: attempt to access beyond end of device [ 228.204076][ T9832] nbd1: rw=4096, sector=0, nr_sectors = 1 limit=0 [ 228.211016][ T9832] XFS (nbd1): SB validate failed with error -5. [ 228.983370][ T9857] Cannot find del_set index 1 as target [ 229.050571][ T9855] random: crng reseeded on system resumption [ 229.304792][ T5958] Bluetooth: hci3: command 0x0c1a tx timeout [ 229.745565][ T9877] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 229.749570][ T9877] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 229.753931][ T9877] overlayfs: failed to set uuid (269/file1, err=-13); falling back to uuid=null. [ 229.860675][ T9881] fuse: Invalid rootmode [ 229.863931][ T9881] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 230.105077][ T9888] FAULT_INJECTION: forcing a failure. [ 230.105077][ T9888] name failslab, interval 1, probability 0, space 0, times 0 [ 230.109949][ T9888] CPU: 0 UID: 0 PID: 9888 Comm: syz.3.1015 Not tainted 6.16.0-rc1-syzkaller-00004-gaef17cb3d3c4 #0 PREEMPT(full) [ 230.109965][ T9888] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 230.109972][ T9888] Call Trace: [ 230.109976][ T9888] [ 230.109980][ T9888] dump_stack_lvl+0x16c/0x1f0 [ 230.110000][ T9888] should_fail_ex+0x512/0x640 [ 230.110016][ T9888] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 230.110032][ T9888] should_failslab+0xc2/0x120 [ 230.110047][ T9888] __kmalloc_cache_noprof+0x6a/0x3e0 [ 230.110061][ T9888] ? rtnl_newlink+0x11b/0x2000 [ 230.110073][ T9888] ? __pfx_rtnl_newlink+0x10/0x10 [ 230.110083][ T9888] rtnl_newlink+0x11b/0x2000 [ 230.110097][ T9888] ? __pfx_rtnl_newlink+0x10/0x10 [ 230.110106][ T9888] ? kasan_quarantine_put+0x10a/0x240 [ 230.110120][ T9888] ? lockdep_hardirqs_on+0x7c/0x110 [ 230.110138][ T9888] ? kmem_cache_free+0x2d1/0x4d0 [ 230.110152][ T9888] ? kfree_skbmem+0x1a4/0x1f0 [ 230.110169][ T9888] ? __lock_acquire+0x622/0x1c90 [ 230.110183][ T9888] ? rcu_is_watching+0x12/0xc0 [ 230.110194][ T9888] ? trace_cap_capable+0x18d/0x200 [ 230.110208][ T9888] ? find_held_lock+0x2b/0x80 [ 230.110217][ T9888] ? __pfx_rtnl_newlink+0x10/0x10 [ 230.110227][ T9888] ? __pfx_rtnl_newlink+0x10/0x10 [ 230.110236][ T9888] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 230.110246][ T9888] ? __pfx_rtnl_newlink+0x10/0x10 [ 230.110257][ T9888] rtnetlink_rcv_msg+0x95b/0xe90 [ 230.110268][ T9888] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 230.110286][ T9888] ? ref_tracker_free+0x37c/0x830 [ 230.110309][ T9888] netlink_rcv_skb+0x155/0x420 [ 230.110328][ T9888] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 230.110342][ T9888] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 230.110364][ T9888] ? netlink_deliver_tap+0x1ae/0xd30 [ 230.110384][ T9888] netlink_unicast+0x53d/0x7f0 [ 230.110405][ T9888] ? __pfx_netlink_unicast+0x10/0x10 [ 230.110429][ T9888] netlink_sendmsg+0x8d1/0xdd0 [ 230.110451][ T9888] ? __pfx_netlink_sendmsg+0x10/0x10 [ 230.110471][ T9888] ? __import_iovec+0x1dd/0x650 [ 230.110491][ T9888] ____sys_sendmsg+0xa95/0xc70 [ 230.110516][ T9888] ? __pfx_____sys_sendmsg+0x10/0x10 [ 230.110536][ T9888] ? get_compat_msghdr+0x11a/0x170 [ 230.110560][ T9888] ___sys_sendmsg+0x134/0x1d0 [ 230.110588][ T9888] ? __pfx____sys_sendmsg+0x10/0x10 [ 230.110624][ T9888] ? find_held_lock+0x2b/0x80 [ 230.110653][ T9888] __sys_sendmsg+0x16d/0x220 [ 230.110669][ T9888] ? __pfx___sys_sendmsg+0x10/0x10 [ 230.110692][ T9888] ? rcu_is_watching+0x12/0xc0 [ 230.110711][ T9888] __do_fast_syscall_32+0x7c/0x3a0 [ 230.110728][ T9888] do_fast_syscall_32+0x32/0x80 [ 230.110743][ T9888] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 230.110764][ T9888] RIP: 0023:0xf7f27579 [ 230.110776][ T9888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 230.110793][ T9888] RSP: 002b:00000000f504655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 230.110808][ T9888] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000180 [ 230.110818][ T9888] RDX: 0000000020004090 RSI: 0000000000000000 RDI: 0000000000000000 [ 230.110828][ T9888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 230.110838][ T9888] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 230.110847][ T9888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 230.110894][ T9888] [ 230.164868][ T9895] FAULT_INJECTION: forcing a failure. [ 230.164868][ T9895] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 230.232582][ T9895] CPU: 3 UID: 0 PID: 9895 Comm: syz.1.1017 Not tainted 6.16.0-rc1-syzkaller-00004-gaef17cb3d3c4 #0 PREEMPT(full) [ 230.232598][ T9895] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 230.232605][ T9895] Call Trace: [ 230.232609][ T9895] [ 230.232613][ T9895] dump_stack_lvl+0x16c/0x1f0 [ 230.232634][ T9895] should_fail_ex+0x512/0x640 [ 230.232652][ T9895] should_fail_alloc_page+0xe7/0x130 [ 230.232664][ T9895] prepare_alloc_pages+0x3c2/0x610 [ 230.232679][ T9895] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 230.232695][ T9895] ? mark_held_locks+0x49/0x80 [ 230.232708][ T9895] ? smp_call_function_many_cond+0xf0b/0x1510 [ 230.232719][ T9895] ? lockdep_hardirqs_on+0x7c/0x110 [ 230.232734][ T9895] ? smp_call_function_many_cond+0x416/0x1510 [ 230.232743][ T9895] ? __pfx_flush_tlb_func+0x10/0x10 [ 230.232756][ T9895] ? __pfx_should_flush_tlb+0x10/0x10 [ 230.232769][ T9895] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 230.232783][ T9895] ? __lock_acquire+0x622/0x1c90 [ 230.232801][ T9895] ? __lock_acquire+0x622/0x1c90 [ 230.232814][ T9895] ? __lock_acquire+0x622/0x1c90 [ 230.232827][ T9895] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 230.232843][ T9895] ? policy_nodemask+0xea/0x4e0 [ 230.232854][ T9895] alloc_pages_mpol+0x1fb/0x550 [ 230.232864][ T9895] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 230.232878][ T9895] folio_alloc_mpol_noprof+0x36/0x2f0 [ 230.232890][ T9895] vma_alloc_folio_noprof+0xed/0x1e0 [ 230.232902][ T9895] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 230.232914][ T9895] ? rcu_read_unlock+0x2d/0xb0 [ 230.232931][ T9895] do_wp_page+0x1136/0x4f20 [ 230.232946][ T9895] ? __pfx_do_wp_page+0x10/0x10 [ 230.232959][ T9895] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 230.232978][ T9895] __handle_mm_fault+0x2223/0x5490 [ 230.232995][ T9895] ? __pfx___handle_mm_fault+0x10/0x10 [ 230.233009][ T9895] ? __pte_offset_map_lock+0x174/0x310 [ 230.233019][ T9895] ? vm_normal_page+0x152/0x2e0 [ 230.233028][ T9895] ? find_held_lock+0x2b/0x80 [ 230.233037][ T9895] ? find_held_lock+0x2b/0x80 [ 230.233050][ T9895] ? follow_page_pte+0x3af/0x14c0 [ 230.233065][ T9895] handle_mm_fault+0x589/0xd10 [ 230.233081][ T9895] __get_user_pages+0x589/0x3b80 [ 230.233098][ T9895] ? __pfx___get_user_pages+0x10/0x10 [ 230.233109][ T9895] ? __pfx_down_read_killable+0x10/0x10 [ 230.233122][ T9895] ? __lock_acquire+0x622/0x1c90 [ 230.233137][ T9895] __gup_longterm_locked+0x20d/0x1850 [ 230.233151][ T9895] ? try_get_folio+0x1d2/0x730 [ 230.233161][ T9895] ? __pfx___gup_longterm_locked+0x10/0x10 [ 230.233174][ T9895] ? try_get_folio+0x255/0x730 [ 230.233183][ T9895] ? find_held_lock+0x2b/0x80 [ 230.233193][ T9895] ? sanity_check_pinned_pages+0x3bf/0x1200 [ 230.233207][ T9895] gup_fast_fallback+0x1ab3/0x29e0 [ 230.233228][ T9895] ? __pfx_gup_fast_fallback+0x10/0x10 [ 230.233248][ T9895] pin_user_pages_fast+0xa7/0xf0 [ 230.233259][ T9895] ? __pfx_pin_user_pages_fast+0x10/0x10 [ 230.233270][ T9895] ? trace_kmalloc+0x2b/0xd0 [ 230.233283][ T9895] rds_info_getsockopt+0x39f/0x4f0 [ 230.233297][ T9895] ? __pfx_rds_info_getsockopt+0x10/0x10 [ 230.233308][ T9895] ? find_held_lock+0x2b/0x80 [ 230.233318][ T9895] ? __might_fault+0x13b/0x190 [ 230.233336][ T9895] rds_getsockopt+0x173/0x2d0 [ 230.233349][ T9895] ? __pfx_rds_getsockopt+0x10/0x10 [ 230.233364][ T9895] do_sock_getsockopt+0x3fc/0x800 [ 230.233379][ T9895] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 230.233395][ T9895] ? __fget_files+0x204/0x3c0 [ 230.233416][ T9895] __sys_getsockopt+0x123/0x1b0 [ 230.233435][ T9895] __ia32_sys_getsockopt+0xbc/0x160 [ 230.233450][ T9895] ? lockdep_hardirqs_on+0x7c/0x110 [ 230.233466][ T9895] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 230.233482][ T9895] __do_fast_syscall_32+0x7c/0x3a0 [ 230.233493][ T9895] do_fast_syscall_32+0x32/0x80 [ 230.233503][ T9895] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 230.233516][ T9895] RIP: 0023:0xf707e579 [ 230.233524][ T9895] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 230.233534][ T9895] RSP: 002b:00000000f506e55c EFLAGS: 00000296 ORIG_RAX: 000000000000016d [ 230.233556][ T9895] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000114 [ 230.233563][ T9895] RDX: 000000000000271e RSI: 0000000080000580 RDI: 0000000080000040 [ 230.233569][ T9895] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 230.233575][ T9895] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 230.233581][ T9895] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 230.233594][ T9895] [ 230.335321][ T9900] raw_sendmsg: syz.2.1014 forgot to set AF_INET. Fix it! [ 230.459535][ T9903] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1018'. [ 230.832986][ T9915] Invalid logical block size (1101653259) [ 230.927138][ T9920] overlayfs: failed to decode file handle (len=5, type=251, flags=0, err=-22) [ 230.946253][ T9920] sit1: entered promiscuous mode [ 230.948338][ T9920] sit1: entered allmulticast mode [ 231.232432][ T9931] futex_wake_op: syz.0.1027 tries to shift op by -33; fix this program [ 232.056279][ T9949] dlm: Unknown command passed to DLM device : 0 [ 232.056279][ T9949] [ 232.340822][ T5958] Bluetooth: hci0: SCO packet for unknown connection handle 0 [ 232.341539][ T9957] Bluetooth: MGMT ver 1.23 [ 232.725800][ T5947] usb 7-1: new full-speed USB device number 7 using dummy_hcd [ 233.044970][ T5947] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 233.048971][ T5947] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 2 [ 233.052520][ T5947] usb 7-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 234.382061][ T5947] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 234.416064][ T5947] usb 7-1: config 0 descriptor?? [ 234.502665][ T9998] netlink: 'syz.1.1047': attribute type 1 has an invalid length. [ 234.505200][ T9998] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1047'. [ 234.857684][ T61] usb 7-1: USB disconnect, device number 7 [ 234.881297][ C3] PF_CAN: dropped non conform CAN skbuff: dev type 280, len 16 [ 234.964632][T10010] random: crng reseeded on system resumption [ 235.131329][ C3] vxcan1: j1939_tp_rxtimer: 0xffff888023960400: rx timeout, send abort [ 235.544137][T10021] netlink: 200 bytes leftover after parsing attributes in process `syz.2.1053'. [ 235.580208][T10023] netlink: 'syz.2.1054': attribute type 4 has an invalid length. [ 235.634914][ C3] vxcan1: j1939_tp_rxtimer: 0xffff888023960400: abort rx timeout. Force session deactivation [ 236.008898][T10038] netlink: 'syz.1.1057': attribute type 4 has an invalid length. [ 236.012277][T10038] netlink: 152 bytes leftover after parsing attributes in process `syz.1.1057'. [ 236.018659][T10038] : renamed from bond0 (while UP) [ 236.036815][T10038] 9pnet: Found fid 0 not clunked [ 236.501803][T10048] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1059'. [ 237.482783][T10052] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1061'. [ 237.485766][T10052] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1061'. [ 237.596861][T10056] tipc: Resetting bearer [ 237.609359][T10056] team0: Port device vlan0 removed [ 237.788367][T10073] kAFS: Can only specify source 'none' with -o dyn [ 238.168558][T10093] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1073'. [ 238.664322][T10109] futex_wake_op: syz.1.1080 tries to shift op by -1; fix this program [ 238.675673][ T5999] usb 5-1: new full-speed USB device number 10 using dummy_hcd [ 238.827559][ T5999] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 238.830684][ T5999] usb 5-1: config 0 has no interfaces? [ 238.832786][ T5999] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 238.837192][ T5999] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 238.846114][ T5999] usb 5-1: config 0 descriptor?? [ 239.942746][ T5958] Bluetooth: hci3: unexpected cc 0x042f length: 9 > 7 [ 239.945484][ T5958] Bluetooth: hci3: unexpected event for opcode 0x042f [ 240.117882][T10149] openvswitch: netlink: Tunnel attr 7 has unexpected len 4 expected 0 [ 240.335316][T10154] netfs: Couldn't get user pages (rc=-14) [ 240.349183][T10154] netfs: Couldn't get user pages (rc=-14) [ 240.637607][T10165] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1095'. [ 241.169450][T10174] No control pipe specified [ 241.461394][ T6030] usb 5-1: USB disconnect, device number 10 [ 241.545504][T10192] netlink: 'syz.0.1103': attribute type 1 has an invalid length. [ 241.652156][T10192] 8021q: adding VLAN 0 to HW filter on device bond7 [ 241.733438][T10198] bond7: (slave veth3): Enslaving as an active interface with a down link [ 241.756765][T10192] vlan0: entered allmulticast mode [ 241.757255][T10203] netlink: 788 bytes leftover after parsing attributes in process `syz.2.1104'. [ 241.759013][T10192] veth1: entered allmulticast mode [ 241.766355][T10192] veth1: entered promiscuous mode [ 241.768747][T10192] veth1: left promiscuous mode [ 241.771337][T10192] bond7: (slave vlan0): making interface the new active one [ 241.774109][T10192] veth1: entered promiscuous mode [ 241.777616][T10192] vlan0: entered promiscuous mode [ 241.779938][T10192] bond7: (slave vlan0): Enslaving as an active interface with an up link [ 242.017247][ T40] audit: type=1800 audit(2000000106.479:423): pid=10207 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz.0.1106" name="/" dev="sockfs" ino=26871 res=0 errno=0 [ 242.678660][T10251] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1110'. [ 243.425745][T10275] netlink: 'syz.1.1115': attribute type 1 has an invalid length. [ 243.447944][T10275] 8021q: adding VLAN 0 to HW filter on device bond6 [ 243.506895][T10277] FAULT_INJECTION: forcing a failure. [ 243.506895][T10277] name failslab, interval 1, probability 0, space 0, times 0 [ 243.511341][T10277] CPU: 2 UID: 0 PID: 10277 Comm: syz.1.1115 Not tainted 6.16.0-rc1-syzkaller-00004-gaef17cb3d3c4 #0 PREEMPT(full) [ 243.511356][T10277] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 243.511363][T10277] Call Trace: [ 243.511367][T10277] [ 243.511373][T10277] dump_stack_lvl+0x16c/0x1f0 [ 243.511412][T10277] should_fail_ex+0x512/0x640 [ 243.511435][T10277] should_failslab+0xc2/0x120 [ 243.511446][T10277] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 243.511463][T10277] ? skb_clone+0x190/0x3f0 [ 243.511475][T10277] skb_clone+0x190/0x3f0 [ 243.511485][T10277] netlink_deliver_tap+0xabd/0xd30 [ 243.511500][T10277] netlink_unicast+0x5df/0x7f0 [ 243.511514][T10277] ? __pfx_netlink_unicast+0x10/0x10 [ 243.511529][T10277] netlink_sendmsg+0x8d1/0xdd0 [ 243.511543][T10277] ? __pfx_netlink_sendmsg+0x10/0x10 [ 243.511556][T10277] ? __import_iovec+0x1dd/0x650 [ 243.511570][T10277] ____sys_sendmsg+0xa95/0xc70 [ 243.511585][T10277] ? __pfx_____sys_sendmsg+0x10/0x10 [ 243.511596][T10277] ? get_compat_msghdr+0x11a/0x170 [ 243.511613][T10277] ___sys_sendmsg+0x134/0x1d0 [ 243.511631][T10277] ? __pfx____sys_sendmsg+0x10/0x10 [ 243.511654][T10277] ? find_held_lock+0x2b/0x80 [ 243.511673][T10277] __sys_sendmsg+0x16d/0x220 [ 243.511683][T10277] ? __pfx___sys_sendmsg+0x10/0x10 [ 243.511698][T10277] ? rcu_is_watching+0x12/0xc0 [ 243.511711][T10277] __do_fast_syscall_32+0x7c/0x3a0 [ 243.511723][T10277] do_fast_syscall_32+0x32/0x80 [ 243.511733][T10277] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 243.511746][T10277] RIP: 0023:0xf707e579 [ 243.511755][T10277] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 243.511766][T10277] RSP: 002b:00000000f504d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 243.511777][T10277] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000080000280 [ 243.511783][T10277] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 243.511797][T10277] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 243.511803][T10277] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 243.511809][T10277] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 243.511822][T10277] [ 243.583320][ C2] hpet: Lost 3 RTC interrupts [ 243.600323][T10275] bond6: (slave veth3): Enslaving as an active interface with a down link [ 243.606704][T10277] vlan0: entered allmulticast mode [ 243.608372][T10277] veth1: entered allmulticast mode [ 243.610270][T10277] bond6: (slave vlan0): Opening slave failed [ 244.116293][T10286] FAULT_INJECTION: forcing a failure. [ 244.116293][T10286] name failslab, interval 1, probability 0, space 0, times 0 [ 244.121010][T10286] CPU: 2 UID: 0 PID: 10286 Comm: syz.1.1117 Not tainted 6.16.0-rc1-syzkaller-00004-gaef17cb3d3c4 #0 PREEMPT(full) [ 244.121035][T10286] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 244.121042][T10286] Call Trace: [ 244.121046][T10286] [ 244.121051][T10286] dump_stack_lvl+0x16c/0x1f0 [ 244.121071][T10286] should_fail_ex+0x512/0x640 [ 244.121088][T10286] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 244.121105][T10286] should_failslab+0xc2/0x120 [ 244.121116][T10286] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 244.121130][T10286] ? __pfx___might_resched+0x10/0x10 [ 244.121141][T10286] ? alloc_vmap_area+0x645/0x29c0 [ 244.121155][T10286] alloc_vmap_area+0x645/0x29c0 [ 244.121172][T10286] ? __pfx_alloc_vmap_area+0x10/0x10 [ 244.121187][T10286] __get_vm_area_node+0x1ca/0x330 [ 244.121202][T10286] __vmalloc_node_range_noprof+0x271/0x14b0 [ 244.121215][T10286] ? ip_set_sockfn_get+0x18e/0xd30 [ 244.121231][T10286] ? __local_bh_enable_ip+0xa4/0x120 [ 244.121246][T10286] ? ip_set_sockfn_get+0x18e/0xd30 [ 244.121262][T10286] ? aa_get_newest_label+0x375/0x680 [ 244.121275][T10286] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 244.121288][T10286] ? rcu_is_watching+0x12/0xc0 [ 244.121303][T10286] ? ip_set_sockfn_get+0x18e/0xd30 [ 244.121317][T10286] __vmalloc_node_noprof+0xad/0xf0 [ 244.121330][T10286] ? ip_set_sockfn_get+0x18e/0xd30 [ 244.121346][T10286] ip_set_sockfn_get+0x18e/0xd30 [ 244.121363][T10286] ? __pfx_ip_set_sockfn_get+0x10/0x10 [ 244.121380][T10286] ? nf_sockopt_find.constprop.0+0x222/0x290 [ 244.121394][T10286] nf_getsockopt+0x7c/0xe0 [ 244.121407][T10286] ip_getsockopt+0x18c/0x1e0 [ 244.121423][T10286] ? __pfx_ip_getsockopt+0x10/0x10 [ 244.121439][T10286] ? find_held_lock+0x2b/0x80 [ 244.121450][T10286] raw_getsockopt+0x4d/0x1f0 [ 244.121465][T10286] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 244.121478][T10286] do_sock_getsockopt+0x3fc/0x800 [ 244.121491][T10286] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 244.121502][T10286] ? __fget_files+0x204/0x3c0 [ 244.121523][T10286] __sys_getsockopt+0x123/0x1b0 [ 244.121542][T10286] __ia32_sys_getsockopt+0xbc/0x160 [ 244.121557][T10286] ? lockdep_hardirqs_on+0x7c/0x110 [ 244.121572][T10286] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 244.121589][T10286] __do_fast_syscall_32+0x7c/0x3a0 [ 244.121600][T10286] do_fast_syscall_32+0x32/0x80 [ 244.121609][T10286] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 244.121623][T10286] RIP: 0023:0xf707e579 [ 244.121631][T10286] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 244.121641][T10286] RSP: 002b:00000000f506e55c EFLAGS: 00000296 ORIG_RAX: 000000000000016d [ 244.121652][T10286] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000 [ 244.121658][T10286] RDX: 0000000000000053 RSI: 0000000080000000 RDI: 0000000080000080 [ 244.121664][T10286] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 244.121669][T10286] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 244.121675][T10286] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 244.121688][T10286] [ 244.121717][T10286] syz.1.1117: vmalloc error: size 12, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 244.232060][T10286] CPU: 2 UID: 0 PID: 10286 Comm: syz.1.1117 Not tainted 6.16.0-rc1-syzkaller-00004-gaef17cb3d3c4 #0 PREEMPT(full) [ 244.232078][T10286] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 244.232084][T10286] Call Trace: [ 244.232089][T10286] [ 244.232094][T10286] dump_stack_lvl+0x16c/0x1f0 [ 244.232115][T10286] warn_alloc+0x248/0x3a0 [ 244.232131][T10286] ? __pfx_warn_alloc+0x10/0x10 [ 244.232147][T10286] ? kfree+0x2b4/0x4d0 [ 244.232164][T10286] ? __get_vm_area_node+0x208/0x330 [ 244.232179][T10286] __vmalloc_node_range_noprof+0xb2d/0x14b0 [ 244.232193][T10286] ? __local_bh_enable_ip+0xa4/0x120 [ 244.232209][T10286] ? ip_set_sockfn_get+0x18e/0xd30 [ 244.232226][T10286] ? aa_get_newest_label+0x375/0x680 [ 244.232239][T10286] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 244.232260][T10286] ? rcu_is_watching+0x12/0xc0 [ 244.232274][T10286] ? ip_set_sockfn_get+0x18e/0xd30 [ 244.232289][T10286] __vmalloc_node_noprof+0xad/0xf0 [ 244.232301][T10286] ? ip_set_sockfn_get+0x18e/0xd30 [ 244.232318][T10286] ip_set_sockfn_get+0x18e/0xd30 [ 244.232334][T10286] ? __pfx_ip_set_sockfn_get+0x10/0x10 [ 244.232351][T10286] ? nf_sockopt_find.constprop.0+0x222/0x290 [ 244.232368][T10286] nf_getsockopt+0x7c/0xe0 [ 244.232387][T10286] ip_getsockopt+0x18c/0x1e0 [ 244.232408][T10286] ? __pfx_ip_getsockopt+0x10/0x10 [ 244.232429][T10286] ? find_held_lock+0x2b/0x80 [ 244.232447][T10286] raw_getsockopt+0x4d/0x1f0 [ 244.232463][T10286] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 244.232481][T10286] do_sock_getsockopt+0x3fc/0x800 [ 244.232499][T10286] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 244.232514][T10286] ? __fget_files+0x204/0x3c0 [ 244.232547][T10286] __sys_getsockopt+0x123/0x1b0 [ 244.232575][T10286] __ia32_sys_getsockopt+0xbc/0x160 [ 244.232596][T10286] ? lockdep_hardirqs_on+0x7c/0x110 [ 244.232612][T10286] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 244.232628][T10286] __do_fast_syscall_32+0x7c/0x3a0 [ 244.232639][T10286] do_fast_syscall_32+0x32/0x80 [ 244.232649][T10286] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 244.232663][T10286] RIP: 0023:0xf707e579 [ 244.232671][T10286] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 244.232681][T10286] RSP: 002b:00000000f506e55c EFLAGS: 00000296 ORIG_RAX: 000000000000016d [ 244.232692][T10286] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000 [ 244.232704][T10286] RDX: 0000000000000053 RSI: 0000000080000000 RDI: 0000000080000080 [ 244.232715][T10286] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 244.232721][T10286] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 244.232727][T10286] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 244.232740][T10286] [ 244.232745][T10286] Mem-Info: [ 244.327590][T10286] active_anon:10545 inactive_anon:3139 isolated_anon:0 [ 244.327590][T10286] active_file:7013 inactive_file:28998 isolated_file:0 [ 244.327590][T10286] unevictable:1768 dirty:36 writeback:0 [ 244.327590][T10286] slab_reclaimable:7599 slab_unreclaimable:56159 [ 244.327590][T10286] mapped:30142 shmem:10105 pagetables:1308 [ 244.327590][T10286] sec_pagetables:319 bounce:0 [ 244.327590][T10286] kernel_misc_reclaimable:0 [ 244.327590][T10286] free:29351 free_pcp:15577 free_cma:0 [ 244.344799][T10286] Node 0 active_anon:2096kB inactive_anon:72kB active_file:16kB inactive_file:0kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:1964kB dirty:0kB writeback:0kB shmem:9836kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9264kB pagetables:1888kB sec_pagetables:1168kB all_unreclaimable? yes Balloon:0kB [ 244.357860][T10286] Node 1 active_anon:40084kB inactive_anon:12484kB active_file:28036kB inactive_file:115992kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:118604kB dirty:144kB writeback:0kB shmem:30584kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:6608kB pagetables:3344kB sec_pagetables:108kB all_unreclaimable? no Balloon:0kB [ 244.368528][T10286] Node 0 DMA free:2076kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:28kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:152kB local_pcp:8kB free_cma:0kB [ 244.378587][T10286] lowmem_reserve[]: 0 289 289 289 289 [ 244.380456][T10286] Node 0 DMA32 free:15636kB boost:0kB min:13332kB low:16664kB high:19996kB reserved_highatomic:2048KB free_highatomic:72KB active_anon:2068kB inactive_anon:72kB active_file:16kB inactive_file:0kB unevictable:3536kB writepending:0kB present:1032196kB managed:296672kB mlocked:0kB bounce:0kB free_pcp:4144kB local_pcp:816kB free_cma:0kB [ 244.391541][T10286] lowmem_reserve[]: 0 0 0 0 0 [ 244.393342][T10286] Node 1 DMA32 free:99692kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:40084kB inactive_anon:12484kB active_file:28036kB inactive_file:115992kB unevictable:3536kB writepending:144kB present:1048432kB managed:948268kB mlocked:0kB bounce:0kB free_pcp:58000kB local_pcp:21968kB free_cma:0kB [ 244.404017][T10286] lowmem_reserve[]: 0 0 0 0 0 [ 244.405763][T10286] Node 0 DMA: 45*4kB (U) 13*8kB (UM) 2*16kB (UM) 1*32kB (M) 1*64kB (M) 1*128kB (M) 0*256kB 1*512kB (M) 1*1024kB (M) 0*2048kB 0*4096kB = 2076kB [ 244.410524][T10286] Node 0 DMA32: 197*4kB (UM) 18*8kB (UEH) 9*16kB (UE) 131*32kB (UME) 54*64kB (UME) 20*128kB (UME) 13*256kB (UME) 2*512kB (UM) 0*1024kB 0*2048kB 0*4096kB = 15636kB [ 244.416282][T10286] Node 1 DMA32: 660*4kB (UME) 561*8kB (UME) 348*16kB (UME) 383*32kB (UME) 210*64kB (UME) 139*128kB (UME) 52*256kB (UME) 15*512kB (UME) 12*1024kB (UM) 5*2048kB (M) 0*4096kB = 99704kB [ 244.423792][T10286] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 244.426973][T10286] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 244.429784][T10286] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 244.433255][T10286] Node 1 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 244.437601][T10286] 46483 total pagecache pages [ 244.439160][T10286] 371 pages in swap cache [ 244.440548][T10286] Free swap = 119932kB [ 244.441930][T10286] Total swap = 124996kB [ 244.443375][T10286] 524155 pages RAM [ 244.445011][T10286] 0 pages HighMem/MovableOnly [ 244.446534][T10286] 209080 pages reserved [ 244.448445][T10286] 0 pages cma reserved [ 245.597349][T10313] IPv6: Can't replace route, no match found [ 246.201447][T10326] ceph: No mds server is up or the cluster is laggy [ 246.581925][T10345] netlink: 'syz.0.1132': attribute type 1 has an invalid length. [ 246.585701][T10345] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 246.588432][T10345] IPv6: NLM_F_CREATE should be set when creating new route [ 246.590743][T10345] IPv6: NLM_F_CREATE should be set when creating new route [ 246.594427][T10345] netlink: 'syz.0.1132': attribute type 1 has an invalid length. [ 246.596941][T10345] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 246.759926][T10350] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1131'. [ 246.911544][T10353] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1134'. [ 247.101807][T10364] netlink: 'syz.0.1136': attribute type 30 has an invalid length. [ 247.188812][T10370] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 247.191109][T10370] IPv6: NLM_F_CREATE should be set when creating new route [ 247.193804][T10370] IPv6: NLM_F_CREATE should be set when creating new route [ 247.196597][T10370] IPv6: NLM_F_CREATE should be set when creating new route [ 247.451149][ T6268] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 247.603698][ T6268] usb 5-1: Using ep0 maxpacket: 8 [ 247.607419][ T6268] usb 5-1: config 168 descriptor has 1 excess byte, ignoring [ 247.610468][ T6268] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 247.615564][ T6268] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 247.620370][ T6268] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 247.625358][ T6268] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 247.631112][ T6268] usb 5-1: config 168 descriptor has 1 excess byte, ignoring [ 247.634651][ T6268] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 247.639244][ T6268] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 247.644400][ T6268] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 247.648860][ T6268] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 247.655141][ T6268] usb 5-1: config 168 descriptor has 1 excess byte, ignoring [ 247.658230][ T6268] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 247.662744][ T6268] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 247.668646][ T6268] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 247.673123][ T6268] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 247.681214][ T6268] usb 5-1: string descriptor 0 read error: -22 [ 247.684437][ T6268] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 247.688192][ T6268] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 247.698894][ T6268] adutux 5-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 247.737473][ T5947] IPVS: starting estimator thread 0... [ 247.833771][T10389] IPVS: using max 44 ests per chain, 105600 per kthread [ 248.082062][ T61] usb 5-1: USB disconnect, device number 11 [ 248.590671][T10403] overlayfs: failed to resolve './file0': -2 [ 248.597967][T10403] fuse: Bad value for 'rootmode' [ 250.801036][T10439] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 250.803042][T10439] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 250.805432][T10439] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 250.808320][T10439] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 250.810340][T10439] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 250.818007][T10439] slab kmalloc-2k start ffff888027712000 pointer offset 1368 size 2048 [ 250.821670][T10439] list_del corruption. prev->next should be ffff888023a05558, but was 0000000000000000. (prev=ffff888027712558) [ 250.827588][T10439] ------------[ cut here ]------------ [ 250.829397][T10439] kernel BUG at lib/list_debug.c:62! [ 250.831173][T10439] Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI [ 250.834752][T10439] CPU: 3 UID: 0 PID: 10439 Comm: syz.3.1157 Not tainted 6.16.0-rc1-syzkaller-00004-gaef17cb3d3c4 #0 PREEMPT(full) [ 250.840010][T10439] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 250.844441][T10439] RIP: 0010:__list_del_entry_valid_or_report+0x17a/0x200 [ 250.847390][T10439] Code: 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 8d 00 00 00 48 8b 55 00 48 89 e9 48 89 de 48 c7 c7 c0 5e f5 8b e8 f7 9c bc fc 90 <0f> 0b 4c 89 e7 e8 2c 35 20 fd 48 89 ea 48 b8 00 00 00 00 00 fc ff [ 250.854066][T10439] RSP: 0018:ffffc90003c3f2a0 EFLAGS: 00010282 [ 250.855976][T10439] RAX: 000000000000006d RBX: ffff888023a05558 RCX: ffffc9000c001000 [ 250.858438][T10439] RDX: 0000000000000000 RSI: ffffffff819b0916 RDI: 0000000000000005 [ 250.860950][T10439] RBP: ffff888027712558 R08: 0000000000000005 R09: 0000000000000000 [ 250.863485][T10439] R10: 0000000080000000 R11: 0000000000000001 R12: ffff888027712558 [ 250.865935][T10439] R13: ffff888023a05560 R14: ffff888027712000 R15: ffff888023a00010 [ 250.868406][T10439] FS: 0000000000000000(0000) GS:ffff888097a62000(0063) knlGS:00000000f5046b40 [ 250.871256][T10439] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 250.873884][T10439] CR2: 000000000c29d88b CR3: 0000000027e3a000 CR4: 0000000000352ef0 [ 250.877171][T10439] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 250.880406][T10439] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 250.883678][T10439] Call Trace: [ 250.885145][T10439] [ 250.886412][T10439] bt_accept_unlink+0x34/0x2e0 [ 250.888448][T10439] l2cap_sock_teardown_cb+0x1a3/0x3c0 [ 250.890697][T10439] l2cap_chan_del+0xba/0x8f0 [ 250.892606][T10439] l2cap_conn_del+0x37a/0x730 [ 250.894405][T10439] ? hci_conn_failed+0x14f/0x330 [ 250.896000][T10439] l2cap_connect_cfm+0x9e1/0xf80 [ 250.897547][T10439] ? __pfx_l2cap_connect_cfm+0x10/0x10 [ 250.899254][T10439] ? hci_connect_le_scan_cleanup+0xb6/0x6b0 [ 250.901175][T10439] ? __pfx_l2cap_connect_cfm+0x10/0x10 [ 250.903345][T10439] hci_conn_failed+0x1ba/0x330 [ 250.905251][T10439] hci_abort_conn_sync+0x762/0xb10 [ 250.907166][T10439] ? __pfx_hci_abort_conn_sync+0x10/0x10 [ 250.909337][T10439] ? find_held_lock+0x2b/0x80 [ 250.911170][T10439] ? hci_disconnect_all_sync.constprop.0+0x77/0x3c0 [ 250.913612][T10439] ? hci_disconnect_all_sync.constprop.0+0x77/0x3c0 [ 250.915672][T10439] hci_disconnect_all_sync.constprop.0+0x104/0x3c0 [ 250.917717][T10439] hci_suspend_sync+0x770/0xab0 [ 250.919258][T10439] ? __pfx_hci_suspend_sync+0x10/0x10 [ 250.920964][T10439] ? hci_send_monitor_ctrl_event+0x570/0x5b0 [ 250.922960][T10439] ? __pfx_mgmt_suspending+0x10/0x10 [ 250.924662][T10439] hci_suspend_dev+0x308/0x500 [ 250.926183][T10439] ? __pfx_hci_suspend_dev+0x10/0x10 [ 250.927854][T10439] ? rcu_barrier+0x341/0x6e0 [ 250.929356][T10439] ? kobject_get+0xbb/0x150 [ 250.930813][T10439] hci_suspend_notifier+0x28d/0x2f0 [ 250.932657][T10439] notifier_call_chain+0xbc/0x410 [ 250.934790][T10439] ? __pfx_hci_suspend_notifier+0x10/0x10 [ 250.936834][T10439] blocking_notifier_call_chain_robust+0xc8/0x160 [ 250.938858][T10439] ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10 [ 250.941043][T10439] ? do_raw_spin_unlock+0x172/0x230 [ 250.942769][T10439] pm_notifier_call_chain_robust+0x27/0x60 [ 250.944600][T10439] snapshot_open+0x189/0x2b0 [ 250.946081][T10439] ? __pfx_snapshot_open+0x10/0x10 [ 250.947739][T10439] misc_open+0x35d/0x420 [ 250.949161][T10439] ? __pfx_misc_open+0x10/0x10 [ 250.951106][T10439] chrdev_open+0x231/0x6a0 [ 250.952875][T10439] ? __pfx_apparmor_file_open+0x10/0x10 [ 250.955181][T10439] ? __pfx_chrdev_open+0x10/0x10 [ 250.957277][T10439] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 250.960094][T10439] do_dentry_open+0x744/0x1c10 [ 250.962103][T10439] ? __pfx_chrdev_open+0x10/0x10 [ 250.964151][T10439] vfs_open+0x82/0x3f0 [ 250.965853][T10439] path_openat+0x1de4/0x2cb0 [ 250.967727][T10439] ? __pfx_path_openat+0x10/0x10 [ 250.969727][T10439] do_filp_open+0x20b/0x470 [ 250.971581][T10439] ? __pfx_do_filp_open+0x10/0x10 [ 250.973647][T10439] ? _raw_spin_unlock+0x28/0x50 [ 250.975676][T10439] ? alloc_fd+0x471/0x7d0 [ 250.977550][T10439] do_sys_openat2+0x11b/0x1d0 [ 250.979597][T10439] ? __pfx_do_sys_openat2+0x10/0x10 [ 250.981768][T10439] __ia32_compat_sys_openat+0x16d/0x210 [ 250.983973][T10439] ? __pfx___ia32_compat_sys_openat+0x10/0x10 [ 250.985971][T10439] ? rcu_is_watching+0x12/0xc0 [ 250.987882][T10439] __do_fast_syscall_32+0x7c/0x3a0 [ 250.989963][T10439] do_fast_syscall_32+0x32/0x80 [ 250.991685][T10439] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 250.994204][T10439] RIP: 0023:0xf7f27579 [ 250.995869][T10439] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 251.002919][T10439] RSP: 002b:00000000f504655c EFLAGS: 00000296 ORIG_RAX: 0000000000000127 [ 251.005869][T10439] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000800002c0 [ 251.008500][T10439] RDX: 0000000000007e00 RSI: 0000000000000000 RDI: 0000000000000000 [ 251.010987][T10439] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 251.013562][T10439] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 251.016029][T10439] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 251.018531][T10439] [ 251.019550][T10439] Modules linked in: [ 251.021165][T10439] ---[ end trace 0000000000000000 ]--- [ 251.024157][T10439] RIP: 0010:__list_del_entry_valid_or_report+0x17a/0x200 [ 251.026565][T10439] Code: 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 8d 00 00 00 48 8b 55 00 48 89 e9 48 89 de 48 c7 c7 c0 5e f5 8b e8 f7 9c bc fc 90 <0f> 0b 4c 89 e7 e8 2c 35 20 fd 48 89 ea 48 b8 00 00 00 00 00 fc ff [ 251.032751][T10439] RSP: 0018:ffffc90003c3f2a0 EFLAGS: 00010282 [ 251.035331][T10439] RAX: 000000000000006d RBX: ffff888023a05558 RCX: ffffc9000c001000 [ 251.037793][T10439] RDX: 0000000000000000 RSI: ffffffff819b0916 RDI: 0000000000000005 [ 251.040479][T10439] RBP: ffff888027712558 R08: 0000000000000005 R09: 0000000000000000 [ 251.043646][T10439] R10: 0000000080000000 R11: 0000000000000001 R12: ffff888027712558 [ 251.046754][T10439] R13: ffff888023a05560 R14: ffff888027712000 R15: ffff888023a00010 [ 251.049948][T10439] FS: 0000000000000000(0000) GS:ffff888097a62000(0063) knlGS:00000000f5046b40 [ 251.053188][T10439] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 251.055366][T10439] CR2: 000000000c29d88b CR3: 0000000027e3a000 CR4: 0000000000352ef0 [ 251.059401][T10439] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 251.061950][T10439] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 251.065037][T10439] Kernel panic - not syncing: Fatal exception [ 251.067631][T10439] Kernel Offset: disabled [ 251.069097][T10439] Rebooting in 86400 seconds.. VM DIAGNOSIS: 12:50:44 Registers: info registers vcpu 0 CPU#0 RAX=00000000003837e4 RBX=0000000000000000 RCX=ffffffff8b7bec69 RDX=ffffed1005646646 RSI=ffffffff8bf559e0 RDI=ffffffff81918691 RBP=fffffbfff1c12ef0 RSP=ffffffff8e007e08 R8 =0000000000000000 R9 =ffffed1005646645 R10=ffff88802b23322b R11=0000000000000001 R12=0000000000000000 R13=ffffffff8e097780 R14=ffffffff90882750 R15=0000000000000000 RIP=ffffffff8b7bd7cf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff888097762000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000080028000 CR3=0000000027e3a000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=dffffc0000000000 RBX=ffffffff93ad1228 RCX=0000000000000002 RDX=1ffffffff1ba3bb5 RSI=ffffffff8bf559e0 RDI=ffffffff8dd1dda8 RBP=0000000000000001 RSP=ffffc90000590c08 R8 =0000000000000000 R9 =0000000000000000 R10=00000000000000ff R11=00000000000105af R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff81a0e6e3 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff888097862000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f5004da4 CR3=000000006f822000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=ffff88802b5438e0 RCX=ffffffff81af764d RDX=ffff88801d6cc880 RSI=ffffffff81af7629 RDI=0000000000000005 RBP=0000000000000001 RSP=ffffc900001e78a0 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001 R12=dffffc0000000000 R13=0000000000000003 R14=ffffed10056a871d R15=ffff88802b43d080 RIP=ffffffff81af762f RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff888097962000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f734e2dc CR3=000000000e182000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd RSI=ffffffff8557d490 RDI=ffffffff9ae6ca80 RBP=ffffffff9ae6ca40 RSP=ffffc90003c3eb70 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=552033203a555043 R12=0000000000000000 R13=0000000000000020 R14=fffffbfff35cd9a2 R15=dffffc0000000000 RIP=ffffffff8557d4b7 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff888097a62000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000000c29d88b CR3=0000000027e3a000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000